System

Overview

Evidence: System
Description: System
Category: System
Platform: esxi
Short Name: sys
Is Parsed: Yes
Sent to Investigation Hub: Yes
Collect File(s): No

Background

ESXi host system information summarizes platform identity, kernel details, time settings, proxy configuration, and hardware identifiers. This provides baseline context for the hypervisor under investigation.

Data Collected

This collector gathers structured data about system.

System Data

Field	Description	Example
`AccessTime`	Access Time	2023-10-15 14:30:25+03:00
`AccessCount`	Access Count	123
`URL`	URL	Example value
`Browser`	Browser	Example value
`Title`	Title	Example value
`VisitDuration`	Visit Duration	Example value
`Referrer`	Referrer	Example value
`TypedCount`	Typed Count	123
`IsHidden`	Is Hidden	true
`TransitionType`	Transition Type	Example value
`VisitID`	Visit ID	123
`TransitionQualifiers`	Transition Qualifiers	Example value
`User`	User	Example value
`Profile`	Profile	Example value
`HistoryFilePath`	History File Path	Example value

Collection Method

This collector parses a pre-generated system information text artifact (system_info.txt) from the case content, extracting fields such as computer name, UUID, serial, OS version, kernel details, proxy settings, architecture, platform, and time data.

Forensic Value

System metadata establishes host identity and environment, enabling correlation across artifacts, validating time sources, and supporting scoping in multi-host investigations.