Use the Get Process Executions by Hash SOAR action to search Carbon Black Cloud events and get process details for the process_hash that is associated with the selected alert from the Security Incident related list.
- This action can be run from an alert and can be run on one alert at a time.
- The process details are available in the Process Metadata related list of alerts.
