Process Tracker Module

Process Tracker collects metadata on unique file executions across your Windows, Mac, and Linux operating systems and streams the data to your Endpoint Security console. The metadata can be utilized by the Enricher module to detect malicious binaries and the data is accessible on the message bus for your SIEM to retrieve. All Process Tracker metadata will be displayed in a user interface within your Endpoint Security console, so results can be filtered.

Using the Process Tracker module on Linux systems that have pre-linking enabled can impact system performance and potentially cause the system to become unresponsive. Pre-linking is enabled by default on RHEL and CentOS environments. This will be resolved in a future update.

As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.

Authentication RequiredDownloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.

Support

Developer:FireEye
Supported By:FireEye
Contact:Email
Resources:Module User Guide
FireEye Endpoint Security

Module Info

Version:1.1.6
Last Updated:November 20, 2019
Requirements:FireEye Endpoint Security Server 4.9+ and Agent 30+
Size:22.38 MB
MD5:04be63abdb28ff297205d96a1aa0400e
SHA1:6643cf109f74d1e5960e12e3f89bf7a5a157badb
SHA256:d070179368ebcd8794bea6c2af44dfa2b51058b00e07a19e23be73eaa985f061

Similar Apps

Endpoint Security Module
Endpoint Security Module
Endpoint Security Module
Endpoint Security Module