About

Create Process endpoint creates a custom process with specified execution parameters. You can create a process by defining its path, arguments, execution type, and various configuration options. Processes are fundamental building blocks that can be used in actions and threat scenarios.

Process path and arguments define the executable and its parameters
Process type determines execution behavior (play or rewind)
Timeout and delay settings control execution timing
File associations and output handling provide additional functionality

Example for Basic Process Creation

Create a simple process with basic execution parameters.

curl --location 'https://api.picussecurity.com/v1/threat-library/processes' \
--header 'Authorization: Bearer access_token' \
--header 'Content-Type: application/json' \
--data '{
    "argument": "argument",
    "path": "path",
    "comment": "comment",
    "delay": 0,
    "timeout": 120000,
    "process_type": "play",
    "is_async": false,
    "success_cond_exist": false,
    "is_blocked": false,
    "output": "",
    "code": 0
}'

{
    "process": {
        "id": 1016265,
        "created_at": "2025-06-24T08:06:59.208273422Z",
        "path": "path",
        "argument": ""
    }
}

Fields

Field Name	Required	Type	Constraints	Default Value	Options/Examples	Description
process_type	✅ Yes	String	Must be one of the options	-	`"play"` (Standard execution process), `"rewind"` (Cleanup/rollback process)	Defines the execution behavior of the process
is_async	✅ Yes	Boolean	-	false	`true` (Process runs in background without blocking), `false` (Process runs synchronously and blocks execution)	Determines if the process should run asynchronously
argument	❌ No	String	-	-	Command line parameters	Command line arguments to pass to the process
path	❌ No	String	-	-	File or executable paths	File path or executable path for the process
comment	❌ No	String	-	-	-	Optional comment providing detailed information about the process's purpose, behavior, or execution methodology
delay	❌ No	Integer	-	0	Time in milliseconds	Delay in milliseconds before process execution starts
timeout	❌ No	Integer	-	120000	Time in milliseconds (120000 = 2 minutes)	Maximum execution time in milliseconds before process is terminated
success_condition_exist	❌ No	Boolean	-	false	`true` (Has custom conditions), `false` (No custom conditions)	Whether the process has custom success conditions defined
is_blocked	❌ No	Boolean	-	false	`true` (Execution blocked), `false` (Execution allowed)	Whether the process execution should be blocked/prevented
output	❌ No	String	-	-	Expected or captured text	Expected or captured output from the process
code	❌ No	Integer	-	0	Exit codes (0 = success)	Expected exit code for successful process executio