Class: NetworkTraffic
The Network Traffic object describes characteristics of network traffic over a
time period. The metrics represent network data transferred between source and
destination during an observation window.
URI: ocsf:NetworkTraffic
classDiagram
class NetworkTraffic
click NetworkTraffic href "../NetworkTraffic/"
Object <|-- NetworkTraffic
click Object href "../Object/"
NetworkTraffic : bytes
NetworkTraffic : bytes_in
NetworkTraffic : bytes_missed
NetworkTraffic : bytes_out
NetworkTraffic : chunks
NetworkTraffic : chunks_in
NetworkTraffic : chunks_out
NetworkTraffic : end_time
NetworkTraffic : packets
NetworkTraffic : packets_in
NetworkTraffic : packets_out
NetworkTraffic : start_time
NetworkTraffic : timespan
NetworkTraffic --> "0..1" Timespan : timespan
click Timespan href "../Timespan/"
Inheritance
- OcsfObject
- Object
- NetworkTraffic
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| bytes | 0..1 recommended Integer |
The total number of bytes transferred in both directions (sum of bytes_in and | direct |
| bytes_in | 0..1 Integer |
The number of bytes sent from the destination to the source (inbound | direct |
| bytes_missed | 0..1 Integer |
The number of bytes that were missed during observation, typically due to | direct |
| bytes_out | 0..1 Integer |
The number of bytes sent from the source to the destination (outbound | direct |
| chunks | 0..1 Integer |
The total number of chunks transferred in both directions (sum of chunks_in a... | direct |
| chunks_in | 0..1 Integer |
The number of chunks sent from the destination to the source (inbound | direct |
| chunks_out | 0..1 Integer |
The number of chunks sent from the source to the destination (outbound | direct |
| end_time | 0..1 TimestampT |
The end time of the observation or reporting period | direct |
| packets | 0..1 recommended Integer |
The total number of packets transferred in both directions (sum of packets_in | direct |
| packets_in | 0..1 Integer |
The number of packets sent from the destination to the source (inbound | direct |
| packets_out | 0..1 Integer |
The number of packets sent from the source to the destination (outbound | direct |
| start_time | 0..1 TimestampT |
The start time of the observation or reporting period | direct |
| timespan | 0..1 Timespan |
The time span object representing the duration of the observation or reportin... | direct |
Usages
In Subsets
Aliases
- Network Traffic
See Also
Notes
- D3FEND™ Ontology d3f:NetworkTraffic — https://d3fend.mitre.org/dao/artifact/d3f:NetworkTraffic/
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:NetworkTraffic |
| native | ocsf:NetworkTraffic |
LinkML Source
Direct
name: NetworkTraffic
description: 'The Network Traffic object describes characteristics of network traffic
over a
time period. The metrics represent network data transferred between source and
destination during an observation window.'
notes:
- 'D3FEND™ Ontology d3f:NetworkTraffic —
https://d3fend.mitre.org/dao/artifact/d3f:NetworkTraffic/'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://d3fend.mitre.org/dao/artifact/d3f:NetworkTraffic/
aliases:
- Network Traffic
is_a: Object
slots:
- bytes
- bytes_in
- bytes_missed
- bytes_out
- chunks
- chunks_in
- chunks_out
- end_time
- packets
- packets_in
- packets_out
- start_time
- timespan
slot_usage:
bytes:
name: bytes
description: 'The total number of bytes transferred in both directions (sum of
bytes_in and
bytes_out).'
recommended: true
bytes_in:
name: bytes_in
description: 'The number of bytes sent from the destination to the source (inbound
direction).'
bytes_missed:
name: bytes_missed
description: 'The number of bytes that were missed during observation, typically
due to
packet loss or sampling limitations.'
bytes_out:
name: bytes_out
description: 'The number of bytes sent from the source to the destination (outbound
direction).'
chunks:
name: chunks
description: 'The total number of chunks transferred in both directions (sum of
chunks_in and
chunks_out).'
chunks_in:
name: chunks_in
description: 'The number of chunks sent from the destination to the source (inbound
direction).'
chunks_out:
name: chunks_out
description: 'The number of chunks sent from the source to the destination (outbound
direction).'
end_time:
name: end_time
description: The end time of the observation or reporting period.
packets:
name: packets
description: 'The total number of packets transferred in both directions (sum
of packets_in
and packets_out).'
recommended: true
packets_in:
name: packets_in
description: 'The number of packets sent from the destination to the source (inbound
direction).'
packets_out:
name: packets_out
description: 'The number of packets sent from the source to the destination (outbound
direction).'
start_time:
name: start_time
description: The start time of the observation or reporting period.
timespan:
name: timespan
description: 'The time span object representing the duration of the observation
or reporting
period.'
