v1

package
v0.0.4-alpha Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2025 License: Apache-2.0 Imports: 6 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	FileActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	FileActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for FileActivity_ActionId.

View Source 
var (
	FileActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_READ",
		3:  "ACTIVITY_ID_UPDATE",
		4:  "ACTIVITY_ID_DELETE",
		5:  "ACTIVITY_ID_RENAME",
		6:  "ACTIVITY_ID_SET_ATTRIBUTES",
		7:  "ACTIVITY_ID_SET_SECURITY",
		8:  "ACTIVITY_ID_GET_ATTRIBUTES",
		9:  "ACTIVITY_ID_GET_SECURITY",
		10: "ACTIVITY_ID_ENCRYPT",
		11: "ACTIVITY_ID_DECRYPT",
		12: "ACTIVITY_ID_MOUNT",
		13: "ACTIVITY_ID_UNMOUNT",
		14: "ACTIVITY_ID_OPEN",
		99: "ACTIVITY_ID_OTHER",
	}
	FileActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":        0,
		"ACTIVITY_ID_CREATE":         1,
		"ACTIVITY_ID_READ":           2,
		"ACTIVITY_ID_UPDATE":         3,
		"ACTIVITY_ID_DELETE":         4,
		"ACTIVITY_ID_RENAME":         5,
		"ACTIVITY_ID_SET_ATTRIBUTES": 6,
		"ACTIVITY_ID_SET_SECURITY":   7,
		"ACTIVITY_ID_GET_ATTRIBUTES": 8,
		"ACTIVITY_ID_GET_SECURITY":   9,
		"ACTIVITY_ID_ENCRYPT":        10,
		"ACTIVITY_ID_DECRYPT":        11,
		"ACTIVITY_ID_MOUNT":          12,
		"ACTIVITY_ID_UNMOUNT":        13,
		"ACTIVITY_ID_OPEN":           14,
		"ACTIVITY_ID_OTHER":          99,
	}
)

Enum value maps for FileActivity_ActivityId.

View Source 
var (
	FileActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	FileActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for FileActivity_CategoryUid.

View Source 
var (
	FileActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		1001: "CLASS_UID_FILE_SYSTEM_ACTIVITY",
	}
	FileActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":              0,
		"CLASS_UID_FILE_SYSTEM_ACTIVITY": 1001,
	}
)

Enum value maps for FileActivity_ClassUid.

View Source 
var (
	FileActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	FileActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for FileActivity_DispositionId.

View Source 
var (
	FileActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	FileActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for FileActivity_SeverityId.

View Source 
var (
	FileActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	FileActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for FileActivity_StatusId.

View Source 
var (
	RegistryKeyActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	RegistryKeyActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for RegistryKeyActivity_ActionId.

View Source 
var (
	RegistryKeyActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_READ",
		3:  "ACTIVITY_ID_MODIFY",
		4:  "ACTIVITY_ID_DELETE",
		5:  "ACTIVITY_ID_RENAME",
		6:  "ACTIVITY_ID_SET_SECURITY",
		7:  "ACTIVITY_ID_RESTORE",
		8:  "ACTIVITY_ID_IMPORT",
		9:  "ACTIVITY_ID_EXPORT",
		99: "ACTIVITY_ID_OTHER",
	}
	RegistryKeyActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":      0,
		"ACTIVITY_ID_CREATE":       1,
		"ACTIVITY_ID_READ":         2,
		"ACTIVITY_ID_MODIFY":       3,
		"ACTIVITY_ID_DELETE":       4,
		"ACTIVITY_ID_RENAME":       5,
		"ACTIVITY_ID_SET_SECURITY": 6,
		"ACTIVITY_ID_RESTORE":      7,
		"ACTIVITY_ID_IMPORT":       8,
		"ACTIVITY_ID_EXPORT":       9,
		"ACTIVITY_ID_OTHER":        99,
	}
)

Enum value maps for RegistryKeyActivity_ActivityId.

View Source 
var (
	RegistryKeyActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	RegistryKeyActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for RegistryKeyActivity_CategoryUid.

View Source 
var (
	RegistryKeyActivity_ClassUid_name = map[int32]string{
		0:      "CLASS_UID_UNKNOWN",
		201001: "CLASS_UID_REGISTRY_KEY_ACTIVITY",
	}
	RegistryKeyActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":               0,
		"CLASS_UID_REGISTRY_KEY_ACTIVITY": 201001,
	}
)

Enum value maps for RegistryKeyActivity_ClassUid.

View Source 
var (
	RegistryKeyActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	RegistryKeyActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for RegistryKeyActivity_DispositionId.

View Source 
var (
	RegistryKeyActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	RegistryKeyActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for RegistryKeyActivity_SeverityId.

View Source 
var (
	RegistryKeyActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	RegistryKeyActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for RegistryKeyActivity_StatusId.

View Source 
var (
	RegistryValueActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	RegistryValueActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for RegistryValueActivity_ActionId.

View Source 
var (
	RegistryValueActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_GET",
		2:  "ACTIVITY_ID_SET",
		3:  "ACTIVITY_ID_MODIFY",
		4:  "ACTIVITY_ID_DELETE",
		99: "ACTIVITY_ID_OTHER",
	}
	RegistryValueActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_GET":     1,
		"ACTIVITY_ID_SET":     2,
		"ACTIVITY_ID_MODIFY":  3,
		"ACTIVITY_ID_DELETE":  4,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for RegistryValueActivity_ActivityId.

View Source 
var (
	RegistryValueActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	RegistryValueActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for RegistryValueActivity_CategoryUid.

View Source 
var (
	RegistryValueActivity_ClassUid_name = map[int32]string{
		0:      "CLASS_UID_UNKNOWN",
		201002: "CLASS_UID_REGISTRY_VALUE_ACTIVITY",
	}
	RegistryValueActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                 0,
		"CLASS_UID_REGISTRY_VALUE_ACTIVITY": 201002,
	}
)

Enum value maps for RegistryValueActivity_ClassUid.

View Source 
var (
	RegistryValueActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	RegistryValueActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for RegistryValueActivity_DispositionId.

View Source 
var (
	RegistryValueActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	RegistryValueActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for RegistryValueActivity_SeverityId.

View Source 
var (
	RegistryValueActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	RegistryValueActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for RegistryValueActivity_StatusId.

View Source 
var (
	KernelExtension_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	KernelExtension_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for KernelExtension_ActionId.

View Source 
var (
	KernelExtension_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LOAD",
		2:  "ACTIVITY_ID_UNLOAD",
		99: "ACTIVITY_ID_OTHER",
	}
	KernelExtension_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_LOAD":    1,
		"ACTIVITY_ID_UNLOAD":  2,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for KernelExtension_ActivityId.

View Source 
var (
	KernelExtension_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	KernelExtension_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for KernelExtension_CategoryUid.

