F-Secure Logs
Overview
Section titled “Overview”Evidence: F-Secure Logs
Description: Collect F-Secure Logs
Category: Applications
Platform: windows
Short Name: fscrls
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
Section titled “Background”F-Secure is a comprehensive security solution that maintains logs for real-time protection, scheduled scans, and security events. It stores logs in both system-wide ProgramData and user-specific AppData locations, plus maintains event history and scan reports.
Data Collected
Section titled “Data Collected”This collector gathers structured data about f-secure logs.
Collection Method
Section titled “Collection Method”This collector gathers F-Secure log files from multiple locations including general logs, scheduled scan reports, and event history data from both system and user directories.
Forensic Value
Section titled “Forensic Value”F-Secure logs provide critical evidence of malware detections, security incidents, scan activities, and threat timeline reconstruction. Event history and scan reports are essential for understanding system security posture and investigating compromises.