Run procdump flow

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • The Run procdump flow runs a process dump on a specified process and saves it to a file that can be targeted by security analysts.

    Role required: sn_si.analyst

    This flow is triggered when enriched processes are selected and a Run procdump UI action is executed.
    Figure 1. Run procdump
    Run Procdump Flow
    Reasons the procdump can fail includes:
    • Invalid dump path
    • Invalid file share path
    • Unable to fetch the fully-qualified domin name of the Windows machine the procdump is running on
    • The process name is not specified
    • The PROCDUMP environment variable not found
    • A copy of the dump file fails to copy from the dump path to the file share path