Docker Containers

Overview

Evidence: Docker Containers Description: Collect Docker Containers. Category: Containers Platform: macOS Short Name: dockcontainers Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

Docker container information provides details about containerized applications, their configurations, and runtime data. This data is essential for understanding containerized workloads, detecting container-based attacks, and investigating container security incidents.## Data Collected

This collector gathers structured data about docker containers.

Docker Containers Data

Field

Description

Example

ID

Primary key (auto-increment)

ContainerID

Container ID

abc123def456

Name

Container name

web-server

Image

Docker image

nginx:latest

Status

Container status

running

Created

Creation timestamp

2023-10-15 14:30:25

Ports

Exposed ports

80:8080

Command

Container command

/bin/bash

Notes

This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.

PreviousDocker Container Logs NextDocker Image History

Last updated 13 minutes ago

Was this helpful?