Evidence: UltraVNC Logs
Description: Collect UltraVNC Application Specific Log Files
Category: Applications
Platform: windows
Short Name: ultravnclgs
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
UltraVNC is an open-source remote desktop application that logs connection events, authentication attempts, and session activities. It's commonly used for remote support and administration.
Data Collected
This collector gathers structured data about ultravnc logs.
Collection Method
This collector gathers UltraVNC log files from ProgramData directories containing connection and session information.
Forensic Value
UltraVNC logs help identify remote desktop sessions, authentication attempts, and connection patterns. They're valuable for investigating unauthorized remote access and lateral movement.
