Plugin Reference¶
7zipaccount_policyacquireacquire.handlesacquire.hashesactivitiescacheactivityadpolicyalternateshellamcacheamcache.applaunchesamcache.application_filesamcache.applicationsamcache.device_containersamcache.driversamcache.filesamcache.generalamcache.programsamcache.shortcutsamcache_installanydeskanydesk.filetransferanydesk.logsapacheapache.accessapache.errorapache.hostsapache.logsappinitapplicationsappxdebugkeysaptapt.logsatopauditauditpolauthlogbambashhistorybootshellbravebrave.cookiesbrave.downloadsbrave.extensionsbrave.historybrave.passwordsbrowserbrowser.cookiesbrowser.downloadsbrowser.extensionsbrowser.historybrowser.passwordsbtmpcaddycaddy.accesscaddy.logscamcam.historycam.registrycapability_binariescatrootcatroot.catdbcatroot.fileschatchat.historychromechrome.cookieschrome.downloadschrome.extensionschrome.historychrome.passwordschromiumchromium.cookieschromium.downloadschromium.extensionschromium.historychromium.passwordscimcim.consumerbindingscitcit.citcit.dpcit.modulescit.puucit.telemetrycitrixcitrix.accesscitrix.errorcitrix.hostscitrix.logsclfsclsidclsid.machineclsid.usercmdlinecodepagecommandhistorycommandprocautorunconfig_treecontainercontainer.containerscontainer.imagescontainer.logscpanelcpanel.lastlogincredhistcronjobsdatetimedefenderdefender.evtxdefender.exclusionsdefender.mplogdefender.quarantinedefender.recoverdockerdocker.containersdocker.imagesdocker.logsdomaindomain_siddpapidpapi.keyproviderdpapi.keyprovider.credhistdpapi.keyprovider.credhist.keysdpapi.keyprovider.defaultpassworddpapi.keyprovider.defaultpassword.lsadpapi.keyprovider.defaultpassword.lsa.keysdpapi.keyprovider.defaultpassword.winlogondpapi.keyprovider.defaultpassword.winlogon.keysdpapi.keyprovider.emptydpapi.keyprovider.empty.keysdpapi.keyprovider.keychaindpapi.keyprovider.keychain.keysdpapi.keyprovider.keysdpkgdpkg.logdpkg.statusedgeedge.cookiesedge.downloadsedge.extensionsedge.historyedge.passwordseditoreditor.extensionseditor.historyeditor.tabsenvfileenvironenvironment_variablesetcetc.etcetletl.bootetl.etletl.shutdowneverythingeverything.locateevtevtxexampleexample_namespaceexample_namespace.example_recordexample_noneexample_recordexample_user_registry_recordexample_yieldexchangeexchange.transport_agentsfilerenameopfirefoxfirefox.cookiesfirefox.downloadsfirefox.extensionsfirefox.historyfirefox.passwordsfirewallfirewall.logsfirewall.rulesgnulocategnulocate.locateicatiexploreiexplore.downloadsiexplore.historyiisiis.accessiis.logsinstall_dateiptablesjumplistjumplist.automatic_destinationjumplist.custom_destinationkeyboardknowndllslanguagelastloglicenselnkloaderslocatelocate.locatelsalsa.secretslsmodmachine_sidmcafeemcafee.mscmessagesmftmft.bodymft.recordsmft.timelinemft_timelinemlocatemlocate.locatemrumru.acmrumru.lastvisitedmru.msofficemru.mstscmru.networkdrivemru.opensavemru.recentdocsmru.runmsnmsn.historymsofficemsoffice.nativemsoffice.startupmsoffice.webmssqlmssql.errorlogmuicachendisnetstatnetworknetwork.dhcpnetwork.dnsnetwork.gatewaysnetwork.interfacesnetwork.ipsnetwork.macsnetwork_historynginxnginx.accessnginx.errornginx.hostsnginx.logsnotificationsnotifications.appdbnotifications.wpndatabasentversionnullsessionpipesopensshopenssh.authorized_keysopenssh.known_hostsopenssh.private_keysopenssh.public_keysopensshdopensshd.configopenvpnopenvpn.configosinfopackagemanagerpackagemanager.logspasswordspath_extensionspathenvironmentpfroplocateplocate.locatepluginspodmanpodman.containerspodman.imagespodman.logspowershell_historyprefetchprocprocessesproductkeyputtyputty.known_hostsputty.sessionsqfindrdpcacherdpcache.pathsrdpcache.recoverrecentfilecacherecently_usedrecyclebinregfregistryremoteaccessremoteaccess.filetransferremoteaccess.logsrunkeysrustdeskrustdesk.logssamschedlguscrapescraped_evtscraped_evtxsearchsecurelogservicessessionmanagersevenzipshellbagsshimcachesidsnapsnapssocketssockets.packetsockets.rawsockets.tcpsockets.udpsockets.unixsophossophos.hitmanlogssophos.sophoshomelogssplashtopsplashtop.filetransfersplashtop.logssrusru.applicationsru.application_timelinesru.energy_estimatorsru.energy_usagesru.energy_usage_ltsru.network_connectivitysru.network_datasru.push_notificationsru.sdp_cpu_providersru.sdp_network_providersru.sdp_physical_disk_providersru.sdp_volume_providersru.vfusshssh.authorized_keysssh.configssh.known_hostsssh.private_keysssh.public_keysssh.sessionsstartupinfosuid_binariessymantecsymantec.firewallsymantec.logssyscachesyslogsysmodulestasksteamviewerteamviewer.logsthumbcachethumbcache.iconcachethumbcache.thumbcachetimezonetrashtrendmicrotrendmicro.wffirewalltrendmicro.wflogstrusteddocsualual.client_accessual.domains_seenual.role_accessual.system_identitiesual.virtual_machinesusbuser_detailsuserassistusnjrnlutmpvelociraptorvelociraptor.resultsvmlistvmwarevmware.clipboardvmware.configvmware.draganddropwalkfswebserverwebserver.accesswebserver.errorwebserver.hostswebserver.logswerwgetwget.hstswindowsnotepadwindowsnotepad.extensionswindowsnotepad.historywindowsnotepad.tabswinrarwinsocknamespaceproviderwireguardwireguard.configwtmpwua_historyyarayumyum.logszypperzypper.logs