orlikoski / CDQR

The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices
GNU General Public License v3.0
333 stars 50 forks source link

Add Splunk support #10

Closed orlikoski closed 5 years ago

orlikoski commented 7 years ago

Add the ability to output to Splunk

ashemery commented 7 years ago

Thank you for considering this enhancement.

orlikoski commented 5 years ago

This is possible by using the --export flag which outputs a zipped, line delimited json file. This can be imported into Splunk