Supported Evidence

These pages categorize the supported evidence and artifacts by OS, indicating whether each item is parsed and presented in the Investigation Hub and/or if the associated file is collected.

Windows Collections macOS Collections Linux Collections IBM AIX Collections

The table below provides a count of the currently supported evidence and artefact items

Collection Type:

File Count

Windows artifact

119

Windows evidence

191

macOS artifact

macOS evidence

175

Linux artifact

Linux evidence

135

AIX artifact

AIX evidence

Grand Total

698

PreviousAcquisition Profiles NextWindows Collections

Last updated 1 month ago

Was this helpful?