View Source 
var (
	KernelExtension_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		1002: "CLASS_UID_KERNEL_EXTENSION_ACTIVITY",
	}
	KernelExtension_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                   0,
		"CLASS_UID_KERNEL_EXTENSION_ACTIVITY": 1002,
	}
)

Enum value maps for KernelExtension_ClassUid.

View Source 
var (
	KernelExtension_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	KernelExtension_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for KernelExtension_DispositionId.

View Source 
var (
	KernelExtension_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	KernelExtension_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for KernelExtension_SeverityId.

View Source 
var (
	KernelExtension_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	KernelExtension_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for KernelExtension_StatusId.

View Source 
var (
	KernelActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	KernelActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for KernelActivity_ActionId.

View Source 
var (
	KernelActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_READ",
		3:  "ACTIVITY_ID_DELETE",
		4:  "ACTIVITY_ID_INVOKE",
		99: "ACTIVITY_ID_OTHER",
	}
	KernelActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_READ":    2,
		"ACTIVITY_ID_DELETE":  3,
		"ACTIVITY_ID_INVOKE":  4,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for KernelActivity_ActivityId.

View Source 
var (
	KernelActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	KernelActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for KernelActivity_CategoryUid.

View Source 
var (
	KernelActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		1003: "CLASS_UID_KERNEL_ACTIVITY",
	}
	KernelActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":         0,
		"CLASS_UID_KERNEL_ACTIVITY": 1003,
	}
)

Enum value maps for KernelActivity_ClassUid.

View Source 
var (
	KernelActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	KernelActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for KernelActivity_DispositionId.

View Source 
var (
	KernelActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	KernelActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for KernelActivity_SeverityId.

View Source 
var (
	KernelActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	KernelActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for KernelActivity_StatusId.

View Source 
var (
	ResourceActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	ResourceActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for ResourceActivity_ActionId.

View Source 
var (
	ResourceActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_ACCESS",
		99: "ACTIVITY_ID_OTHER",
	}
	ResourceActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_ACCESS":  1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ResourceActivity_ActivityId.

View Source 
var (
	ResourceActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	ResourceActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for ResourceActivity_CategoryUid.

View Source 
var (
	ResourceActivity_ClassUid_name = map[int32]string{
		0:      "CLASS_UID_UNKNOWN",
		201003: "CLASS_UID_WINDOWS_RESOURCE_ACTIVITY",
	}
	ResourceActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                   0,
		"CLASS_UID_WINDOWS_RESOURCE_ACTIVITY": 201003,
	}
)

Enum value maps for ResourceActivity_ClassUid.

View Source 
var (
	ResourceActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	ResourceActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for ResourceActivity_DispositionId.

View Source 
var (
	ResourceActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ResourceActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ResourceActivity_SeverityId.

View Source 
var (
	ResourceActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ResourceActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ResourceActivity_StatusId.

View Source 
var (
	MemoryActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	MemoryActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for MemoryActivity_ActionId.

View Source 
var (
	MemoryActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_ALLOCATE_PAGE",
		2:  "ACTIVITY_ID_MODIFY_PAGE",
		3:  "ACTIVITY_ID_DELETE_PAGE",
		4:  "ACTIVITY_ID_BUFFER_OVERFLOW",
		5:  "ACTIVITY_ID_DISABLE_DEP",
		6:  "ACTIVITY_ID_ENABLE_DEP",
		7:  "ACTIVITY_ID_READ",
		8:  "ACTIVITY_ID_WRITE",
		99: "ACTIVITY_ID_OTHER",
	}
	MemoryActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":         0,
		"ACTIVITY_ID_ALLOCATE_PAGE":   1,
		"ACTIVITY_ID_MODIFY_PAGE":     2,
		"ACTIVITY_ID_DELETE_PAGE":     3,
		"ACTIVITY_ID_BUFFER_OVERFLOW": 4,
		"ACTIVITY_ID_DISABLE_DEP":     5,
		"ACTIVITY_ID_ENABLE_DEP":      6,
		"ACTIVITY_ID_READ":            7,
		"ACTIVITY_ID_WRITE":           8,
		"ACTIVITY_ID_OTHER":           99,
	}
)

Enum value maps for MemoryActivity_ActivityId.

View Source 
var (
	MemoryActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	MemoryActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for MemoryActivity_CategoryUid.

View Source 
var (
	MemoryActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		1004: "CLASS_UID_MEMORY_ACTIVITY",
	}
	MemoryActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":         0,
		"CLASS_UID_MEMORY_ACTIVITY": 1004,
	}
)

Enum value maps for MemoryActivity_ClassUid.

View Source 
var (
	MemoryActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	MemoryActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for MemoryActivity_DispositionId.

View Source 
var (
	MemoryActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	MemoryActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for MemoryActivity_SeverityId.

View Source 
var (
	MemoryActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	MemoryActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for MemoryActivity_StatusId.

View Source 
var (
	ModuleActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	ModuleActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for ModuleActivity_ActionId.

View Source 
var (
	ModuleActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LOAD",
		2:  "ACTIVITY_ID_UNLOAD",
		99: "ACTIVITY_ID_OTHER",
	}
	ModuleActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_LOAD":    1,
		"ACTIVITY_ID_UNLOAD":  2,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ModuleActivity_ActivityId.

View Source 
var (
	ModuleActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	ModuleActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for ModuleActivity_CategoryUid.

View Source 
var (
	ModuleActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		1005: "CLASS_UID_MODULE_ACTIVITY",
	}
	ModuleActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":         0,
		"CLASS_UID_MODULE_ACTIVITY": 1005,
	}
)

Enum value maps for ModuleActivity_ClassUid.

View Source 
var (
	ModuleActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	ModuleActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for ModuleActivity_DispositionId.

View Source 
var (
	ModuleActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ModuleActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ModuleActivity_SeverityId.

View Source 
var (
	ModuleActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ModuleActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ModuleActivity_StatusId.

View Source 
var (
	ScheduledJobActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	ScheduledJobActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for ScheduledJobActivity_ActionId.

View Source 
var (
	ScheduledJobActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_UPDATE",
		3:  "ACTIVITY_ID_DELETE",
		4:  "ACTIVITY_ID_ENABLE",
		5:  "ACTIVITY_ID_DISABLE",
		6:  "ACTIVITY_ID_START",
		99: "ACTIVITY_ID_OTHER",
	}
	ScheduledJobActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_UPDATE":  2,
		"ACTIVITY_ID_DELETE":  3,
		"ACTIVITY_ID_ENABLE":  4,
		"ACTIVITY_ID_DISABLE": 5,
		"ACTIVITY_ID_START":   6,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ScheduledJobActivity_ActivityId.

View Source 
var (
	ScheduledJobActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	ScheduledJobActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for ScheduledJobActivity_CategoryUid.

View Source 
var (
	ScheduledJobActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		1006: "CLASS_UID_SCHEDULED_JOB_ACTIVITY",
	}
	ScheduledJobActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                0,
		"CLASS_UID_SCHEDULED_JOB_ACTIVITY": 1006,
	}
)

Enum value maps for ScheduledJobActivity_ClassUid.

