Fingerprint

fingerprint

The Fingerprint object provides detailed information about a digital fingerprint, which is a compact representation of data used to identify a longer piece of information, such as a public key or file content. It contains the algorithm and value of the fingerprint, enabling efficient and reliable identification of the associated data.

Attributes

Caption	Name	Type	Description
Algorithm	`algorithm`	String	The hash algorithm used to create the digital fingerprint, normalized to the caption of `algorithm_id`. In the case of `Other`, it is defined by the event source.
Algorithm ID	`algorithm_id`	Integer	The identifier of the normalized hash algorithm, which was used to create the digital fingerprint. `0`: Unknown (`UNKNOWN`) `1`: MD5 (`MD5`) `2`: SHA-1 (`SHA_1`) `3`: SHA-256 (`SHA_256`) `4`: SHA-512 (`SHA_512`) `5`: CTPH (`CTPH`) `6`: TLSH (`TLSH`) `7`: quickXorHash (`QUICKXORHASH`) `99`: Other (`OTHER`)
Raw Data	`raw_data`	JSON	Group:`context` The event data as received from the event source.
Record ID	`record_id`	String	Group:`primary` Unique identifier for the object
Unmapped	`unmapped`	Unmapped[]	Data from the source that was not mapped into the schema.
Value	`value`	Hash	Entity:`HASH` The digital fingerprint value.

Relationships

Inbound Relationships

These objects and events reference Fingerprint in their attributes:

Outbound Relationships

Fingerprint references the following objects and events in its attributes:

Unmapped

This page describes ocsf-1.4.0

Updated 29 days ago