Install Logs

Overview

Evidence: Install Logs Description: Collect Install Logs Category: System Platform: aix Short Name: instl Is Parsed: No Sent to Investigation Hub: Yes Collect File(s): Yes

Background

macOS install logs record software installation activities including package installations, updates, and application deployments. These logs track what software was installed, when, and by whom.

Data Collected

This collector gathers structured data about install logs.

Collection Method

This collector gathers installation log files from /var/log/install*, which contains records of all software installations and updates performed on the system.

Forensic Value

Install logs are valuable for tracking unauthorized software installations, understanding system configuration changes, identifying malicious software deployment, and establishing timelines of system modifications.