Skip to main content

Cortex XDR - kill process

Supported versions

Supported Cortex XSOAR versions: 5.5.0 and later.

Initiates a new endpoint script execution kill process and retrieves the results.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Cortex XDR - Check Action Status

Integrations#

  • CortexXDRIR

Scripts#

This playbook does not use any scripts.

Commands#

  • xdr-run-script-kill-process
  • xdr-get-script-execution-results

Playbook Inputs#


NameDescriptionDefault ValueRequired
endpoint_idA comma-separated list of endpoint IDs.Optional
process_nameA comma-separated list of process names to kill.
Process will be killed on all provided endpoint ids.
Optional
script_timeoutThe timeout in seconds for this execution.
(Default is: '600')
Optional
polling_timeoutAmount of time to poll action status before declaring a timeout and resuming the playbook (in minutes).10Optional

Playbook Outputs#


PathDescriptionType
PaloAltoNetworksXDR.ScriptResult.results._return_valueValue returned by the script in case the type is not a dictionary.unknown
PaloAltoNetworksXDR.ScriptResult.results.standard_outputThe STDOUT and the STDERR logged by the script during the execution.unknown

Playbook Image#


Cortex XDR - kill process