Tool for Distributed Extraction of Timestamped Events from Files

Tool for Distributed Extraction of Timestamped Events from Files

Software

A tool for distributed extraction of timestamps from various files using extractors adapted from the Plaso engine to Apache Spark infrastructure. The files to extract are uploaded to distributed file-system HDFS and the extraction process is controlled by a Web service via its REST API. The tool is able to utilise efficiently a large distributed clusters.

A tool for distributed extraction of timestamps from various files using extractors adapted from the Plaso engine to Apache Spark infrastructure. The files to extract are uploaded to distributed file-system HDFS and the extraction process is controlled by a Web service via its REST API. The tool is able to utilise efficiently a large distributed clusters.

files, events, timestamps, extraction, distributed system

files, events, timestamps, extraction, distributed system

https://github.com/nesfit/pyspark-plaso

Use of the result by another entity is possible without acquiring a license in some cases

https://github.com/nesfit/pyspark-plaso

Instalační příručka
pyspark-plaso
Programátorská dokumentace
Uživatelská příručka