View Source 
var (
	ScheduledJobActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	ScheduledJobActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for ScheduledJobActivity_DispositionId.

View Source 
var (
	ScheduledJobActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ScheduledJobActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ScheduledJobActivity_SeverityId.

View Source 
var (
	ScheduledJobActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ScheduledJobActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ScheduledJobActivity_StatusId.

View Source 
var (
	ProcessActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	ProcessActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for ProcessActivity_ActionId.

View Source 
var (
	ProcessActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LAUNCH",
		2:  "ACTIVITY_ID_TERMINATE",
		3:  "ACTIVITY_ID_OPEN",
		4:  "ACTIVITY_ID_INJECT",
		5:  "ACTIVITY_ID_SET_USER_ID",
		99: "ACTIVITY_ID_OTHER",
	}
	ProcessActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":     0,
		"ACTIVITY_ID_LAUNCH":      1,
		"ACTIVITY_ID_TERMINATE":   2,
		"ACTIVITY_ID_OPEN":        3,
		"ACTIVITY_ID_INJECT":      4,
		"ACTIVITY_ID_SET_USER_ID": 5,
		"ACTIVITY_ID_OTHER":       99,
	}
)

Enum value maps for ProcessActivity_ActivityId.

View Source 
var (
	ProcessActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		1: "CATEGORY_UID_SYSTEM_ACTIVITY",
	}
	ProcessActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":         0,
		"CATEGORY_UID_SYSTEM_ACTIVITY": 1,
	}
)

Enum value maps for ProcessActivity_CategoryUid.

View Source 
var (
	ProcessActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		1007: "CLASS_UID_PROCESS_ACTIVITY",
	}
	ProcessActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":          0,
		"CLASS_UID_PROCESS_ACTIVITY": 1007,
	}
)

Enum value maps for ProcessActivity_ClassUid.

View Source 
var (
	ProcessActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	ProcessActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for ProcessActivity_DispositionId.

View Source 
var (
	ProcessActivity_InjectionTypeId_name = map[int32]string{
		0:  "INJECTION_TYPE_ID_UNKNOWN",
		1:  "INJECTION_TYPE_ID_REMOTE_THREAD",
		2:  "INJECTION_TYPE_ID_LOAD_LIBRARY",
		99: "INJECTION_TYPE_ID_OTHER",
	}
	ProcessActivity_InjectionTypeId_value = map[string]int32{
		"INJECTION_TYPE_ID_UNKNOWN":       0,
		"INJECTION_TYPE_ID_REMOTE_THREAD": 1,
		"INJECTION_TYPE_ID_LOAD_LIBRARY":  2,
		"INJECTION_TYPE_ID_OTHER":         99,
	}
)

Enum value maps for ProcessActivity_InjectionTypeId.

View Source 
var (
	ProcessActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ProcessActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ProcessActivity_SeverityId.

View Source 
var (
	ProcessActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ProcessActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ProcessActivity_StatusId.

View Source 
var (
	SecurityFinding_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_UPDATE",
		3:  "ACTIVITY_ID_CLOSE",
		99: "ACTIVITY_ID_OTHER",
	}
	SecurityFinding_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_UPDATE":  2,
		"ACTIVITY_ID_CLOSE":   3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for SecurityFinding_ActivityId.

View Source 
var (
	SecurityFinding_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		2: "CATEGORY_UID_FINDINGS",
	}
	SecurityFinding_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":  0,
		"CATEGORY_UID_FINDINGS": 2,
	}
)

Enum value maps for SecurityFinding_CategoryUid.

View Source 
var (
	SecurityFinding_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		2001: "CLASS_UID_SECURITY_FINDING",
	}
	SecurityFinding_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":          0,
		"CLASS_UID_SECURITY_FINDING": 2001,
	}
)

Enum value maps for SecurityFinding_ClassUid.

View Source 
var (
	SecurityFinding_ConfidenceId_name = map[int32]string{
		0:  "CONFIDENCE_ID_UNKNOWN",
		1:  "CONFIDENCE_ID_LOW",
		2:  "CONFIDENCE_ID_MEDIUM",
		3:  "CONFIDENCE_ID_HIGH",
		99: "CONFIDENCE_ID_OTHER",
	}
	SecurityFinding_ConfidenceId_value = map[string]int32{
		"CONFIDENCE_ID_UNKNOWN": 0,
		"CONFIDENCE_ID_LOW":     1,
		"CONFIDENCE_ID_MEDIUM":  2,
		"CONFIDENCE_ID_HIGH":    3,
		"CONFIDENCE_ID_OTHER":   99,
	}
)

Enum value maps for SecurityFinding_ConfidenceId.

View Source 
var (
	SecurityFinding_ImpactId_name = map[int32]string{
		0:  "IMPACT_ID_UNKNOWN",
		1:  "IMPACT_ID_LOW",
		2:  "IMPACT_ID_MEDIUM",
		3:  "IMPACT_ID_HIGH",
		4:  "IMPACT_ID_CRITICAL",
		99: "IMPACT_ID_OTHER",
	}
	SecurityFinding_ImpactId_value = map[string]int32{
		"IMPACT_ID_UNKNOWN":  0,
		"IMPACT_ID_LOW":      1,
		"IMPACT_ID_MEDIUM":   2,
		"IMPACT_ID_HIGH":     3,
		"IMPACT_ID_CRITICAL": 4,
		"IMPACT_ID_OTHER":    99,
	}
)

Enum value maps for SecurityFinding_ImpactId.

View Source 
var (
	SecurityFinding_RiskLevelId_name = map[int32]string{
		0: "RISK_LEVEL_ID_INFO",
		1: "RISK_LEVEL_ID_LOW",
		2: "RISK_LEVEL_ID_MEDIUM",
		3: "RISK_LEVEL_ID_HIGH",
		4: "RISK_LEVEL_ID_CRITICAL",
	}
	SecurityFinding_RiskLevelId_value = map[string]int32{
		"RISK_LEVEL_ID_INFO":     0,
		"RISK_LEVEL_ID_LOW":      1,
		"RISK_LEVEL_ID_MEDIUM":   2,
		"RISK_LEVEL_ID_HIGH":     3,
		"RISK_LEVEL_ID_CRITICAL": 4,
	}
)

Enum value maps for SecurityFinding_RiskLevelId.

View Source 
var (
	SecurityFinding_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	SecurityFinding_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for SecurityFinding_SeverityId.

View Source 
var (
	SecurityFinding_StateId_name = map[int32]string{
		0:  "STATE_ID_UNKNOWN",
		1:  "STATE_ID_NEW",
		2:  "STATE_ID_IN_PROGRESS",
		3:  "STATE_ID_SUPPRESSED",
		4:  "STATE_ID_RESOLVED",
		99: "STATE_ID_OTHER",
	}
	SecurityFinding_StateId_value = map[string]int32{
		"STATE_ID_UNKNOWN":     0,
		"STATE_ID_NEW":         1,
		"STATE_ID_IN_PROGRESS": 2,
		"STATE_ID_SUPPRESSED":  3,
		"STATE_ID_RESOLVED":    4,
		"STATE_ID_OTHER":       99,
	}
)

Enum value maps for SecurityFinding_StateId.

