Scan

scan

The Scan object describes characteristics of a proactive scan.

Attributes

Caption	Name	Type	Description
Name	`name`	String	The administrator-supplied or application-generated name of the scan. For example: "Home office weekly user database scan", "Scan folders for viruses", "Full system virus scan"
Raw Data	`raw_data`	JSON	Group:`context` The event data as received from the event source.
Record ID	`record_id`	String	Group:`primary` Unique identifier for the object
Type	`type`	String	The type of scan.
Type ID	`type_id`	Integer	The type id of the scan. `0`: Unknown (`UNKNOWN`) `1`: Manual (`MANUAL`) `2`: Scheduled (`SCHEDULED`) `3`: Updated Content (`UPDATED_CONTENT`) `4`: Quarantined Items (`QUARANTINED_ITEMS`) `5`: Attached Media (`ATTACHED_MEDIA`) `6`: User Logon (`USER_LOGON`) `7`: ELAM (`ELAM`) `99`: Other (`OTHER`)
Scan UID	`uid`	String	The application-defined unique identifier assigned to an instance of a scan.
Unmapped	`unmapped`	Unmapped[]	Data from the source that was not mapped into the schema.

These objects and events reference Scan in their attributes:

Scan references the following objects and events in its attributes:

This page describes qdm-1.5.1+ocsf-1.6.0

Updated 13 days ago