Process Entity
process_entity
The Process Entity object provides critical fields for referencing a process.
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Command Line | cmd_line | String | Entity: |
Created Time | created_time | Timestamp | The time when the process was created/started. |
Name | name | Process Name | Entity: |
Path | path | String | The process file path. |
Process ID | pid | Integer | Entity: |
Raw Data | raw_data | JSON | Group: |
Record ID | record_id | String | Group: |
Unique ID | uid | String | A unique identifier for this process assigned by the producer (tool). Facilitates correlation of a process event with other events for that process. |
Unmapped | unmapped | Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference Process Entity in their attributes:
Outbound Relationships
Process Entity references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 28 days ago