Homebrew Logs
Overview
Section titled “Overview”Evidence: Homebrew Logs
Description: Collect Homebrew Logs
Category: Applications
Platform: macos
Short Name: hmbwl
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
Section titled “Background”Homebrew is a popular package manager for macOS that logs all package installations, updates, and operations. These logs track what software was installed via Homebrew, when, and any errors encountered during package management.
Data Collected
Section titled “Data Collected”This collector gathers structured data about homebrew logs.
Collection Method
Section titled “Collection Method”This collector gathers all Homebrew log files from user-specific Library/Logs/Homebrew directories, which contain detailed package management activity including installations, updates, and configurations.
Forensic Value
Section titled “Forensic Value”Homebrew logs are essential for tracking software installations, identifying unauthorized tool deployments, understanding attacker tool setup, and investigating system modifications. They reveal what hacking tools, utilities, or malicious packages were installed.