Slot: container
The information describing an instance of a container. A container is a
prepackaged, portable system image that runs isolated on an existing system
using a container runtime like containerd.
URI: ocsf:container Alias: container
Applicable Classes
| Name | Description | Modifies Slot |
|---|---|---|
| LinuxProcess | Extends the process object to add Linux specific fields | no |
| Device | The Device object represents an addressable computer system or host, which is | no |
| Evidences | A collection of evidence artifacts associated to the activity/activities that | yes |
| WindowsProcess | Extends the process object to add Windows specific fields | no |
| WindowsEvidences | Extends the evidences object to add Windows specific fields | no |
| NetworkEndpoint | The Network Endpoint object describes characteristics of a network endpoint | no |
| Process | The Process object describes a running instance of a launched program | no |
| NetworkProxy | The network proxy endpoint object describes a proxy server, which acts as an | no |
| ContainerProfile | The container context for a process | yes |
| Endpoint | The Endpoint object describes a physical or virtual device that connects to a... | no |
| CloudResourcesInventoryInfo | Cloud Resources Inventory Info events report cloud asset inventory data | yes |
| MacosProcess | Extends the process object to add macOS specific fields | no |
Properties
Type and Range
| Property | Value |
|---|---|
| Range | Container |
| Domain Of | Evidences, ContainerProfile, CloudResourcesInventoryInfo |
Cardinality and Requirements
| Property | Value |
|---|---|
Aliases
- Container
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:container |
| native | ocsf:container |
LinkML Source
name: container
description: 'The information describing an instance of a container. A container is
a
prepackaged, portable system image that runs isolated on an existing system
using a container runtime like containerd.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Container
rank: 1000
alias: container
domain_of:
- Evidences
- ContainerProfile
- CloudResourcesInventoryInfo
range: Container