Skip to main content
Capsule8 Help Center home page
Sign in
  1. Capsule8
  2. Configuration & Customization
  3. Using Investigations
  4. Examples

Examples

  • MITRE
  • See all sections...
  • Recent Outbound Host-Port Connections
  • New Outbound Host Connections
  • Running Containers and Container Lifespan
  • What Commands Did Users Type By Host (History Evasion) 
  • Which Users Logged into Which Hosts
  • Find Files Affected by Container
  • Files and Processes Responsible for File State
  • Child Process Activity Around Time of Alert
  • Parent Process Activity Around Time of Alert
  • Process Activity Around Time of Incident
  • External-bound Network Traffic - IPv4 - With Allowed Exceptions
  • External-bound Network Traffic - IPv6
  • External-bound Network Traffic - IPv4
  • Known Malicious Host
  • Post incident investigation
Capsule8