View Source 
var (
	SecurityFinding_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	SecurityFinding_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for SecurityFinding_StatusId.

View Source 
var (
	VulnerabilityFinding_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_UPDATE",
		3:  "ACTIVITY_ID_CLOSE",
		99: "ACTIVITY_ID_OTHER",
	}
	VulnerabilityFinding_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_UPDATE":  2,
		"ACTIVITY_ID_CLOSE":   3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for VulnerabilityFinding_ActivityId.

View Source 
var (
	VulnerabilityFinding_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		2: "CATEGORY_UID_FINDINGS",
	}
	VulnerabilityFinding_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":  0,
		"CATEGORY_UID_FINDINGS": 2,
	}
)

Enum value maps for VulnerabilityFinding_CategoryUid.

View Source 
var (
	VulnerabilityFinding_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		2002: "CLASS_UID_VULNERABILITY_FINDING",
	}
	VulnerabilityFinding_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":               0,
		"CLASS_UID_VULNERABILITY_FINDING": 2002,
	}
)

Enum value maps for VulnerabilityFinding_ClassUid.

View Source 
var (
	VulnerabilityFinding_ConfidenceId_name = map[int32]string{
		0:  "CONFIDENCE_ID_UNKNOWN",
		1:  "CONFIDENCE_ID_LOW",
		2:  "CONFIDENCE_ID_MEDIUM",
		3:  "CONFIDENCE_ID_HIGH",
		99: "CONFIDENCE_ID_OTHER",
	}
	VulnerabilityFinding_ConfidenceId_value = map[string]int32{
		"CONFIDENCE_ID_UNKNOWN": 0,
		"CONFIDENCE_ID_LOW":     1,
		"CONFIDENCE_ID_MEDIUM":  2,
		"CONFIDENCE_ID_HIGH":    3,
		"CONFIDENCE_ID_OTHER":   99,
	}
)

Enum value maps for VulnerabilityFinding_ConfidenceId.

View Source 
var (
	VulnerabilityFinding_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	VulnerabilityFinding_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for VulnerabilityFinding_SeverityId.

View Source 
var (
	VulnerabilityFinding_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_NEW",
		2:  "STATUS_ID_IN_PROGRESS",
		3:  "STATUS_ID_SUPPRESSED",
		4:  "STATUS_ID_RESOLVED",
		99: "STATUS_ID_OTHER",
	}
	VulnerabilityFinding_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN":     0,
		"STATUS_ID_NEW":         1,
		"STATUS_ID_IN_PROGRESS": 2,
		"STATUS_ID_SUPPRESSED":  3,
		"STATUS_ID_RESOLVED":    4,
		"STATUS_ID_OTHER":       99,
	}
)

Enum value maps for VulnerabilityFinding_StatusId.

View Source 
var (
	ComplianceFinding_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_UPDATE",
		3:  "ACTIVITY_ID_CLOSE",
		99: "ACTIVITY_ID_OTHER",
	}
	ComplianceFinding_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_UPDATE":  2,
		"ACTIVITY_ID_CLOSE":   3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ComplianceFinding_ActivityId.

View Source 
var (
	ComplianceFinding_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		2: "CATEGORY_UID_FINDINGS",
	}
	ComplianceFinding_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":  0,
		"CATEGORY_UID_FINDINGS": 2,
	}
)

Enum value maps for ComplianceFinding_CategoryUid.

View Source 
var (
	ComplianceFinding_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		2003: "CLASS_UID_COMPLIANCE_FINDING",
	}
	ComplianceFinding_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":            0,
		"CLASS_UID_COMPLIANCE_FINDING": 2003,
	}
)

Enum value maps for ComplianceFinding_ClassUid.

View Source 
var (
	ComplianceFinding_ConfidenceId_name = map[int32]string{
		0:  "CONFIDENCE_ID_UNKNOWN",
		1:  "CONFIDENCE_ID_LOW",
		2:  "CONFIDENCE_ID_MEDIUM",
		3:  "CONFIDENCE_ID_HIGH",
		99: "CONFIDENCE_ID_OTHER",
	}
	ComplianceFinding_ConfidenceId_value = map[string]int32{
		"CONFIDENCE_ID_UNKNOWN": 0,
		"CONFIDENCE_ID_LOW":     1,
		"CONFIDENCE_ID_MEDIUM":  2,
		"CONFIDENCE_ID_HIGH":    3,
		"CONFIDENCE_ID_OTHER":   99,
	}
)

Enum value maps for ComplianceFinding_ConfidenceId.

View Source 
var (
	ComplianceFinding_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ComplianceFinding_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ComplianceFinding_SeverityId.

View Source 
var (
	ComplianceFinding_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_NEW",
		2:  "STATUS_ID_IN_PROGRESS",
		3:  "STATUS_ID_SUPPRESSED",
		4:  "STATUS_ID_RESOLVED",
		99: "STATUS_ID_OTHER",
	}
	ComplianceFinding_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN":     0,
		"STATUS_ID_NEW":         1,
		"STATUS_ID_IN_PROGRESS": 2,
		"STATUS_ID_SUPPRESSED":  3,
		"STATUS_ID_RESOLVED":    4,
		"STATUS_ID_OTHER":       99,
	}
)

Enum value maps for ComplianceFinding_StatusId.

View Source 
var (
	DetectionFinding_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	DetectionFinding_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for DetectionFinding_ActionId.

View Source 
var (
	DetectionFinding_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_UPDATE",
		3:  "ACTIVITY_ID_CLOSE",
		99: "ACTIVITY_ID_OTHER",
	}
	DetectionFinding_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_UPDATE":  2,
		"ACTIVITY_ID_CLOSE":   3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for DetectionFinding_ActivityId.

View Source 
var (
	DetectionFinding_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		2: "CATEGORY_UID_FINDINGS",
	}
	DetectionFinding_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":  0,
		"CATEGORY_UID_FINDINGS": 2,
	}
)

Enum value maps for DetectionFinding_CategoryUid.

View Source 
var (
	DetectionFinding_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		2004: "CLASS_UID_DETECTION_FINDING",
	}
	DetectionFinding_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":           0,
		"CLASS_UID_DETECTION_FINDING": 2004,
	}
)

Enum value maps for DetectionFinding_ClassUid.

View Source 
var (
	DetectionFinding_ConfidenceId_name = map[int32]string{
		0:  "CONFIDENCE_ID_UNKNOWN",
		1:  "CONFIDENCE_ID_LOW",
		2:  "CONFIDENCE_ID_MEDIUM",
		3:  "CONFIDENCE_ID_HIGH",
		99: "CONFIDENCE_ID_OTHER",
	}
	DetectionFinding_ConfidenceId_value = map[string]int32{
		"CONFIDENCE_ID_UNKNOWN": 0,
		"CONFIDENCE_ID_LOW":     1,
		"CONFIDENCE_ID_MEDIUM":  2,
		"CONFIDENCE_ID_HIGH":    3,
		"CONFIDENCE_ID_OTHER":   99,
	}
)

Enum value maps for DetectionFinding_ConfidenceId.

