Lightning:Plaso parser for journald-files

From Camp_2015_Wiki
Jump to: navigation, search

Description I've written a plaso parser for systemd's journald-files. Here's what I wanted to achieve and what I did.
Slides
Tags plaso, journald, systemd, forensics
Person organizing User:Laird dave
Contact: 1_cccamp15@bifroe.st
Language en - English
en - English
Duration 5
Desired session Day 3
Desired timeframe 17:30

Retrieved from "http://events.ccc.de/camp/2015/wiki/index.php?title=Lightning:Plaso_parser_for_journald-files&oldid=7552"