Induced
name: NetworkTraffic
description: 'The Network Traffic object describes characteristics of network traffic
over a
time period. The metrics represent network data transferred between source and
destination during an observation window.'
notes:
- 'D3FEND™ Ontology d3f:NetworkTraffic —
https://d3fend.mitre.org/dao/artifact/d3f:NetworkTraffic/'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://d3fend.mitre.org/dao/artifact/d3f:NetworkTraffic/
aliases:
- Network Traffic
is_a: Object
slot_usage:
bytes:
name: bytes
description: 'The total number of bytes transferred in both directions (sum of
bytes_in and
bytes_out).'
recommended: true
bytes_in:
name: bytes_in
description: 'The number of bytes sent from the destination to the source (inbound
direction).'
bytes_missed:
name: bytes_missed
description: 'The number of bytes that were missed during observation, typically
due to
packet loss or sampling limitations.'
bytes_out:
name: bytes_out
description: 'The number of bytes sent from the source to the destination (outbound
direction).'
chunks:
name: chunks
description: 'The total number of chunks transferred in both directions (sum of
chunks_in and
chunks_out).'
chunks_in:
name: chunks_in
description: 'The number of chunks sent from the destination to the source (inbound
direction).'
chunks_out:
name: chunks_out
description: 'The number of chunks sent from the source to the destination (outbound
direction).'
end_time:
name: end_time
description: The end time of the observation or reporting period.
packets:
name: packets
description: 'The total number of packets transferred in both directions (sum
of packets_in
and packets_out).'
recommended: true
packets_in:
name: packets_in
description: 'The number of packets sent from the destination to the source (inbound
direction).'
packets_out:
name: packets_out
description: 'The number of packets sent from the source to the destination (outbound
direction).'
start_time:
name: start_time
description: The start time of the observation or reporting period.
timespan:
name: timespan
description: 'The time span object representing the duration of the observation
or reporting
period.'
attributes:
bytes:
name: bytes
description: 'The total number of bytes transferred in both directions (sum of
bytes_in and
bytes_out).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Total Bytes
rank: 1000
alias: bytes
owner: NetworkTraffic
domain_of:
- NetworkTraffic
- QueryInfo
range: integer
recommended: true
bytes_in:
name: bytes_in
description: 'The number of bytes sent from the destination to the source (inbound
direction).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Bytes In
rank: 1000
alias: bytes_in
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
bytes_missed:
name: bytes_missed
description: 'The number of bytes that were missed during observation, typically
due to
packet loss or sampling limitations.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Bytes Missed
rank: 1000
alias: bytes_missed
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
bytes_out:
name: bytes_out
description: 'The number of bytes sent from the source to the destination (outbound
direction).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Bytes Out
rank: 1000
alias: bytes_out
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
chunks:
name: chunks
description: 'The total number of chunks transferred in both directions (sum of
chunks_in and
chunks_out).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Chunks
rank: 1000
alias: chunks
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
chunks_in:
name: chunks_in
description: 'The number of chunks sent from the destination to the source (inbound
direction).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Chunks In
rank: 1000
alias: chunks_in
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
chunks_out:
name: chunks_out
description: 'The number of chunks sent from the source to the destination (outbound
direction).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Chunks Out
rank: 1000
alias: chunks_out
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
end_time:
name: end_time
description: The end time of the observation or reporting period.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- End Time
rank: 1000
alias: end_time
owner: NetworkTraffic
domain_of:
- Span
- Timespan
- Trace
- NetworkTraffic
- UnmannedSystemOperatingArea
- MalwareScanInfo
- BaseEvent
- ScanActivity
- Finding
- IncidentFinding
range: TimestampT
packets:
name: packets
description: 'The total number of packets transferred in both directions (sum
of packets_in
and packets_out).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Total Packets
rank: 1000
alias: packets
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
recommended: true
packets_in:
name: packets_in
description: 'The number of packets sent from the destination to the source (inbound
direction).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Packets In
rank: 1000
alias: packets_in
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
packets_out:
name: packets_out
description: 'The number of packets sent from the source to the destination (outbound
direction).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Packets Out
rank: 1000
alias: packets_out
owner: NetworkTraffic
domain_of:
- NetworkTraffic
range: integer
start_time:
name: start_time
description: The start time of the observation or reporting period.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Start Time
rank: 1000
alias: start_time
owner: NetworkTraffic
domain_of:
- Span
- Timespan
- Trace
- NetworkTraffic
- UnmannedSystemOperatingArea
- MalwareScanInfo
- BaseEvent
- ScanActivity
- Finding
- IncidentFinding
range: TimestampT
timespan:
name: timespan
description: 'The time span object representing the duration of the observation
or reporting
period.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Time Span
rank: 1000
alias: timespan
owner: NetworkTraffic
domain_of:
- Observation
- NetworkTraffic
range: Timespan