A type that describes a process, as delivered by an Endpoint Security message.
- macOS 10.15+
- Mac Catalyst 13.0+
For process events, this type also indicates the newly-executing process.
You can extract values such as the process identifier (
PID), user identifier (
UID), and group identifier (
GID) from the
audit field by using functions defined in