Sophos Logs

Overview

Evidence: Sophos Logs Description: Collect Sophos Logs Category: System Platform: macOS Short Name: splgs Is Parsed: Yes Sent to Investigation Hub: Yes Collect File(s): No

Background

This collector gathers sophos logs information from the macOS system. This data is essential for understanding system activity, detecting security incidents, and investigating system-related events.## Data Collected

This collector gathers structured data about sophos logs.

Sophos Logs Data

Field
Description
Example

ID

Primary key (auto-increment)

1

LogFile

Log file path

/var/log/application.log

Timestamp

Log entry timestamp

2023-10-15 14:30:25

Level

Log level

INFO

Message

Log message content

Application started successfully

Source

Log source

Application

ProcessID

Process ID

1234

ThreadID

Thread ID

1

Notes

This data may contain sensitive information that should be handled according to data protection requirements. Ensure proper chain of custody is maintained during collection and analysis.

Last updated

Was this helpful?