Registry Key
reg_key
The registry key object describes a Windows registry key.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| System | is_system |
Boolean | The indication of whether the object is part of the operating system. |
| Modified Time | modified_time |
Timestamp | The time when the registry key was last modified. |
| Path | path |
String | The full path to the registry key. |
| Raw Data | raw_data |
JSON |
Group:contextThe event data as received from the event source. |
| Record ID | record_id |
String |
Group:primaryUnique identifier for the object |
| Security Descriptor | security_descriptor |
String | The security descriptor of the registry key. |
| Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference Registry Key in their attributes:
Outbound Relationships
Registry Key references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 3 days ago