Databucket
databucket
The databucket object is a basic container that holds data, typically organized through the use of data partitions.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Agent List | agent_list |
Agent[] |
A list of agent objects associated with a device, endpoint, or resource.
|
| API Details | api |
API[] |
Group:contextDescribes details about a typical API (Application Programming Interface) call. |
| Cloud | cloud |
Cloud[] |
Group:primaryDescribes details about the Cloud environment where the event was originally created or logged. |
| Cloud Partition | cloud_partition |
String | The canonical cloud partition name to which the region is assigned (e.g. AWS Partitions: aws, aws-cn, aws-us-gov). |
| Created Time | created_time |
Timestamp | The time when the databucket was known to have been created. |
| Criticality | criticality |
String | The criticality of the resource as defined by the event source. |
| Data | data |
JSON | Additional data describing the resource. |
| Data Classification | data_classification |
Data Classification[] |
Group:contextThe Data Classification object includes information about data classification levels and data category types.
|
| Data Classification | data_classifications |
Data Classification[] |
Group:contextA list of Data Classification objects, that include information about data classification levels and data category types, indentified by a classifier. |
| Description | desc |
String | The description of the databucket. |
| Encryption Details | encryption_details |
Encryption Details[] | The encryption details of the databucket. Should be populated if the databucket is encrypted. |
| File | file |
File[] |
Entity:FILEDetails about the file/object within a databucket. |
| Group | group |
Group[] | The name of the related resource group. |
| Groups | groups |
Group[] | The group names to which the databucket belongs. |
| Hostname | hostname |
Hostname |
Entity:HOSTNAMEThe fully qualified name of the resource. |
| IP Address | ip |
IP Address |
Entity:IP_ADDRESSThe IP address of the resource, in either IPv4 or IPv6 format. |
| Back Ups Configured | is_backed_up |
Boolean |
Indicates whether the device or resource has a backup enabled, such as an automated snapshot or a cloud backup. For example, this is indicated by the cloudBackupEnabled value within JAMF Pro mobile devices or the registration of an AWS ARN with the AWS Backup service.
|
| Encrypted | is_encrypted |
Boolean | Indicates if the databucket is encrypted. |
| Public | is_public |
Boolean | Indicates if the databucket is publicly accessible. |
| Labels | labels |
String[] | The list of labels associated to the resource. |
| Modified Time | modified_time |
Timestamp | The most recent time when any changes, updates, or modifications were made within the databucket. |
| Name | name |
String | The databucket name. |
| Namespace | namespace |
String | The namespace is useful when similar entities exist that you need to keep separate. |
| Owner | owner |
User[] |
Entity:USERThe identity of the service or user account that owns the resource. |
| Raw Data | raw_data |
JSON |
Group:contextThe event data as received from the event source. |
| Record ID | record_id |
String |
Group:primaryUnique identifier for the object |
| Region | region |
String | The cloud region of the resource. |
| Size | size |
Long | The size of the databucket in bytes. |
| Tags | tags |
Key:Value object[] |
The list of tags; {key:value} pairs associated to the resource.
|
| Type | type |
String | The databucket type. |
| Type ID | type_id |
Integer |
The normalized identifier of the databucket type.
|
| Unique ID | uid |
Resource UID |
Entity:RESOURCE_UIDThe unique identifier of the databucket. |
| Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
| Version | version |
String |
The version of the resource. For example 1.2.3.
|
Relationships
Inbound Relationships
These objects and events reference Databucket in their attributes:
Outbound Relationships
Databucket references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 3 days ago