Timesketch: Collaborative forensic timeline analysis

130•apachepig•4mo ago

Comments

xandrius•4mo ago

Interesting that it's code owned by Google but a product. Is it because it was developed by someone during work (and hence owned by Google) but nobody from Google endorses it?

bjackman•4mo ago

This is just how it looks when you publish an open source project at Google.

Google controls the repo hence it's under the Google GitHub org. But then you just slap the "not a Google product" thing at the end to clarify that it's "just" some engineers publishing code rather than the release of the code of a Google product (nor a major strategic open source initiative like Go).

jsnell•4mo ago

Their process is documented at https://opensource.google/documentation/reference/releasing

So it could even be a pure hobby project - not something done for work - where the initial author (over a decade ago) chose to release it under Google's copyright rather than use the exception process.

tfsh•4mo ago

Any Googler can write code and open source it on the Google GitHub (within reason, the process is quite straightforward). So no, Google as an entity does not official endorse it, all it means is at least one employee is working on that particular effort.

j-krieger•4mo ago

I heard a lecture from one of its users/developers a year ago in Munich. IIRC it’s a tool that came out of their incident response teams, but don‘t quote me on this

ChrisArchitect•4mo ago

Website: https://timesketch.org/

sneak•4mo ago

Python 3 backend, Vue js front end, docker, Apache 2 licensed.

jcul•4mo ago

Only had a glance on my phone but maybe this would also be useful for incident postmortem timelines.

egorfine•4mo ago

Do I get it right that translated from marketingspeak it means "log viewer with backend"?

whizzter•4mo ago

I'm more understanding it as a tool so that multiple people collaborating on investigating a hack/data-breach/etc can audit/tag events in the interesting logs (ssh logins, weird executables starting,network probes, etc) from various sources and get a _combined timeline_ to easier determine adversary movement, cause-and-effect and so on to easier find what needs patching,etc.

olejorgenb•4mo ago

There's no timeline view in this timeline analysis tool?

macmac•4mo ago

Thanks, I thought I was the only one baffled by this.

nerpderp82•4mo ago

Cruel joke!

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

The Waymo World Model

What Is Ruliology?

How we made geo joins 400× faster with H3 indexes

Jeffrey Snover: "Welcome to the Room"

Unseen Footage of Atari Battlezone Arcade Cabinet Production

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

Monty: A minimal, secure Python interpreter written in Rust for use by AI

Show HN: I spent 4 years building a UI design tool with only the features I use

Sheldon Brown's Bicycle Technical Info

Microsoft open-sources LiteBox, a security-focused library OS

Hackers (1995) Animated Experience

Show HN: If you lose your memory, how to regain access to your computer?

An Update on Heroku

Dark Alley Mathematics

Vocal Guide – belt sing without killing yourself

Delimited Continuations vs. Lwt for Threads

Start all of your commands with a comma

PC Floppy Copy Protection: Vault Prolok

Was Benoit Mandelbrot a hedgehog or a fox?

How to effectively write quality code with AI

Introducing the Developer Knowledge API and MCP Server

I spent 5 years in DevOps – Solutions engineering gave me what I was missing

Understanding Neural Network, Visually

I now assume that all ads on Apple news are scams

Why I Joined OpenAI

Show HN: R3forth, a ColorForth-inspired language with a tiny VM

Female Asian Elephant Calf Born at the Smithsonian National Zoo

Learning from context is harder than we thought

FORTH? Really!?