Skip to content

Enum: WindowsServiceTypeIdEnum

The normalized identifier of the service type.

URI: ocsf:WindowsServiceTypeIdEnum

Permissible Values

Value Meaning Description
UNKNOWN None The service type is unknown
KERNEL_DRIVER None A kernel mode driver
FILE_SYSTEM_DRIVER None A kernel mode file system minifilter
OWN_PROCESS None A user mode service that runs in its own process
SHARE_PROCESS None A user mode service that shares a process with other services
OTHER None The service type is not mapped

Slots

Name Description
service_type_id The normalized identifier of the service type

Identifier and Mapping Information

Schema Source

LinkML Source

name: WindowsServiceTypeIdEnum
description: The normalized identifier of the service type.
from_schema: https://w3id.org/lmodel/ocsf
rank: 1000
permissible_values:
  UNKNOWN:
    text: UNKNOWN
    description: The service type is unknown.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '0'
      caption:
        tag: caption
        value: Unknown
  KERNEL_DRIVER:
    text: KERNEL_DRIVER
    description: A kernel mode driver.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '1'
      caption:
        tag: caption
        value: Kernel Driver
  FILE_SYSTEM_DRIVER:
    text: FILE_SYSTEM_DRIVER
    description: A kernel mode file system minifilter.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '2'
      caption:
        tag: caption
        value: File System Driver
  OWN_PROCESS:
    text: OWN_PROCESS
    description: A user mode service that runs in its own process.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '3'
      caption:
        tag: caption
        value: Own Process
  SHARE_PROCESS:
    text: SHARE_PROCESS
    description: A user mode service that shares a process with other services.
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '4'
      caption:
        tag: caption
        value: Share Process
  OTHER:
    text: OTHER
    description: 'The service type is not mapped. See the <code>service_type</code>
      attribute,

      which contains an event source specific value.'
    annotations:
      ocsf_uid:
        tag: ocsf_uid
        value: '99'
      caption:
        tag: caption
        value: Other