Issue #112: Select windows processes by user name and domain

sentrysoftware / metricshub-community-connectors

MetricsHub Community Connectors Repository

https://sentrysoftware.org/metricshub-community-connectors

GNU Affero General Public License v3.0

5 stars 0 forks source link

Issue #112: Select windows processes by user name and domain #147

Open MedMaalej opened 1 week ago

MedMaalej commented 1 week ago

Update WindowsProcess.yaml

MedMaalej commented 1 week ago

I checked the logs, here is a sample output of the connector:

It shows the processes of a given user selected using the regex matchUser and / or matchDomain in the connector file. The screenshot confirms that we retrieved successfully the domain and the user of the account associated to a given process.

The configuration in metricshub.yaml was as below:

resources:
  localhost:
    attributes:
      host.name: localhost
      host.type: win
    protocols:
      wmi:
        timeout: 120
    connectors: [+WindowsProcess]

NassimBtk commented 1 week ago

@bertysentry what do you think?