Class: WindowsProcessFacet
"A Windows process facet is a grouping of characteristics unique to a program running on a Windows operating system."
URI: observable:WindowsProcessFacet
classDiagram
class WindowsProcessFacet
Facet <|-- WindowsProcessFacet
WindowsProcessFacet : aslrEnabled
WindowsProcessFacet ..> boolean type : aslrEnabled
WindowsProcessFacet : depEnabled
WindowsProcessFacet ..> boolean type : depEnabled
WindowsProcessFacet : ownerSID
WindowsProcessFacet ..> string : ownerSID
WindowsProcessFacet : priority
WindowsProcessFacet ..> string : priority
WindowsProcessFacet : startupInfo
WindowsProcessFacet ..> Dictionary : startupInfo
WindowsProcessFacet : windowTitle
WindowsProcessFacet ..> string : windowTitle
Inheritance
- UcoThing
- UcoInherentCharacterizationThing
- Facet
- WindowsProcessFacet
- Facet
- UcoInherentCharacterizationThing
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| startupInfo | 0..1 Dictionary |
direct | |
| aslrEnabled | 0..1 BooleanType |
direct | |
| depEnabled | 0..1 BooleanType |
direct | |
| ownerSID | 0..1 xsd:string |
direct | |
| priority | 0..1 xsd:string |
"The priority of the email | direct |
| windowTitle | 0..1 xsd:string |
direct |
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/uco-observable
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | observable:WindowsProcessFacet |
| native | observable:WindowsProcessFacet |
LinkML Source
Direct
name: WindowsProcessFacet
description: '"A Windows process facet is a grouping of characteristics unique to
a program running on a Windows operating system."'
in_subset:
- microsoft
from_schema: https://w3id.org/lmodel/uco-observable
rank: 1000
is_a: Facet
slots:
- startupInfo
- aslrEnabled
- depEnabled
- ownerSID
- priority
- windowTitle
Induced
name: WindowsProcessFacet
description: '"A Windows process facet is a grouping of characteristics unique to
a program running on a Windows operating system."'
in_subset:
- microsoft
from_schema: https://w3id.org/lmodel/uco-observable
rank: 1000
is_a: Facet
attributes:
startupInfo:
name: startupInfo
description: ''
from_schema: https://w3id.org/lmodel/uco-observable
rank: 1000
alias: startupInfo
owner: WindowsProcessFacet
domain_of:
- WindowsProcessFacet
range: Dictionary
aslrEnabled:
name: aslrEnabled
from_schema: https://w3id.org/lmodel/uco-observable
rank: 1000
alias: aslrEnabled
owner: WindowsProcessFacet
domain_of:
- WindowsProcessFacet
range: boolean type
depEnabled:
name: depEnabled
from_schema: https://w3id.org/lmodel/uco-observable
rank: 1000
alias: depEnabled
owner: WindowsProcessFacet
domain_of:
- WindowsProcessFacet
range: boolean type
ownerSID:
name: ownerSID
from_schema: https://w3id.org/lmodel/uco-observable
rank: 1000
alias: ownerSID
owner: WindowsProcessFacet
domain_of:
- WindowsProcessFacet
range: string
priority:
name: priority
description: '"The priority of the email."'
from_schema: https://w3id.org/lmodel/uco-observable
rank: 1000
alias: priority
owner: WindowsProcessFacet
domain_of:
- EmailMessageFacet
- WindowsProcessFacet
- WindowsTaskFacet
- WindowsThreadFacet
union_of:
- '{''range'': ''TaskPriorityVocab''}'
- '{''range'': ''integer''}'
- '{''range'': ''string type''}'
range: string
windowTitle:
name: windowTitle
from_schema: https://w3id.org/lmodel/uco-observable
rank: 1000
alias: windowTitle
owner: WindowsProcessFacet
domain_of:
- WindowsProcessFacet
range: string