Kansa Analysis: Timeline analysis module

davehull / Kansa

A Powershell incident response framework

Apache License 2.0

1.55k stars 266 forks source link

Kansa Analysis: Timeline analysis module #137

Open jvaldezjr1 opened 9 years ago

jvaldezjr1 commented 9 years ago

2 things come to mind as a potential analysis module:

Something similiar to 'log2timeline' tool. OR Timeline of the data collected from the modules that were run.

davehull commented 9 years ago

How about an analysis script that converts collected data to fls bodyfile format so log2timeline can ingest it? Or even modifying Kansa.ps1 to support an fls bodyfile output format?

jvaldezjr1 commented 8 years ago

Thats a great idea, thanks