Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Hosted EDR: Are there instructions to provide customers in collecting a processes unique ID?

Hosted EDR: Are there instructions to provide customers in collecting a processes unique ID?

Environment

  • Hosted EDR (formerly CB Response Cloud) Server/Cluster: All supported versions

Question

Is there a document that demonstrates how to collect a process unique ID from the process analysis page? 

Answer

  1. Log into the console.
  2. Perform your search and click the process to bring you to the Process Analysis page.
  3. In the Process Analysis page grab the Unique ID (highlighted in red) from the browser URL 
https://<server>/#/analyze/00000007-0000-24c8-01d4-6cab54141c72/1540927207635?cb.legacy_5x_mode=false
  1. Provide the unique ID in a comment to the support case

Additional Notes

If collecting from a clustered environment the process above will need to be ran from the minion the sensor is connected that created the event/alert

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎02-19-2021
Views:
345
Contributors