{"id":20148264,"url":"https://github.com/chainguard-dev/kolide-timeline","last_synced_at":"2025-08-15T23:13:02.273Z","repository":{"id":178310407,"uuid":"640041952","full_name":"chainguard-dev/kolide-timeline","owner":"chainguard-dev","description":"Turn Kolide pipeline logs into a timeline","archived":false,"fork":false,"pushed_at":"2024-09-05T12:42:53.000Z","size":206,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-11-13T22:36:17.247Z","etag":null,"topics":["incident-response","kolide","timeline"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chainguard-dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-05-12T20:49:24.000Z","updated_at":"2024-09-05T12:42:05.000Z","dependencies_parsed_at":null,"dependency_job_id":"2bde5aee-9c94-4518-bc90-226e6f77a1ea","html_url":"https://github.com/chainguard-dev/kolide-timeline","commit_stats":null,"previous_names":["chainguard-dev/kolide-timeline"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fkolide-timeline","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fkolide-timeline/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fkolide-timeline/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainguard-dev%2Fkolide-timeline/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chainguard-dev","download_url":"https://codeload.github.com/chainguard-dev/kolide-timeline/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":233731203,"owners_count":18721299,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["incident-response","kolide","timeline"],"created_at":"2024-11-13T22:36:29.020Z","updated_at":"2025-01-13T11:21:19.128Z","avatar_url":"https://github.com/chainguard-dev.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# kolide-timeline\n\n[![stable](http://badges.github.io/stability-badges/dist/stable.svg)](http://github.com/badges/stability-badges)\n\nkolide-timeline generates a timeline in CSV format from Kolide pipeline logs, using both query timestamps and any\ntimestamps returned by the queries.\n\nThis tool is geared toward security investigations and incident response.\n\n![screenshot](images/sheet.png?raw=true \"screenshot\")\n\n## Requirements\n\n* Go v1.20 or newer\n\n## Installation\n\n```shell\ngo install github.com/chainguard-dev/kolide-timeline/cmd/kolide-timeline@latest\ngo install github.com/chainguard-dev/kolide-timeline/cmd/copy-from-gs@latest\n```\n\n## Usage\n\nTimeline generation assumes that pipeline logs have been locally downloaded:\n\n```\nkolide-timeline \u003c/path/to/device/logs\u003e\n```\n\nIf your Kolide pipeline logs are stored in Google Cloud Storage, there is a tool to simplify downloading recent logs for a single device:\n\n```\ncopy-from-gs \\\n  --bucket chainguard-kolide-logs \\\n  --prefix kolide/results \\\n  --device-id=183909 \\\n  --max-age=72h            \n```\n\nTo find the device ID, visit https://k2.kolide.com/, click on the Device, and view its URL: it will end in `/inventory/devices/\u003cdevice id\u003e/overview`. ","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchainguard-dev%2Fkolide-timeline","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchainguard-dev%2Fkolide-timeline","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchainguard-dev%2Fkolide-timeline/lists"}