Super timelines with Splunk
I have always been a great fan of Splunk for analyzing log data when investigating incidents. One of the downfalls is that while Splunk does a wonderful job searching logs, the timeline it creates is missing critical time information about the files that reside on the system itself. I have found a solution to this issue here. Enjoy.