Skip to content

Process Monitor ebpf program should report process SID and CWD #191

New issue
New issue
Open
Open
Process Monitor ebpf program should report process SID and CWD#191
Assignees
ExceptionalHandler
Labels
P2Priority 2enhancementNew feature or requesttriagedThe issue is triaged by the maintainers.
Milestone
2511
@ExceptionalHandler

Description

@ExceptionalHandler
ExceptionalHandler
opened on Feb 24, 2025

Describe the feature you'd like supported

Current processor monitoring ebpf program reports process command-line and image path, in addition to thread an PID creating process.

Proposed solution

Some more information that can be added to the process_info_t is:

  • New process's main thread's primary token's SID
  • New process's current working directory
  • New process' primary thread's ID.

Additional context

No response

Metadata

Metadata

Assignees

Labels

P2Priority 2enhancementNew feature or requesttriagedThe issue is triaged by the maintainers.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions