execution event NXQL (classic)
An execution is a process executing on a device. Several executions of the same process are merged when in close succession.
average_memory_usage
byte
Windows | macOS
Average memory usage per execution
binary_path
path
Windows | macOS
Executed binary path
cardinality
integer
Windows | macOS
Number of underlying processes, consolidated over time
duration
millisecond
Windows | macOS
Total execution duration
end_time
datetime
Windows | macOS
Execution end time
focus_time
millisecond
Windows | macOS
NU
Focus time
id
identifier
Windows | macOS
Unique execution identifier
incoming_tcp_traffic
byte
Windows | macOS
Incoming TCP traffic
incoming_udp_traffic
byte
Windows | macOS
Incoming UDP traffic
memory_usage
byte
Windows | macOS
Average memory usage
outgoing_tcp_traffic
byte
Windows | macOS
Outgoing TCP traffic
outgoing_udp_traffic
byte
Windows | macOS
Outgoing UDP traffic
privilege_level
enum
Windows | macOS
Privilege level of the execution (user, power user, administrator)
start_time
datetime
Windows | macOS
Execution start time
startup_duration
millisecond
Windows
NU
Startup duration
status
enum
Windows | macOS
Status of the execution (started, stopped)
total_cpu_time
millisecond
Windows | macOS
Total CPU time
Last updated