Tuesday 5th November, 2013
3:40pm to 4:15pm
This talk will discuss the architecture of the new log2timeline backend engine, Plaso. Now written in Python, Plaso is a complete rewrite of the old Perl-based engine. And it contains vastly different architecture that may be relatively complex for external developers to fully grasp.
This talk will explain the inner workings of the framework, how it can be used to assist in parser or plugin development, and applications for more advanced analysis using the console.
Sign in to add slides, notes or videos to this session