Slot: packet_list
The list of packet objects describing captured network packets.
URI: ocsf:packet_list
Alias: packet_list
Applicable Classes
| Name |
Description |
Modifies Slot |
| HttpActivity |
HTTP Activity events report HTTP connection and traffic information |
no |
| NtpActivity |
The Network Time Protocol (NTP) Activity events report instances of remote |
no |
| NetworkFileActivity |
Network File Activity events report file activities traversing the network, |
no |
| DnsActivity |
DNS Activity events report DNS queries and answers as seen on the network |
no |
| SmbActivity |
Server Message Block (SMB) Protocol Activity events report client/server |
no |
| SshActivity |
SSH Activity events report remote client connections to a server using the |
no |
| RdpActivity |
Remote Desktop Protocol (RDP) Activity events report post-authentication remo... |
no |
| NetworkEvent |
Network event is a generic event that defines a set of attributes available i... |
yes |
| TunnelActivity |
Tunnel Activity events report secure tunnel establishment (such as VPN), |
no |
| FtpActivity |
File Transfer Protocol (FTP) Activity events report file transfers between a |
no |
| NetworkActivity |
Network Activity events report network connection and traffic activity |
no |
| DhcpActivity |
DHCP Activity events report MAC to IP assignment via DHCP from a client or |
no |
Properties
Type and Range
Cardinality and Requirements
| Property |
Value |
| Multivalued |
Yes |
Aliases
Schema Source
Mappings
| Mapping Type |
Mapped Value |
| self |
ocsf:packet_list |
| native |
ocsf:packet_list |
LinkML Source
name: packet_list
description: The list of packet objects describing captured network packets.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Packets
rank: 1000
alias: packet_list
domain_of:
- NetworkEvent
range: Packet
multivalued: true