Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Run procdump workflow

Run procdump workflow

The Run procdump workflow runs a process dump on a specified process and saves it to a file that can be targeted by security analysts.

About this task

This workflow is triggered when enriched processes are selected and a Run procdump UI action is executed.
Run procdump workflow
Workflow process activities include:
  • Run Script (Audit log enrichment): Runs a script to add an audit log to the security incident.
  • Execute procdump activity
  • Run Script (Success - Add SI work note): Runs a script to add a work note when the procdump succeeds.
  • Run Script (Failed - Add SI work note): Runs a script to add a work note when the procdump fails. Reasons the procdump can fail includes:
    • Invalid dump path
    • Invalid file share path
    • Unable to fetch the fully-qualified domin name of the Windows machine the procdump is running on
    • The process name is not specified
    • The PROCDUMP environment variable not found
    • A copy of the dump file fails to copy from the dump path to the file share path

Updates to site content will be made starting around 4am on January 17th (Pacific Time) and lasting approximately 6 hours.  This site may be intermittently unavailable.