Unmapped
The Unmapped object contains an unmapped datum along with a label and type.
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Caption | caption |
String | A short description or label for the unmapped attribute. |
Is Array | is_array |
Boolean | If true, the value is understood to be an array. Otherwise it is assumed to be a scalar. |
Name | name |
String | The name of the unmapped attribute. This usually corresponds to a field name in the data provider. If no caption is provided, name will be used as a caption. The name attribute must be unique across all unmapped attributes of a record. |
Type | type |
String | The type of data that is unmapped. |
Value | value |
JSON | The unmapped attribute value. |
Relationships
Inbound Relationships
These objects and events reference Unmapped in their attributes:
- Digital Certificate
- Module
- Request Elements
- Process Remediation Activity
- MITRE ATT&CK®
- SMB Activity
- Query Information
- Security Finding
- OSINT
- Actor
- Module Query
- KB Article
- Device Config State
- Networks Query
- Data Classification
- Finding
- Finding Information
- Account Change
- DCE/RPC
- Resource
- Email Authentication
- Admin Group Query
- Application Lifecycle
- Discovery Result
- File Query
- CVE
- Registry Key
- File Hosting Activity
- Response Elements
- Observable
- Firewall Rule
- Linux Process
- Scheduled Job Activity
- Base Event
- Folder Query
- Incident Finding
- Memory Activity
- Data Security Finding
- Agent
- DNS Answer
- Scan
- URL Threat Intelligence
- Email URL Activity
- Software Inventory Info
- Device
- Affected Software Package
- Time Span
- Cloud
- JA4+ Fingerprint
- User
- Vulnerability Details
- Group
- Device Hardware Info
- Operating System (OS)
- Network Remediation Activity
- Enrichment
- Endpoint Connection
- API Activity
- Network File Activity
- Endpoint
- RDP Activity
- Compliance Finding
- Windows Resource
- Database
- Network Proxy Endpoint
- Network Traffic
- Identity Provider
- Entity Management
- Application Activity
- Authorization Result
- Job Query
- Entity
- Windows Evidence Artifacts
- Feature
- Related Event
- File Remediation Activity
- CIS Benchmark
- Email File Activity
- Device Inventory Info
- Rule
- Security State
- HTTP Activity
- CIS CSC
- User Inventory Info
- Product
- IP Threat Intelligence
- Network Endpoint
- MITRE DEFEND™ Technique
- DNS Query
- Keyboard Information
- Metric
- Datastore Activity
- User Session Query
- User Access Management
- User Query
- Ticket
- FTP Activity
- Operating System Patch State
- Peripheral Device Query
- Data Security
- Authentication
- Databucket
- WHOIS
- HTTP Cookie
- Network
- Job
- Object
- Authentication Factor
- Process Query
- Kill Chain Phase
- Peripheral Device
- Windows Service Activity
- LDAP Person
- Network Connection Query
- Kernel Resource
- MITRE ATT&CK® Tactic
- Base Threat Intelligence
- MITRE ATT&CK® Technique
- Web Resources Activity
- File System Activity
- File Threat Intelligence
- Registry Key Query
- Software Package
- Registry Key Activity
- Network Connection Information
- Account
- Session
- OSINT Inventory Info
- Schema Extension
- Registry Value Activity
- Authorize Session
- Scan Activity
- Remediation Activity
- Windows Service
- Group Management
- HTTP Header
- SSH Activity
- Service Query
- System Activity
- Event Log Activity
- Registry Value
- Table
- RPC Interface
- Tunnel Activity
- Autonomous System
- CIS Control
- CWE
- Malware
- Metadata
- API
- DNS Activity
- Managed Entity
- TLS Extension
- Analytic
- Kernel Activity
- MITRE D3FEND™ Tactic
- MITRE D3FEND™
- Compliance
- Finding
- Service
- CIS Benchmark Result
- Image
- Kernel Extension
- Network Activity
- Remediation
- Transport Layer Security (TLS)
- Geo Location
- Module Activity
- Domain Contact
- Affected Code
- Reputation
- HTTP Response
- Web Resource
- Discovery
- Registry Value Query
- Load Balancer
- Display
- Digital Signature
- Domain Threat Intelligence
- Organization
- HASSH
- CVSS Score
- Logger
- Web Resource Access Activity
- Fingerprint
- Kernel Object Query
- Process Activity
- Resource Details
- Email Activity
- Policy
- File
- Subject Alternative Name
- Network Interface
- NTP Activity
- Identity & Access Management
- DHCP Activity
- Uniform Resource Locator
- MITRE ATT&CK® Sub Technique
- Device Config State Change
- Detection Finding
- Windows Resource Activity
- HTTP Request
- Prefetch Query
- Kernel Extension Activity
- EPSS
- Vulnerability Finding
- Container
- DNS
- Threat Intelligence
This page describes qdm-1.3.2+ocsf-1.3.0
Updated 3 months ago