plaso.scripts package
Submodules
plaso.scripts.image_export module
The image export command line tool.
plaso.scripts.log2timeline module
The log2timeline command line tool.
plaso.scripts.pinfo module
A simple dump information gathered from a plaso storage container.
pinfo stands for Plaso INniheldurFleiriOrd or plaso contains more words.
plaso.scripts.psort module
Psort (Plaso Síar Og Raðar Þessu) - Makes output from Plaso Storage files.
- Sample Usage:
psort.py /tmp/mystorage.dump “date > ‘01-06-2012’”
- See additional details here:
https://plaso.readthedocs.io/en/latest/sources/user/Using-psort.html
plaso.scripts.psteal module
Psteal (Plaso SýndarheimsTímalína sem Er ALgjörlega sjálfvirk).
Psteal combines the log2timeline and psort tools into a single tool. Currently doesn’t support any of the two tools flags.
- Sample Usage:
psteal.py –source=/tmp/mystorage.dump –write=/tmp/mystorage_timeline.csv
- See additional details here:
https://plaso.readthedocs.io/en/latest/sources/user/Creating-a-timeline.html#using-psteal