Example Usage
G:\>c:\Python37-32\python.exe c:\Github\UnifiedLogReader\UnifiedLogReader.py -h
usage: UnifiedLogReader.py [-h] [-f OUTPUT_FORMAT] [-l LOG_LEVEL]
uuidtext_path timesync_path tracev3_path
output_path
UnifiedLogReader is a tool to read macOS Unified Logging tracev3 files.
This is version 0.3 tested on macOS 10.12.5 - 10.15 and iOS 12.
Notes:
-----
If you have a .logarchive, then point uuidtext_path to the .logarchive folder,
the timesync folder is within the logarchive folder
positional arguments:
uuidtext_path Path to uuidtext folder (/var/db/uuidtext)
timesync_path Path to timesync folder (/var/db/diagnostics/timesync)
tracev3_path Path to either tracev3 file or folder to recurse (/var/db/diagnostics)
output_path An existing folder where output will be saved
optional arguments:
-h, --help show this help message and exit
-f OUTPUT_FORMAT, --output_format OUTPUT_FORMAT
SQLITE, TSV_ALL, LOG_DEFAULT (Default is LOG_DEFAULT)
-l LOG_LEVEL, --log_level LOG_LEVEL
Log levels: INFO, DEBUG, WARNING, ERROR (Default is INFO)
See also
Bulk Extractor
Open Source
Kali
Scans a disk image, file, or directory and extracts features such as email addresses, URLs, credit c…
NetworkMiner
Freemium
Network forensics analysis tool (NFAT) that captures packets and parses them to reconstruct transmit…
Volatility Workbench
Free
Free GUI front-end for Volatility 3 memory forensics framework on Windows. Simplifies memory analysi…
byvalver
Free
takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalit…
joincap
Open Source
Merge multiple pcap files together, gracefully.…
jupyter-collection
Open Source
Collection of Jupyter Notebooks by @fr0gger_…