Software Engineering Institute

LiFTeR: Changes for plaso

August 10, 2022: plaso-20220724-1.{fc34,fc35,fc36,el7,el8,el9,amzn2}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here. This release removes the version restriction on the pyparsing package. Note: For CentOS/RHEL 7, 8, and 9, and Amazon Linux 2, Plaso now runs in Python Virtual Environment.
May 4, 2022: plaso-20220428-1.{fc33,fc34,fc35,el7,el8,el9,amzn2}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here. This release removes the version restriction on the pyparsing package. Note: For CentOS/RHEL 7, 8, and 9, and Amazon Linux 2, Plaso now runs in Python Virtual Environment.
February 2, 2022: plaso-20220129-3.{fc33,fc34,fc35,el7,el8,amzn2}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here. This release removes the version restriction on the pyparsing package. Note: For CentOS/RHEL 7 and 8 and Amazon Linux 2, Plaso now runs in Python Virtual Environment.
January 26, 2022: plaso-20211229-3.{fc33,fc34,fc35,el7,el8,amzn2}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here. This release removes the version restriction on the pyparsing package. Note: For CentOS/RHEL 7 and 8 and Amazon Linux 2, Plaso now runs in Python Virtual Environment.
January 5, 2022: plaso-20211229-1.{fc33,fc34,fc35,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here. Note: For CentOS/RHEL 7 and 8, Plaso now runs in Python Virtual Environment.
December 15, 2021: plaso-20211024-2.{fc33,fc34,fc35,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here. Note: For CentOS/RHEL 7 and 8, Plaso now runs in Python Virtual Environment. The Fedora version is unchanged in this release.
October 29, 2021: plaso-20211024-1.{fc32,fc33,fc34,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here.
June 16, 2021: plaso-20210606-1.{fc32,fc33,fc34,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here.
June 11, 2021: plaso-20210412-2.{fc31,fc32,fc33,fc34,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here. Note: This version was rebuilt to remove the restriction on the version of Elasticsearch.
April 15, 2021: plaso-20210412-1.{fc31,fc32,fc33,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here.
March 12, 2021: plaso-20210213-1.{fc31,fc32,fc33,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here.
February 19, 2021: plaso-20201228-2.{fc31,fc32,fc33,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here. This version removes a patch that intended to make plaso work with ElasticSearch version 7.10 and newer.
February 12, 2021: plaso-20201228-1.{fc31,fc32,fc33,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here.
October 30, 2020: plaso-20201007-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20201007-1.{fc31,fc32,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here.
July 24, 2020: plaso-20200717-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20200717-1.{fc31,fc32,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here.
July 3, 2020: plaso-20200630-1.{fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20200630-1.{fc31,fc32,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Details of this update are available here.
May 15, 2020: plaso-20200430-1.{fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20200430-1.{fc31,fc32,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
March 4, 2020: plaso-20200227-1.{fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20200227-1.{fc31,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
February 14, 2020: plaso-20200121-1.{fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20200121-1.{fc31,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
December 27, 2019: plaso-20191203-1.{fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20191203-1.{fc31,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
November 22, 2019: plaso-20190916-1.{fc25,fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20190708-1.{fc31,el7,el8}.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release uses Python 3 instead of Python 2.
Please note that for Fedora 25, of all of the ancillary packages needed by plaso use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.
For Fedora 25, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.
July 31, 2019: plaso-20190708-1.{fc25,fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20190708-1.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release uses Python 3 instead of Python 2.
Please note that for Fedora 25, of all of the ancillary packages needed by plaso use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.
For Fedora 25, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.
June 21, 2019: plaso-20190531-1.{fc25,fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20190531-1.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release uses Python 3 instead of Python 2.
Please note that for Fedora 25, of all of the ancillary packages needed by plaso use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.
For Fedora 25, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.
June 14, 2019: plaso-20190429-1.{fc25,fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20190429-1.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release uses Python 3 instead of Python 2.
