Sophos Logs
Overview
Evidence: Sophos Logs Description: Collect Sophos Logs Category: System Platform: macOS Short Name: splgs Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No
Background
This collector gathers sophos logs information from the macOS system. This data is essential for understanding system activity, detecting security incidents, and investigating system-related events.## Data Collected
This collector gathers structured data about sophos logs.
Sophos Logs Data
ID
Primary key (auto-increment)
1
LogFile
Log file path
/var/log/application.log
Timestamp
Log entry timestamp
2023-10-15 14:30:25
Level
Log level
INFO
Message
Log message content
Application started successfully
Source
Log source
Application
ProcessID
Process ID
1234
ThreadID
Thread ID
1
Notes
This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.
Last updated
Was this helpful?