Changed systemd_journal parser to support zstd compressed files (log2…

…timeline#4746)

.github/workflows/test_docker.yml

@@ -18,7 +18,7 @@ jobs:
     - name: Install dependencies
       run: |
         dnf copr -y enable @gift/dev
-        dnf install -y @development-tools python3 python3-devel libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-XlsxWriter python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-dtfabric python3-fakeredis python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-psutil python3-pyparsing python3-pytsk3 python3-pytz python3-pyxattr python3-pyyaml python3-redis python3-requests python3-setuptools python3-six python3-urllib3 python3-yara python3-zmq
+        dnf install -y @development-tools python3 python3-devel libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-XlsxWriter python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-dtfabric python3-fakeredis python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-psutil python3-pyparsing python3-pytsk3 python3-pytz python3-pyxattr python3-pyyaml python3-redis python3-requests python3-setuptools python3-six python3-urllib3 python3-yara python3-zmq python3-zstd
     - name: Run tests
       env:
         LANG: C.utf8
@@ -58,7 +58,7 @@ jobs:
       run: |
         add-apt-repository -y ppa:gift/dev
         apt-get update -q
-        apt-get install -y build-essential python3 python3-dev libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq
+        apt-get install -y build-essential python3 python3-dev libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq python3-zstd
     - name: Run tests
       env:
         LANG: en_US.UTF-8

.github/workflows/test_docs.yml

@@ -36,7 +36,7 @@ jobs:
         add-apt-repository -y ppa:deadsnakes/ppa
         add-apt-repository -y ppa:gift/dev
         apt-get update -q
-        apt-get install -y build-essential git libffi-dev python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-pip python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq
+        apt-get install -y build-essential git libffi-dev python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-pip python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq python3-zstd
     - name: Install tox
       run: |
         python3 -m pip install tox

.github/workflows/test_tox.yml

@@ -44,7 +44,7 @@ jobs:
         add-apt-repository -y ppa:deadsnakes/ppa
         add-apt-repository -y ppa:gift/dev
         apt-get update -q
-        apt-get install -y build-essential git libffi-dev python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-pip python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq
+        apt-get install -y build-essential git libffi-dev python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-pip python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq python3-zstd
     - name: Install tox
       run: |
         python3 -m pip install tox
@@ -80,7 +80,7 @@ jobs:
         add-apt-repository -y ppa:deadsnakes/ppa
         add-apt-repository -y ppa:gift/dev
         apt-get update -q
-        apt-get install -y build-essential git libffi-dev python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-pip python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq
+        apt-get install -y build-essential git libffi-dev python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-pip python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq python3-zstd
     - name: Install tox
       run: |
         python3 -m pip install tox
@@ -118,7 +118,7 @@ jobs:
         add-apt-repository -y ppa:deadsnakes/ppa
         add-apt-repository -y ppa:gift/dev
         apt-get update -q
-        apt-get install -y build-essential git libffi-dev python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-pip python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq
+        apt-get install -y build-essential git libffi-dev python${{ matrix.python-version }} python${{ matrix.python-version }}-dev python${{ matrix.python-version }}-venv libbde-python3 libcaes-python3 libcreg-python3 libesedb-python3 libevt-python3 libevtx-python3 libewf-python3 libfsapfs-python3 libfsext-python3 libfsfat-python3 libfshfs-python3 libfsntfs-python3 libfsxfs-python3 libfvde-python3 libfwnt-python3 libfwsi-python3 liblnk-python3 libluksde-python3 libmodi-python3 libmsiecf-python3 libolecf-python3 libphdi-python3 libqcow-python3 libregf-python3 libscca-python3 libsigscan-python3 libsmdev-python3 libsmraw-python3 libssl-dev libvhdi-python3 libvmdk-python3 libvsgpt-python3 libvshadow-python3 libvslvm-python3 python3-acstore python3-artifacts python3-bencode python3-certifi python3-cffi-backend python3-chardet python3-cryptography python3-dateutil python3-defusedxml python3-dfdatetime python3-dfvfs python3-dfwinreg python3-distutils python3-dtfabric python3-fakeredis python3-flor python3-future python3-idna python3-lz4 python3-mock python3-opensearch python3-pefile python3-pip python3-psutil python3-pyparsing python3-pytsk3 python3-pyxattr python3-redis python3-requests python3-setuptools python3-six python3-tz python3-urllib3 python3-xlsxwriter python3-yaml python3-yara python3-zmq python3-zstd
     - name: Install tox
       run: |
         python3 -m pip install tox

config/appveyor/install.ps1

@@ -1,6 +1,6 @@
 # Script to set up tests on AppVeyor Windows.
 
-$Dependencies = "PyYAML XlsxWriter acstore artifacts bencode certifi cffi chardet cryptography dateutil defusedxml dfdatetime dfvfs dfwinreg dtfabric fakeredis future idna libbde libcaes libcreg libesedb libevt libevtx libewf libfsapfs libfsext libfsfat libfshfs libfsntfs libfsxfs libfvde libfwnt libfwsi liblnk libluksde libmodi libmsiecf libolecf libphdi libqcow libregf libscca libsigscan libsmdev libsmraw libvhdi libvmdk libvsgpt libvshadow libvslvm lz4 mock opensearch-py pefile psutil pyparsing pytsk3 pytz pyzmq redis requests six urllib3 xattr yara-python"
+$Dependencies = "PyYAML XlsxWriter acstore artifacts bencode certifi cffi chardet cryptography dateutil defusedxml dfdatetime dfvfs dfwinreg dtfabric fakeredis future idna libbde libcaes libcreg libesedb libevt libevtx libewf libfsapfs libfsext libfsfat libfshfs libfsntfs libfsxfs libfvde libfwnt libfwsi liblnk libluksde libmodi libmsiecf libolecf libphdi libqcow libregf libscca libsigscan libsmdev libsmraw libvhdi libvmdk libvsgpt libvshadow libvslvm lz4 mock opensearch-py pefile psutil pyparsing pytsk3 pytz pyzmq redis requests six urllib3 xattr yara-python zstd"
 
 If ($Dependencies.Length -gt 0)
 {