get_agent_processes
Retrieve running processes from a Wazuh agent to monitor activity or investigate security incidents, with optional search filtering and command line inclusion.
Instructions
List running processes on a Wazuh agent
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| agent_id | Yes | Agent identifier (e.g., '001') | |
| limit | No | Maximum number of items to return (1-500) | |
| offset | No | Pagination offset | |
| search | No | Filter processes by name or command | |
| include_command | No | Include process command lines and arguments in the response |