TightVNC Logs
Overview
Section titled “Overview”Evidence: TightVNC Logs
Description: Collect TightVNC Application Logs
Category: Applications
Platform: windows
Short Name: tthtvnclg
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes
Background
Section titled “Background”TightVNC is an open-source remote desktop software that logs server connections and session activity. These logs track which clients connected, when, and what actions were performed during remote sessions.
Data Collected
Section titled “Data Collected”This collector gathers structured data about tightvnc logs.
Collection Method
Section titled “Collection Method”This collector gathers TightVNC server log files from the ProgramData directory containing connection and session records.
Forensic Value
Section titled “Forensic Value”TightVNC logs help identify unauthorized remote access, track remote session activity, and establish timelines for remote desktop connections. This is useful for detecting compromised systems and lateral movement.