Hi All,
I am trying to achieve the following search based on the data shown in the screenshot. This is just an example to provide context as to what I am trying to do. For a given PID, in this examples (smss.exe) I need to know if it is spawned by the correct process (System). i.e. I need to first find the Parent process PID of the Process I'm investigating and see if it is the correct one. How do I go about achieving this on Elasticsearch? Thanks in advance!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.