This topic describes the Process Analysis Preview window.
On the Process Search page (see Overview of Process Search), scroll to the Results table (see Process Search Results Table). Click anywhere in a query result row (except for a hyperlinked item or the > icon).
The Process Analysis Preview window appears and provides a brief overview of the process that you selected, without leaving the page:
Title |
Description |
|---|---|
Analyze |
Click to open the Process Analysis page for a granular analysis of the process executable file. See Process Analysis Page. |
View Binary |
Click to view the detailed binary analysis page for the process executable file. See Binary Search and Analysis. |
Create an ingress filter based on this process |
Click to open the Add Ingress Filter window to create an ingress filter based on the selected process. See Adding an Ingress Filter. |
Signed status |
Shows if the process executable file is signed by the publisher. |
Company |
The company name of the process executable file. |
Product |
The product for which the process executable file was created. |
Description |
A text description of the process executable file. |
Publisher |
The official publisher of the process executable file. |
Hostname |
The name of the host (endpoint) on which the process was run. |
Start time |
The full timestamp for the time when the process was run. |
Path |
The physical path from which the process was run. |
Command line |
The full command line specific to the execution of this process. |
Username |
The user on the given host who executed the process. The format is |
Logon Type |
The method of logon associated with the process. |
Regmods |
The number of Windows registry modifications that were made by the process execution. |
Filemods |
The number of files that were modified by the execution of this process. |
Modloads |
The status of modules that were loaded by this process execution. |
Netconns |
The number of network connections that this process execution either attempted or established. |
