View data and descriptions of evidence in the basic information category collected from Linux endpoints.
The following table contains descriptions of the evidence data in the
basic information category that may be collected from Linux endpoints by the Collect Evidence task and Trend Micro Incident
Response Toolkit. These evidence types are displayed in columns after selecting an
evidence category when examining an Evidence
Report.
|
Evidence Type
|
Evidence Data
|
Description
|
|
System information
|
Host name
|
The standard host name of the current machine
|
|
Uptime
|
The time since boot in seconds
|
|
|
Boot time
|
The time at which the system booted
|
|
|
Install time
|
The time and date the system was installed
|
|
|
Machine ID
|
The unique machine ID corresponding to the local system
|
|
|
System architecture
|
The hardware type on which the system is running
|
|
|
Physical memory (KB)
|
The total usable RAM in kilobytes
|
|
|
CPU physical cores
|
The total number of system physical CPU cores
|
|
|
OS version
|
Distribution
|
The name of the operating system distribution
|
|
Parent distribution
|
The names of closely related operating system distributions that the current
system may derive from
|
|
|
Platform
|
The name or ID of the operating system excluding version information
|
|
|
Version
|
The operating system version
|
|
|
Interface details
|
MAC
|
The MAC address for the associated system hardware
|
|
Name
|
The name of the hardware interface
|
|
|
Type
|
The hardware address type
|
|
|
Interface address
|
MAC
|
The MAC address for the associated hardware adapter if any
|
|
Name
|
The name of the hardware interface
|
|
|
Address
|
The associated IP address of the interface
|
|
|
Mask
|
The subnet mask associated with the interface address
|
|
|
Type
|
The address format
|
|
|
Volume information
|
Path
|
The prefix of the file system path if any
|
|
Name
|
The name of the currently mounted file system
|
|
|
Mount type
|
The type of file system mounted
|
|
|
Total size (KB)
|
The total size of the file system in kilobytes
|
|
|
Total free (KB)
|
The total available size of the file system in kilobytes
|
|
|
Packages
|
Name
|
The name of the package
|
|
Description
|
The description of the package
|
|
|
Version
|
The package version
|