Please note that for Fedora 25, of all of the ancillary packages needed by plaso use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.
For Fedora 25, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.
Finally, for CentOS/RHEL 7, plaso no longer relies on a Python Virtual Environment.
May 10, 2019: plaso-20190331-2.{fc24,fc25,fc26,fc27,fc28,fc29,fc30}.{i686,x86_64}.rpm and plaso-20190331-2.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release uses Python 3 instead of Python 2.
Please note that for Fedora 24 and 25 and CentOS/RHEL 7, of all of the ancillary packages needed by plaso use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.
For Fedora 24 and 25 and CentOS/RHEL 7, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.
April 5, 2019: plaso-20190331-1.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and plaso-20190331-1.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. The changes to this release are noted here.
Please note that for Fedora 24, 25, and 26, and CentOS/RHEL 7, of all of the ancillary packages needed by plaso use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.
For Fedora 24, 25, 26, and CentOS/RHEL 7, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.
For Fedora 27, 28, and 29, this version of plaso no longer requires either elasticsearch5 or efilter. They may be safely removed with the following:
sudo dnf remove python{,2}-elasticsearch5 python{,2}-efilter
Note that for Fedora 24, 25, 26 and CentOS/RHEL 7, these packages are automatically removed from the Python Virtual Environment.
February 15, 2019: plaso-20190131-2.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and plaso-20190131-2.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This revision changed some of the dependencies for the Python Virtual Environment-based version for Fedora 24 and 25 and CentOS/RHEL 7.
For Fedora 24 and 25 and CentOS/RHEL 7, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.
For Fedora 24 and 25, the recommended way to install this update is the following:
sudo rpm -ev plaso --nodeps; sudo rm -rf /usr/local/lib/PythonVirtualEnvironments/plaso; sudo dnf -y install plaso
and for CentOS/RHEL 7, the following:
sudo rpm -ev plaso --nodeps; sudo rm -rf /usr/local/lib/PythonVirtualEnvironments/plaso; sudo yum -y install plaso
February 8, 2019: plaso-20190131-1.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and plaso-20190131-1.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline.py (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This version was changed to use the new package names for the packages noted above.
For Fedora 24 and 25 and CentOS/RHEL 7, this package contains a program named update-plaso, the purpose of which is to update the packages that plaso depends upon. Note that this updates the dependent packages but not plaso. The recommendation is to run update-plaso routinely to keep the plaso dependencies updated.
For Fedora 24 and 25, the recommended way to install this update is the following:
sudo rpm -ev plaso --nodeps; sudo rm -rf /usr/local/lib/PythonVirtualEnvironments/plaso; sudo dnf -y install plaso
and for CentOS/RHEL 7, the following:
sudo rpm -ev plaso --nodeps; sudo rm -rf /usr/local/lib/PythonVirtualEnvironments/plaso; sudo yum -y install plaso
February 1, 2019: plaso-20181219-5.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and plaso-20181219-5.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This version was changed to use the new package names for the packages noted above.
For Fedora 24 and 25, the recommended way to install this update is the following:
sudo rpm -ev plaso --nodeps; sudo rm -rf /usr/local/lib/PythonVirtualEnvironments/plaso; sudo dnf -y install plaso
and for CentOS/RHEL 7, the following:
sudo rpm -ev plaso --nodeps; sudo rm -rf /usr/local/lib/PythonVirtualEnvironments/plaso; sudo yum -y install plaso
January 11, 2019: plaso-20181219-3.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and plaso-20181219-3.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
Here are the recent changes:
- Release 2
  - For Fedora 24 and 25 and CentOS/RHEL 7, this release contains a new program named update-plaso, the purpose of which is to update the packages installed via pip for the Python Virtual Environment built for plaso. The recommendation is to run update-plaso routinely to keep plaso updated.
  - No changes were made for the Fedora 26, 27, 28, and 29 revisions of plaso.
