# Docker Info

## Overview

**Evidence:** Docker Info\
**Description:** Collect Docker Info.\
**Category:** Applications\
**Platform:** linux\
**Short Name:** dockinfo\
**Is Parsed:** Yes\
**Sent to Investigation Hub:** Yes\
**Collect File(s):** No

## Background

Docker system information provides configuration details about the Docker daemon including storage driver, kernel version, operating system, total containers/images, and resource limits. This metadata is crucial for understanding the Docker environment configuration and detecting anomalies.

## Data Collected

This collector gathers structured data about docker info.

## Collection Method

This collector queries the Docker daemon via Docker Engine API to retrieve system-wide information including version, storage driver, logging driver, plugins, security options, and resource constraints.

## Forensic Value

System-level Docker configuration reveals potential security weaknesses such as insecure registries, disabled security features, or resource exhaustion. This data helps investigators understand the Docker deployment model and identify misconfigurations that attackers may exploit.