IBM AIX Collections

#

Evidence (click for details)

Category

Parsed

Sent to the Investigation Hub

Raw Files Collected

1

Auth Logs

System

No

No

Yes

2

Boot Logs

System

No

No

Yes

3

Cron Jobs

System

Yes

Yes

No

4

DHCP Server Logs

Applications

No

No

Yes

5

DNS Resolvers

Network

Yes

Yes

No

6

File System Enumeration

DiskFilesystem

Yes

No

No

7

Hosts

Network

Yes

Yes

No

8

Log Files

System

Yes

Yes

No

9

Mail Logs

System

No

No

Yes

10

Mounts

DiskFilesystem

Yes

Yes

No

11

MySQL Logs

Applications

No

No

Yes

12

Processes

System

Yes

Yes

No

13

SSH Authorized Keys

Network

Yes

Yes

No

14

SSH Configs

Network

Yes

Yes

No

15

SSH Known Hosts

Network

Yes

Yes

No

16

SSH Server Logs

Applications

No

No

Yes

17

SSHD Configs

Network

Yes

Yes

No

18

SUID Binaries

System

Yes

Yes

No

19

Shell History

System

Yes

Yes

No

20

System Artifacts

System

Yes

Yes

No

21

System Logs

System

No

No

Yes

22

ULimit Information

System

Yes

Yes

No

23

User Groups

System

Yes

Yes

No

24

Users

System

Yes

Yes

No

25

YUM History

System

Yes

Yes

No

26

YUM Sources

System

Yes

Yes

No