0

plaso

Super timeline all the things

Official Site
Github repo
Main metrics

Github stars Tracking Chart

plaso (Plaso Langar Að Safna Öllu)

super timeline all the things

In short, plaso is a Python-based backend engine for the tool
log2timeline.

A longer version

log2timeline is a tool designed to extract timestamps from various files found
on a typical computer system(s) and aggregate them.

The initial purpose of plaso was to collect all timestamped events of interest
on a computer system and have them aggregated in a single place for computer
forensic analysis (aka Super Timeline).

However plaso has become a framework that supports:

  • adding new parsers or parsing plug-ins;
  • adding new analysis plug-ins;
  • writing one-off scripts to automate repetitive tasks in computer forensic analysis or equivalent.

And is moving to support:

  • adding new general purpose parses/plugins that may not have timestamps associated to them;
  • adding more analysis context;
  • tagging events;
  • allowing more targeted approach to the collection/parsing.

Project status

Travis-CI, AppVeyor, Codecov, ReadTheDocs
---, ---, ---, ---
Build Status, Build status, codecov, Documentation Status

Also see

Main metrics

Overview
Name With Ownerlog2timeline/plaso
Primary LanguagePython
Program languageMakefile (Language Count: 6)
Platform
License:Apache License 2.0
所有者活动
Created At2014-09-08 23:29:28
Pushed At2025-06-02 04:04:59
Last Commit At
Release Count48
Last Release Name20250522 (Posted on )
First Release Name1.0.0 (Posted on 2012-12-04 07:17:57)
用户参与
Stargazers Count1.9k
Watchers Count91
Fork Count368
Commits Count3.9k
Has Issues Enabled
Issues Count2054
Issue Open Count273
Pull Requests Count1975
Pull Requests Open Count35
Pull Requests Close Count893
项目设置
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private