The Processes Management page in the ESM Console
displays all the processes that your organization’s security policy
protects. To change or delete a process, you must first remove the
process from any associated rules.
Navigate to the Process Management page.
From the ESM Console, select
Select the type of operating system for which you want
to manage processes.
View the processes in the Process Management table.
Use the paging controls at the top of the table to view
different portions of the table.
The following fields are
the process executable file.
—Number of endpoints on which
the process has run.
—Number of rules configured
for the process.
—Name of the endpoint on
which the process was first discovered.
—Date and time the process
was first discovered on the endpoint (after receiving a rule to
report new processes).
Delete or change the process.
If the process is used in any rules, you must first unlink
(remove) the process from the rule.
You can not unlink
processes from default rules and, as a result, you cannot remove
any processes specified in default rules.
process is unlinked, you can select the name of the process and
do any of the following: