Network Traffic
The Network Traffic object describes characteristics of network traffic. Network traffic refers to data moving across a network at a given point of time. Defined by D3FEND d3f:NetworkTraffic.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Total Bytes | bytes |
Long | The total number of bytes (in and out). |
| Bytes In | bytes_in |
Long | The number of bytes sent from the destination to the source. |
| Bytes Out | bytes_out |
Long | The number of bytes sent from the source to the destination. |
| Chunks | chunks |
Long | The total number of chunks (in and out). |
| Chunks In | chunks_in |
Long | The number of chunks sent from the destination to the source. |
| Chunks Out | chunks_out |
Long | The number of chunks sent from the source to the destination. |
| Total Packets | packets |
Long | The total number of packets (in and out). |
| Packets In | packets_in |
Long | The number of packets sent from the destination to the source. |
| Packets Out | packets_out |
Long | The number of packets sent from the source to the destination. |
| Raw Data | raw_data |
JSON | The event data as received from the event source. |
| Record ID | record_id |
String | Unique identifier for the object |
| Unmapped Data | unmapped |
Unmapped[] | The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source. |
Relationships
Inbound Relationships
These objects and events reference Network Traffic in their attributes:
- SSH Activity
- Network Activity
- Network File Activity
- RDP Activity
- Network
- SMB Activity
- Web Resources Activity
- Tunnel Activity
- HTTP Activity
- FTP Activity
- NTP Activity
- DHCP Activity
- DNS Activity
- Web Resource Access Activity
Outbound Relationships
Network Traffic references the following objects and events in its attributes:
This page describes qdm-1.3.2+ocsf-1.3.0
Updated about 17 hours ago