Mark Hallman

bugfix 2097 still has a bug/typo in it. The updated timesketch.conf generated by `deploy_timesketch.sh` has the following line: `OPNSEARCH_HOST = 'opensearch'` and it should be `OPENSEARCH_HOST = 'opensearch'`

Here are some of my observations in researching the issue with networking issues in the latest timesketch/opensearch release. I hope they help some and reduces the research time for others...

hacktobeer, thanks so much. that does help fill in some of the holes in my docker networking knowledge. i was on that path but the issue is that the ping...

Use the aliases file that I included in my 1st post. They are Mike's aliases from 508, but they have been updated to use an environment $ZIMMERMAN_HOME to make it...

Aliases file updated for iisGeolocate sub-dir. [zimmermantools_linx_aliases.txt](https://github.com/teamdfir/sift/files/12083587/zimmermantools_linx_aliases.txt) I confirmed that PECmd and SumECmd do have issues running in a non-Windows env. I'll reach out to Eric and see if he...

One more for the does not work on a non-Windows OS. `SumECmd`. I'm wondering how to deal with this. We probably want to remove the aliases for these three. Even...

Never midn about the last comment about adding `SumECmd` , you already had it. So there are only two tools that don't work at this point.

Your command line looks correct. Try renaming your E01 to remove the space. Also, confirm that /mnt/ewf_mount exists. It should, but check it anyway. You can also verify the E01...

It is a good feature to have. I imagine that there are folks that want to install KAPE and might not even understand what .net is. For my current VMs...

I love the winget suggestion, I have been using it for months now, and it has been a real time saver, especially with the silent installs I need to go....