The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Zeitline: a forensic timeline editor

Mon, July 18, 2005Feature

The CERIAS computer forensics research group is proud to announce the
initial release of Zeitline: a forensic timeline editor.  Zeitline is
an open-sourced graphical tool written in Java used for the analysis
of forensic events.

Zeitline allows a forensic investigator to import events from various sources of a computing system or network and then order and classify them into one or more timelines of events. Events may be grouped together into super-events, creating a hierarchy of events. The organization of events and timelines as tree views allows the investigator to display and hide specific events, which makes it easy to focus on the relevant aspects of the investigation one at a time. This is further supported by the ability to filter events based on keywords as well as start and ending times.

More information

More at: http://www.cerias.purdue.edu/homes/forensics/timeline.php
Get Your Degree with CERIAS