./security/log2timeline, Framework for automatic creation of a super timeline

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 0.65nb5, Package name: log2timeline-0.65nb5, Maintainer: pettai

log2timeline is a framework built to automatically create a super
timeline using information found within various log files and other
files that contain timestamps. The tool can be used to augment
traditional timeline analysis where the focus has generally been on
solely the timestamps found within the filesystem itself.
The tool is also capable of outputting into various formats that
can be used to either import into analysis tools or to read directly
using whatevery suits you (spreadsheet/vim/less/...)


Required to run:
[textproc/p5-XML-LibXML] [www/p5-HTML-Scrubber] [www/p5-HTML-Parser] [graphics/p5-Image-ExifTool] [databases/p5-DBI] [databases/p5-DBD-SQLite] [archivers/p5-Archive-Zip] [lang/perl5] [net/p5-Net-Pcap] [security/p5-Digest-CRC] [time/p5-DateTime] [time/p5-DateTime-Format-Strptime] [time/p5-DateTime-TimeZone] [devel/p5-version] [devel/p5-Date-Manip] [devel/p5-Params-Validate] [devel/p5-Carp-Assert] [converters/p5-Data-Hexify] [www/p5-File-Mork] [misc/p5-Mac-PropertyList] [misc/p5-Parse-Win32Registry]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 99bb6f68a417aaa840a7957be9918586d1918a33
RMD160: c9dad4035bad1dbbf87e82f123aa014f03aa647f
Filesize: 565.747 KB

Version history: (Expand)


CVS history: (Expand)


   2018-08-22 11:48:07 by Thomas Klausner | Files touched by this commit (3558)
Log message:
Recursive bump for perl5-5.28.0
   2016-07-09 08:39:18 by Thomas Klausner | Files touched by this commit (1068) | Package updated
Log message:
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-07-12 20:56:37 by Thomas Klausner | Files touched by this commit (405)
Log message:
Comment out dependencies of the style
{perl>=5.16.6,p5-ExtUtils-ParseXS>=3.15}:../../devel/p5-ExtUtils-ParseXS
since pkgsrc enforces the newest perl version anyway, so they
should always pick perl, but sometimes (pkg_add) don't due to the
design of the {,} syntax.

No effective change for the above reason.

Ok joerg
   2015-06-12 12:52:19 by Thomas Klausner | Files touched by this commit (3152)
Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.
   2014-05-30 01:38:20 by Thomas Klausner | Files touched by this commit (3049)
Log message:
Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
   2013-12-09 15:17:56 by OBATA Akio | Files touched by this commit (238) | Package updated
Log message:
Fix/Update DEPENDS paterns for perl CORE modules, with some trivial fixes.

Bump PKGREVISION for runtime dependency pattern changed packages.
   2013-09-14 08:35:15 by Fredrik Pettai | Files touched by this commit (2)
Log message:
Version 0.65

  - [UTMP input] New input module parsing utmp/wtmp files in Linux
  - [SELINUX input] New input module parsing SELinux audit files in Linux
  - [l2t_process] Renamed to l2t_process_old, being replaced by l2t_process.py
    from l2t-tools.
  - [EVTX Library] Fixed a small bug in the code, causing some EVTX file
    parsing to fail.
  - [Altiris input] Fixed a small bug when the date is malformed.
  - [Log2Timeline library] Fixed few bugs:
      - Small error in the format sort, caused oxml to sometimes be skipped
        in processing.
  - [GENERIC_LINUX input] Added a small extra eval sentence.
  - [LS_QUARANTINE] Fixed a minor bug in the get_time routine, if a database
    occurs it is caught by an eval sentence.
  - [TEST] Added few more tests.
  - [MOST INPUT MODULES] Changed the line:
          my $line = <$fh> or return undef;
      in most input modules.
  - [WIN library] Added few more transformations of Windows stored time zones
    into a "olson" ones understood by DateTime.
  - [CHROME input] Fixed a small unicode bug in the "File Downloaded" \ 
section.
  - [faersluskra2timalina] Added a new frontend to the tool, exact copy of
    log2timeline, except all parameters in Icelandic... kinda
       Aprils fool joke, except not in April.. so enjoy.
  - [timescanner tool] Removed this frontend from the Makefile since it serves
    no purpose (as in no longer part of the automatic installation).