Container

container

The Container object describes an instance of a specific container. A container is a prepackaged, portable system image that runs isolated on an existing system using a container runtime like containerd.

Attributes

CaptionNameTypeDescription
HashhashFingerprint[]Entity:FINGERPRINT

Commit hash of image created for docker or the SHA256 hash of the container. For example: 13550340a8681c84c861aac2e5b440161c2b33a3e4f302ac680ca5b686de48de.
ImageimageImage[]The container image used as a template to run the container.
LabelslabelsString[]The list of labels associated to the container.
NamenameStringThe container name.
Network Drivernetwork_driverStringThe network driver used by the container. For example, bridge, overlay, host, none, etc.
OrchestratororchestratorStringThe orchestrator managing the container, such as ECS, EKS, K8s, or OpenShift.
Pod UUIDpod_uuidUUIDThe unique identifier of the pod (or equivalent) that the container is executing on.
Raw Dataraw_dataJSONGroup:context

The event data as received from the event source.
Record IDrecord_idStringGroup:primary

Unique identifier for the object
RuntimeruntimeStringThe backend running the container, such as containerd or cri-o.
SizesizeLongThe size of the container image.
Image TagtagStringThe tag used by the container. It can indicate version, format, OS.

🚧 WARNING: DEPRECATED

Image Tag has been deprecated since 1.4.0. Use the labels or tags attribute instead.

TagstagsKey:Value object[]The list of tags; key:value pairs associated to the container.
Unique IDuidStringThe full container unique identifier for this instantiation of the container. For example: ac2ea168264a08f9aaca0dfc82ff3551418dfd22d02b713142a6843caa2f61bf.
UnmappedunmappedUnmapped[]Data from the source that was not mapped into the schema.

Relationships

Container shown in context

Inbound Relationships

These objects and events reference Container in their attributes:

Outbound Relationships

Container references the following objects and events in its attributes:

This page describes qdm-1.5.1+ocsf-1.6.0


Did this page help you?