File System Enumeration as CSV

Overview

Evidence: File System Enumeration as CSV Description: Dump file and folder information as CSV. Group: DiskFilesystem Sub Group: Disk & File System Platform: linux Short Name: fsenum Is Parsed: Yes Sent to Investigation Hub: No Collect Raw File(s): No Collect as CSV File: Yes

Background

File system enumeration provides comprehensive information about files, directories, and file system structure on Unix-like systems. This data is essential for understanding file system state and detecting unauthorized file modifications.

Data Collected

This collector gathers structured data about file system enumeration as csv.

File System Enumeration as CSV Data

Field

Description

Example

GroupId

Group Id

123

UserId

User Id

123

Mode

Mode

123

Dev

Dev

123

Nlink

Nlink

123

Size

Size

123

Ino

Ino

123

Path

Path

Example value

LastChangeTime

Last Change Time

2023-10-15 14:30:25+03:00

AccessTime

Access Time

2023-10-15 14:30:25+03:00

ModificationTime

Modification Time

2023-10-15 14:30:25+03:00

Collection Method

This collector enumerates the file system and records metadata to the file_system_enumeration table.

Forensic Value

This evidence is crucial for forensic investigations as it provides file system information. It helps investigators understand file system state, detect unauthorized file modifications, and investigate file-based attacks. The data can reveal file changes, directory structures, and potential file system vulnerabilities.

PreviousFailed Login Attempts NextFirefox Browsing History

Last updated 1 month ago

Was this helpful?

hashtagOverview

hashtagBackground

hashtagData Collected

hashtagFile System Enumeration as CSV Data

hashtagCollection Method

hashtagForensic Value

Overview

Background

Data Collected

File System Enumeration as CSV Data

Collection Method

Forensic Value