IBM AIX Collections
AIR supports the following IBM AIX Evidence and Artifacts
IBM AIX Evidence List
1
System
Cron Jobs
Collect cron jobs
2
System
ULimit Information
Collect ulimit information
3
Disk
Mounts
Collect mounts
4
File System
File System Enumeration
Dump file and folder information.
5
Processes
Processes
Collect process list
6
Users
User Groups
Collect user group list
7
Users
Users
Collect user list
8
SSH
SSH Known Hosts
Collect SSH known hosts
9
SSH
SSH Authorized Keys
Collect SSH authorized keys
10
SSH
SSH Configs
Collect SSH configurations
11
SSH
SSHD Configs
Collect SSHD configurations
12
Network
Hosts
Collect hosts
13
Network
DNS Resolvers
Collect DNS resolvers
14
Other Evidence
YUM Sources
Collect YUM sources
15
Other Evidence
YUM History
Collect YUM history
16
Other Evidence
SUID Binaries
Collect SUID binaries
17
Other Evidence
Shell History
Collect shell history
18
Other Evidence
System Artifacts
Collect system artifacts (Files of collected evidence. For example: /etc/passwd file)
19
Other Evidence
Log Files
Collect log files under /var/log/
IBM AIX Artifact List
1
Server
MySQL Logs
Collect MySQL Logs
2
Server
SSH Server Logs
Collect SSH Server Logs
3
Server
DHCP Server Logs
Collect DHCP Server Logs
4
System
System Logs
Collect System Logs
5
System
Auth Logs
Collect Auth Logs
6
System
Boot Logs
Collect Boot Logs
7
System
Mail Logs
Collect Mail Logs
Last updated
Was this helpful?