Use this section to create the rawProcessInfo.json and os.json files. This script runs during introspection in Linux operating system-based virtual machine for collecting process details, OS details, and network details.

A sample rawProcessInfo.json file

Note:
  • Keys in the sample JSON are important.
  • - can be anything specific for the process.
  • Change the bracket <> strings with proper values. Example: “<pid>” is process ID.
  • { } bracket signifies specific objects

  • [ ] bracket signifies list and can have multiple similar objects.
{
    "proc_info_dict": {
        "<pid1>": {
            "proc_executable": "--", 
            "proc_name": "--", 
            "cwd": "--", 
            "fd": [
			"--"
            ], 
            "cmd_line": "--", 
            "proc_owner": "--", 
            "environ": {
                "<key1>": "--",
                "<key2>": "--"
            }, 
            "sockets": [
                {
                    "remote_port": "-", 
                    "remote_addr": "::", 
                    "socket_type": "---", 
                    "local_addr": "::", 
                    "socket_state": "---------", 
                    "local_port": "----"
                }
            ],
            "map_files": []
        },
"<pid2>": {
	  ...
  }
    }
}

A sample os.json file

Note:
  • Keys in the sample json are important.
  • -- can be anything specific to the operating system.
{
    "network_detailed": [], 
    "interfaces": [
        "------"
    ], 
    "ipv6": [ 
        "-:----::----:----:----:----"
    ], 
    "ipv4": [
        "---.---.---.---"
    ], 
    "mac_address": {
        "---": "--:--:--:--:--:--"
    }, 
    "os_info": "--------------------------------------"
}

Now, you can save the CPDA files in a .ZIP file and Add a Custom CPDA Configuration.