# Messages

## Overview

**Evidence:** Messages\
**Description:** Collect Messages Logs\
**Category:** System\
**Platform:** linux\
**Short Name:** msgs\
**Is Parsed:** No\
**Sent to Investigation Hub:** No\
**Collect File(s):** Yes

## Background

The messages log is the primary system log on Red Hat-based distributions (RHEL, CentOS, Fedora). It contains general system messages, informational messages, and non-critical system events from various services and daemons.

## Data Collected

This collector gathers structured data about messages.

## Collection Method

This collector gathers messages log files from /var/log/messages\*, including rotated archives, which contain system-wide event logs.

## Forensic Value

Messages logs are essential for investigating system activities, service operations, hardware events, and security incidents on Red Hat-based systems. They provide crucial timeline data for forensic investigations.