MOVEit

  • Updated on Feb 5, 2025
  • Published on May 23, 2024
Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

MOVEit Transfer logs

✅

✅

moveit_logs

NDJSON

API

Overview

imageMOVEit Transfer is a secure managed file transfer (MFT) software developed by Ipswitch, a subsidiary of Progress Software Corporation. It is designed to provide organizations with a reliable, efficient, and secure way to transfer files, manage workflows, and ensure compliance with data security policies.

Supported data types

MOVEit Transfer logs

Table name: moveit_logs

MOVEit Transfer logs provide detailed information on file transfer activities, user actions, and system events, capturing data such as source and destination, file size, transfer status, login and logout activities, IP addresses, and authentication methods. They also monitor service statuses, record errors and warnings, and track compliance-related activities, offering comprehensive insights for troubleshooting, auditing, and ensuring regulatory compliance. These logs are essential for maintaining security, operational efficiency, and adherence to data protection regulations.

Send data to Hunters

Hunters support API collection for MOVEit logs:

  1. Follow this guide from MOVEit to obtain the following information:

    • MOVEit username and Password credentials

    • Your MOVEit transfer server name

  2. Complete the process on the Hunters platform, following this guide.

Expected format

Files are expected in JSON format.

{
            "id": 118908152439,
            "logTime": "2023-11-11T04:33:06",
            "uploadNotes": "",
            "fileName": "",
            "fileID": "",
            "folderID": 0,
            "folderPath": "",
            "virtualFolderID": 0,
            "virtualFolderPath": "",
            "rate": 0.0,
            "duration": 0.0,
            "transferSize": 0,
            "username": "Automation",
            "userLoginName": "",
            "userFullName": "",
            "targetID": "asdasdasd",
            "targetName": "asdasdasd",
            "ipAddress": "",
            "action": "user_xsecurity",
            "agentBrand": "None",
            "agentVersion": "",
            "message": "",
            "errorCode": 0,
            "orgID": 2947
        }