mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-26 00:55:14 +00:00
Code Issues Releases Activity

Add log2timeline, a log file parser for computer forensic investigations.

Browse Source
This commit is contained in:
MANTANI Nobutaka 2010-12-24 19:10:30 +00:00
parent 0007f908ef
commit b65cfef8d1
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=266855
5 changed files with 201 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
security/Makefile
View File

@ -282,6 +282,7 @@
SUBDIR += linux-openssl SUBDIR += linux-openssl
SUBDIR += linux-pam-docs SUBDIR += linux-pam-docs
SUBDIR += lockdown SUBDIR += lockdown
SUBDIR += log2timeline
SUBDIR += logcheck SUBDIR += logcheck
SUBDIR += lsh SUBDIR += lsh
SUBDIR += luasec SUBDIR += luasec

76
security/log2timeline/Makefile Normal file
View File

@ -0,0 +1,76 @@
# New ports collection makefile for: log2timeline
# Date created: 24 December 2010
# Whom: Nobutaka Mantani <nobutaka@FreeBSD.org>
#
# $FreeBSD$
#
PORTNAME= log2timeline
PORTVERSION= 0.51
CATEGORIES= security
MASTER_SITES= http://log2timeline.net/files/
DISTNAME= ${PORTNAME}_${PORTVERSION}
EXTRACT_SUFX= .tgz
MAINTAINER= nobutaka@FreeBSD.org
COMMENT= A log file parser for computer forensic investigations
LICENSE= GPLv3
LICENSE_FILE= ${WRKSRC}/LICENSE
BUILD_DEPENDS= ${SITE_PERL}/Archive/Zip.pm:${PORTSDIR}/archivers/p5-Archive-Zip \
${SITE_PERL}/${PERL_ARCH}/DBD/SQLite.pm:${PORTSDIR}/databases/p5-DBD-SQLite \
${SITE_PERL}/${PERL_ARCH}/DBI/DBD.pm:${PORTSDIR}/databases/p5-DBI \
${SITE_PERL}/Carp/Assert.pm:${PORTSDIR}/devel/p5-Carp-Assert \
${SITE_PERL}/Data/Hexify.pm:${PORTSDIR}/devel/p5-Data-Hexify \
${SITE_PERL}/Date/Manip.pm:${PORTSDIR}/devel/p5-Date-Manip \
${SITE_PERL}/${PERL_ARCH}/DateTime.pm:${PORTSDIR}/devel/p5-DateTime \
${SITE_PERL}/DateTime/Format/Strptime.pm:${PORTSDIR}/devel/p5-DateTime-Format-Strptime \
${SITE_PERL}/DateTime/TimeZone.pm:${PORTSDIR}/devel/p5-DateTime-TimeZone \
${SITE_PERL}/${PERL_ARCH}/Glib.pm:${PORTSDIR}/devel/p5-Glib2 \
${SITE_PERL}/${PERL_ARCH}/Params/Validate.pm:${PORTSDIR}/devel/p5-Params-Validate \
${SITE_PERL}/Mac/PropertyList.pm:${PORTSDIR}/devel/p5-Mac-PropertyList \
${SITE_PERL}/Parse/Win32Registry.pm:${PORTSDIR}/devel/p5-Parse-Win32Registry \
${SITE_PERL}/Image/ExifTool.pm:${PORTSDIR}/graphics/p5-Image-ExifTool \
${SITE_PERL}/${PERL_ARCH}/Net/Pcap.pm:${PORTSDIR}/net/p5-Net-Pcap \
${SITE_PERL}/NetPacket.pm:${PORTSDIR}/net/p5-NetPacket \
${SITE_PERL}/${PERL_ARCH}/Digest/CRC.pm:${PORTSDIR}/security/p5-Digest-CRC \
${SITE_PERL}/${PERL_ARCH}/XML/LibXML.pm:${PORTSDIR}/textproc/p5-XML-LibXML \
${SITE_PERL}/File/Mork.pm:${PORTSDIR}/www/p5-File-Mork \
${SITE_PERL}/${PERL_ARCH}/HTML/Parser.pm:${PORTSDIR}/www/p5-HTML-Parser \
${SITE_PERL}/HTML/Scrubber.pm:${PORTSDIR}/www/p5-HTML-Scrubber \
${SITE_PERL}/LWP/UserAgent.pm:${PORTSDIR}/www/p5-libwww \
${SITE_PERL}/${PERL_ARCH}/Gtk2.pm:${PORTSDIR}/x11-toolkits/p5-Gtk2
RUN_DEPENDS= ${BUILD_DEPENDS}
PERL_CONFIGURE= yes
WRKSRC= ${WRKDIR}/${PORTNAME}
MAN1= log2timeline.1 \
timescanner.1 \
timescanner_threaded.1
MAN3= Log2t::BinRead.3 \
Log2t::Numbers.3 \
Log2t::Time.3 \
Log2t::input::evt.3 \
Log2t::input::evtx.3 \
Log2t::input::ff_bookmark.3 \
Log2t::input::firefox2.3 \
Log2t::input::ftk_dirlisting.3 \
Log2t::input::mcafee.3 \
Log2t::input::opera.3 \
Log2t::input::pcap.3 \
Log2t::input::pdf.3 \
Log2t::input::setupapi.3 \
Log2t::input::sol.3 \
Log2t::input::volatility.3 \
Log2t::input::wmiprov.3 \
Log2t::output::beedocs.3 \
Log2t::output::cef.3 \
Log2t::output::cftl.3 \
Log2t::output::csv.3 \
Log2t::output::tab.3 \
Parse::Evtx.3 \
Parse::Evtx::Chunk.3 \
.include <bsd.port.mk>

