Initiating a process dump

Process dump data consists of all of the recorded events that occurred on an endpoint relating to the processes that the requested file hash back. Process dump obtains the endpoint activity recorder dump information for the file hash.
Follow the following steps to perform a
Process Dump
on an endpoint.
  1. Log on to the Symantec Endpoint Security console and select
    Investigate
    menu.
  2. Search for relevant events that you want to investigate further.
  3. From the
    Results
    grid, click
    Actions
    menu
  4. From the
    Actions
    menu, select
    Process Dump
    .