Aggregated Events

Events that are grouped into categories, providing count and path. Click the path to get to the Computer Events view.

•File modifications

•File reads

•Registry modifications

•Network connections

•URL connections

•Dropped Executables

•DNS resolutions

The process tree on the right side

The process tree reflects the parent-child relationship between processes where child processes are shown directly beneath their parent and right-indented. Processes on the left are orphans whose parent processes have exited (finished or terminated).

Show Sub-Process Events - If you want to see the child process events.

Argument - Specify, for example, the path to the file modifications, registry key in registry modifications. Search by event argument, depending on the event type it can be a patch, file name, directory name, IP address.

If there are too many results, only a part of them is loaded. If you use Load more or Load all events, it may take a considerable amount of time to load all the results.