Skip to main content
Skip table of contents

Process Ingress Event

Vendor Documentation

https://www.carbonblack.com/products/endpoint-detection-and-response/


Classification

Rule Name

Rule Type

Common Event

Classification
Process Ingress EventBase RuleProcess/Service Startup Or Shutdown ActivityStartup and Shutdown
Process Ingress Event : StartSub RuleProcess/Service StartedStartup and Shutdown
Process Ingress Event : EndSub RuleProcess/Service StoppedStartup and Shutdown

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData Type
vmid<vmid>Text/String
command_line<command>Text/String
computer_name<dname>Text/String
md5

<objectname>
<hash>

Text/String
parent_path

<parentprocesspath>
<parentprocessname>

Text/String
path<process>Text/String
pid<processid>Number
username

<domain>

<account>

Text/String




JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close