View data and descriptions of evidence in the service information category collected from Linux endpoints.
The following table contains descriptions of the evidence data in the service information
category that the Collect Evidence task and Trend Micro Incident Response Toolkit may collect from Linux endpoints. These evidence types appear in columns after selecting
an evidence category when examining an Evidence Report.
|
Evidence Type
|
Evidence Data
|
Description
|
|
Autostart entries
|
Group
|
The autorun entry type
|
|
Name
|
The name or phrase used to identify the entry
|
|
|
Launch command
|
The full file path of the entry or the associated executable command
|
|
|
Location
|
The parent folder containing the command in the file system
|
|
|
File info
|