Account
account
The Account object contains details about the account that initiated or performed a specific activity within a system or application. Additionally, the Account object refers to logical Cloud and Software-as-a-Service (SaaS) based containers such as AWS Accounts, Azure Subscriptions, Oracle Cloud Compartments, Google Cloud Projects, and otherwise.
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Labels | labels |
String[] | The list of labels associated to the account. |
Name | name |
String |
Entity:ACCOUNT_OBJECT_NAME The name of the account (e.g. GCP Project name , Linux Account name or AWS Account name ).
|
Raw Data | raw_data |
JSON |
Group:context The event data as received from the event source. |
Record ID | record_id |
String |
Group:primary Unique identifier for the object |
Tags | tags |
Key:Value object[] |
The list of tags; {key:value} pairs associated to the account.
|
Type | type |
String | The account type, normalized to the caption of 'account_type_id'. In the case of 'Other', it is defined by the event source. |
Type ID | type_id |
Integer |
The normalized account type identifier.
|
Unique ID | uid |
String |
Entity:ACCOUNT_OBJECT_UID The unique identifier of the account (e.g. AWS Account ID , OCID , GCP Project ID , Azure Subscription ID , Google Workspace Customer ID , or M365 Tenant UID ).
|
Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference Account in their attributes:
Outbound Relationships
Account references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 3 days ago