Skip to content

Enum: RdpActivityActivityIdEnum

RdpActivity activity_id values.

URI: ocsf:RdpActivityActivityIdEnum

Permissible Values

Value Meaning Description
INITIAL_REQUEST None The initial RDP request
INITIAL_RESPONSE None The initial RDP response
CONNECT_REQUEST None An RDP connection request
CONNECT_RESPONSE None An RDP connection response
TLS_HANDSHAKE None The TLS handshake
TRAFFIC None Network traffic report
DISCONNECT None An RDP connection disconnect
RECONNECT None An RDP connection reconnect
UNKNOWN None The event activity is unknown
OTHER None The event activity is not mapped

Slots

Name Description
activity_id

Identifier and Mapping Information

Schema Source

LinkML Source

name: RdpActivityActivityIdEnum
description: RdpActivity activity_id values.
from_schema: https://w3id.org/lmodel/ocsf
rank: 1000
permissible_values:
  INITIAL_REQUEST:
    text: INITIAL_REQUEST
    description: The initial RDP request.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '1'
      caption:
        tag: caption
        value: Initial Request
  INITIAL_RESPONSE:
    text: INITIAL_RESPONSE
    description: The initial RDP response.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '2'
      caption:
        tag: caption
        value: Initial Response
  CONNECT_REQUEST:
    text: CONNECT_REQUEST
    description: An RDP connection request.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '3'
      caption:
        tag: caption
        value: Connect Request
  CONNECT_RESPONSE:
    text: CONNECT_RESPONSE
    description: An RDP connection response.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '4'
      caption:
        tag: caption
        value: Connect Response
  TLS_HANDSHAKE:
    text: TLS_HANDSHAKE
    description: The TLS handshake.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '5'
      caption:
        tag: caption
        value: TLS Handshake
  TRAFFIC:
    text: TRAFFIC
    description: Network traffic report.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '6'
      caption:
        tag: caption
        value: Traffic
  DISCONNECT:
    text: DISCONNECT
    description: An RDP connection disconnect.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '7'
      caption:
        tag: caption
        value: Disconnect
  RECONNECT:
    text: RECONNECT
    description: An RDP connection reconnect.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '8'
      caption:
        tag: caption
        value: Reconnect
  UNKNOWN:
    text: UNKNOWN
    description: The event activity is unknown.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '0'
      caption:
        tag: caption
        value: Unknown
  OTHER:
    text: OTHER
    description: 'The event activity is not mapped. See the <code>activity_name</code>
      attribute,

      which contains a data source specific value.'
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '99'
      caption:
        tag: caption
        value: Other