sophos.hitmanlogs
#
$ target-query <path/to/target> -f sophos.hitmanlogs
Module |
|
Output |
|
Module documentation
No documentation
Function documentation
Return alert log records from Sophos Hitman Pro/Alert.
- Yields HitmanAlertRecord with the following fields:
ts (datetime): Timestamp. alert (string): Type of Alert. description (string): Short description of the alert. details (string): Detailed description of the alert.
Note that because Hitman also catches suspicious behaviour of systems, the details field might contain a lot of text, it might contain stracktraces etc.