Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Python Digital Forensics Cookbook Effective Python recipes for digital investigations

Product type Paperback

Published in Sep 2017

Publisher Packt

ISBN-13 9781783987467

Length 412 pages

Edition 1st Edition

Languages

Python

Tools

SQLite

Concepts

Forensics

Authors (2):

Chapin Bryce

Preston Miller

View More author details

Table of Contents (11) Chapters

Preface

1. Essential Scripting and File Information Recipes FREE CHAPTER

2. Creating Artifact Report Recipes

3. A Deep Dive into Mobile Forensic Recipes

4. Extracting Embedded Metadata Recipes

5. Networking and Indicators of Compromise Recipes

6. Reading Emails and Taking Names Recipes

7. Log-Based Artifact Recipes

8. Working with Forensic Evidence Container Recipes

9. Exploring Windows Forensic Artifacts Recipes - Part I

10. Exploring Windows Forensic Artifacts Recipes - Part II

Going spelunking

Recipe Difficulty: Medium

Python Version: 2.7

Operating System: Any

Log files can quickly become quite sizable due to the level of detail and time frame preserved. As you may have noticed, the CSV report from the prior recipe can easily become too large for our spreadsheet application to open or browse efficiently. Rather than analyzing this data in a spreadsheet, one alternative would be to load the data into a database.

Splunk is a platform that incorporates a NoSQL database with an ingestion and query engine, making it a powerful analysis tool. Its database operates in a manner like Elasticsearch or MongoDB, permitting the storage of documents or structured records. Because of this, we do not need to provide records with a consistent key-value mapping to store them in the database. This is what makes NoSQL databases so useful for log analysis, as log formats...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Chapin Bryce

Chapin Bryce is a senior consultant at a global firm that is a leader in digital forensics and incident response investigations. After graduating from Champlain College, with a bachelor's degree in computer and digital forensics, Chapin dove into the field of digital forensics and incident response joining the GIAC advisory board and earning four GIAC certifications: GCIH, GCFE, GCFA, and GNFA. As a member of multiple ongoing research and development projects, he has authored several books and articles in professional and academic publications, including Python Digital Forensics Cookbook (2018 Digital Forensics Book of the Year, Forensic 4Cast), Learning Python for Forensics First Edition, and Digital Forensic Magazine.

See other products by Chapin Bryce

Miller

Preston Miller is a consultant at an internationally recognized risk management firm. Preston holds an undergraduate degree from Vassar College and a master's degree in digital forensics from Marshall University. While at Marshall, Preston unanimously received the prestigious J. Edgar Hoover Foundation's scientific scholarship. Preston is a published author, recently of Python Digital Forensics Cookbook, which won the Forensic 4:cast Digital Forensics Book of the Year award in 2018. Preston is a member of the GIAC advisory board and holds multiple industry-recognized certifications in his field.

See other products by Miller