Skip to main content

killProcess

Use this method to terminate an active process using it's process ID, it's path, the endpoint where it is running, and, if available, the ID of the incident it generated.

Parameters

Parameter	Description	Included in request	Type	Values
`processId`	The ID of the process you want to terminate.	Mandatory	String	No additional requirements. Example "processId": 12228
`path`	The location of the file that starts the process on the endpoint where it is stored.	Mandatory	String	Must be in the proper path format and lead to an existing file. Example Windows "path": "C:\\Windows\\explorer.exe" Linux "path": "/usr/bin/rhythmbox" Mac "path": "/System/Applications/Calendar.app/Contents/MacOS/Calendar"
`endpointId`	The endpoint (or node) where the process is running.	Mandatory	String	No additional requirements. Example "endpointId": "66a0fe708d3a52774522b442"
`incidentId`	The ID of the incident generated as a result to this process.	Optional	String	No additional requirements. Example "incidentId": "66a251423506b508d2fefb05

Return value

Attribute	Type	Description
`result`	Object	If the task was successful, returs `taskIds`. If failed, returns an error message.

Objects

`result`

Attribute	Type	Description
`taskIds`	Array of Strings	Contains a list of the IDs of the processes that were terminated.

Errors

Code	Message	Details
-32602	Invalid params	"details": "Invalid value given to the \'processId\' parameter."
		"details": "Invalid value given to the \'path\' parameter."
		"details": "Invalid value given to the \'endpointId\' parameter."
		"details": "The protected entity does not exist"
		"details": "The provided incident can not be accessed or was not found"
		"details": "Cannot kill process"
		"details": "The required parameter is missing : processId"
		"details": "The required parameter is missing : path"
		"details": "The required parameter is missing : endpointId"
		"details": "The value passed for parameter 'processId' has not the correct data type."
		"details": "The value passed for parameter 'path' has not the correct data type."
		"details": "The value passed for parameter 'endpointId' has not the correct data type."
200	Server error	"details": "Feature not available"

Examples

Request

{
    "params": {
        "processId": 12228,
        "path": "C:\\Windows\\explorer.exe",
        "endpointId": "66a0fe708d3a52774522b442",
        "incidentId": "66a251423506b508d2fefb05"
    },
    "jsonrpc": "2.0",
    "method": "killProcess",
    "id": "7d2864e9-c67b-48a2-9ba3-0a11d47e83c8"
}

Response

{
    "id": "7d2864e9-c67b-48a2-9ba3-0a11d47e83c8",
    "jsonrpc": "2.0",
    "result": {
        "taskIds": [
            "66b1e12b263e7f5e940a7dd9"
        ]
    }
}

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.