ProcessInfo
Return information about the current process.
Property |
Type |
Description |
Example |
|---|---|---|---|
CaseSensitiveCommandLine |
String |
Allows creating rules for command line that is case sensitive |
|
CommandLine |
String |
Process command line |
file.txt |
CommandLineLength |
Int |
Length of the command line |
123 |
Compromised |
Bool |
The process was marked as compromised by a rule with MarkAsCompromised action |
true/false or 1/0 |
IntegrityLevel |
Integrity level of the process |
Possible values are: •0—Untrusted •4096—Low •8192—Medium •12288—High •16384—System •20480—Protected process |
|
LnkPath |
String |
Contains a path to a shortcut execution |
|
ProcessDistance |
Int |
The distance of the process from the current process |
123 |
ProcessLevel |
Int |
Depth of the process in process hierarchy |
123 |
ProcessOwner |
String |
The user that created the process |
|
Supported operations
•CodeInjection
•CreateProcess
•LoadDLL