Enterprise EDR: Can you search for process_cmdline values that include network share paths?
search cancel

Enterprise EDR: Can you search for process_cmdline values that include network share paths?

book

Article ID: 289074

calendar_today

Updated On:

Products

Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Can you search for process_cmdline field values that specifically include network share paths?

Environment

  • CB Cloud Console: All Versions
  • Enterprise EDR: Current Version

Resolution

Yes, since DSER-37752 was completed its now possible to search for 'process_cmdline:\\\\' to specifically search for network share paths.
Powered by Wolken Software