Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
n
nebi
07/15/2018, 9:38 PMHi All,
Is there anyway to know process name from process id in osquery?
p
Prakhar
07/16/2018, 6:01 AMYes. If your are using processes table, you can do "SELECT p.name from processes as p where p.pid = [PROCESS_ID]". In case, you are using process_events table, you can use path column and extract the process name from it.