Security Operations System Command Integration- Get Running Processes flow

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:2分

    • The Security Operations System Command Integration - Get Running Processes flow retrieves the running processes of a configuration item when added or updated to a Windows or Unix-based security incident in the Analysis state.

    始める前に

    Role required: sn_si.analyst

    このタスクについて

    For new security incidents, the flow runs automatically when you submit the incident with a selected configuration item, when the state automatically changes to Analysis. If it remains in the Draft state, then it does not run.

    Existing security incidents are automatically updated when you are in the Analysis state and you add a new configuration item.

    The flow process actions include:
    図 : 1. Get Running Processes
    Security Operations System Command Integration- Get Running Processes flow

    手順

    1. Open a security incident.
    2. Update the State to Analysis, if necessary.
    3. Add a configuration item (computer, server, or similar).
    4. Click Update.
      Security Incident Response Orchestration provides running process information in the Related Link > Security Incident Enrichmentstab. For more information, see Security Operations enrichment data mapping.

      Actions specific to this flow are described here. For more information on other actions, see Common Security Operations integration flows and orchestration activities.