Views:

View data and descriptions of evidence in the service information category collected from Linux endpoints.

The following table contains descriptions of the evidence data in the service information category that may be collected from Linux endpoints by the Collect Evidence task and Trend Micro Incident Response Toolkit. These evidence types are displayed in columns after selecting an evidence category when examining an Evidence Report.
Evidence Type
Evidence Data
Description
Autostart entries
Group
The autorun entry type
Name
The name or phrase used to identify the entry
Launch command
The full file path of the entry or the associated executable command
Location
The parent folder containing the command in the file system
File info