Announcements
Current CVEs
Documentation
Velociraptor Overview
History
Support Policy
Deployment
Self-Signed SSL
Cloud Deployment
Multi-Frontend
Organizations
Deploying Clients
Security
Performance
Troubleshooting
Config Reference
The Admin GUI
Inspecting clients
The VFS
Artifacts
Hunting
VQL Fundamentals
Notebooks
Artifacts
JOIN in VQL
Event Queries
Forensic Analysis
Searching Filenames
Velociraptor Paths
Remapping Accessors
Searching Content
NTFS Analysis
Binary parsing
Evidence Of Execution
Event Logs
Volatile State
Triage and acquisition
Remote Uploads
Client Monitoring
Extending VQL
Server Automation
Server API
Server Monitoring
Downloads
VQL Reference
Basic VQL
Linux Specific
Windows Specific
Parsers
Server Side
Client Side
Event Plugins
Experimental
Misc
Accessors
Training
Playbooks
Blog
Presentations
Linux Conf Au 2022
Auscert 2022
SANS Summit 2022
Velocon 2022
DFRWS APAC 2022
EverythingOpen 2023
VeloCON 2023
Auscert 2024
Auscert 2024 Talk
Artifact Exchange
Artifact Reference
Knowledge Base
Search
Github
Discord
YouTube
Mailing List
RSS
Rapid7 Docs
parse_journald
parse_journald
Description
parse_journald
Plugin
Arg
Description
Type
filename
A list of journal log files to parse.
list of OSPath (required)
accessor
The accessor to use.
string
raw
Emit raw events (no parsed).
bool
Required Permissions:
FILESYSTEM_READ
Description
Parse a journald file.