Zeitline free download, Zeitline download on software download

Easily import events and classify them Zeitline is a free and open source Java/Swing tool that allows a computer forensic investigator to import events from various sources of a computing system or network and then order and classify them into one or more timelines of events.he area of event reconstruction in computer forensics deals with analyzing and evaluating data obtained from a system and use it to determine what happened. The data recovery process is a well-covered area within computer forensics, but little work has been done on how to actually analyze and evaluate the data. Only very crude tools, such as mactimes or individual log analyzers, exist. A comprehensive event reconstruction on a system that takes into account data from various sources, such as file MAC times, system logs, firewall logs, and application data, is mostly done manually by the investigator. With storage capacities growing rapidly and systems permanently being connected to global networks more and more, it is not uncommon that the number of events recorded by a system easily goes into the hundreds of thousands.To provide an investigator a tool that helps him process this large amount of data, we are developing a graphical time line editor. The tool should allow the grouping of events into super-events.The main data structure for the time line analyzer is the event. An event consists of a time span when the event took place, a source to denote the origin of the event, and a description of the event. An event can contain a list of sub-events and can also be part of a super event's sub-list.Starting with events at discrete times that were generated from the system information, events that belong to the same ``action'' can thus be grouped together into event hierarchies. For example, the three events ``access program gcc'', ``access file x'' and ``access library y'' could be grouped together into a super event by an investigator labeled ``compile program x'', which in turn could be part of another super event ``install rootkit z''.A graphical front-end should allow an investigator to manage the events. Super events may be created based on selected sub-events. Events may be moved around via drag-and-drop or directly assigned to a super event hierarchy. The event hierarchy can be displayed in a tree-like view allowing to collapse all or select branches. This way, an investigator can concentrate on events only relevant to his direct attention. Requirements: · Java 1.5 or later What's New in This Release: · File dialogs now start with the current working directory on all · tested platforms (Linux, OSX, and Windows XP). They also remember · their latest chosen directories. · Fixed a bug saving/loading project files if not in current working directory. · AtomicEvents now have to be sub-classed. This allows a events to · be specific regarding their source/purpose, resulting in smaller · storage requirement (no need to store information as strings anymore) · and also lets the tool display specific fields unique to the sub-class, · which is beneficial to the investigator. The GenericEvent class functions · like the old AtomicEvent class. We also provide new MACTimeEvent and · SyslogEvent classes. Sub-classed events can have their own icons, · display panels, and we are working on event-specific query dialogs · for a future version. · Improved GUI feedback. The progess bar and some alerts have received · some updates to point out status and error messages more clearly. · Parameters required for the import filters can now be queried and · preset directly in the import dialog. Before, the filter would · pop up a separate dialog to query any parameters. The SyslogFilter · is an example of a filter that requires a parameter (start year). · We now ask the user if he wants to save his changes (yes/no/cancel) · when the ComplexEvent data has changed and the user tries to change · to a different event. · For future use, "reported time" and "adjusted time" fields have been · added to AtomicEvents.

Zeitline Related Software