Service

The Service object describes characteristics of a service, e.g. AWS EC2.

Attributes

Caption	Name	Type	Description
Command Line	`cmd_line`	String	The full command line used to launch an application, service, process, or job. For example: `ssh [email protected]`. If the command line is unavailable or missing, the empty string `''` is to be used 🚧 WARNING: DEPRECATED Command Line has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0
File	`file`	File[]	The service file object. 🚧 WARNING: DEPRECATED File has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0
Labels	`labels`	String[]	The list of labels associated with the service.
Loaded Module	`loaded_module_name`	String	The name of the module loaded by the service. 🚧 WARNING: DEPRECATED Loaded Module has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0
Name	`name`	String	The name of the service.
Raw Data	`raw_data`	JSON	The event data as received from the event source.
Record ID	`record_id`	String	Unique identifier for the object
Run State	`run_state`	String	The service run state. 🚧 WARNING: DEPRECATED Run State has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0
Run State ID	`run_state_id`	Integer	The service run state ID. 🚧 WARNING: DEPRECATED Run State ID has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0 `-1`: Other (`OTHER`) `0`: Unknown (`UNKNOWN`) `1`: Stopped (`STOPPED`) `2`: Start Pending (`START_PENDING`) `3`: Stop Pending (`STOP_PENDING`) `4`: Running (`RUNNING`) `5`: Continue Pending (`CONTINUE_PENDING`) `6`: Pause Pending (`PAUSE_PENDING`) `7`: Paused (`PAUSED`) `99`: Other (`OTHER`)
Start Type	`start_type`	String	The service start type. 🚧 WARNING: DEPRECATED Start Type has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0
Start Type ID	`start_type_id`	Integer	The service start type ID. 🚧 WARNING: DEPRECATED Start Type ID has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0 `-1`: Other (`OTHER`) `0`: Unknown (`UNKNOWN`) `1`: Auto (`AUTO`) `10`: System Changed (`SYSTEM_CHANGED`) `2`: Boot (`BOOT`) `3`: Demand (`DEMAND`) `4`: System (`SYSTEM`) `5`: Disabled (`DISABLED`) `6`: All Logins (`ALL_LOGINS`) `7`: Specific User Login (`SPECIFIC_USER_LOGIN`) `8`: Interactive Login (`INTERACTIVE_LOGIN`) `9`: Scheduled (`SCHEDULED`)
Type IDs	`type_ids`	Integer[]	The service type identifiers. 🚧 WARNING: DEPRECATED Type IDs has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0 `-1`: Other (`OTHER`) `0`: Unknown (`UNKNOWN`) `1`: Adapter (`ADAPTER`) `2`: File System Driver (`FILE_SYSTEM_DRIVER`) `3`: Kernel Driver (`KERNEL_DRIVER`) `4`: Recognized Driver (`RECOGNIZED_DRIVER`) `5`: Own Process (`OWN_PROCESS`) `6`: Shared Process (`SHARED_PROCESS`) `7`: Interactive (`INTERACTIVE`) `8`: Other (`OTHER`) `9`: Autoload (`AUTOLOAD`)
Types	`types`	String[]	The service types. 🚧 WARNING: DEPRECATED Types has been deprecated since 1.1.0. Deprecated in upgrade from ocsf-0.31.1 to qdm-1.1.0
Unique ID	`uid`	String	The unique identifier of the service.
Unmapped Data	`unmapped`	Unmapped[]	The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source.
Version	`version`	String	The version of the service.

Relationships

Inbound Relationships

These objects and events reference Service in their attributes:

Outbound Relationships

Service references the following objects and events in its attributes:

This page describes qdm-1.3.2+ocsf-1.3.0

Updated about 1 month ago