Code Dump: Format Autopsy Results

#!/bin/bash DATE=”” cat timeline.txt | while read line; do if [[ $(echo $line | egrep “[A-Z][a-z]+ [A-Z][a-z]+ [0-9]+ [0-9]+ [0-9]+:[0-9]+:[0-9]+” | wc -l) -gt 0 ]] then DATE=$(echo $line| sed “s/\([A-Z][a-z]* [A-Z][a-z]* [0-9]* [0-9]* [0-9]*:[0-9]*:[0-9]*\).*/\1/” ) echo $line >> timelinefixed.txt echo $line else echo “$DATE $line” >> timelinefixed.txt echo “$DATE $line” fi done

Read More