Execution of cdqr.exe requires log2timeline.exe #58
Assignees
Labels
Comments
|
As they stated on the Plaso github they no longer support creating the .exe and that's not something I can control. You'd either have to compile the .exe version yourself or use a different version. If you want to continue to use CDQR on Windows I recommend learning how to use the Docker version of CDQR. https://github.com/orlikoski/CDQR/tree/master/Docker |
|
Hello Alan,
What is the advantage of utilizing docker image over directly setting up
cdqr on an Ubuntu machine,does it add new functionality?
Thanks and Regards
Tej Gandhi
…On Thu, Dec 24, 2020 at 8:45 AM @AlanOrlikoski ***@***.***> wrote:
As they stated on the Plaso github they no longer support creating the
.exe and that's not something I can control. You'd either have to compile
the .exe version yourself or use a different version.
If you want to continue to use CDQR on Windows I recommend learning how to
use the Docker version of CDQR.
https://github.com/orlikoski/CDQR/tree/master/Docker
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#58 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADG3SM2VRF2KRS6J7EKCMLLSWNHXVANCNFSM4VIGTX3Q>
.
|
|
It's easier to use, works on any OS that supports docker, and requires no setup time. Some more reading on containers and docker. https://www.simplilearn.com/tutorials/docker-tutorial/what-is-docker-container |
|
Hello Alan,
Thanks appreciate it ,I got started with the docker image to utilize
cdqr,is there a particular path to utilize or any other changes?
[image: Docker image1.jpg]
[image: dockerruncommand.jpg]
Thanks and Regards
Tej Gandhi
…On Thu, Dec 24, 2020 at 9:56 AM @AlanOrlikoski ***@***.***> wrote:
It's easier to use, works on any OS that supports docker, and requires no
setup time.
Some more reading on containers and docker.
https://www.simplilearn.com/tutorials/docker-tutorial/what-is-docker-container
https://rubygarage.org/blog/advantages-of-using-docker-for-microservices
https://dzone.com/articles/top-10-benefits-of-using-docker
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#58 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADG3SM4GTYSFNSHLGQ6V7OLSWNQEHANCNFSM4VIGTX3Q>
.
|
|
Hello Alan,
Has this been run on Windows as well or the base operating system has been
Linux all the time?
[image: Powershell.png]
[image: Cmdline.png]
Thanks and Regards
Tej Gandhi
…On Thu, Dec 24, 2020 at 11:08 AM Tej Gandhi ***@***.***> wrote:
Hello Alan,
Thanks appreciate it ,I got started with the docker image to utilize
cdqr,is there a particular path to utilize or any other changes?
[image: Docker image1.jpg]
[image: dockerruncommand.jpg]
Thanks and Regards
Tej Gandhi
On Thu, Dec 24, 2020 at 9:56 AM @AlanOrlikoski ***@***.***>
wrote:
> It's easier to use, works on any OS that supports docker, and requires no
> setup time.
>
> Some more reading on containers and docker.
>
>
> https://www.simplilearn.com/tutorials/docker-tutorial/what-is-docker-container
> https://rubygarage.org/blog/advantages-of-using-docker-for-microservices
> https://dzone.com/articles/top-10-benefits-of-using-docker
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub
> <#58 (comment)>, or
> unsubscribe
> <https://github.com/notifications/unsubscribe-auth/ADG3SM4GTYSFNSHLGQ6V7OLSWNQEHANCNFSM4VIGTX3Q>
> .
>
|
|
Hello Alan,
Seems to run currently it seems my Docker Daemon was not initialized.
Thanks and Regards
Tej Gandhi
…On Thu, Dec 24, 2020 at 12:06 PM Tej Gandhi ***@***.***> wrote:
Hello Alan,
Has this been run on Windows as well or the base operating system has been
Linux all the time?
[image: Powershell.png]
[image: Cmdline.png]
Thanks and Regards
Tej Gandhi
On Thu, Dec 24, 2020 at 11:08 AM Tej Gandhi ***@***.***> wrote:
> Hello Alan,
>
> Thanks appreciate it ,I got started with the docker image to utilize
> cdqr,is there a particular path to utilize or any other changes?
>
>
> [image: Docker image1.jpg]
>
> [image: dockerruncommand.jpg]
>
> Thanks and Regards
> Tej Gandhi
>
> On Thu, Dec 24, 2020 at 9:56 AM @AlanOrlikoski ***@***.***>
> wrote:
>
>> It's easier to use, works on any OS that supports docker, and requires
>> no setup time.
>>
>> Some more reading on containers and docker.
>>
>>
>> https://www.simplilearn.com/tutorials/docker-tutorial/what-is-docker-container
>> https://rubygarage.org/blog/advantages-of-using-docker-for-microservices
>> https://dzone.com/articles/top-10-benefits-of-using-docker
>>
>> —
>> You are receiving this because you authored the thread.
>> Reply to this email directly, view it on GitHub
>> <#58 (comment)>,
>> or unsubscribe
>> <https://github.com/notifications/unsubscribe-auth/ADG3SM4GTYSFNSHLGQ6V7OLSWNQEHANCNFSM4VIGTX3Q>
>> .
>>
>
|
|
you can see it running in a demo here https://www.youtube.com/watch?v=q1aAgfGBo2Q&list=PL5rkTht_beuS3vnbWJkkHwCZP73IMQdhk&index=3 |
|
Hello Alan,
The CDQR version functions on a Windows system with a docker image,I wanted
to take the Cylr artifacts directly as a folder on the Windows VM and
utilize log2time docker image to process them. How should I go about?
I am utilizing this command as of now gives errors currently
docker run -v /user/share/plaso:C:\Artifacts log2timeline/plaso
results.plaso Machinename.zip OR Machinename
Thanks and Regards
Tej Gandhi
…On Thu, Dec 24, 2020 at 9:45 AM @AlanOrlikoski ***@***.***> wrote:
As they stated on the Plaso github they no longer support creating the
.exe and that's not something I can control. You'd either have to compile
the .exe version yourself or use a different version.
If you want to continue to use CDQR on Windows I recommend learning how to
use the Docker version of CDQR.
https://github.com/orlikoski/CDQR/tree/master/Docker
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#58 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADG3SM2VRF2KRS6J7EKCMLLSWNHXVANCNFSM4VIGTX3Q>
.
|
|
hi @tej7gandhi It may be easier to come by the slack community http://skadicommunity.herokuapp.com/ and ask these questions rather than discuss this under an issues report |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
I was executing cdqr.exe ,however a message pops up please provide the path for log2timeline.exe,where can I get the executable for log2timeline.exe .I navigated to the Plaso path that has been mentioned but I didnt find the executable there currently?Do I require to modify the code so only python code is taken as input?
Thanks and Regards
Tej Gandhi
The text was updated successfully, but these errors were encountered: