search

google / timesketch

Collaborative forensic timeline analysis
Apache License 2.0
2.58k stars 589 forks source link

[CLI+APIclient] Change timeline color for a given timeline #3159

Closed jaegeral closed 1 month ago

jaegeral commented 1 month ago

Change timeline color

The color is an important setting for a timeline when using the WebUI. To change the color using the CLI timelines color can be used.

This change also adds a setter for timeline.color in the API client that has not been present so far.

Before:

timesketch --sketch 1 --output-format text timelines describe 2
Name: foobar3
Index: 41dde394812d44c1ac1784997d05efed
Status: ready
Event count: 260454
Color: AAAAAA
Name: foobar3
Created: 2024-08-20T14:57:59.047015
Datasources:
    Original filename: win7-x86.plaso
    File on disk: /tmp/4c3c1c5c351b4db285453bff0ecad51e
    Error:

Using it:

timesketch --sketch 1 timelines color 2 BBBBBB

After:

timesketch --sketch 1 --output-format text timelines describe 2
Name: foobar3
Index: 41dde394812d44c1ac1784997d05efed
Status: ready
Event count: 260454
Color: BBBBBB
Name: foobar3
Created: 2024-08-20T14:57:59.047015
Datasources:
    Original filename: win7-x86.plaso
    File on disk: /tmp/4c3c1c5c351b4db285453bff0ecad51e
    Error:

This is the last feature request for https://github.com/google/timesketch/issues/2877

jaegeral commented 1 month ago

Of course it can be discussed if we also accept Hex codes with #AABBCC but I decided against it to keep it simple and avoid mega regex to check values.