Process Tracker Module

Process Tracker collects metadata on unique file executions across your Windows, Mac, and Linux operating systems and streams the data to your Endpoint Security console. The metadata can be utilized by the Enricher module to detect malicious binaries and the data is accessible on the message bus for your SIEM to retrieve. All Process Tracker metadata will be displayed in a user interface within your Endpoint Security console, so results can be filtered.

Using the Process Tracker module on Linux systems that have pre-linking enabled can impact system performance and potentially cause the system to become unresponsive. Pre-linking is enabled by default on RHEL and CentOS environments. This will be resolved in a future update.

As this is a tech preview module, the usual support SLAs don’t apply to the module. You can also provide feedback to the module team through the email listed below.

Authentication RequiredDownloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.


Supported By:FireEye
Resources:Module User Guide
FireEye Endpoint Security

Module Info

Last Updated:February 6, 2020
Requirements:FireEye Endpoint Security Server 4.9.x and Agent 30/31
Size:22.38 MB

Similar Apps

Endpoint Security Module
Endpoint Security Module
Endpoint Security Module
Endpoint Security Module