plaso.scripts package

Submodules

plaso.scripts.image_export module

The image export command line tool.

plaso.scripts.image_export.Main()[source]

Entry point of console script to extract files from images.

Returns:

exit code that is provided to sys.exit().

Return type:

int

plaso.scripts.log2timeline module

The log2timeline command line tool.

plaso.scripts.log2timeline.Main()[source]

Entry point of console script to extract events.

Returns:

exit code that is provided to sys.exit().

Return type:

int

plaso.scripts.pinfo module

A simple dump information gathered from a plaso storage container.

pinfo stands for Plaso INniheldurFleiriOrd or plaso contains more words.

plaso.scripts.pinfo.Main()[source]

Entry point of console script to provide information about extracted data.

Returns:

exit code that is provided to sys.exit().

Return type:

int

plaso.scripts.psort module

Psort (Plaso Síar Og Raðar Þessu) - Makes output from Plaso Storage files.

Sample Usage:

psort.py /tmp/mystorage.dump “date > ‘01-06-2012’”

See additional details here:

https://plaso.readthedocs.io/en/latest/sources/user/Using-psort.html

plaso.scripts.psort.Main()[source]

Entry point of console script to analyze and output events.

Returns:

exit code that is provided to sys.exit().

Return type:

int

plaso.scripts.psteal module

Psteal (Plaso SýndarheimsTímalína sem Er ALgjörlega sjálfvirk).

Psteal combines the log2timeline and psort tools into a single tool. Currently doesn’t support any of the two tools flags.

Sample Usage:

psteal.py –source=/tmp/mystorage.dump –write=/tmp/mystorage_timeline.csv

See additional details here:

https://plaso.readthedocs.io/en/latest/sources/user/Creating-a-timeline.html#using-psteal

plaso.scripts.psteal.Main()[source]

Entry point of console script to extract and output events.

Returns:

exit code that is provided to sys.exit().

Return type:

int

Module contents