External DocumentationTo learn more, visit the EchoTrail documentation.
Parameters
| Parameter | Description |
|---|---|
| Field | The specific field to retrieve from the search results. |
| Query | The name or hash of an endpoint process to lookup. Must be a Windows filename with extension, a SHA256 hash of a windows process, or a md5 hash of a windows process. If the search yields no results, the response will include the message: No results found. |
| Subsearch | The string to search for within the process field. |
Example Output
Workflow Library Example
Insights Subsearch with Echotrail and Send Results Via Email