DFIRVault
  • August 4, 2025

Splunk DFIR Case Manager

Why I Built This ToolAs a cybersecurity professional, I frequently work with Splunk for log management, threat detection, and incident response. One challenge I faced was managing indexes efficiently—whether creating new ones, deleting old ones, or backing...
  • August 4, 2025

CSV Splitter

When working in digital forensics or threat intelligence, CSVs from SIEM tools, sandboxes, or log aggregators often hit hundreds of megabytes. Feeding those into Elasticsearch or a Python parser? It chokes.I needed a way...
  • June 24, 2025

NGINX log parser

During DFIR investigations, especially in NGINX environments, we’re often handed a messy directory full of rotated and compressed log files — access.log, access.log-20250624, error.log-20250623.xz, and so on.Sound familiar?To streamline this chaos, I built a...