Unix Artefacts Collector

https://github.com/tclahr/uac https://tclahr.github.io/uac-docs/

Collect all artifacts based on the ir_triage profile, and save the output file to /tmp.

./uac -p ir_triage /tmp

Collect all artifacts located in the artifacts/live_response directory, and save the output file to /tmp.

./uac -a ./artifacts/live_response/\* /tmp

Collect all artifacts based on the ir_triage profile, along with all artifacts located in the /my_custom_artifacts directory, and save the output file to /mnt/sda1.

./uac -p ir_triage -a /my_custom_artifacts/\* /mnt/sda1

Collect a memory dump and all artifacts based on the full profile.

./uac -a ./artifacts/memory_dump/avml.yaml -p full /tmp

Collect all artifacts based on the ir_triage profile excluding the bodyfile.yaml artifact.

Tools

menus and quick search

quick search

site status

Page Tools

meta data for this page

Unix Artefacts Collector