log2timeline-0.65-1.fc25.i686.rpm


Advertisement

Description

log2timeline - A framework for timeline creation and analysis

Distribution: Fedora 25
Repository: CERT Forensics Tools i386
Package name: log2timeline
Package version: 0.65
Package release: 1.fc25
Package architecture: i686
Package type: rpm
Installed size: 2.20 MB
Download size: 479.58 KB
Official Mirror: forensics.cert.org
A framework to for timeline creation and analysis. Log2timeline provides a framework to automatically extract timeline information out of various log files and artifacts found on various operating systems. The framework then outputs the timeline information in the chosen output format that can then be viewed using already existing timeline analysis tools, or other tools to inspect the timeline.

Alternatives

Provides

  • log2timeline = 0.65-1.fc25
  • log2timeline(x86-32) = 0.65-1.fc25

    Download

    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
      https://forensics.cert.org/cert-forensics-tools-release-25.rpm
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install log2timeline rpm package:
      # dnf --enablerepo=forensics install log2timeline

    Files

    • /usr/bin/faersluskra2timalina
    • /usr/bin/l2t_process_old.pl
    • /usr/bin/log2timeline
    • /usr/share/doc/log2timeline/CHANGELOG
    • /usr/share/doc/log2timeline/INSTALL.txt
    • /usr/share/doc/log2timeline/LICENSE
    • /usr/share/doc/log2timeline/LICENSE_GRANTING.txt
    • /usr/share/doc/log2timeline/LOG2TIMELINE.txt
    • /usr/share/doc/log2timeline/README.txt
    • /usr/share/doc/log2timeline/ROADMAP
    • /usr/share/doc/log2timeline/index.html
    • /usr/share/doc/log2timeline/l2t_process.html
    • /usr/share/doc/log2timeline/log2timeline.html
    • /usr/share/doc/log2timeline/timescanner.html
    • /usr/share/doc/log2timeline/lib/BinRead.html
    • /usr/share/doc/log2timeline/lib/Common.html
    • /usr/share/doc/log2timeline/lib/Log2Timeline.html
    • /usr/share/doc/log2timeline/lib/Network.html
    • /usr/share/doc/log2timeline/lib/Time.html
    • /usr/share/doc/log2timeline/lib/Win.html
    • /usr/share/doc/log2timeline/lib/WinReg.html
    • /usr/share/doc/log2timeline/lib/Log2t/BinRead.html
    • /usr/share/doc/log2timeline/lib/Log2t/Common.html
    • /usr/share/doc/log2timeline/lib/Log2t/Network.html
    • /usr/share/doc/log2timeline/lib/Log2t/Numbers.html
    • /usr/share/doc/log2timeline/lib/Log2t/Time.html
    • /usr/share/doc/log2timeline/lib/Log2t/Win.html
    • /usr/share/doc/log2timeline/lib/Log2t/WinReg.html
    • /usr/share/doc/log2timeline/lib/Log2t/PreProc/user_browser.html
    • /usr/share/doc/log2timeline/lib/Log2t/PreProc/win_sysinfo.html
    • /usr/share/doc/log2timeline/lib/Log2t/base/input.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/altiris.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/analog_cache.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/apache2_access.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/apache2_error.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/chrome.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/encase_dirlisting.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/evt.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/evtx.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/exif.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/ff_bookmark.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/ff_cache.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/firefox2.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/firefox3.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/ftk_dirlisting.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/generic_linux.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/iehistory.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/iis.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/isatxt.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/jp_ntfs_change.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/l2t_csv.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/ls_quarantine.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/mactime.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/mcafee.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/mcafeefireup.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/mcafeehel.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/mcafeehs.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/mft.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/mssql_errlog.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/ntuser.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/openvpn.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/opera.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/oxml.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/pcap.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/pdf.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/prefetch.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/proftpd_xferlog.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/recycler.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/restore.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/safari.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/sam.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/security.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/setupapi.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/skype_sql.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/software.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/sol.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/squid.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/symantec.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/syslog.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/system.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/tln.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/volatility.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/win_link.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/wmiprov.html
    • /usr/share/doc/log2timeline/lib/Log2t/input/xpfirewall.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/beedocs.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/cef.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/cftl.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/csv.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/mactime.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/mactime_l.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/serialize.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/simile.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/sqlite.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/tab.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/tln.html
    • /usr/share/doc/log2timeline/lib/Log2t/output/tlnx.html
    • /usr/share/man/man1/faersluskra2timalina.1.gz
    • /usr/share/man/man1/l2t_process_old.pl.1.gz
    • /usr/share/man/man1/log2timeline.1.gz
    • /usr/share/man/man3/Log2Timeline.3pm.gz
    • /usr/share/man/man3/Log2t::BinRead.3pm.gz
    • /usr/share/man/man3/Log2t::Numbers.3pm.gz
    • /usr/share/man/man3/Log2t::Time.3pm.gz
    • /usr/share/man/man3/Log2t::base::input.3pm.gz
    • /usr/share/man/man3/Log2t::input::altiris.3pm.gz
    • /usr/share/man/man3/Log2t::input::encase_dirlisting.3pm.gz
    • /usr/share/man/man3/Log2t::input::evt.3pm.gz
    • /usr/share/man/man3/Log2t::input::evtx.3pm.gz
    • /usr/share/man/man3/Log2t::input::ff_bookmark.3pm.gz
    • /usr/share/man/man3/Log2t::input::firefox2.3pm.gz
    • /usr/share/man/man3/Log2t::input::ftk_dirlisting.3pm.gz
    • /usr/share/man/man3/Log2t::input::iehistory.3pm.gz
    • /usr/share/man/man3/Log2t::input::jp_ntfs_change.3pm.gz
    • /usr/share/man/man3/Log2t::input::mcafee.3pm.gz
    • /usr/share/man/man3/Log2t::input::mcafeefireup.3pm.gz
    • /usr/share/man/man3/Log2t::input::mcafeehel.3pm.gz
    • /usr/share/man/man3/Log2t::input::mcafeehs.3pm.gz
    • /usr/share/man/man3/Log2t::input::mft.3pm.gz
    • /usr/share/man/man3/Log2t::input::mssql_errlog.3pm.gz
    • /usr/share/man/man3/Log2t::input::opera.3pm.gz
    • /usr/share/man/man3/Log2t::input::pcap.3pm.gz
    • /usr/share/man/man3/Log2t::input::pdf.3pm.gz
    • /usr/share/man/man3/Log2t::input::selinux.3pm.gz
    • /usr/share/man/man3/Log2t::input::setupapi.3pm.gz
    • /usr/share/man/man3/Log2t::input::sol.3pm.gz
    • /usr/share/man/man3/Log2t::input::symantec.3pm.gz
    • /usr/share/man/man3/Log2t::input::utmp.3pm.gz
    • /usr/share/man/man3/Log2t::input::volatility.3pm.gz
    • /usr/share/man/man3/Log2t::input::wmiprov.3pm.gz
    • /usr/share/man/man3/Log2t::output::beedocs.3pm.gz
    • /usr/share/man/man3/Log2t::output::cef.3pm.gz
    • /usr/share/man/man3/Log2t::output::cftl.3pm.gz
    • /usr/share/man/man3/Log2t::output::csv.3pm.gz
    • /usr/share/man/man3/Log2t::output::serialize.3pm.gz
    • /usr/share/man/man3/Log2t::output::tab.3pm.gz
    • /usr/share/man/man3/Parse::Evtx2.3pm.gz
    • /usr/share/man/man3/Parse::Evtx2::Chunk.3pm.gz
    • /usr/share/man/man3/l2t_process_old.3pm.gz
    • /usr/share/perl5/vendor_perl/Log2Timeline.pm
    • /usr/share/perl5/vendor_perl/l2t_process_old.pl
    • /usr/share/perl5/vendor_perl/Log2t/BinRead.pm
    • /usr/share/perl5/vendor_perl/Log2t/Common.pm
    • /usr/share/perl5/vendor_perl/Log2t/Network.pm
    • /usr/share/perl5/vendor_perl/Log2t/Numbers.pm
    • /usr/share/perl5/vendor_perl/Log2t/Time.pm
    • /usr/share/perl5/vendor_perl/Log2t/Win.pm
    • /usr/share/perl5/vendor_perl/Log2t/WinReg.pm
    • /usr/share/perl5/vendor_perl/Log2t/PreProc/user_browser.pm
    • /usr/share/perl5/vendor_perl/Log2t/PreProc/win_sysinfo.pm
    • /usr/share/perl5/vendor_perl/Log2t/base/input.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/altiris.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/analog_cache.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/apache2_access.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/apache2_error.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/chrome.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/encase_dirlisting.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/evt.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/evtx.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/exif.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/ff_bookmark.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/ff_cache.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/firefox2.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/firefox3.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/ftk_dirlisting.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/generic_linux.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/iehistory.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/iis.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/isatxt.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/jp_ntfs_change.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/l2t_csv.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/linux.lst
    • /usr/share/perl5/vendor_perl/Log2t/input/ls_quarantine.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/macosx.lst
    • /usr/share/perl5/vendor_perl/Log2t/input/mactime.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/mcafee.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/mcafeefireup.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/mcafeehel.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/mcafeehs.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/mft.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/mssql_errlog.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/ntuser.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/openvpn.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/opera.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/oxml.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/pcap.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/pdf.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/prefetch.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/proftpd_xferlog.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/recycler.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/restore.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/safari.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/sam.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/security.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/selinux.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/setupapi.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/skype_sql.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/software.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/sol.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/squid.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/symantec.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/syslog.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/system.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/tln.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/urlsnarf.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/utmp.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/volatility.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/webhist.lst
    • /usr/share/perl5/vendor_perl/Log2t/input/win7.lst
    • /usr/share/perl5/vendor_perl/Log2t/input/win7_no_reg.lst
    • /usr/share/perl5/vendor_perl/Log2t/input/win_link.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/winsrv.lst
    • /usr/share/perl5/vendor_perl/Log2t/input/winxp.lst
    • /usr/share/perl5/vendor_perl/Log2t/input/winxp_no_reg.lst
    • /usr/share/perl5/vendor_perl/Log2t/input/wmiprov.pm
    • /usr/share/perl5/vendor_perl/Log2t/input/xpfirewall.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/beedocs.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/cef.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/cftl.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/csv.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/mactime.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/mactime_l.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/serialize.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/simile.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/sqlite.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/tab.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/tln.pm
    • /usr/share/perl5/vendor_perl/Log2t/output/tlnx.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/Chunk.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/Const.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/Event.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/NameString.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x00.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x01.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x02.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x03.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x04.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x05.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x06.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x07.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x09.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x0a.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x0b.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x0c.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x0d.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x0e.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Node0x0f.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Root.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/SubstArray.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/BXmlNode/Template.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x00.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x01.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x02.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x03.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x04.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x05.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x06.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x07.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x08.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x09.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x0a.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x0b.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x0c.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x0d.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x0e.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x0f.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x10.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x11.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x12.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x13.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x14.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x15.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x21.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x81.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x83.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x84.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x85.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x86.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x87.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x88.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x89.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x8a.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x8b.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x8c.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x8f.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x91.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x92.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x94.pm
    • /usr/share/perl5/vendor_perl/Parse/Evtx2/VariantType/Type0x95.pm

