Deep Instinct Logs
Overview
Section titled “Overview”Evidence: Deep Instinct Logs
Description: Collect Deep Instinct Logs
Category: Applications
Platform: windows
Short Name: dpnstncl
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
Section titled “Background”Deep Instinct is an AI-powered endpoint security solution that uses deep learning for threat prevention. It logs detections and prevention actions in ETL (Event Trace Log) format for detailed analysis.
Data Collected
Section titled “Data Collected”This collector gathers structured data about deep instinct logs.
Collection Method
Section titled “Collection Method”This collector gathers Deep Instinct ETL log files from the ProgramData directory, which contain threat detection and prevention events captured by the deep learning engine.
Forensic Value
Section titled “Forensic Value”Deep Instinct logs provide insights into AI-detected threats, zero-day attack prevention, and behavioral anomalies. They’re valuable for investigating advanced malware and understanding threats that traditional signatures might miss.