View Source 
var (
	DetectionFinding_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	DetectionFinding_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for DetectionFinding_DispositionId.

View Source 
var (
	DetectionFinding_ImpactId_name = map[int32]string{
		0:  "IMPACT_ID_UNKNOWN",
		1:  "IMPACT_ID_LOW",
		2:  "IMPACT_ID_MEDIUM",
		3:  "IMPACT_ID_HIGH",
		4:  "IMPACT_ID_CRITICAL",
		99: "IMPACT_ID_OTHER",
	}
	DetectionFinding_ImpactId_value = map[string]int32{
		"IMPACT_ID_UNKNOWN":  0,
		"IMPACT_ID_LOW":      1,
		"IMPACT_ID_MEDIUM":   2,
		"IMPACT_ID_HIGH":     3,
		"IMPACT_ID_CRITICAL": 4,
		"IMPACT_ID_OTHER":    99,
	}
)

Enum value maps for DetectionFinding_ImpactId.

View Source 
var (
	DetectionFinding_RiskLevelId_name = map[int32]string{
		0: "RISK_LEVEL_ID_INFO",
		1: "RISK_LEVEL_ID_LOW",
		2: "RISK_LEVEL_ID_MEDIUM",
		3: "RISK_LEVEL_ID_HIGH",
		4: "RISK_LEVEL_ID_CRITICAL",
	}
	DetectionFinding_RiskLevelId_value = map[string]int32{
		"RISK_LEVEL_ID_INFO":     0,
		"RISK_LEVEL_ID_LOW":      1,
		"RISK_LEVEL_ID_MEDIUM":   2,
		"RISK_LEVEL_ID_HIGH":     3,
		"RISK_LEVEL_ID_CRITICAL": 4,
	}
)

Enum value maps for DetectionFinding_RiskLevelId.

View Source 
var (
	DetectionFinding_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	DetectionFinding_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for DetectionFinding_SeverityId.

View Source 
var (
	DetectionFinding_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_NEW",
		2:  "STATUS_ID_IN_PROGRESS",
		3:  "STATUS_ID_SUPPRESSED",
		4:  "STATUS_ID_RESOLVED",
		99: "STATUS_ID_OTHER",
	}
	DetectionFinding_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN":     0,
		"STATUS_ID_NEW":         1,
		"STATUS_ID_IN_PROGRESS": 2,
		"STATUS_ID_SUPPRESSED":  3,
		"STATUS_ID_RESOLVED":    4,
		"STATUS_ID_OTHER":       99,
	}
)

Enum value maps for DetectionFinding_StatusId.

View Source 
var (
	IncidentFinding_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_UPDATE",
		3:  "ACTIVITY_ID_CLOSE",
		99: "ACTIVITY_ID_OTHER",
	}
	IncidentFinding_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_UPDATE":  2,
		"ACTIVITY_ID_CLOSE":   3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for IncidentFinding_ActivityId.

View Source 
var (
	IncidentFinding_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		2: "CATEGORY_UID_FINDINGS",
	}
	IncidentFinding_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":  0,
		"CATEGORY_UID_FINDINGS": 2,
	}
)

Enum value maps for IncidentFinding_CategoryUid.

View Source 
var (
	IncidentFinding_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		2005: "CLASS_UID_INCIDENT_FINDING",
	}
	IncidentFinding_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":          0,
		"CLASS_UID_INCIDENT_FINDING": 2005,
	}
)

Enum value maps for IncidentFinding_ClassUid.

View Source 
var (
	IncidentFinding_ConfidenceId_name = map[int32]string{
		0:  "CONFIDENCE_ID_UNKNOWN",
		1:  "CONFIDENCE_ID_LOW",
		2:  "CONFIDENCE_ID_MEDIUM",
		3:  "CONFIDENCE_ID_HIGH",
		99: "CONFIDENCE_ID_OTHER",
	}
	IncidentFinding_ConfidenceId_value = map[string]int32{
		"CONFIDENCE_ID_UNKNOWN": 0,
		"CONFIDENCE_ID_LOW":     1,
		"CONFIDENCE_ID_MEDIUM":  2,
		"CONFIDENCE_ID_HIGH":    3,
		"CONFIDENCE_ID_OTHER":   99,
	}
)

Enum value maps for IncidentFinding_ConfidenceId.

View Source 
var (
	IncidentFinding_ImpactId_name = map[int32]string{
		0:  "IMPACT_ID_UNKNOWN",
		1:  "IMPACT_ID_LOW",
		2:  "IMPACT_ID_MEDIUM",
		3:  "IMPACT_ID_HIGH",
		4:  "IMPACT_ID_CRITICAL",
		99: "IMPACT_ID_OTHER",
	}
	IncidentFinding_ImpactId_value = map[string]int32{
		"IMPACT_ID_UNKNOWN":  0,
		"IMPACT_ID_LOW":      1,
		"IMPACT_ID_MEDIUM":   2,
		"IMPACT_ID_HIGH":     3,
		"IMPACT_ID_CRITICAL": 4,
		"IMPACT_ID_OTHER":    99,
	}
)

Enum value maps for IncidentFinding_ImpactId.

View Source 
var (
	IncidentFinding_PriorityId_name = map[int32]string{
		0:  "PRIORITY_ID_UNKNOWN",
		1:  "PRIORITY_ID_LOW",
		2:  "PRIORITY_ID_MEDIUM",
		3:  "PRIORITY_ID_HIGH",
		4:  "PRIORITY_ID_CRITICAL",
		99: "PRIORITY_ID_OTHER",
	}
	IncidentFinding_PriorityId_value = map[string]int32{
		"PRIORITY_ID_UNKNOWN":  0,
		"PRIORITY_ID_LOW":      1,
		"PRIORITY_ID_MEDIUM":   2,
		"PRIORITY_ID_HIGH":     3,
		"PRIORITY_ID_CRITICAL": 4,
		"PRIORITY_ID_OTHER":    99,
	}
)

Enum value maps for IncidentFinding_PriorityId.

View Source 
var (
	IncidentFinding_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	IncidentFinding_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for IncidentFinding_SeverityId.

View Source 
var (
	IncidentFinding_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_NEW",
		2:  "STATUS_ID_IN_PROGRESS",
		3:  "STATUS_ID_ON_HOLD",
		4:  "STATUS_ID_RESOLVED",
		5:  "STATUS_ID_CLOSED",
		99: "STATUS_ID_OTHER",
	}
	IncidentFinding_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN":     0,
		"STATUS_ID_NEW":         1,
		"STATUS_ID_IN_PROGRESS": 2,
		"STATUS_ID_ON_HOLD":     3,
		"STATUS_ID_RESOLVED":    4,
		"STATUS_ID_CLOSED":      5,
		"STATUS_ID_OTHER":       99,
	}
)

Enum value maps for IncidentFinding_StatusId.

