# Action1 RMM Logs

## Overview

**Evidence:** Action1 RMM Logs\
**Description:** Collect Action1 RMM Logs\
**Category:** Applications\
**Platform:** windows\
**Short Name:** action1rmmlgs\
**Is Parsed:** No\
**Sent to Investigation Hub:** No\
**Collect File(s):** Yes

## Background

Action1 RMM is a remote monitoring and management platform that maintains logs of agent activities, remote commands, patch deployments, and system monitoring events.

## Data Collected

This collector gathers structured data about action1 rmm logs.

## Collection Method

This collector gathers Action1 log files from the Windows directory containing RMM agent activity and command execution records.

## Forensic Value

Action1 logs help investigate RMM-based attacks, identify executed commands, track software deployments, and reveal potential abuse of management tools for malicious purposes.