# FireEye Logs

## Overview

**Evidence:** FireEye Logs\
**Description:** Collect FireEye Logs\
**Category:** Applications\
**Platform:** windows\
**Short Name:** fryl\
**Is Parsed:** No\
**Sent to Investigation Hub:** No\
**Collect File(s):** Yes

## Background

FireEye Endpoint Security (xAgent) is an enterprise EDR solution that provides advanced threat detection, behavioral analysis, and incident response capabilities. The xagt component stores threat intelligence and detection data in database files.

## Data Collected

This collector gathers structured data about fireeye logs.

## Collection Method

This collector gathers FireEye xAgent database files from ProgramData, which contain EDR events, threat detections, behavioral analysis, and endpoint telemetry.

## Forensic Value

FireEye databases are essential for advanced threat investigations, providing EDR visibility, behavioral analysis, IOC detections, and threat intelligence correlation. They're critical for investigating APT activities and sophisticated attacks.