Evidence: VIPRE Logs
Description: Collect VIPRE Logs
Category: Applications
Platform: windows
Short Name: vprls
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
VIPRE (formerly GFI AntiMalware and Sunbelt AntiMalware) is a business security solution that maintains logs across multiple product iterations. It stores logs in both system-wide ProgramData and user-specific AppData locations.
Data Collected
This collector gathers structured data about vipre logs.
Collection Method
This collector gathers VIPRE logs from current and legacy installations including VIPRE Business Agent, GFI Software AntiMalware, and Sunbelt Software AntiMalware directories.
Forensic Value
VIPRE logs provide evidence of malware detections, business endpoint security events, and threat activities across different product versions. They're valuable for investigating security incidents in business environments.
