Security Operations Integration- Get Running Processes capability
The Get Running Processes capability retrieves a list of running processes on a configuration item (CI) from a host or endpoint. This capability is used for incident enrichment during investigations.
The Get Running Processes capability has two
implementation flows:
注:
If no implementations are available, capability actions are not displayed in product menus.
Actions specific to this flow are described here. For more information on other actions, see Common Security Operations integration flows and orchestration activities.