Supported Evidence

These pages categorize the supported evidence and artifacts by OS, indicating whether each item is parsed and presented in the Investigation Hub and/or if the associated file is collected.

Windows Collections macOS Collections Linux Collections IBM AIX Collections ESXi Collections

The table below provides a count of the currently supported evidence and artefact items

Collection Platform:

Item Count

Windows

317

macOS

216

Linux

165

IBM AIX

ESXi

Grand Total

759

PreviousAcquisition Profiles NextWindows Collections

Last updated 6 days ago

Was this helpful?