Operating System (OS)
The Operating System (OS) object describes characteristics of an OS, such as Linux or Windows. Defined by D3FEND d3f:OperatingSystem.
Attributes
Caption | Name | Type | Description |
---|---|---|---|
OS Build | build |
String | The operating system build number. |
Country | country |
String | The operating system country code, as defined by the ISO 3166-1 standard (Alpha-2 code). For the complete list of country codes, see ISO 3166-1 alpha-2 codes. |
The product CPE identifier | cpe_name |
String |
The Common Platform Enumeration (CPE) name as described by (NIST) For example: cpe:/a:apple:safari:16.2 .
|
CPU Bits | cpu_bits |
Integer |
The cpu architecture, the number of bits used for addressing in memory. For example: 32 or 64 .
|
OS Edition | edition |
String |
The operating system edition. For example: Professional .
|
Language | lang |
String |
The two letter lower case language codes, as defined by ISO 639-1. For example: en (English), de (German), or fr (French).
|
Name | name |
String | The operating system name. |
Raw Data | raw_data |
JSON | The event data as received from the event source. |
Record ID | record_id |
String | Unique identifier for the object |
OS Service Pack | sp_name |
String | The name of the latest Service Pack. |
OS Service Pack Version | sp_ver |
Integer | The version number of the latest Service Pack. |
Type | type |
String | The type of the operating system. |
Type ID | type_id |
Integer |
The type identifier of the operating system.
|
Unmapped Data | unmapped |
Unmapped[] | The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source. |
Version | version |
String | The version of the OS running on the device that originated the event. For example: "Windows 10", "OS X 10.7", or "iOS 9". |
Relationships
Inbound Relationships
These objects and events reference Operating System (OS) in their attributes:
Outbound Relationships
Operating System (OS) references the following objects and events in its attributes:
This page describes qdm-1.3.2+ocsf-1.3.0
Updated 2 months ago