Class: Scan
The Scan object describes characteristics of a proactive scan.
URI: ocsf:Scan
classDiagram
class Scan
click Scan href "../Scan/"
Entity <|-- Scan
click Entity href "../Entity/"
Scan <|-- MalwareScanInfo
click MalwareScanInfo href "../MalwareScanInfo/"
Scan : name
Scan : type
Scan : type_id
Scan --> "1" ScanTypeIdEnum : type_id
click ScanTypeIdEnum href "../ScanTypeIdEnum/"
Scan : uid
Inheritance
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| name | 0..1 recommended String |
The administrator-supplied or application-generated name of the scan | direct |
| type | 0..1 String |
The type of scan | direct |
| type_id | 1 ScanTypeIdEnum |
The type id of the scan | direct |
| uid | 0..1 recommended String |
The application-defined unique identifier assigned to an instance of a scan | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| ScanActivity | scan | range | Scan |
| FileRemediationActivity | scan | range | Scan |
| NetworkRemediationActivity | scan | range | Scan |
| ProcessRemediationActivity | scan | range | Scan |
| RemediationActivity | scan | range | Scan |
In Subsets
Aliases
- Scan
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:Scan |
| native | ocsf:Scan |
LinkML Source
Direct
name: Scan
description: The Scan object describes characteristics of a proactive scan.
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Scan
is_a: Entity
slots:
- name
- type
- type_id
- uid
slot_usage:
name:
name: name
description: 'The administrator-supplied or application-generated name of the
scan. For
example: "Home office weekly user database scan", "Scan folders for viruses",
"Full system virus scan"'
type:
name: type
description: The type of scan.
type_id:
name: type_id
description: The type id of the scan.
range: ScanTypeIdEnum
required: true
uid:
name: uid
description: The application-defined unique identifier assigned to an instance
of a scan.
Induced
name: Scan
description: The Scan object describes characteristics of a proactive scan.
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Scan
is_a: Entity
slot_usage:
name:
name: name
description: 'The administrator-supplied or application-generated name of the
scan. For
example: "Home office weekly user database scan", "Scan folders for viruses",
"Full system virus scan"'
type:
name: type
description: The type of scan.
type_id:
name: type_id
description: The type id of the scan.
range: ScanTypeIdEnum
required: true
uid:
name: uid
description: The application-defined unique identifier assigned to an instance
of a scan.
attributes:
name:
name: name
description: 'The administrator-supplied or application-generated name of the
scan. For
example: "Home office weekly user database scan", "Scan folders for viruses",
"Full system virus scan"'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Name
rank: 1000
alias: name
owner: Scan
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- Parameter
- PrivilegeInfo
- San
- Scim
- Script
- ServicePrivilegeAnalysis
- SoftwareComponent
- Sso
- StartupItem
- ThreatActor
- Token
- Entity
- Resource
- Account
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- AutonomousSystem
- Campaign
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- ClassifierDetails
- Container
- D3fTactic
- D3fTechnique
- Database
- Databucket
- DomainContact
- Edge
- Endpoint
- Enrichment
- EnvironmentVariable
- Evidences
- Extension
- Feature
- File
- Graph
- Group
- HttpCookie
- HttpHeader
- Idp
- Image
- Job
- Kernel
- KeyValueObject
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metric
- Mitigation
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- ResourceDetails
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- FtpActivity
- RegValue
- WinResource
- WinService
- PrefetchQuery
range: string
recommended: true
type:
name: type
description: The type of scan.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type
rank: 1000
alias: type
owner: Scan
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- ProgrammaticCredential
- RelatedEvent
- San
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Dns
- Resource
- Account
- Agent
- Analytic
- ApplicationObject
- AuthenticationToken
- ClassifierDetails
- Cve
- Database
- Databucket
- DiscoveryDetails
- DnsAnswer
- DomainContact
- EncryptionDetails
- Endpoint
- Enrichment
- File
- Graph
- Group
- Ja4Fingerprint
- Kernel
- ManagedEntity
- Metadata
- Module
- NetworkEndpoint
- NetworkInterface
- Node
- PeripheralDevice
- Policy
- Rule
- Scan
- Trait
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- WebResource
- Device
- DatastoreActivity
- FtpActivity
- RegValue
- WinResource
range: string
type_id:
name: type_id
annotations:
sibling:
tag: sibling
value: type
description: The type id of the scan.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type ID
rank: 1000
alias: type_id
owner: Scan
domain_of:
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Account
- Agent
- Analytic
- AuthenticationToken
- Database
- Databucket
- DomainContact
- Endpoint
- File
- Ja4Fingerprint
- Kernel
- ManagedEntity
- NetworkEndpoint
- NetworkInterface
- PeripheralDevice
- Scan
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- Device
- DatastoreActivity
- RegValue
- WinResource
range: ScanTypeIdEnum
required: true
uid:
name: uid
description: The application-defined unique identifier assigned to an instance
of a scan.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Unique ID
rank: 1000
alias: uid
owner: Scan
domain_of:
- Osint
- Package
- ProgrammaticCredential
- RelatedEvent
- Request
- Sbom
- Scim
- Script
- Session
- Span
- Sso
- Ticket
- Token
- Trace
- Entity
- Resource
- Account
- Advisory
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- Certificate
- Check
- ClassifierDetails
- Container
- Cve
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Database
- Databucket
- DomainContact
- Edge
- Email
- Endpoint
- Evidences
- Extension
- Feature
- File
- FindingObject
- FindingInfo
- Graph
- Group
- HttpRequest
- Idp
- Image
- KbArticle
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metadata
- Mitigation
- NetworkConnectionInfo
- NetworkEndpoint
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- WinResource
range: string
recommended: true