Endpoint Standard: How to Tell if There is a Terminated Process Within the Linux OS
Article ID: 289272
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
How to tell from the Linux OS if there is a terminated process?
Environment
- Endpoint Standard Sensor: All Supported Versions
- Linux: All Supported Versions
Resolution
In the \var\opt\carbonblack\psc\log\log.txt there should be an event similar to
"Successfully terminated process with pid %ld (%s)"
Feedback
Yes
No
Powered by
