Splashtop Logs
Overview
Section titled “Overview”Evidence: Splashtop Logs
Description: Collect Splashtop Application Logs
Category: Applications
Platform: windows
Short Name: splstthwndlgs
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
Section titled “Background”Splashtop is a remote desktop and support application that maintains detailed logs of remote sessions, connections, and streaming activities. It’s widely used for remote access and support.
Data Collected
Section titled “Data Collected”This collector gathers structured data about splashtop logs.
Collection Method
Section titled “Collection Method”This collector gathers Splashtop log files from ProgramData temp directories and installation directories, collecting connection and session records.
Forensic Value
Section titled “Forensic Value”Splashtop logs reveal remote access sessions, connection times, user activities, and can identify unauthorized remote access or data exfiltration through remote desktop tools.