Edge Form History

Overview

Evidence: Edge Form History Description: Collect Edge Form History Category: Browser Platform: Cross-platform Short Name: efh Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

This collector gathers edge form history information from the system. This data is essential for forensic investigations and incident response.

Data Collected

This collector gathers structured data about edge form history.

Edge Form History Data

Field

Description

Example

ID

UserName

User Name

Example Name

BrowserName

Browser Name

Example Name

Name

Name

Example Name

Value

Value

Example value

ValueLower

Value Lower

Example value

Count

Count

Example value

Profile

Profile

Example value

Path

Path

/path/to/file

DateCreated

Date Created

2023-10-15 14:30:25

DateLastUsed

Date Last Used

2023-10-15 14:30:25

Collection Method

This collector queries the efh table via osquery and parses the results into structured data.

Usage

This evidence is crucial for forensic investigations as it provides insights into system activity, user behavior, and potential security incidents.

Notes

This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.

PreviousChromium Form History NextOpera Form History

Last updated 1 hour ago

Was this helpful?