Slot: ancestry
An array of Process Entities describing the extended parentage of this process
object. Direct parent information should be expressed through the
parent_process attribute. The first array element is the direct
parent of this process object. Subsequent list elements go up the process
parentage hierarchy. That is, the array is sorted from newest to oldest
process. It is recommended to only populate this field for the top-level
process object.
URI: ocsf:ancestry Alias: ancestry
Applicable Classes
| Name | Description | Modifies Slot |
|---|---|---|
| LinuxProcess | Extends the process object to add Linux specific fields | no |
| WindowsProcess | Extends the process object to add Windows specific fields | no |
| Process | The Process object describes a running instance of a launched program | no |
| MacosProcess | Extends the process object to add macOS specific fields | no |
Properties
Type and Range
| Property | Value |
|---|---|
| Range | ProcessEntity |
| Domain Of | Process |
Cardinality and Requirements
| Property | Value |
|---|---|
| Multivalued | Yes |
Aliases
- Ancestry
See Also
Notes
- Guidance on Representing Process Parentage — https://github.com/ocsf/ocsf-docs/blob/main/articles/representing-process-parentage.md
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:ancestry |
| native | ocsf:ancestry |
LinkML Source
name: ancestry
description: 'An array of Process Entities describing the extended parentage of this
process
object. Direct parent information should be expressed through the
<code>parent_process</code> attribute. The first array element is the direct
parent of this process object. Subsequent list elements go up the process
parentage hierarchy. That is, the array is sorted from newest to oldest
process. It is recommended to only populate this field for the top-level
process object.'
notes:
- 'Guidance on Representing Process Parentage —
https://github.com/ocsf/ocsf-docs/blob/main/articles/representing-process-parentage.md'
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://github.com/ocsf/ocsf-docs/blob/main/articles/representing-process-parentage.md
aliases:
- Ancestry
rank: 1000
alias: ancestry
domain_of:
- Process
range: ProcessEntity
multivalued: true