Good Afternoon,
I'm setting up a SunBlade 2500 using ufsrestoreand have gotten to the point where I have restored the root and usr partitions. However, the machine keeps rebooting, never really coming up. Looking at vfstab, it looks pretty empty- shouldn't I see entries like... (22 Replies)
Good Morning,
I took a mirror drive from one Solaris 9 machine and used it to set up another. After syncing another mirror on the second machine I restarted but I don't get a login screen.
I see a message:The X-server cannot be started on display :0
Also during startup I see:... (8 Replies)
Hi,
I recently got StoragaTek 2500 and I would like to connect it to my solaris machine, since I don't have much experience with storages, could someone point me how to do so, how can i present disks from storage on my solaris os? (everything is already connected)
thanks in advance (1 Reply)
Ideally I want to import/correlate logs between several different clients/servers, which many things like Google BigQuery, & Splunk do...
However, I want to visualize them in a step-by-step timeline where I can see key events (reboot, segfault, abort, etc.) and get a "big picture" of what the... (0 Replies)
Hi guys,
I am a new member here. This is my first post.
I try to purchase some new Blade 2500 for the
company. However, the vendor suggests me to get Blade 2000 instead. The vendor said he has many problems
with new Silver Blade 2500's. Has anyone here had
simlar experience with blade 2500?... (4 Replies)
reglookup-timeline(1)reglookup-timeline(1)NAME
reglookup-timeline - Windows NT+ registry MTIME timeline generator
SYNOPSIS
reglookup-timeline [-H] registry-file [registry-file ...]
DESCRIPTION
This script is a wrapper for reglookup(1), and reads one or more registry files to produce an MTIME-sorted output. This is helpful when
building timelines for forensic investigations.
PARAMETERS
reglookup-timeline accepts one or more registry file names. All of the provided registries will be parsed using reglookup(1). The -H option
may be used to omit the header line.
OUTPUT
reglookup-timeline generates a comma-separated values (CSV) compatible format to stdout. While the output of reglookup-timeline and
reglookup(1) differ in the columns returned, the base format is the same.
Currently, reglookup-timeline returns three columns: MTIME, FILE, and PATH. Only rows representing registry keys are returned, since MTIMEs
are not stored for values. The FILE column indicates which registry file (provided as an argument) the key came from. Finally, the PATH
field contains the full registry path to the key. Records are returned sorted in ascending order based on the MTIME column.
BUGS
This script is new, and as such it's interface may change significantly over the next few revisions. In particular, additional command line
options will likely be added, and the output of the script may be altered in minor ways.
It is very difficult to find documentation on what precise operations cause the MTIMEs to be updated. Basic experimentation indicates that
a key's stamp is updated anytime an immediate sub-value or sub-key is created, renamed, deleted, or it's value is modified. If this MTIME
data is critical to an investigation, any conclusions should be validated through experimentation in a controlled lab environment.
This software should be considered unstable at this time.
CREDITS
This script was written by Timothy D. Morgan based on suggestions from Uwe Danz.
Please see source code for a full list of copyrights.
LICENSE
Please see the file "LICENSE" included with this software distribution.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MER-
CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License version 3 for more details.
SEE ALSO reglookup(1)reglookup-recover(1)File Conversion Utilities 8 March 2010 reglookup-timeline(1)