@wajihyassine noticed in the osdfir-infrastructure#53 that timesketch cannot import any timelines from plaso files anymore when the newly introduced plaso_formatters.yaml is not present.
This is a bug. The expected behaviour would be to fallback to normal import without any plaso messaging formatting when the config is missing.
To Reproduce
On a new timesketch setup, delete the data/plaso_formatters.yaml file.
Describe the bug
@wajihyassine noticed in the osdfir-infrastructure#53 that timesketch cannot import any timelines from plaso files anymore when the newly introduced plaso_formatters.yaml is not present.
This is a bug. The expected behaviour would be to fallback to normal import without any plaso messaging formatting when the config is missing.
To Reproduce
data/plaso_formatters.yamlfile.