TeamViewer Logs

Overview

Evidence: Teamviewer Logs Description: Collect Teamviewer Connection Logs Category: Applications Platform: windows Short Name: tml Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

TeamViewer is a widely-used remote desktop and support software. It maintains extensive logs of connections, file transfers, and recent connections (MRU). Connection logs contain partner IDs, session times, and access details.

Data Collected

This collector gathers structured data about teamviewer logs.

Collection Method

This collector gathers TeamViewer logs, connection text files, and MRU (Most Recently Used) connection history from both installation and user profile directories.

Forensic Value

TeamViewer logs are critical for investigating unauthorized remote access, as the software is frequently abused by attackers for initial access and persistence. Logs reveal connection partners, session times, file transfers, and can link to specific TeamViewer IDs used by threat actors.

PreviousTCP Table NextTelegram Desktop Data

Last updated 3 days ago

Was this helpful?