I’ve just released a new tool: CrowdStrike AID Timeliner.
This script helps investigators quickly build timelines around CrowdStrike Alert IDs (AIDs). Instead of manually pulling data and stitching it together, the tool automates the process to give you a clear, chronological view of related activity.
It’s designed to save time during incident response, speed up triage, and help analysts spot patterns that might otherwise get lost in the noise.
The project is open-source and available on GitHub – feedback and contributions are always welcome!
Check it out here: https://github.com/dfirvault/CrowdStrike-AID-Timeliner