Timesketch is a collaborative forensic timeline analysis platform that helps investigators work with event data from multiple sources inside a shared sketch.
It’s designed to make large collections of timeline data easier to organise, review, enrich, and turn into structured investigation output.
This is free and open source software.
Key Features
- Supports importing timeline data in formats including Plaso, CSV, and JSONL.
- Offers full text and advanced query-based searching with filters, saved views, and chart-based exploration.
- Lets analysts annotate events with comments, labels, stars, and context queries.
- Includes stories, sharing controls, and access management for collaborative investigations.
- Provides Sigma support for rule-based analysis through the web interface, API, and analyzers.
- Can surface and manage intelligence items such as hashes, hostnames, and IPv4 indicators of compromise.
Website: github.com/google/timesketch
Support:
Developer: Google
License: Apache License 2.0
Timesketch is written in Python. Learn Python with our recommended free books and free tutorials.
Related Software
| Digital Forensics Tools | |
|---|---|
| GRR Rapid Response | Remote live forensics for incident response |
| Radare2 | Portable reversing framework |
| The Sleuth Kit | Collection of tools for forensic analysis |
| Autopsy Forensic Browser | Graphical interface to SleuthKit |
| iaito | Official graphical interface for radare2 |
| Volatility | Advanced memory forensics framework |
| guymager | Forensic imaging tool based on Qt |
| dcfldd | Enhanced version of dd for forensics and security |
| rdd | Forensic copy program |
| Jomon | Network forensics and passive sniffer |
| Mozilla InvestiGator | Real-time digital forensics and investigation platform |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |
| Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category. This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |