https://github.com/jschicht/UsnJrnl2Csv

Parser for $UsnJrnl on NTFS
https://github.com/jschicht/UsnJrnl2Csv

Last synced: 5 months ago
JSON representation

Parser for $UsnJrnl on NTFS

• Host: GitHub
• URL: https://github.com/jschicht/UsnJrnl2Csv
• Owner: jschicht
• License: mit
• Created: 2014-02-19T21:51:27.000Z (about 11 years ago)
• Default Branch: master
• Last Pushed: 2022-11-27T13:38:19.000Z (over 2 years ago)
• Last Synced: 2024-08-03T22:15:04.952Z (8 months ago)
• Language: AutoIt
• Size: 12.6 MB
• Stars: 100
• Watchers: 16
• Forks: 14
• Open Issues: 1
• Metadata Files:
  • Readme: readme-usnjrnl2csv-mysql.txt
  • Changelog: changelog.txt
  • License: LICENSE.md

Awesome Lists containing this project

• jimsghstars - jschicht/UsnJrnl2Csv - Parser for $UsnJrnl on NTFS (AutoIt)

README

        
As of version 1.0.0.7, the output csv of usnjrnl2csv supports import into MySql/MariaDb database. Attached is the database schema, usnjrnl2csv.sql, which should be used to create the database on MySql 5.6.4 or higher. That version is when precision in the timestamp was added. Earlier versions can be used, but then all DATETIME(6) occurrences in usnjrnl2csv.sql must be replaced with VARCHAR(28). It is important to use timestamp format 6. Precision of MilliSec or NanoSec is optional, but recommended. If NanoSec precision is used, then precision separator 2 must be empty (default value). It is also important to keep the timestamp error value to something valid for MySql, which the default value is. A nice sql client to use is HeidiSql. To import the csv into the database, use the import-csv-usnjrnl.sql or similar, depending on the output format chosen. Simply just run the autogenerated sql that will have all correct settings. Assumption is that database has been created beforehand using the included schema file.

For manual database creation use following statement:

CREATE DATABASE IF NOT EXISTS Ntfs

	CHARACTER SET 'utf8'

	COLLATE 'utf8_general_ci';