    Changelog

    2012-09-12 - Lawrence Rogers <lrr@cert.org> 0.65-1 * Release 0.65-1 - [UTMP input] New input module parsing utmp/wtmp files in Linux, written by Francesco Picasso. - [SELINUX input] New input module parsing SELinux audit files in Linux, written by Francesco Picasso. - [l2t_process] Renamed to l2t_process_old, being replaced by l2t_process.py from l2t-tools. - [EVTX Library] Fixed a small bug in the code, causing some EVTX file parsing to fail. - [Altiris input] Fixed a small bug when the date is malformed. - [Log2Timeline library] Fixed few bugs: - Small error in the format sort, caused oxml to sometimes be skipped in processing. - [GENERIC_LINUX input] Added a small extra eval sentence. - [LS_QUARANTINE] Fixed a minor bug in the get_time routine, if a database occurs it is caught by an eval sentence. - [TEST] Added few more tests. - [MOST INPUT MODULES] Changed the line: my $line = <$fh> or return undef; in most input modules. - [WIN library] Added few more transformations of Windows stored time zones into a "olson" ones understood by DateTime. - [CHROME input] Fixed a small unicode bug in the "File Downloaded" section. - [faersluskra2timalina] Added a new frontend to the tool, exact copy of log2timeline, except all parameters in Icelandic... kinda - [timescanner tool] Removed this frontend from the Makefile since it serves no purpose (as in no longer part of the automatic installation).

    Advertisement
    Advertisement