Pipe name drilldown tab

Jump to bottom

Edoardo Gerosa edited this page May 31, 2020 · 1 revision

The Pipe name drilldown tab provides insights into Sysmon pipe create and connect (Event ID 17 and 18) indicators within the specified timespan.

alt text

The Pipe name drilldown tab displays the following tables:

Grid listing pipe create events within the specified timespan
Grid listing pipe create and connect events within the specified timespan
Grid listing activity by Pipe connects within the specified timespan
Grid listing and focusing specifically on pipe connect triggers within the specified timespan
Grid listing raw Sysmon pipe create and connect events

A higher definition picture of the Pipe name connection drilldown tab can be found here.