Class: Ja4Fingerprint
The JA4+ fingerprint object provides detailed fingerprint information about
various aspects of network traffic which is both machine and human readable.
URI: ocsf:Ja4Fingerprint
classDiagram
class Ja4Fingerprint
click Ja4Fingerprint href "../Ja4Fingerprint/"
Object <|-- Ja4Fingerprint
click Object href "../Object/"
Ja4Fingerprint : section_a
Ja4Fingerprint : section_b
Ja4Fingerprint : section_c
Ja4Fingerprint : section_d
Ja4Fingerprint : type
Ja4Fingerprint : type_id
Ja4Fingerprint --> "1" Ja4FingerprintTypeIdEnum : type_id
click Ja4FingerprintTypeIdEnum href "../Ja4FingerprintTypeIdEnum/"
Ja4Fingerprint : value
Inheritance
- OcsfObject
- Object
- Ja4Fingerprint
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| section_a | 0..1 String |
The 'a' section of the JA4 fingerprint | direct |
| section_b | 0..1 String |
The 'b' section of the JA4 fingerprint | direct |
| section_c | 0..1 String |
The 'c' section of the JA4 fingerprint | direct |
| section_d | 0..1 String |
The 'd' section of the JA4 fingerprint | direct |
| type | 0..1 String |
The JA4+ fingerprint type as defined by <a | direct |
| type_id | 1 Ja4FingerprintTypeIdEnum |
The identifier of the JA4+ fingerprint type | direct |
| value | 1 String |
The JA4+ fingerprint value | direct |
Usages
In Subsets
Aliases
- JA4+ Fingerprint
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:Ja4Fingerprint |
| native | ocsf:Ja4Fingerprint |
LinkML Source
Direct
name: Ja4Fingerprint
description: 'The JA4+ fingerprint object provides detailed fingerprint information
about
various aspects of network traffic which is both machine and human readable.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- JA4+ Fingerprint
is_a: Object
slots:
- section_a
- section_b
- section_c
- section_d
- type
- type_id
- value
slot_usage:
type:
name: type
description: 'The JA4+ fingerprint type as defined by <a
href=''https://blog.foxio.io/ja4+-network-fingerprinting
target=''_blank''>FoxIO</a>, normalized to the caption of ''type_id''. In the
case
of ''Other'', it is defined by the event source.'
type_id:
name: type_id
description: The identifier of the JA4+ fingerprint type.
range: Ja4FingerprintTypeIdEnum
required: true
value:
name: value
description: The JA4+ fingerprint value.
required: true
Induced
name: Ja4Fingerprint
description: 'The JA4+ fingerprint object provides detailed fingerprint information
about
various aspects of network traffic which is both machine and human readable.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- JA4+ Fingerprint
is_a: Object
slot_usage:
type:
name: type
description: 'The JA4+ fingerprint type as defined by <a
href=''https://blog.foxio.io/ja4+-network-fingerprinting
target=''_blank''>FoxIO</a>, normalized to the caption of ''type_id''. In the
case
of ''Other'', it is defined by the event source.'
type_id:
name: type_id
description: The identifier of the JA4+ fingerprint type.
range: Ja4FingerprintTypeIdEnum
required: true
value:
name: value
description: The JA4+ fingerprint value.
required: true
attributes:
section_a:
name: section_a
description: The 'a' section of the JA4 fingerprint.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- JA4 Section A
rank: 1000
alias: section_a
owner: Ja4Fingerprint
domain_of:
- Ja4Fingerprint
range: string
section_b:
name: section_b
description: The 'b' section of the JA4 fingerprint.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- JA4 Section B
rank: 1000
alias: section_b
owner: Ja4Fingerprint
domain_of:
- Ja4Fingerprint
range: string
section_c:
name: section_c
description: The 'c' section of the JA4 fingerprint.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- JA4 Section C
rank: 1000
alias: section_c
owner: Ja4Fingerprint
domain_of:
- Ja4Fingerprint
range: string
section_d:
name: section_d
description: The 'd' section of the JA4 fingerprint.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- JA4 Section D
rank: 1000
alias: section_d
owner: Ja4Fingerprint
domain_of:
- Ja4Fingerprint
range: string
type:
name: type
description: 'The JA4+ fingerprint type as defined by <a
href=''https://blog.foxio.io/ja4+-network-fingerprinting
target=''_blank''>FoxIO</a>, normalized to the caption of ''type_id''. In the
case
of ''Other'', it is defined by the event source.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type
rank: 1000
alias: type
owner: Ja4Fingerprint
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- ProgrammaticCredential
- RelatedEvent
- San
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Dns
- Resource
- Account
- Agent
- Analytic
- ApplicationObject
- AuthenticationToken
- ClassifierDetails
- Cve
- Database
- Databucket
- DiscoveryDetails
- DnsAnswer
- DomainContact
- EncryptionDetails
- Endpoint
- Enrichment
- File
- Graph
- Group
- Ja4Fingerprint
- Kernel
- ManagedEntity
- Metadata
- Module
- NetworkEndpoint
- NetworkInterface
- Node
- PeripheralDevice
- Policy
- Rule
- Scan
- Trait
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- WebResource
- Device
- DatastoreActivity
- FtpActivity
- RegValue
- WinResource
range: string
type_id:
name: type_id
annotations:
sibling:
tag: sibling
value: type
description: The identifier of the JA4+ fingerprint type.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type ID
rank: 1000
alias: type_id
owner: Ja4Fingerprint
domain_of:
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Account
- Agent
- Analytic
- AuthenticationToken
- Database
- Databucket
- DomainContact
- Endpoint
- File
- Ja4Fingerprint
- Kernel
- ManagedEntity
- NetworkEndpoint
- NetworkInterface
- PeripheralDevice
- Scan
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- Device
- DatastoreActivity
- RegValue
- WinResource
range: Ja4FingerprintTypeIdEnum
required: true
value:
name: value
description: The JA4+ fingerprint value.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Value
rank: 1000
alias: value
owner: Ja4Fingerprint
domain_of:
- Observable
- Observation
- Osint
- Packet
- DiscoveryDetails
- Enrichment
- EnvironmentVariable
- Fingerprint
- HttpCookie
- HttpHeader
- Ja4Fingerprint
- KeyValueObject
- LongString
- Metric
range: string
required: true