The Endpoint processes tab shows the list of processes received from endpoint devices with the UserGate Client software installed. It allows you to track the process call chain, as well as understand the launch options and view useful information about the file. The tab is represented by two panels: Processes log and Process.
In the Processes log pane you can see processes (application processes, background processes, Windows system processes) of endpoints that send data to Log Analyzer. The following information is displayed:
-
The date and time of process start.
-
The endpoint name.
-
The application name.
-
The process ID.
To assist in finding the entries of interest, the records can be filtered by various criteria such as the date range, application name, process ID, and etc. In addition, UserGate LogAn provides an advanced search mode where you can create complex search filters using a specialized query language, the syntax of which is described later in the Data Search and Filtering section.
The administrator can select the columns that will be logged. To do that, point the mouse cursor to the name of any column, click the arrow that will appear to the right of the column name, choose Columns, and select the desired parameters in the context menu.
Select the process to view the process tree and details represented in the Process pane.