I am running e-surveiller on a small local network. It's basically a keylogger/log transfer type application. My log configuration was wrong and the logs didn't upload as I was away on vacation and I am not sure if I lost information or not. Apparently it's supposed to log for 120 days prior to shutting down if logs remain untransferred. The log format is *.zlg on the import but locally they are encrypted. The problem is I checked the local machines for zlg file and there are none present. I looked for raw files but I am not exactly sure how it logs locally or where the logs are saved. The conversion is run on the import I believe. I emailed their support and have had no response in 3 days. If anyone knows where to look for the logs locally please let me know. Thank you. Regards
I'm not going to answer your question, keyloggers can be misused for malware purposes... Wilders Security Forums is not the place to ask for information on keyloggers. This thread has been reported.
Nadirah while keyloggers can be misused, they do have a legitimate use in a corporate network and and are legal for such use Powerslide I'm sorry I don't know the answer as by design many keyloggers hide or encrypt their logs to prevent anyone except for the authorised admin viewing them I don't think windows will search for zlg files as it won't recognize that extension natively and you might have to do a manual examination of the root of the drive, set it to view by date and see what files were recently created, that is often the only way to find such files
Pardon me nadirah but I am a network tech for a major international company who was told to "watch" what people are doing on the internet. I thought this was a security forum. I think it's important to share information here. Thanks for the suggestion dvk but I am assuming the files are encrypted locally so I will search for encryption keys or scan for encrypted logs and try and extract them with the key. I hope this post isn't deleted. Thank you.
As dvk01 stated....keyloggers have a "legitimate use in a corporate network and and are legal for such use". That being said....We always do our best in attempting to view threads such as this as permitted or not permitted according to the TOS....with a little TwilightZone(TZ) area in between. Let's hope it at least stays in the TZ as far as discussion goes