Wifi Logs
Overview
Section titled “Overview”Evidence: Wifi Logs
Description: Collect Wifi Logs
Category: Network
Platform: macos
Short Name: wifil
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
Section titled “Background”macOS WiFi logs contain wireless network connection events, authentication attempts, network transitions, and WiFi-related errors. These logs track all wireless network activity on the system.
Data Collected
Section titled “Data Collected”This collector gathers structured data about wifi logs.
Collection Method
Section titled “Collection Method”This collector gathers WiFi log files from /var/log/wifi*, which includes detailed wireless network connection logs, authentication events, and network diagnostics.
Forensic Value
Section titled “Forensic Value”WiFi logs help establish device location history through network connections, identify unauthorized network access attempts, track network-based attacks, and reconstruct user movement and connectivity patterns.