In NetWitness endpoint, I deployed the Endpoint bundle pack to ESA, I was surprised to find that there wasn't an alert generated when a process dump file was created.
Is there an alert within RSA live to alert on this? (couldn't find one)
Or is this something I can create my own alert for?
