Databucket
The databucket object is a basic container that holds data, typically organized through the use of data partitions.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Created Time | created_time |
Timestamp | The time when the databucket was known to have been created. |
| Data Classification | data_classification |
Data Classification[] | The Data Classification object includes information about data classification levels and data category types. |
| Description | desc |
String | The description of the databucket. |
| File | file |
File[] | A file within a databucket. |
| Groups | groups |
Group[] | The group names to which the databucket belongs. |
| Modified Time | modified_time |
Timestamp | The most recent time when any changes, updates, or modifications were made within the databucket. |
| Name | name |
String | The databucket name. |
| Raw Data | raw_data |
JSON | The event data as received from the event source. |
| Record ID | record_id |
String | Unique identifier for the object |
| Size | size |
Long | The size of the databucket in bytes. |
| Type | type |
String | The databucket type. |
| Type ID | type_id |
Integer |
The normalized identifier of the databucket type.
|
| Unique ID | uid |
String | The unique identifier of the databucket. |
| Unmapped Data | unmapped |
Unmapped[] | The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source. |
Relationships
Inbound Relationships
These objects and events reference Databucket in their attributes:
Outbound Relationships
Databucket references the following objects and events in its attributes:
This page describes qdm-1.3.2+ocsf-1.3.0
Updated about 17 hours ago