Why Is the Process Tree For "System" Empty?

• CB ThreatHunter: All Supported Versions

The system ‘process’ is a special case. It’s not  the same as a normal process and is dynamically created at boot-time (so it’s not an .exe or .dll). "System" is given a process id (PID) of 4, and only runs worker threads. There are no child processes of system and therefore there’s not going to be a process tree for it, even though it could have events associated to it.