Collect SRUM Database Files

Overview

Evidence: Collect SRUM Database Files Description: Collect System Resource Usage Monitor (SRUM) database files. Category: Platform: windows Short Name: srumcol Is Parsed: No Sent to Investigation Hub: Yes Collect File(s): No

Data Collected

This collector gathers structured data about collect srum database files.

Collect SRUM Database Files Data

Field

Description

Example

Path

Full path to SRUM file

C:\Windows\System32\file.ext

CreationTime

File creation timestamp

2023-10-15 14:30:25

AccessTime

File last access timestamp

2023-10-15 14:30:25

WriteTime

File last write timestamp

2023-10-15 14:30:25

Size

File size in bytes

1024

CollectionMethod

File access method used (OS/NTFS)

Example value

CollectionTime

When this file was collected

2023-10-15 14:30:25

PreviousCollect LNK Files NextComboFix

Last updated 16 days ago

Was this helpful?