processes
#
$ target-query <path/to/target> -f processes
Module |
|
Output |
|
Module documentation
No documentation
Function documentation
Return the processes available in /proc
and the stats associated with them.
There is a numerical subdirectory for each running process; the subdirectory is named by the process ID.
Each /proc/[pid]
subdirectory contains various pseudo-files.
- Yields ProcProcessRecord with the following fields:
hostname (string): The target hostname. domain (string): The target domain. ts (datetime): The start time of the process. name (string): The name of the process. state (string): The state of the process. pid (int): The process ID of the process. runtime (datetime): The amount of time the process is running until moment of acquisition. ppid (int): The parent process ID of the process. parent (string): The name of the parent process ID.