# System ## Overview **Evidence:** System\ **Description:** System\ **Category:** System\ **Platform:** esxi\ **Short Name:** sys\ **Is Parsed:** Yes\ **Sent to Investigation Hub:** Yes\ **Collect File(s):** No ## Background ESXi host system information summarizes platform identity, kernel details, time settings, proxy configuration, and hardware identifiers. This provides baseline context for the hypervisor under investigation. ## Data Collected This collector gathers structured data about system. ### System Data | Field | Description | Example | | ---------------------- | --------------------- | ------------------------- | | `AccessTime` | Access Time | 2023-10-15 14:30:25+03:00 | | `AccessCount` | Access Count | 123 | | `URL` | URL | Example value | | `Browser` | Browser | Example value | | `Title` | Title | Example value | | `VisitDuration` | Visit Duration | Example value | | `Referrer` | Referrer | Example value | | `TypedCount` | Typed Count | 123 | | `IsHidden` | Is Hidden | true | | `TransitionType` | Transition Type | Example value | | `VisitID` | Visit ID | 123 | | `TransitionQualifiers` | Transition Qualifiers | Example value | | `User` | User | Example value | | `Profile` | Profile | Example value | | `HistoryFilePath` | History File Path | Example value | ## Collection Method This collector parses a pre-generated system information text artifact (system\_info.txt) from the case content, extracting fields such as computer name, UUID, serial, OS version, kernel details, proxy settings, architecture, platform, and time data. ## Forensic Value System metadata establishes host identity and environment, enabling correlation across artifacts, validating time sources, and supporting scoping in multi-host investigations.