Score Process
Get a score for a process execution profile.
External Documentation
To learn more, visit the EchoTrail documentation.
Basic Parameters
| Parameter | Description |
|---|---|
| Hash | The hash of the process. |
| Hostname | The process's hostname. |
| Parent Name | The name (or path) of the parent process. |
| Process name | The name (or path) of the process being analyzed. For example, C:\Windows\System32\cmd.exe. |
Advanced Parameters
| Parameter | Description |
|---|---|
| Children | A list of child processes (without paths) spawned by this process. |
| Environment | The process's environment. |
| Grandparent Name | The name (or path) of the grandparent process. |
| Network Ports | A list of network ports used by this process. |
| Record Execution | Log the process's execution. |
Example Output
{
"echotrail_score": 97,
"global": {
"rank": 2,
"host_prev": 99,
"overall_score": 98,
"path_score": 97,
}
}
Workflow Library Example
Score Process with Echotrail and Send Results Via Email
Preview this Workflow on desktop