Parallels Logs
Overview
Section titled “Overview”Evidence: Parallels Logs
Description: Collect Parallels Logs
Category: Applications
Platform: aix
Short Name: prllgs
Is Parsed: No
Sent to Investigation Hub: Yes
Collect File(s): Yes
Background
Section titled “Background”Parallels Desktop is a virtualization solution for macOS that runs Windows and other operating systems. It maintains logs of VM operations, errors, crashes, and problem reports in both user-specific and system-wide locations.
Data Collected
Section titled “Data Collected”This collector gathers structured data about parallels logs.
Collection Method
Section titled “Collection Method”This collector gathers Parallels logs from user Library directories (parallels.log and Problem Reports) and system-wide Library logs, capturing VM activities and diagnostic information.
Forensic Value
Section titled “Forensic Value”Parallels logs are valuable for investigating VM-based attacks, malware analysis environments, data exfiltration through VMs, and understanding virtualized system activities. They reveal VM usage patterns, guest OS activities, and potential abuse of virtualization for evasion.