- Release 3
  - For CentOS/RHEL 7, the version of Python 2 installed by default is 2.7.5 which is fairly old. This version causes problems in plaso. To solve these problems, the version of Python 2 - 2.7.13 - that is distributed as part of the RedHat Software Collections Library (SCL) is used for plaso. This resulted in a re-engineering of the installation and the installed scripts to use the scl program. This version contains those re-engineered versions. Use this version of plaso, run the following command:
    sudo yum -y install centos-release-scl-rh
  - No changes were made for the Fedora 24, 25, 26, 27, 28, and 29 revisions of plaso.
Please note that the pip package artifacts, version 20190111, causes plaso to generate errors and exit prematurely. To solve this problem after installing or updating plaso on Fedora 24 or 25 or CentOS/RHEL 7, do the following:
sudo scl enable python27 -- /bin/sh -c "source /usr/local/lib/PythonVirtualEnvironments/plaso/bin/activate;
pip uninstall artifacts; pip install artifacts==20181213"
January 4, 2019: plaso-20181219-1.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and plaso-20181219-1.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
Please note that for Fedora 24 and 25 and CentOS/RHEL 7, of all of the ancillary packages needed by plaso use the pip program in a Python Virtual Environment. Insure that pip works correctly in your environment by connfiguring the /etc/pip.conf file according to the configuration guide found here.
October 2, 2018: plaso-20180930-1.{fc23,fc24,fc25,fc26,fc27,fc28}.{i686,x86_64}.rpm and plaso-20180930-1.el7.x86_64.rpm - Plaso is the Python-based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 23, 24, 25, 26, 27, and 28 for the i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
August 24, 2018: plaso-20180818-1.{fc23,fc24,fc25,fc26,fc27,fc28}.{i686,x86_64}.rpm and plaso-20180818-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 23, 24, 25, 26, 27, and 28 for the i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
August 3, 2018: plaso-20180703-1.{fc23,fc24,fc25,fc26,fc27,fc28}.{i686,x86_64}.rpm and plaso-20180703-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 23, 24, 25, 26, 27, and 28 for the i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
July 20, 2018: plaso-20180630-1.{fc23,fc24,fc25,fc26,fc27,fc28}.{i686,x86_64}.rpm and plaso-20180630-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 23, 24, 25, 26, 27, and 28 for the i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
May 27, 2018: plaso-20180524-1.{fc22,fc23,fc24,fc25,fc26,fc27,fc28}.{i686,x86_64}.rpm and plaso-20180524-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 22, 23, 24, 25, 26, 27, and 28 for the i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
February 2, 2018: plaso-20180127-1.{fc22,fc23,fc24,fc25,fc26,fc27}.{i686,x86_64}.rpm and plaso-20180127-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 21, 22, 23, 24, 25, 26, and 27 for the i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
January 5, 2018: plaso-20171231-1.{fc22,fc23,fc24,fc25,fc26,fc27}.{i686,x86_64}.rpm and plaso-20171231-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 21, 22, 23, 24, 25, 26, and 27 for the i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
November 23, 2017: plaso-20171118-1.{fc21,fc22,fc23,fc24,fc25,fc26,fc27}.{i686,x86_64}.rpm and plaso-20171118-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 21, 22, 23, 24, 25, 26, and 27 for the i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
November 10, 2017: plaso-20170930-1.{fc21,fc22,fc23,fc24,fc25,fc26}.{i686,x86_64}.rpm and plaso-201709301-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 21, 22, 23, 24, 25, and 26 for i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso.
October 31, 2016: plaso-1.5.1-1.{fc20,fc21,fc22,fc23,fc24}.{i686,x86_64}.rpm, plaso-1.5.0-1.el7.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the 1.5.0 release announcement here. There is no comprehensive list of changes for 1.5.1.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, 22, 23, and 24 for i686 and x86_64 architectures and CentOS/RHEL version 7 for the x86_64 architecture for this version of plaso. Installation as an update and as a new install of have been successfully tested.
September 23, 2016: plaso-1.5.0-1.{fc20,fc21,fc22,fc23,fc24}.{i686,x86_64}.rpm, plaso-1.5.0-1.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See the release announcement here.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, 22, 23, and 24 for i686 and x86_64 architectures and CentOS/RHEL versions 6 and 7 for the x86_64 architecture for this version of plaso. Installation as an update and as a new install of CERT-Forensics-Tools have been successfully tested.
July 27, 2016: plaso-1.4.0-4.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm, plaso-1.4.0-4.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release is version 1.4.0 and not a beta release as was previously installed in the repository.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, 22, 23, and 24 for i686 and x86_64 architectures and CentOS/RHEL versions 7 for the x86_64 architecture for this version of plaso.
February 7, 2016: plaso-1.4-3.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm, plaso-1.4-3.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release adds the missing artifacts and python-requests dependencies.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, 22, and 23 for i686 and x86_64 architectures and CentOS/RHEL versions 7 for the x86_64 architecture for this version of plaso.
February 5, 2016: plaso-1.4-2.{fc20,fc21,fc22,fc23}.{i686,x86_64}.rpm, plaso-1.4-2.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release adds the missing artifacts and python-requests dependencies.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, 22, and 23 for i686 and x86_64 architectures and CentOS/RHEL versions 7 for the x86_64 architecture for this version of plaso.
September 25, 2015: plaso-1.3.0-2.{fc17,fc18,fc19,fc20,fc21,fc22}.{i686,x86_64}.rpm, plaso-1.3.0-1.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. This release adds the missing artifacts and python-requests dependencies.
At this time, this repository, in combination of all supporting repositories, provides all of the necessary packages for Fedora versions 20, 21, and 22 for i686 and x86_64 architectures and CentOS/RHEL versions 7 for the x86_64 architecture for this version of plaso. For Fedora 17, 18, and 19 and CentOS/RHEL 5 and 6 for the i686 and x86_64 architectures, all dependencies are satisfied but not all available packages mee the minimum requirements for plaso. Effort to satisfy these out-of-date dependencies will be expended when there is a specific request to do so.
July 31, 2015: plaso-1.3.0-1.{fc17,fc18,fc19,fc20,fc21,fc22}.{i686,x86_64}.rpm, plaso-1.3.0-1.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Go here to read about all of the changes and features in this release.
December 24, 2014: plaso-1.2.0-2.{fc17,fc18,fc19,fc20,fc21}.{i686,x86_64}.rpm, plaso-1.2.0-2.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Go here to read about all of the changes and features in this release. In addition, this release is current up to the development version as of December 24, 2014.
September 26, 2014: plaso-1.1.0-2.{fc17,fc18,fc19,fc20}.{i686,x86_64}.rpm, plaso-1.1.0-2.{el6,el7}.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. For this release, IPython was added as a dependency.
July 2, 2014: plaso-1.1.0-1.{fc17,fc18,fc19,fc20}.{i686,x86_64}.rpm, plaso-1.1.0-1.el6.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Go here to read about all of the changes and features in this release.
June 27, 2014: plaso-1.0.2-2.{fc17,fc18,fc19,fc20}.{i686,x86_64}.rpm, plaso-1.0.2-2.el6.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. Here are the changes from the previous release (1.0.2-1)
- Missing dependencies were added (python-construct, libolecf-python, python-dpkt, python-binplist). Note that on CentOS/RHEL 6, the python-construct and python-dpkt were release in support of plaso.
- Fixed a bug in the Firefox history parser.
- For the CentOS/RHEL 6 version, the Software Collections Library version of Python 2 is used to byte compile the Python source files.
May 22, 2014: plaso-1.0.2-1.{fc17,fc18,fc19,fc20}.{i686,x86_64}.rpm, plaso-1.0.2-1.el6.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system. See here for the changes in this release.
April 7, 2014: plaso-1.0.1alpha-1.{fc17,fc18,fc19,fc20}.{i686,x86_64}.rpm, plaso-1.0.1alpha-1.el6.x86_64.rpm - Plaso is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.