ProcessDetails - Amazon GuardDuty
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

ProcessDetails

Information about the observed process.

Contents

euid

The effective user ID of the user that executed the process.

Type: Integer

Required: No

executablePath

The absolute path of the process executable file.

Type: String

Required: No

executableSha256

The SHA256 hash of the process executable.

Type: String

Required: No

lineage

Information about the process's lineage.

Type: Array of LineageObject objects

Required: No

name

The name of the process.

Type: String

Required: No

namespacePid

The ID of the child process.

Type: Integer

Required: No

parentUuid

The unique ID of the parent process. This ID is assigned to the parent process by GuardDuty.

Type: String

Required: No

pid

The ID of the process.

Type: Integer

Required: No

pwd

The present working directory of the process.

Type: String

Required: No

startTime

The time when the process started. This is in UTC format.

Type: Timestamp

Required: No

user

The user that executed the process.

Type: String

Required: No

userId

The unique ID of the user that executed the process.

Type: Integer

Required: No

uuid

The unique ID assigned to the process by GuardDuty.

Type: String

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: