Evidence: VMware Logs
Description: Collect VMware Logs
Category: Applications
Platform: windows
Short Name: vml
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
VMware maintains log files tracking VM operations, errors, and activities during virtual machine execution. These logs record VM lifecycle events and operational details.
Data Collected
This collector gathers structured data about vmware logs.
Collection Method
This collector gathers VMware log files from temporary directories containing VM operational logs and diagnostic information.
Forensic Value
VMware logs reveal VM usage times, operations performed, errors encountered, and can help establish timelines for VM-based activities including malware analysis or environment evasion.
