Metadata-Version: 2.4
Name: plaso
Version: 20260119
Summary: Plaso (log2timeline) - Super timeline all the things
Maintainer-email: Log2Timeline maintainers <log2timeline-maintainers@googlegroups.com>
License-Expression: Apache-2.0
Project-URL: Documentation, https://plaso.readthedocs.io/en/latest
Project-URL: Homepage, https://github.com/log2timeline/plaso
Project-URL: Repository, https://github.com/log2timeline/plaso
Classifier: Development Status :: 4 - Beta
Classifier: Programming Language :: Python
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: ACKNOWLEDGEMENTS
License-File: AUTHORS
License-File: LICENSE
Requires-Dist: PyYAML>=3.10
Requires-Dist: XlsxWriter>=0.9.3
Requires-Dist: acstore>=20240407
Requires-Dist: artifacts>=20220219
Requires-Dist: bencode.py
Requires-Dist: certifi>=2016.9.26
Requires-Dist: cffi>=1.9.1
Requires-Dist: defusedxml>=0.5.0
Requires-Dist: dfdatetime>=20251018
Requires-Dist: dfvfs>=20240115
Requires-Dist: dfwinreg>=20240229
Requires-Dist: dtfabric>=20230518
Requires-Dist: flor>=1.1.3
Requires-Dist: libbde-python>=20220121
Requires-Dist: libcaes-python>=20240114
Requires-Dist: libcreg-python>=20200725
Requires-Dist: libesedb-python>=20220806
Requires-Dist: libevt-python>=20191104
Requires-Dist: libevtx-python>=20220724
Requires-Dist: libewf-python>=20131210
Requires-Dist: libfcrypto-python>=20240114
Requires-Dist: libfsapfs-python>=20220709
Requires-Dist: libfsext-python>=20220829
Requires-Dist: libfsfat-python>=20220925
Requires-Dist: libfshfs-python>=20220831
Requires-Dist: libfsntfs-python>=20211229
Requires-Dist: libfsxfs-python>=20220829
Requires-Dist: libfvde-python>=20220121
Requires-Dist: libfwnt-python>=20210717
Requires-Dist: libfwsi-python>=20240225
Requires-Dist: liblnk-python>=20230716
Requires-Dist: libluksde-python>=20220121
Requires-Dist: libmodi-python>=20210405
Requires-Dist: libmsiecf-python>=20150314
Requires-Dist: libolecf-python>=20151223
Requires-Dist: libphdi-python>=20220228
Requires-Dist: libqcow-python>=20201213
Requires-Dist: libregf-python>=20201002
Requires-Dist: libscca-python>=20190605
Requires-Dist: libsigscan-python>=20230109
Requires-Dist: libsmdev-python>=20140529
Requires-Dist: libsmraw-python>=20140612
Requires-Dist: libvhdi-python>=20201014
Requires-Dist: libvmdk-python>=20140421
Requires-Dist: libvsapm-python>=20230506
Requires-Dist: libvsgpt-python>=20211115
Requires-Dist: libvshadow-python>=20160109
Requires-Dist: libvslvm-python>=20160109
Requires-Dist: lz4>=0.10.0
Requires-Dist: opensearch-py
Requires-Dist: pefile>=2023.2.7
Requires-Dist: psutil>=5.4.3
Requires-Dist: pyparsing>=3.0.0
Requires-Dist: python-dateutil>=1.5
Requires-Dist: pytsk3>=20210419
Requires-Dist: pytz
Requires-Dist: pyzmq>=2.1.11
Requires-Dist: redis>=3.4
Requires-Dist: requests>=2.18.0
Requires-Dist: xattr>=0.7.2; platform_system != "Windows"
Requires-Dist: yara-python>=3.4.0
Requires-Dist: zstd>=1.3.0.2
Dynamic: license-file

## Plaso (Plaso Langar Að Safna Öllu) - super timeline all the things

Plaso (Plaso Langar Að Safna Öllu), or *super timeline all the things*, is a
Python-based engine used by several tools for automatic creation of timelines.
Plaso default behavior is to create super timelines but it also supports
creating more [targeted timelines](http://blog.kiddaland.net/2013/02/targeted-timelines-part-i.html).

These timelines support digital forensic investigators/analysts, to correlate
the large amount of information found in logs and other files found on an
average computer.

### A longer version

The initial purpose of Plaso was to collect all timestamped events of interest 
on a computer system and have them aggregated in a single place for computer 
forensic analysis (aka Super Timeline).

However Plaso has become a framework that supports:

* adding new parsers or parsing plug-ins;
* adding new analysis plug-ins;
* writing one-off scripts to automate repetitive tasks in computer forensic analysis or equivalent.

And is moving to support:

* adding new general purpose parses/plugins that may not have timestamps associated to them;
* adding more analysis context;
* tagging events;
* allowing more targeted approach to the collection/parsing.

### Also see

* [Homepage](https://github.com/log2timeline/plaso)
* [Downloads](https://github.com/log2timeline/plaso/releases)
* [Documentation](https://plaso.readthedocs.io)
* Contact information:
  * Plaso channel on [Open Source DFIR Slack community](https://github.com/open-source-dfir/slack)
  * Mailing list for general discussions: [log2timeline-discuss](https://groups.google.com/forum/#%21forum/log2timeline-discuss)
  * Mailing list for development: [log2timeline-dev](https://groups.google.com/forum/#%21forum/log2timeline-dev)
