Supported Evidence

These pages categorize the supported evidence and artifacts by OS, indicating whether each item is parsed and presented in the Investigation Hub and/or if the associated file is collected.

https://github.com/binalyze-kb/temp/blob/main/usdproduct/features/acquisition/supported-evidence/windows-collections/README.md macOS Collections Linux Collections IBM AIX Collections

The table below provides a count of the currently supported evidence and artefact items

Collection Type:

File Count

Windows artifact

119

Windows evidence

191

macOS artifact

macOS evidence

175

Linux artifact

Linux evidence

135

AIX artifact

AIX evidence

Grand Total

698

PreviousScheduling Tasks NextIBM AIX Collections

Last updated 12 days ago

Was this helpful?