View Source 
var (
	IncidentFinding_VerdictId_name = map[int32]string{
		0:  "VERDICT_ID_UNKNOWN",
		1:  "VERDICT_ID_FALSE_POSITIVE",
		2:  "VERDICT_ID_TRUE_POSITIVE",
		3:  "VERDICT_ID_DISREGARD",
		4:  "VERDICT_ID_SUSPICIOUS",
		5:  "VERDICT_ID_BENIGN",
		6:  "VERDICT_ID_TEST",
		7:  "VERDICT_ID_INSUFFICIENT_DATA",
		8:  "VERDICT_ID_SECURITY_RISK",
		9:  "VERDICT_ID_MANAGED_EXTERNALLY",
		10: "VERDICT_ID_DUPLICATE",
		99: "VERDICT_ID_OTHER",
	}
	IncidentFinding_VerdictId_value = map[string]int32{
		"VERDICT_ID_UNKNOWN":            0,
		"VERDICT_ID_FALSE_POSITIVE":     1,
		"VERDICT_ID_TRUE_POSITIVE":      2,
		"VERDICT_ID_DISREGARD":          3,
		"VERDICT_ID_SUSPICIOUS":         4,
		"VERDICT_ID_BENIGN":             5,
		"VERDICT_ID_TEST":               6,
		"VERDICT_ID_INSUFFICIENT_DATA":  7,
		"VERDICT_ID_SECURITY_RISK":      8,
		"VERDICT_ID_MANAGED_EXTERNALLY": 9,
		"VERDICT_ID_DUPLICATE":          10,
		"VERDICT_ID_OTHER":              99,
	}
)

Enum value maps for IncidentFinding_VerdictId.

View Source 
var (
	DataSecurityFinding_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	DataSecurityFinding_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for DataSecurityFinding_ActionId.

View Source 
var (
	DataSecurityFinding_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_UPDATE",
		3:  "ACTIVITY_ID_CLOSE",
		4:  "ACTIVITY_ID_SUPPRESSED",
		99: "ACTIVITY_ID_OTHER",
	}
	DataSecurityFinding_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":    0,
		"ACTIVITY_ID_CREATE":     1,
		"ACTIVITY_ID_UPDATE":     2,
		"ACTIVITY_ID_CLOSE":      3,
		"ACTIVITY_ID_SUPPRESSED": 4,
		"ACTIVITY_ID_OTHER":      99,
	}
)

Enum value maps for DataSecurityFinding_ActivityId.

View Source 
var (
	DataSecurityFinding_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		2: "CATEGORY_UID_FINDINGS",
	}
	DataSecurityFinding_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":  0,
		"CATEGORY_UID_FINDINGS": 2,
	}
)

Enum value maps for DataSecurityFinding_CategoryUid.

View Source 
var (
	DataSecurityFinding_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		2006: "CLASS_UID_DATA_SECURITY_FINDING",
	}
	DataSecurityFinding_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":               0,
		"CLASS_UID_DATA_SECURITY_FINDING": 2006,
	}
)

Enum value maps for DataSecurityFinding_ClassUid.

View Source 
var (
	DataSecurityFinding_ConfidenceId_name = map[int32]string{
		0:  "CONFIDENCE_ID_UNKNOWN",
		1:  "CONFIDENCE_ID_LOW",
		2:  "CONFIDENCE_ID_MEDIUM",
		3:  "CONFIDENCE_ID_HIGH",
		99: "CONFIDENCE_ID_OTHER",
	}
	DataSecurityFinding_ConfidenceId_value = map[string]int32{
		"CONFIDENCE_ID_UNKNOWN": 0,
		"CONFIDENCE_ID_LOW":     1,
		"CONFIDENCE_ID_MEDIUM":  2,
		"CONFIDENCE_ID_HIGH":    3,
		"CONFIDENCE_ID_OTHER":   99,
	}
)

Enum value maps for DataSecurityFinding_ConfidenceId.

View Source 
var (
	DataSecurityFinding_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	DataSecurityFinding_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for DataSecurityFinding_DispositionId.

View Source 
var (
	DataSecurityFinding_ImpactId_name = map[int32]string{
		0:  "IMPACT_ID_UNKNOWN",
		1:  "IMPACT_ID_LOW",
		2:  "IMPACT_ID_MEDIUM",
		3:  "IMPACT_ID_HIGH",
		4:  "IMPACT_ID_CRITICAL",
		99: "IMPACT_ID_OTHER",
	}
	DataSecurityFinding_ImpactId_value = map[string]int32{
		"IMPACT_ID_UNKNOWN":  0,
		"IMPACT_ID_LOW":      1,
		"IMPACT_ID_MEDIUM":   2,
		"IMPACT_ID_HIGH":     3,
		"IMPACT_ID_CRITICAL": 4,
		"IMPACT_ID_OTHER":    99,
	}
)

Enum value maps for DataSecurityFinding_ImpactId.

View Source 
var (
	DataSecurityFinding_RiskLevelId_name = map[int32]string{
		0: "RISK_LEVEL_ID_INFO",
		1: "RISK_LEVEL_ID_LOW",
		2: "RISK_LEVEL_ID_MEDIUM",
		3: "RISK_LEVEL_ID_HIGH",
		4: "RISK_LEVEL_ID_CRITICAL",
	}
	DataSecurityFinding_RiskLevelId_value = map[string]int32{
		"RISK_LEVEL_ID_INFO":     0,
		"RISK_LEVEL_ID_LOW":      1,
		"RISK_LEVEL_ID_MEDIUM":   2,
		"RISK_LEVEL_ID_HIGH":     3,
		"RISK_LEVEL_ID_CRITICAL": 4,
	}
)

Enum value maps for DataSecurityFinding_RiskLevelId.

View Source 
var (
	DataSecurityFinding_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	DataSecurityFinding_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for DataSecurityFinding_SeverityId.

View Source 
var (
	DataSecurityFinding_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_NEW",
		2:  "STATUS_ID_IN_PROGRESS",
		3:  "STATUS_ID_SUPPRESSED",
		4:  "STATUS_ID_RESOLVED",
		99: "STATUS_ID_OTHER",
	}
	DataSecurityFinding_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN":     0,
		"STATUS_ID_NEW":         1,
		"STATUS_ID_IN_PROGRESS": 2,
		"STATUS_ID_SUPPRESSED":  3,
		"STATUS_ID_RESOLVED":    4,
		"STATUS_ID_OTHER":       99,
	}
)

Enum value maps for DataSecurityFinding_StatusId.

