The Run procdump flow runs a process dump on a specified process and saves it to a file that can be targeted by security analysts.

Role required: sn_si.analyst

This flow is triggered when enriched processes are selected and a Run procdump UI action is executed.

Reasons the procdump can fail includes:

• Invalid dump path
• Invalid file share path
• Unable to fetch the fully-qualified domin name of the Windows machine the procdump is running on
• The process name is not specified
• The PROCDUMP environment variable not found
• A copy of the dump file fails to copy from the dump path to the file share path