2
security/log2timeline/distinfo Normal file
View File

@ -0,0 +1,2 @@
SHA256 (log2timeline_0.51.tgz) = b6b360e3460f7a2cd525be637468d9d68ad8a1bcde40c2b7639ed9c2adc225b9
SIZE (log2timeline_0.51.tgz) = 295594

5
security/log2timeline/pkg-descr Normal file
View File

@ -0,0 +1,5 @@
log2timeline is a computer forensic tool to parse various log files and
artifacts found on suspect systems and produce a timeline that can be
analyzed by computer forensic examiners.
WWW: http://log2timeline.net/

117
security/log2timeline/pkg-plist Normal file
View File

@ -0,0 +1,117 @@
bin/glog2timeline
bin/log2timeline
bin/timescanner
bin/timescanner_threaded
bin/update_log2timeline
%%SITE_PERL%%/Log2t/BinRead.pm
%%SITE_PERL%%/Log2t/Common.pm
%%SITE_PERL%%/Log2t/Network.pm
%%SITE_PERL%%/Log2t/Numbers.pm
%%SITE_PERL%%/Log2t/Time.pm
%%SITE_PERL%%/Log2t/Time.pm.orig
%%SITE_PERL%%/Log2t/Win.pm
%%SITE_PERL%%/Log2t/input/apache2_access.pm
%%SITE_PERL%%/Log2t/input/apache2_error.pm
%%SITE_PERL%%/Log2t/input/chrome.pm
%%SITE_PERL%%/Log2t/input/evt.pm
%%SITE_PERL%%/Log2t/input/evtx.pm
%%SITE_PERL%%/Log2t/input/exif.pm
%%SITE_PERL%%/Log2t/input/ff_bookmark.pm
%%SITE_PERL%%/Log2t/input/firefox2.pm
%%SITE_PERL%%/Log2t/input/firefox3.pm
%%SITE_PERL%%/Log2t/input/ftk_dirlisting.pm
%%SITE_PERL%%/Log2t/input/iehistory.pm
%%SITE_PERL%%/Log2t/input/iis.pm
%%SITE_PERL%%/Log2t/input/isatxt.pm
%%SITE_PERL%%/Log2t/input/linux.lst
%%SITE_PERL%%/Log2t/input/mactime.pm
%%SITE_PERL%%/Log2t/input/mcafee.pm
%%SITE_PERL%%/Log2t/input/opera.pm
%%SITE_PERL%%/Log2t/input/oxml.pm
%%SITE_PERL%%/Log2t/input/pcap.pm
%%SITE_PERL%%/Log2t/input/pdf.pm
%%SITE_PERL%%/Log2t/input/prefetch.pm
%%SITE_PERL%%/Log2t/input/recycler.pm
%%SITE_PERL%%/Log2t/input/restore.pm
%%SITE_PERL%%/Log2t/input/safari.pm
%%SITE_PERL%%/Log2t/input/setupapi.pm
%%SITE_PERL%%/Log2t/input/sol.pm
%%SITE_PERL%%/Log2t/input/squid.pm
%%SITE_PERL%%/Log2t/input/syslog.pm
%%SITE_PERL%%/Log2t/input/tln.pm
%%SITE_PERL%%/Log2t/input/userassist.pm
%%SITE_PERL%%/Log2t/input/volatility.pm
%%SITE_PERL%%/Log2t/input/web.lst
%%SITE_PERL%%/Log2t/input/win_link.pm
%%SITE_PERL%%/Log2t/input/winvista.lst
%%SITE_PERL%%/Log2t/input/winxp.lst
%%SITE_PERL%%/Log2t/input/wmiprov.pm
%%SITE_PERL%%/Log2t/input/xpfirewall.pm
%%SITE_PERL%%/Log2t/output/beedocs.pm
%%SITE_PERL%%/Log2t/output/cef.pm
%%SITE_PERL%%/Log2t/output/cftl.pm
%%SITE_PERL%%/Log2t/output/csv.pm
%%SITE_PERL%%/Log2t/output/mactime.pm
%%SITE_PERL%%/Log2t/output/mactime_l.pm
%%SITE_PERL%%/Log2t/output/simile.pm
%%SITE_PERL%%/Log2t/output/sqlite.pm
%%SITE_PERL%%/Log2t/output/tab.pm
%%SITE_PERL%%/Log2t/output/tln.pm
%%SITE_PERL%%/Log2t/output/tlnx.pm
