Hi team,

could please someone get me to the right direction on creating a complete mem-dump (for linux and windows) so I can further investigate with volatility and stuff?
It seems I only find ways to dump single processes but not the complete memdump.

Thaanks a lot for you support and this great tool. ;-)

Cheers
Marcus

GRR no longer supports complete, physical memory collection, because it created a variety of issues on the endpoints.

Thanks Max . Sad to hear that.
So closing th case.