Turbinia is an open-source framework that automates and scales digital forensic workloads by distributing and parallelizing forensic processing tasks.
Automation and Scaling of Digital Forensics Tools
Turbinia is primarily used by incident responders and digital forensic analysts to automate the processing of large volumes of forensic evidence, especially in cloud or hybrid environments. It helps reduce response time by parallelizing forensic tool execution and managing distributed workloads efficiently.
Turbinia is currently in Alpha release and is in maintenance mode with no new features planned; users are encouraged to consider OpenRelik for future projects. It requires a messaging backend (Kombu) and task scheduler (Celery) to operate. Proper configuration of server, API server, and workers is essential for distributed processing. Best suited for cloud or hybrid environments where scaling forensic workloads is necessary.
Follow the installation guide at https://turbinia.readthedocs.io/en/latest/user/install.html
Install turbinia-client via pip: pip install turbinia-clientturbiniactl server
Starts the Turbinia server component
turbiniactl api_server
Starts the Turbinia API server component (required when using Celery)
turbiniactl celeryworker
Starts one or more Turbinia worker processes to execute forensic tasks
turbinia-client submit ${evidencetype}
Submits evidence of a specified type to Turbinia for processing
turbinia-client status
Checks the status of running forensic processing tasks
turbinia-client -h
Displays help and usage information for the Turbinia client