process-thread-create
March 22, 2023 · View on GitHub
Description
A thread was created in a process
Parameters
| Parameter | Value |
|---|---|
| Subject | process |
| Activity | thread-create |
| Activity Type | process-thread-create |
| Pretty Name | Process Thread Create |
Fields
The possible fields for this activity type will vary depending on whether the activity was a success or a fail.
process-thread-create:success
| Field | Core | Detection | Informational |
|---|---|---|---|
| thread_id |
process-thread-create:fail
| Field | Core | Detection | Informational |
|---|---|---|---|
| thread_id | |||
| failure_code | ✓ | ||
| failure_reason | ✓ |