Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Comments

feat: implement rayon for search#206

Merged
FranticTyping merged 2 commits intomasterfrom
feat/speed_improvements
Dec 22, 2024
Merged

feat: implement rayon for search#206
FranticTyping merged 2 commits intomasterfrom
feat/speed_improvements

Conversation

@FranticTyping
Copy link
Collaborator

@FranticTyping FranticTyping commented Dec 21, 2024
edited
Loading

  • Implement rayon processing for search

Searching

Before:

➜  release git:(master) time ./chainsaw search foo ~/Downloads/evtx --skip-errors -o foo

 ██████╗██╗  ██╗ █████╗ ██╗███╗   ██╗███████╗ █████╗ ██╗    ██╗
██╔════╝██║  ██║██╔══██╗██║████╗  ██║██╔════╝██╔══██╗██║    ██║
██║     ███████║███████║██║██╔██╗ ██║███████╗███████║██║ █╗ ██║
██║     ██╔══██║██╔══██║██║██║╚██╗██║╚════██║██╔══██║██║███╗██║
╚██████╗██║  ██║██║  ██║██║██║ ╚████║███████║██║  ██║╚███╔███╔╝
 ╚═════╝╚═╝  ╚═╝╚═╝  ╚═╝╚═╝╚═╝  ╚═══╝╚══════╝╚═╝  ╚═╝ ╚══╝╚══╝
    By WithSecure Countercept (@FranticTyping, @AlexKornitzer)

[+] Loading forensic artefacts from: /Users/jamesdorgan/Downloads/evtx
[+] Loaded 2240 forensic files (9.4 GB)
[+] Searching forensic artefacts...
[+] Found 616 hits
./chainsaw <snip>  212.15s user 12.71s system 347% cpu 1:04.68 total

After:

➜  release git:(feat/speed_improvements) ✗ time ./chainsaw search foo ~/Downloads/evtx --skip-errors -o foo

 ██████╗██╗  ██╗ █████╗ ██╗███╗   ██╗███████╗ █████╗ ██╗    ██╗
██╔════╝██║  ██║██╔══██╗██║████╗  ██║██╔════╝██╔══██╗██║    ██║
██║     ███████║███████║██║██╔██╗ ██║███████╗███████║██║ █╗ ██║
██║     ██╔══██║██╔══██║██║██║╚██╗██║╚════██║██╔══██║██║███╗██║
╚██████╗██║  ██║██║  ██║██║██║ ╚████║███████║██║  ██║╚███╔███╔╝
 ╚═════╝╚═╝  ╚═╝╚═╝  ╚═╝╚═╝╚═╝  ╚═══╝╚══════╝╚═╝  ╚═╝ ╚══╝╚══╝
    By WithSecure Countercept (@FranticTyping, @AlexKornitzer)

[+] Loading forensic artefacts from: /Users/jamesdorgan/Downloads/evtx
[+] Loaded 2240 forensic files (9.4 GB)
[+] Searching forensic artefacts...
[+] Found 616 hits
./chainsaw <snip>  234.79s user 6.54s system 631% cpu 38.205 total

@FranticTyping
Copy link
Collaborator Author

FranticTyping commented Dec 21, 2024

@alexkornitzer - Can I get your review on this?

@FranticTyping FranticTyping force-pushed the feat/speed_improvements branch from 5197d6e to 55e86de Compare December 21, 2024 19:51
@FranticTyping FranticTyping changed the title feat: implement rayon for search and hunt feat: implement rayon for search Dec 21, 2024
@alexkornitzer
Copy link
Collaborator

alexkornitzer commented Dec 22, 2024

If we are happy with out of order hits then, yep this is fine with me

@FranticTyping FranticTyping merged commit cb86aac into master Dec 22, 2024
@alexkornitzer alexkornitzer deleted the feat/speed_improvements branch March 23, 2025 09:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexkornitzer alexkornitzer Awaiting requested review from alexkornitzer alexkornitzer is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@FranticTyping @alexkornitzer