Plaso / log2timeline
The cross-artifact super-timeline tool. log2timeline.py extracts events from many sources into a .plaso storage file; psort.py renders the timeline to CSV or Elasticsearch.
The cross-artifact super-timeline tool. log2timeline.py extracts events from many sources into a .plaso storage file; psort.py renders the timeline to CSV or Elasticsearch.
Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.