Unmapped

The Unmapped object contains an unmapped datum along with a label and type.

Attributes

Caption	Name	Type	Description
Caption	`caption`	String	A short description or label for the unmapped attribute.
Is Array	`is_array`	Boolean	If true, the value is understood to be an array. Otherwise it is assumed to be a scalar.
Name	`name`	String	The name of the unmapped attribute. This usually corresponds to a field name in the data provider. If no caption is provided, name will be used as a caption. The name attribute must be unique across all unmapped attributes of a record.
Type	`type`	String	The type of data that is unmapped.
Value	`value`	JSON	The unmapped attribute value.

Relationships

Inbound Relationships

These objects and events reference Unmapped in their attributes:

Digital Certificate
Module
Request Elements
Process Remediation Activity
MITRE ATT&CK®
SMB Activity
Query Information
Security Finding
OSINT
Actor
Module Query
KB Article
Device Config State
Networks Query
Data Classification
Finding
Finding Information
Account Change
DCE/RPC
Resource
Email Authentication
Admin Group Query
Application Lifecycle
Discovery Result
File Query
CVE
Registry Key
File Hosting Activity
Response Elements
Observable
Firewall Rule
Linux Process
Scheduled Job Activity
Base Event
Folder Query
Incident Finding
Memory Activity
Data Security Finding
Agent
DNS Answer
Scan
URL Threat Intelligence
Email URL Activity
Software Inventory Info
Device
Affected Software Package
Time Span
Cloud
JA4+ Fingerprint
User
Vulnerability Details
Group
Device Hardware Info
Operating System (OS)
Network Remediation Activity
Enrichment
Endpoint Connection
API Activity
Network File Activity
Endpoint
RDP Activity
Compliance Finding
Windows Resource
Database
Network Proxy Endpoint
Network Traffic
Identity Provider
Entity Management
Application Activity
Authorization Result
Job Query
Entity
Windows Evidence Artifacts
Feature
Related Event
File Remediation Activity
CIS Benchmark
Email File Activity
Device Inventory Info
Rule
Security State
HTTP Activity
CIS CSC
User Inventory Info
Product
IP Threat Intelligence
Network Endpoint
MITRE DEFEND™ Technique
DNS Query
Keyboard Information
Metric
Datastore Activity
User Session Query
User Access Management
User Query
Ticket
FTP Activity
Operating System Patch State
Peripheral Device Query
Data Security
Authentication
Databucket
WHOIS
HTTP Cookie
Network
Job
Object
Authentication Factor
Process Query
Kill Chain Phase
Peripheral Device
Windows Service Activity
LDAP Person
Network Connection Query
Kernel Resource
MITRE ATT&CK® Tactic
Base Threat Intelligence
MITRE ATT&CK® Technique
Web Resources Activity
File System Activity
File Threat Intelligence
Registry Key Query
Software Package
Registry Key Activity
Network Connection Information
Account
Session
OSINT Inventory Info
Schema Extension
Registry Value Activity
Authorize Session
Scan Activity
Remediation Activity
Windows Service
Group Management
HTTP Header
SSH Activity
Service Query
System Activity
Event Log Activity
Registry Value
Table
RPC Interface
Tunnel Activity
Autonomous System
CIS Control
CWE
Malware
Metadata
API
DNS Activity
Managed Entity
TLS Extension
Analytic
Kernel Activity
MITRE D3FEND™ Tactic
MITRE D3FEND™
Compliance
Finding
Service
CIS Benchmark Result
Email
Image
Kernel Extension
Network Activity
Remediation
Transport Layer Security (TLS)
Geo Location
Module Activity
Domain Contact
Affected Code
Reputation
HTTP Response
Web Resource
Discovery
Registry Value Query
Load Balancer
Display
Digital Signature
Domain Threat Intelligence
Organization
HASSH
CVSS Score
Logger
Web Resource Access Activity
Fingerprint
Kernel Object Query
Process Activity
Resource Details
Email Activity
Policy
File
Subject Alternative Name
Network Interface
NTP Activity
Identity & Access Management
DHCP Activity
Uniform Resource Locator
MITRE ATT&CK® Sub Technique
Device Config State Change
Detection Finding
Windows Resource Activity
HTTP Request
Prefetch Query
Kernel Extension Activity
EPSS
Vulnerability Finding
Container
DNS
Threat Intelligence

This page describes qdm-1.3.2+ocsf-1.3.0