plaso

plaso (Plaso Langar Að Safna Öllu)

super timeline all the things

In short, plaso is a Python-based backend engine for the tool
log2timeline.

A longer version

log2timeline is a tool designed to extract timestamps from various files found
on a typical computer system(s) and aggregate them.

The initial purpose of plaso was to collect all timestamped events of interest
on a computer system and have them aggregated in a single place for computer
forensic analysis (aka Super Timeline).

However plaso has become a framework that supports:

adding new parsers or parsing plug-ins;
adding new analysis plug-ins;
writing one-off scripts to automate repetitive tasks in computer forensic analysis or equivalent.

And is moving to support:

adding new general purpose parses/plugins that may not have timestamps associated to them;
adding more analysis context;
tagging events;
allowing more targeted approach to the collection/parsing.

Project status

Travis-CI, AppVeyor, Codecov, ReadTheDocs
---, ---, ---, ---
, , ,

Also see

名稱與所有者	log2timeline/plaso
主編程語言	Python
編程語言	Makefile (語言數: 6)
平台
許可證	Apache License 2.0

名稱與所有者

log2timeline/plaso

主編程語言

Python

編程語言

Makefile (語言數: 6)

平台

許可證

Apache License 2.0

創建於	2014-09-08 23:29:28
推送於	2025-06-02 04:04:59
最后一次提交
發布數	48
最新版本名稱	20250522 (發布於 )
第一版名稱	1.0.0 (發布於 2012-12-04 07:17:57)

創建於

2014-09-08 23:29:28

推送於

2025-06-02 04:04:59

最后一次提交

發布數

星數	1.9k
關注者數	91
派生數	370
提交數	3.9k
已啟用問題?
問題數	2055
打開的問題數	274
拉請求數	1975
打開的拉請求數	36
關閉的拉請求數	893

已啟用Wiki?
已存檔?
是復刻?
已鎖定?
是鏡像?
是私有?

Github星跟蹤圖

plaso (Plaso Langar Að Safna Öllu)

A longer version

Project status

Also see

主要指標