# System Controls

## Overview

**Evidence:** System Controls\
**Description:** Collect system controls\
**Category:** System\
**Platform:** linux\
**Short Name:** syscntrls\
**Is Parsed:** Yes\
**Sent to Investigation Hub:** Yes\
**Collect File(s):** No

## Background

This collector gathers system controls (sysctl) information from the Linux system. This data is essential for understanding kernel and system tuning parameters and detecting unauthorized changes.

## Data Collected

This collector gathers structured data about system controls.

## Collection Method

This collector parses sysctl configuration files and current values, recording them into the `system_controls` table.

## Forensic Value

This evidence is crucial for forensic investigations as it reveals system tuning parameters and changes that might indicate persistence or hardening bypasses.