Collect SRUM Database Files
Overview
Section titled “Overview”Evidence: Collect SRUM Database Files
Description: Collect System Resource Usage Monitor (SRUM) database files.
Category:
Platform: windows
Short Name: srumcol
Is Parsed: No
Sent to Investigation Hub: Yes
Collect File(s): No
Data Collected
Section titled “Data Collected”This collector gathers structured data about collect srum database files.
Collect SRUM Database Files Data
Section titled “Collect SRUM Database Files Data”| Field | Description | Example |
|---|---|---|
Path | Full path to SRUM file | C:\Windows\System32\file.ext |
CreationTime | File creation timestamp | 2023-10-15 14:30:25 |
AccessTime | File last access timestamp | 2023-10-15 14:30:25 |
WriteTime | File last write timestamp | 2023-10-15 14:30:25 |
Size | File size in bytes | 1024 |
CollectionMethod | File access method used (OS/NTFS) | Example value |
CollectionTime | When this file was collected | 2023-10-15 14:30:25 |