This is a non-IMPACT record, meaning that access to the data is not
controlled by IMPACT. For access, see the directions below.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Summary
DS-1348
Turbinia
External Tool
External Data Source
GitHub
Unknown
Unknown
56 (lowest rank is 56)
Description
Turbinia is an open-source framework for deploying, managing, and running distributed forensic workloads.
Turbinia is intended to automate running of common forensic processing tools (i.e. Plaso, TSK, strings, etc) to help with processing evidence in the Cloud, scaling the processing of large amounts of evidence, and decreasing response time by parallelizing processing where possible.
Turbinia is composed of different components for the client, server and the workers. These components can be run in the Cloud, on local machines, or as a hybrid of both. The Turbinia client makes requests to process evidence to the Turbinia server. The Turbinia server creates logical jobs from these incoming user requests, which creates and schedules forensic processing tasks to be run by the workers. The evidence to be processed will be split up by the jobs when possible, and many tasks can be created in order to process the evidence in parallel. One or more workers run continuously to process tasks from the server. Any new evidence created or discovered by the tasks will be fed back into Turbinia for further processing.
Communication from the client to the server is currently done with either Google Cloud PubSub or Kombu messaging. The worker implementation can use either PSQ (a Google Cloud PubSub Task Queue) or Celery for task scheduling.
Additional Details
1.4MB
false
Unknown
turbinia, 1348, source, inferlink corporation, corporation, inferlink, external, external data source, forensic, running, workloads, managing, distributed, framework, deploying, evidence, processing, server, cloud, tasks, workers, process, client, components, jobs, creates, requests, task, created, google, pubsub, decreasing, amounts, implementation, scheduling, communication, scaling, continuously, logical, processed, queue, user, machines, time, automate, fed, response, kombu, worker, plaso, messaging, parallelizing, discovered, other, split, tools, tsk, local, psq, incoming, celery, common, composed, parallel, intended, schedules, strings, hybrid