This crates provides structs and functions to insert timeline data into an elasticsearch index.
```rust use es4forensics::IndexBuilder; use es4forensics::WithHost; use elasticsearch::auth::Credentials;
let username = "elastic";
let password = "elastic";
let credentials = Credentials::Basic(username.tostring(), password.tostring());
let mut index = IndexBuilder::withname("elastic4forensicstest".tostring())
.withhost("127.0.0.1")
.withport(9200)
.withoutcertificatevalidation()
.withcredentials(credentials)
.build();
``
After doing this, you can easily add documents to the index using [Index::addtimelineobject`]
For example, consider we have a line from a bodyfile. We need to convert this
into a [ecs::objects::PosixFile]-Object, which can then be added to an Index:
```rust use bodyfile::Bodyfile3Line; use es4forensics::objects::PosixFile;
let strline = "0|/Users/Administrator ($FILENAME)|93552-48-2|d/drwxrwxrwx|0|0|92|1577092511|1577092511|1577092511|-1"; let bfline = Bodyfile3Line::tryfrom(str_line).unwrap();
index.addtimelineobject(PosixFile::from(bf_line)); ```
License: GPL-3.0