Class: Kernel
The Kernel Resource object provides information about a specific kernel
resource, including its name and type. It describes essential attributes
associated with a resource managed by the kernel of an operating system.
URI: ocsf:Kernel
classDiagram
class Kernel
click Kernel href "../Kernel/"
Object <|-- Kernel
click Object href "../Object/"
Kernel : is_system
Kernel : name
Kernel : path
Kernel : system_call
Kernel : type
Kernel : type_id
Kernel --> "1" KernelTypeIdEnum : type_id
click KernelTypeIdEnum href "../KernelTypeIdEnum/"
Inheritance
- OcsfObject
- Object
- Kernel
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| is_system | 0..1 Boolean |
The indication of whether the object is part of the operating system | direct |
| name | 1 String |
The name of the kernel resource | direct |
| path | 0..1 String |
The full path of the kernel resource | direct |
| system_call | 0..1 String |
The system call that was invoked | direct |
| type | 0..1 String |
The type of the kernel resource | direct |
| type_id | 1 KernelTypeIdEnum |
The type of the kernel resource | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| QueryEvidence | kernel | range | Kernel |
| KernelObjectQuery | kernel | range | Kernel |
| KernelActivity | kernel | range | Kernel |
| WindowsQueryEvidence | kernel | range | Kernel |
In Subsets
Aliases
- Kernel Resource
See Also
Notes
- D3FEND™ Ontology d3f:Kernel — https://d3fend.mitre.org/dao/artifact/d3f:Kernel/
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:Kernel |
| native | ocsf:Kernel |
| related | uco_master:OperatingSystem |
LinkML Source
Direct
name: Kernel
description: 'The Kernel Resource object provides information about a specific kernel
resource, including its name and type. It describes essential attributes
associated with a resource managed by the kernel of an operating system.'
notes:
- D3FEND™ Ontology d3f:Kernel — https://d3fend.mitre.org/dao/artifact/d3f:Kernel/
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://d3fend.mitre.org/dao/artifact/d3f:Kernel/
aliases:
- Kernel Resource
related_mappings:
- uco_master:OperatingSystem
is_a: Object
slots:
- is_system
- name
- path
- system_call
- type
- type_id
slot_usage:
name:
name: name
description: The name of the kernel resource.
required: true
path:
name: path
description: The full path of the kernel resource.
type:
name: type
description: The type of the kernel resource.
type_id:
name: type_id
description: The type of the kernel resource.
range: KernelTypeIdEnum
required: true
Induced
name: Kernel
description: 'The Kernel Resource object provides information about a specific kernel
resource, including its name and type. It describes essential attributes
associated with a resource managed by the kernel of an operating system.'
notes:
- D3FEND™ Ontology d3f:Kernel — https://d3fend.mitre.org/dao/artifact/d3f:Kernel/
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://d3fend.mitre.org/dao/artifact/d3f:Kernel/
aliases:
- Kernel Resource
related_mappings:
- uco_master:OperatingSystem
is_a: Object
slot_usage:
name:
name: name
description: The name of the kernel resource.
required: true
path:
name: path
description: The full path of the kernel resource.
type:
name: type
description: The type of the kernel resource.
type_id:
name: type_id
description: The type of the kernel resource.
range: KernelTypeIdEnum
required: true
attributes:
is_system:
name: is_system
description: The indication of whether the object is part of the operating system.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- System
rank: 1000
alias: is_system
owner: Kernel
domain_of:
- File
- Kernel
- RegKey
- RegValue
range: boolean
name:
name: name
description: The name of the kernel resource.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Name
rank: 1000
alias: name
owner: Kernel
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- Parameter
- PrivilegeInfo
- San
- Scim
- Script
- ServicePrivilegeAnalysis
- SoftwareComponent
- Sso
- StartupItem
- ThreatActor
- Token
- Entity
- Resource
- Account
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- AutonomousSystem
- Campaign
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- ClassifierDetails
- Container
- D3fTactic
- D3fTechnique
- Database
- Databucket
- DomainContact
- Edge
- Endpoint
- Enrichment
- EnvironmentVariable
- Evidences
- Extension
- Feature
- File
- Graph
- Group
- HttpCookie
- HttpHeader
- Idp
- Image
- Job
- Kernel
- KeyValueObject
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metric
- Mitigation
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- ResourceDetails
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- FtpActivity
- RegValue
- WinResource
- WinService
- PrefetchQuery
range: string
required: true
path:
name: path
description: The full path of the kernel resource.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Path
rank: 1000
alias: path
owner: Kernel
domain_of:
- Url
- AffectedPackage
- File
- HttpCookie
- Image
- Kernel
- Malware
- ProcessEntity
- Product
- RegKey
- RegValue
range: string
system_call:
name: system_call
description: The system call that was invoked.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- System Call
rank: 1000
alias: system_call
owner: Kernel
domain_of:
- Kernel
range: string
type:
name: type
description: The type of the kernel resource.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type
rank: 1000
alias: type
owner: Kernel
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- ProgrammaticCredential
- RelatedEvent
- San
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Dns
- Resource
- Account
- Agent
- Analytic
- ApplicationObject
- AuthenticationToken
- ClassifierDetails
- Cve
- Database
- Databucket
- DiscoveryDetails
- DnsAnswer
- DomainContact
- EncryptionDetails
- Endpoint
- Enrichment
- File
- Graph
- Group
- Ja4Fingerprint
- Kernel
- ManagedEntity
- Metadata
- Module
- NetworkEndpoint
- NetworkInterface
- Node
- PeripheralDevice
- Policy
- Rule
- Scan
- Trait
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- WebResource
- Device
- DatastoreActivity
- FtpActivity
- RegValue
- WinResource
range: string
type_id:
name: type_id
annotations:
sibling:
tag: sibling
value: type
description: The type of the kernel resource.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type ID
rank: 1000
alias: type_id
owner: Kernel
domain_of:
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Account
- Agent
- Analytic
- AuthenticationToken
- Database
- Databucket
- DomainContact
- Endpoint
- File
- Ja4Fingerprint
- Kernel
- ManagedEntity
- NetworkEndpoint
- NetworkInterface
- PeripheralDevice
- Scan
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- Device
- DatastoreActivity
- RegValue
- WinResource
range: KernelTypeIdEnum
required: true