Exploring the Wonders of Timesketch and Jupyter

Dive into a comprehensive webinar exploring the powerful combination of Timesketch and Jupyter notebooks for digital forensics investigations. Learn how to harness notebooks, particularly colab/jupyter, alongside Timesketch and plaso to solve an open-source forensics challenge centered around the infamous case of stolen szechuan sauce. Discover techniques for using notebooks in investigations, uploading and analyzing data, and leveraging Timesketch for data storage. Follow along interactively as the challenge is solved step-by-step using notebooks, pandas, and Timesketch's capabilities. Explore topics such as data import, Timesketch API client usage, summary tools, field bucket analysis, horizontal bar charts, destination field grouping, escapee slice examination, transport layer investigation, data frame manipulation, logging event analysis, filtering logs, and memory dump examination. Gain insights into advanced forensic techniques and timestamp analysis to enhance your digital investigation skills.

Introduction
Meet the Team
Use Case
Import Data
Timesketch Import
Analysis Notebook
Timesketch API Client
Summary Tools
Field Bucket
Horizontal Bar Chart
Destination Field
Group by
Escapee
Slice
Transport Layer
Data Frame
Logging Events
Filtering Logs
Data Types
Memory Dump
Advanced Questions
Timestamping