log2timeline - A framework for timeline creation and analysis

License: GPLv2
A framework to for timeline creation and analysis.

Log2timeline provides a framework to automatically extract timeline
information out of various log files and artifacts found on various
operating systems.  The framework then outputs the timeline information
in the chosen output format that can then be viewed using already
existing timeline analysis tools, or other tools to inspect the timeline.


log2timeline-0.65-1.fc20.src [597 KiB] Changelog by Lawrence Rogers (2012-09-12):
* Release 0.65-1
  - [UTMP input] New input module parsing utmp/wtmp files in Linux, written by Francesco Picasso.
  - [SELINUX input] New input module parsing SELinux audit files in Linux, written by Francesco Picasso.
  - [l2t_process] Renamed to l2t_process_old, being replaced by from l2t-tools.
  - [EVTX Library] Fixed a small bug in the code, causing some EVTX file parsing to fail.
  - [Altiris input] Fixed a small bug when the date is malformed.
  - [Log2Timeline library] Fixed few bugs:
      - Small error in the format sort, caused oxml to sometimes be skipped in processing.
  - [GENERIC_LINUX input] Added a small extra eval sentence.
  - [LS_QUARANTINE] Fixed a minor bug in the get_time routine, if a database occurs it is caught by an eval sentence.
  - [TEST] Added few more tests.
  - [MOST INPUT MODULES] Changed the line:
          my $line = <$fh> or return undef;
      in most input modules.
  - [WIN library] Added few more transformations of Windows stored time zones into a "olson" ones understood by DateTime.
  - [CHROME input] Fixed a small unicode bug in the "File Downloaded" section.
  - [faersluskra2timalina] Added a new frontend to the tool, exact copy of log2timeline, except all parameters in Icelandic... kinda
  - [timescanner tool] Removed this frontend from the Makefile since it serves no purpose (as in no longer part of the automatic installation).

Listing created by Repoview-0.6.6-1.el6