View Source 
var (
	AccountChange_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_ENABLE",
		3:  "ACTIVITY_ID_PASSWORD_CHANGE",
		4:  "ACTIVITY_ID_PASSWORD_RESET",
		5:  "ACTIVITY_ID_DISABLE",
		6:  "ACTIVITY_ID_DELETE",
		7:  "ACTIVITY_ID_ATTACH_POLICY",
		8:  "ACTIVITY_ID_DETACH_POLICY",
		9:  "ACTIVITY_ID_LOCK",
		10: "ACTIVITY_ID_MFA_FACTOR_ENABLE",
		11: "ACTIVITY_ID_MFA_FACTOR_DISABLE",
		99: "ACTIVITY_ID_OTHER",
	}
	AccountChange_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":            0,
		"ACTIVITY_ID_CREATE":             1,
		"ACTIVITY_ID_ENABLE":             2,
		"ACTIVITY_ID_PASSWORD_CHANGE":    3,
		"ACTIVITY_ID_PASSWORD_RESET":     4,
		"ACTIVITY_ID_DISABLE":            5,
		"ACTIVITY_ID_DELETE":             6,
		"ACTIVITY_ID_ATTACH_POLICY":      7,
		"ACTIVITY_ID_DETACH_POLICY":      8,
		"ACTIVITY_ID_LOCK":               9,
		"ACTIVITY_ID_MFA_FACTOR_ENABLE":  10,
		"ACTIVITY_ID_MFA_FACTOR_DISABLE": 11,
		"ACTIVITY_ID_OTHER":              99,
	}
)

Enum value maps for AccountChange_ActivityId.

View Source 
var (
	AccountChange_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		3: "CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT",
	}
	AccountChange_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":                    0,
		"CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT": 3,
	}
)

Enum value maps for AccountChange_CategoryUid.

View Source 
var (
	AccountChange_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		3001: "CLASS_UID_ACCOUNT_CHANGE",
	}
	AccountChange_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":        0,
		"CLASS_UID_ACCOUNT_CHANGE": 3001,
	}
)

Enum value maps for AccountChange_ClassUid.

View Source 
var (
	AccountChange_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	AccountChange_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for AccountChange_SeverityId.

View Source 
var (
	AccountChange_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	AccountChange_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for AccountChange_StatusId.

View Source 
var (
	Authentication_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LOGON",
		2:  "ACTIVITY_ID_LOGOFF",
		3:  "ACTIVITY_ID_AUTHENTICATION_TICKET",
		4:  "ACTIVITY_ID_SERVICE_TICKET_REQUEST",
		5:  "ACTIVITY_ID_SERVICE_TICKET_RENEW",
		6:  "ACTIVITY_ID_PREAUTH",
		99: "ACTIVITY_ID_OTHER",
	}
	Authentication_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":                0,
		"ACTIVITY_ID_LOGON":                  1,
		"ACTIVITY_ID_LOGOFF":                 2,
		"ACTIVITY_ID_AUTHENTICATION_TICKET":  3,
		"ACTIVITY_ID_SERVICE_TICKET_REQUEST": 4,
		"ACTIVITY_ID_SERVICE_TICKET_RENEW":   5,
		"ACTIVITY_ID_PREAUTH":                6,
		"ACTIVITY_ID_OTHER":                  99,
	}
)

Enum value maps for Authentication_ActivityId.

View Source 
var (
	Authentication_AuthProtocolId_name = map[int32]string{
		0:  "AUTH_PROTOCOL_ID_UNKNOWN",
		1:  "AUTH_PROTOCOL_ID_NTLM",
		2:  "AUTH_PROTOCOL_ID_KERBEROS",
		3:  "AUTH_PROTOCOL_ID_DIGEST",
		4:  "AUTH_PROTOCOL_ID_OPENID",
		5:  "AUTH_PROTOCOL_ID_SAML",
		6:  "AUTH_PROTOCOL_ID_OAUTH_2_0",
		7:  "AUTH_PROTOCOL_ID_PAP",
		8:  "AUTH_PROTOCOL_ID_CHAP",
		9:  "AUTH_PROTOCOL_ID_EAP",
		10: "AUTH_PROTOCOL_ID_RADIUS",
		99: "AUTH_PROTOCOL_ID_OTHER",
	}
	Authentication_AuthProtocolId_value = map[string]int32{
		"AUTH_PROTOCOL_ID_UNKNOWN":   0,
		"AUTH_PROTOCOL_ID_NTLM":      1,
		"AUTH_PROTOCOL_ID_KERBEROS":  2,
		"AUTH_PROTOCOL_ID_DIGEST":    3,
		"AUTH_PROTOCOL_ID_OPENID":    4,
		"AUTH_PROTOCOL_ID_SAML":      5,
		"AUTH_PROTOCOL_ID_OAUTH_2_0": 6,
		"AUTH_PROTOCOL_ID_PAP":       7,
		"AUTH_PROTOCOL_ID_CHAP":      8,
		"AUTH_PROTOCOL_ID_EAP":       9,
		"AUTH_PROTOCOL_ID_RADIUS":    10,
		"AUTH_PROTOCOL_ID_OTHER":     99,
	}
)

Enum value maps for Authentication_AuthProtocolId.

View Source 
var (
	Authentication_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		3: "CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT",
	}
	Authentication_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":                    0,
		"CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT": 3,
	}
)

Enum value maps for Authentication_CategoryUid.

View Source 
var (
	Authentication_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		3002: "CLASS_UID_AUTHENTICATION",
	}
	Authentication_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":        0,
		"CLASS_UID_AUTHENTICATION": 3002,
	}
)

Enum value maps for Authentication_ClassUid.

View Source 
var (
	Authentication_LogonTypeId_name = map[int32]string{
		0:  "LOGON_TYPE_ID_UNKNOWN",
		1:  "LOGON_TYPE_ID_SYSTEM",
		2:  "LOGON_TYPE_ID_INTERACTIVE",
		3:  "LOGON_TYPE_ID_NETWORK",
		4:  "LOGON_TYPE_ID_BATCH",
		5:  "LOGON_TYPE_ID_OS_SERVICE",
		7:  "LOGON_TYPE_ID_UNLOCK",
		8:  "LOGON_TYPE_ID_NETWORK_CLEARTEXT",
		9:  "LOGON_TYPE_ID_NEW_CREDENTIALS",
		10: "LOGON_TYPE_ID_REMOTE_INTERACTIVE",
		11: "LOGON_TYPE_ID_CACHED_INTERACTIVE",
		12: "LOGON_TYPE_ID_CACHED_REMOTE_INTERACTIVE",
		13: "LOGON_TYPE_ID_CACHED_UNLOCK",
		99: "LOGON_TYPE_ID_OTHER",
	}
	Authentication_LogonTypeId_value = map[string]int32{
		"LOGON_TYPE_ID_UNKNOWN":                   0,
		"LOGON_TYPE_ID_SYSTEM":                    1,
		"LOGON_TYPE_ID_INTERACTIVE":               2,
		"LOGON_TYPE_ID_NETWORK":                   3,
		"LOGON_TYPE_ID_BATCH":                     4,
		"LOGON_TYPE_ID_OS_SERVICE":                5,
		"LOGON_TYPE_ID_UNLOCK":                    7,
		"LOGON_TYPE_ID_NETWORK_CLEARTEXT":         8,
		"LOGON_TYPE_ID_NEW_CREDENTIALS":           9,
		"LOGON_TYPE_ID_REMOTE_INTERACTIVE":        10,
		"LOGON_TYPE_ID_CACHED_INTERACTIVE":        11,
		"LOGON_TYPE_ID_CACHED_REMOTE_INTERACTIVE": 12,
		"LOGON_TYPE_ID_CACHED_UNLOCK":             13,
		"LOGON_TYPE_ID_OTHER":                     99,
	}
)

Enum value maps for Authentication_LogonTypeId.

