Slot: kernel

The kernel resource object that pertains to the event.

URI: ocsf:kernel Alias: kernel

Applicable Classes

Name	Description	Modifies Slot
WindowsQueryEvidence	The resulting evidence information that was queried	no
QueryEvidence	The specific resulting evidence information that was queried or discovered	yes
KernelObjectQuery	Kernel Object Query events report information about discovered kernel	yes
KernelActivity	Kernel Activity events report when an process creates, reads, or deletes a	yes

Properties

Type and Range

Property	Value
Range	Kernel
Domain Of	QueryEvidence, KernelObjectQuery, KernelActivity

Cardinality and Requirements

Property	Value

Aliases

Kernel

Identifier and Mapping Information

Schema Source

from schema: https://w3id.org/lmodel/ocsf

Mappings

Mapping Type	Mapped Value
self	ocsf:kernel
native	ocsf:kernel

LinkML Source

name: kernel
description: The kernel resource object that pertains to the event.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Kernel
rank: 1000
alias: kernel
domain_of:
- QueryEvidence
- KernelObjectQuery
- KernelActivity
range: Kernel