Supported Evidence

These pages categorize the supported evidence and artifacts by OS, indicating whether each item is parsed and presented in the Investigation Hub and/or if the associated file is collected.

Windows Collections macOS Collections Linux Collections IBM AIX Collections ESXi Collections

The table below provides a count of the currently supported evidence and artefact items

Collection Platform:

Item Count

Windows

313

macOS

208

Linux

170

IBM AIX

ESXi

Grand Total

741

PreviousAcquisition Profiles NextWindows Collections

Last updated 10 days ago

Was this helpful?