Update of Ubuntu 22.04 with recent Plaso release

[KR84]

Good day,

I would like assistance on the steps to update an Ubuntu v22.04 virtual machine with the "plaso-20231224" release identified on Github . I would like to execute a log2timeline with the latest plaso. I am new to this so any assistance is appreciated.

Thanks

[joachimmetz]

@KR84 have a read of https://plaso.readthedocs.io/en/latest/sources/user/Ubuntu-Packaged-Release.html and let me know what part you have a challenge with?

[joachimmetz]

No additional response from reporter, closing.

[KR84]

Hi Joachimmetz,

Thanks for the feedback.

I am able to execute the log2timeline however, the issue that I am having is that during the execution, the process appears to generate errors with some of the processing ending prematurely. Please see error below. "2024-01-25 16:12:58,552 [INFO] (MainProcess) PID:3162 Parser filter expression set to: win7 2024-01-25 22:57:02,777 [WARNING] (MainProcess) PID:3162 Process: Worker_07 (PID: 3212) killed because it exceeded the memory limit: 2147483648. 2024-01-25 22:57:03,428 [ERROR] (MainProcess) PID:3162 Process Worker_07 (PID: 3212) is not functioning correctly. Status code: killed" Are you able to advise on the parameters that need to be adjusted so that the above error is avoided? Alternatively, what should the optimal settings be?

So coming back to me initial question, I noted that you post new releases of plaso here"https://github.com/log2timeline/plaso/releases." How would I execute these updates on Ubuntu?

Thanks

[joachimmetz]

Have a look at https://plaso.readthedocs.io/en/latest/sources/Troubleshooting.html

Are you able to advise on the parameters that need to be adjusted so that the above error is avoided? Alternatively, what should the optimal settings be?

This highly depends on many factors. Start with providing me with the details requested in the issue template.

So coming back to me initial question, I noted that you post new releases of plaso here"https://github.com/log2timeline/plaso/releases." How would I execute these updates on Ubuntu?

As I said: https://plaso.readthedocs.io/en/latest/sources/user/Ubuntu-Packaged-Release.html

[KR84]

Thanks for the feedback. My log2timeline managed to execute to completion. Regarding the update of the plaso, I am encountering an error when I execute "sudo add-apt-repository ppa:gift/stable" per the steps in the shared link above. The error is as follows: SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007). My reading reveal that it's something to do with updating the CA certificates however I tried doing that and it states that my certificates are updated already. Not sure what else to do.

[joachimmetz]

Did you update your system first?

[KR84]

I am running it in a VM. Ubuntu 22.04. Did some command line updates using apt update but nothing else.

Get Outlook for Androidhttps://aka.ms/AAb9ysg

---

From: Joachim Metz @.> Sent: Tuesday, January 30, 2024 5:33:01 PM To: log2timeline/plaso @.> Cc: KR84 @.>; Mention @.> Subject: Re: [log2timeline/plaso] Update of Ubuntu 22.04 with recent Plaso release (Issue #4793)

Did you update your system first?

— Reply to this email directly, view it on GitHubhttps://github.com/log2timeline/plaso/issues/4793#issuecomment-1917235189, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A4SL57K2YO44QZAP6PKO6O3YREHC3AVCNFSM6AAAAABCKJIBCKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMJXGIZTKMJYHE. You are receiving this because you were mentioned.Message ID: @.***>

[joachimmetz]

System administration basics are out of scope of this project. If you're not familiar with it use the Docker image.