timesketch
https://github.com/google/timesketch
Python
Collaborative forensic timeline analysis
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Python not yet supported2 Subscribers
Add a CodeTriage badge to timesketch
Help out
- Issues
- Add timesketch internal fieldnames to search query guide
- Failed to upgrade data base -> column "group_id" of relation "searchindex_accesscontrolentry" already exists
- when sketch gets big, some timelines start to return error 500
- Replace sigmac with pySigma
- Support psort filters when ingesting into Timesketch
- Show amount of events in a saved search on the overview page
- SSH sessionizer regex is missing certain sshd messages
- Predefined labels import
- Too many values to unpack in timesketch_importer.py
- Add tags or comments to multiple events at once
- Docs
- Python not yet supported