Skip to content
AIR Knowledge Base

Eset Logs

Overview

Section titled “Overview”

Evidence: Eset Logs
Description: Collect Eset Logs
Category: Applications
Platform: windows
Short Name: esttls
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes

Background

Section titled “Background”

ESET NOD32 is a popular antivirus solution that maintains detailed logs of virus detections, system scans, and real-time protection events. The virlog.dat file contains virus detection history and threat information.

Data Collected

Section titled “Data Collected”

This collector gathers structured data about eset logs.

Collection Method

Section titled “Collection Method”

This collector gathers ESET log files from both legacy Application Data and current ProgramData locations, including the virlog.dat file that tracks all virus detections.

Forensic Value

Section titled “Forensic Value”

ESET logs are valuable for identifying malware detections, analyzing threat timelines, understanding attack vectors, and verifying security responses. The virlog.dat file provides historical virus detection data crucial for incident reconstruction.