Skip to content
Log in

Timeline log

Definition

A chronological, append-only record capturing every analyst action and finding during the response, time-stamped at the moment of entry in UTC. It is the primary source document from which all other reports are derived.

Related terms

Breach notification
The legal obligation to inform regulators and affected individuals when personal data is compromised in a security incident. Timelines and thresholds differ...
Chain of custody
The documented chronological record of who collected, handled, transferred, and examined a piece of evidence. For digital evidence, chain of custody includes...
Incident ticket
The structured record opened in an IT service management or case management system when an alert is escalated to an incident. It...
Lessons-learned report
A post-incident review document identifying what succeeded, what failed, the root cause, and specific recommended changes to policy, tooling, or training. Produced...
Post-incident report
The formal written account produced after an incident is closed. It synthesises the timeline log into a structured narrative covering the incident...

Explained in

  • Incident Reporting and DocumentationA chronological, append-only record capturing every analyst action and finding during the response, time-stamped at the moment of entry in UTC. It is the prima...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account