%%SITE_PERL%%/Parse/Evtx.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/NameString.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x00.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x01.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x02.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x03.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x04.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x05.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x06.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x0c.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x0d.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x0e.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Node0x0f.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Root.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/SubstArray.pm
%%SITE_PERL%%/Parse/Evtx/BXmlNode/Template.pm
%%SITE_PERL%%/Parse/Evtx/Chunk.pm
%%SITE_PERL%%/Parse/Evtx/Const.pm
%%SITE_PERL%%/Parse/Evtx/Event.pm
%%SITE_PERL%%/Parse/Evtx/VariantType.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x00.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x01.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x02.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x03.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x04.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x05.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x06.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x07.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x08.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x09.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x0a.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x0b.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x0c.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x0d.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x0e.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x0f.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x10.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x11.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x12.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x13.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x14.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x15.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x21.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x81.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x94.pm
%%SITE_PERL%%/Parse/Evtx/VariantType/Type0x95.pm
%%SITE_PERL%%/mach/auto/Log2t/.packlist
@dirrm %%SITE_PERL%%/Log2t/input
@dirrm %%SITE_PERL%%/Log2t/output
@dirrm %%SITE_PERL%%/Log2t
@dirrm %%SITE_PERL%%/Parse/Evtx/BXmlNode
@dirrm %%SITE_PERL%%/Parse/Evtx/VariantType
@dirrm %%SITE_PERL%%/Parse/Evtx
@dirrm %%SITE_PERL%%/mach/auto/Log2t
@dirrmtry %%SITE_PERL%%/Parse
@dirrmtry %%SITE_PERL%%/mach/auto/Parse/Win32Registry