Fingerprint

fingerprint

The Fingerprint object provides detailed information about a digital fingerprint, which is a compact representation of data used to identify a longer piece of information, such as a public key or file content. It contains the algorithm and value of the fingerprint, enabling efficient and reliable identification of the associated data.

Attributes

Caption	Name	Type	Description
Algorithm	`algorithm`	String	The hash algorithm used to create the digital fingerprint, normalized to the caption of algorithm_id. In the case of Other, it is defined by the event source.
Algorithm ID	`algorithm_id`	Integer	The identifier of the normalized hash algorithm, which was used to create the digital fingerprint. `0`: Unknown (`UNKNOWN`) `1`: MD5 (`MD5`) `2`: SHA-1 (`SHA_1`) `3`: SHA-256 (`SHA_256`) `4`: SHA-512 (`SHA_512`) `5`: CTPH (`CTPH`) `6`: TLSH (`TLSH`) `7`: quickXorHash (`QUICKXORHASH`) `8`: SHA-224 (`SHA_224`) `9`: SHA-384 (`SHA_384`) `10`: SHA-512/224 (`SHA_512/224`) `11`: SHA-512/256 (`SHA_512/256`) `12`: SHA3-224 (`SHA3_224`) `13`: SHA3-256 (`SHA3_256`) `14`: SHA3-384 (`SHA3_384`) `15`: SHA3-512 (`SHA3_512`) `16`: xxHash H3 64-bit (`XXHASH_H3_64_BIT`) `17`: xxHash H3 128-bit (`XXHASH_H3_128_BIT`) `99`: Other (`OTHER`)
Raw Data	`raw_data`	JSON	Group:`context` The event data as received from the event source.
Record ID	`record_id`	String	Group:`primary` Unique identifier for the object
Unmapped	`unmapped`	Unmapped[]	Data from the source that was not mapped into the schema.
Value	`value`	Hash	Entity:`HASH` The digital fingerprint value.

Relationships

Inbound Relationships

These objects and events reference Fingerprint in their attributes:

Outbound Relationships

Fingerprint references the following objects and events in its attributes:

Unmapped

This page describes qdm-1.5.1+ocsf-1.6.0