Tool for Distributed Extraction of Timestamped Events from Files

Czech title

Nástroj pro distribuovanou extrakci událostí s časovými známkami ze souborů

Type

software

License

Use of the result by another entity is possible without acquiring a license in some cases

License Fee

The licensor does not require a license fee for the result

Authors

Rychlý Marek, RNDr., Ph.D. (DIFS)
Burget Radek, doc. Ing., Ph.D. (DIFS)

Keywords

files, events, timestamps, extraction, distributed system

Description

A tool for distributed extraction of timestamps from various files using extractors adapted from the Plaso engine to Apache Spark infrastructure. The files to extract are uploaded to distributed file-system HDFS and the extraction process is controlled by a Web service via its REST API. The tool is able to utilise efficiently a large distributed clusters.

Location

https://github.com/nesfit/pyspark-plaso

License Conditions

Licensed under the Apache License, Version 2.0 (the "License"); you may not use these files except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Projects

Integrated platform for analysis of digital data from security incidents, MV, Bezpečnostní výzkum České republiky 2015-2020, VI20172020062, 2017-2020, running
Nástroje, metody a technologie ICT pro podporu konceptu smart cities, BUT, Vnitřní projekty VUT, FIT-S-17-3964, 2017-2020, completed

Research groups

Information and Database Systems Research Group (RG IS)
NES@FIT - Networks and distributed systems research group (RG NES@FIT)

Departments

Department of Information Systems (DIFS)