Add WhatsApp log files artifact

[mpolastro]

Description

This artifact parses WhatsApp internal event log files, extracting relevant metadata and activity records that help understand application behavior and user interaction over time, supporting forensic timeline analysis.

In addition, when the WhatsApp database (wa.db) is available, the script attempts to correlate log entries with contact information by matching phone number suffixes, suggesting the most probable contact related to a given action.

Targeted files

• */com.whatsapp/files/Logs/whatsapp-YYYY-MM-DD.1.log
• */com.whatsapp/files/Logs/whatsapp-YYYY-MM-DD.1.log.gz
• */com.whatsapp/databases/wa.db

Extracted data

• Event types (e.g., message sent, received, deleted, conversation window focus)
• Associated timestamps
• Log line context and source file name
• Suggested related contact (when wa.db is available)

Notes

• Follows the ALEAPP artifact structure
• Uses best-effort database schema discovery to support different WhatsApp versions
• Tested using local sample logs and databases

Suggestions and feedback are welcome.

Note: This PR supersedes a previous PR targeting an older ALEAPP version.