Edge User Profiles

Overview

Evidence: Edge User Profiles Description: Collect Edge User Profiles Category: Browser Platform: Cross-platform Short Name: eprfls Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

This collector gathers edge user profiles information from the system. This data is essential for forensic investigations and incident response.

Data Collected

This collector gathers structured data about edge user profiles.

Edge User Profiles Data

Field

Description

Example

ID

EndpointUserName

Endpoint User Name

Example Name

Profile

Profile

Example value

ProfileUserName

Profile User Name

Example Name

BrowserName

Browser Name

Example Name

BackgroundApps

Background Apps

true

GoogleAccountGivenName

Google Account Given Name

Example Name

GoogleAccountID

Google Account ID

Example value

GoogleAccountName

Google Account Name

Example Name

PictureFileName

Picture File Name

Example Name

LastDownloadedPictureURL

Last Downloaded Picture URL

Example value

HostedDomain

Hosted Domain

Example value

IsConsentedPrimaryAccount

Is Consented Primary Account

true

IsEphemeral

Is Ephemeral

true

Collection Method

This collector queries the eprfls table via osquery and parses the results into structured data.

Usage

This evidence is crucial for forensic investigations as it provides insights into system activity, user behavior, and potential security incidents.

Notes

This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.

PreviousChromium User Profiles NextOpera User Profiles

Last updated 1 hour ago

Was this helpful?