View Source 
var (
	Authentication_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	Authentication_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for Authentication_SeverityId.

View Source 
var (
	Authentication_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	Authentication_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for Authentication_StatusId.

View Source 
var (
	AuthorizeSession_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_ASSIGN_PRIVILEGES",
		2:  "ACTIVITY_ID_ASSIGN_GROUPS",
		99: "ACTIVITY_ID_OTHER",
	}
	AuthorizeSession_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":           0,
		"ACTIVITY_ID_ASSIGN_PRIVILEGES": 1,
		"ACTIVITY_ID_ASSIGN_GROUPS":     2,
		"ACTIVITY_ID_OTHER":             99,
	}
)

Enum value maps for AuthorizeSession_ActivityId.

View Source 
var (
	AuthorizeSession_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		3: "CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT",
	}
	AuthorizeSession_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":                    0,
		"CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT": 3,
	}
)

Enum value maps for AuthorizeSession_CategoryUid.

View Source 
var (
	AuthorizeSession_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		3003: "CLASS_UID_AUTHORIZE_SESSION",
	}
	AuthorizeSession_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":           0,
		"CLASS_UID_AUTHORIZE_SESSION": 3003,
	}
)

Enum value maps for AuthorizeSession_ClassUid.

View Source 
var (
	AuthorizeSession_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	AuthorizeSession_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for AuthorizeSession_SeverityId.

View Source 
var (
	AuthorizeSession_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	AuthorizeSession_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for AuthorizeSession_StatusId.

View Source 
var (
	EntityManagement_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_READ",
		3:  "ACTIVITY_ID_UPDATE",
		4:  "ACTIVITY_ID_DELETE",
		99: "ACTIVITY_ID_OTHER",
	}
	EntityManagement_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_READ":    2,
		"ACTIVITY_ID_UPDATE":  3,
		"ACTIVITY_ID_DELETE":  4,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for EntityManagement_ActivityId.

View Source 
var (
	EntityManagement_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		3: "CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT",
	}
	EntityManagement_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":                    0,
		"CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT": 3,
	}
)

Enum value maps for EntityManagement_CategoryUid.

View Source 
var (
	EntityManagement_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		3004: "CLASS_UID_ENTITY_MANAGEMENT",
	}
	EntityManagement_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":           0,
		"CLASS_UID_ENTITY_MANAGEMENT": 3004,
	}
)

Enum value maps for EntityManagement_ClassUid.

View Source 
var (
	EntityManagement_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	EntityManagement_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for EntityManagement_SeverityId.

View Source 
var (
	EntityManagement_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	EntityManagement_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for EntityManagement_StatusId.

View Source 
var (
	UserAccess_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_ASSIGN_PRIVILEGES",
		2:  "ACTIVITY_ID_REVOKE_PRIVILEGES",
		99: "ACTIVITY_ID_OTHER",
	}
	UserAccess_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":           0,
		"ACTIVITY_ID_ASSIGN_PRIVILEGES": 1,
		"ACTIVITY_ID_REVOKE_PRIVILEGES": 2,
		"ACTIVITY_ID_OTHER":             99,
	}
)

Enum value maps for UserAccess_ActivityId.

View Source 
var (
	UserAccess_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		3: "CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT",
	}
	UserAccess_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":                    0,
		"CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT": 3,
	}
)

Enum value maps for UserAccess_CategoryUid.

View Source 
var (
	UserAccess_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		3005: "CLASS_UID_USER_ACCESS_MANAGEMENT",
	}
	UserAccess_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                0,
		"CLASS_UID_USER_ACCESS_MANAGEMENT": 3005,
	}
)

Enum value maps for UserAccess_ClassUid.

View Source 
var (
	UserAccess_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	UserAccess_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for UserAccess_SeverityId.

View Source 
var (
	UserAccess_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	UserAccess_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for UserAccess_StatusId.

View Source 
var (
	GroupManagement_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_ASSIGN_PRIVILEGES",
		2:  "ACTIVITY_ID_REVOKE_PRIVILEGES",
		3:  "ACTIVITY_ID_ADD_USER",
		4:  "ACTIVITY_ID_REMOVE_USER",
		5:  "ACTIVITY_ID_DELETE",
		6:  "ACTIVITY_ID_CREATE",
		99: "ACTIVITY_ID_OTHER",
	}
	GroupManagement_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":           0,
		"ACTIVITY_ID_ASSIGN_PRIVILEGES": 1,
		"ACTIVITY_ID_REVOKE_PRIVILEGES": 2,
		"ACTIVITY_ID_ADD_USER":          3,
		"ACTIVITY_ID_REMOVE_USER":       4,
		"ACTIVITY_ID_DELETE":            5,
		"ACTIVITY_ID_CREATE":            6,
		"ACTIVITY_ID_OTHER":             99,
	}
)

Enum value maps for GroupManagement_ActivityId.

View Source 
var (
	GroupManagement_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		3: "CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT",
	}
	GroupManagement_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":                    0,
		"CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT": 3,
	}
)

Enum value maps for GroupManagement_CategoryUid.

View Source 
var (
	GroupManagement_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		3006: "CLASS_UID_GROUP_MANAGEMENT",
	}
	GroupManagement_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":          0,
		"CLASS_UID_GROUP_MANAGEMENT": 3006,
	}
)

Enum value maps for GroupManagement_ClassUid.

View Source 
var (
	GroupManagement_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	GroupManagement_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for GroupManagement_SeverityId.

View Source 
var (
	GroupManagement_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	GroupManagement_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for GroupManagement_StatusId.

View Source 
var (
	NetworkActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	NetworkActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for NetworkActivity_ActionId.

View Source 
var (
	NetworkActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_OPEN",
		2:  "ACTIVITY_ID_CLOSE",
		3:  "ACTIVITY_ID_RESET",
		4:  "ACTIVITY_ID_FAIL",
		5:  "ACTIVITY_ID_REFUSE",
		6:  "ACTIVITY_ID_TRAFFIC",
		99: "ACTIVITY_ID_OTHER",
	}
	NetworkActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_OPEN":    1,
		"ACTIVITY_ID_CLOSE":   2,
		"ACTIVITY_ID_RESET":   3,
		"ACTIVITY_ID_FAIL":    4,
		"ACTIVITY_ID_REFUSE":  5,
		"ACTIVITY_ID_TRAFFIC": 6,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for NetworkActivity_ActivityId.

View Source 
var (
	NetworkActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	NetworkActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for NetworkActivity_CategoryUid.

View Source 
var (
	NetworkActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4001: "CLASS_UID_NETWORK_ACTIVITY",
	}
	NetworkActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":          0,
		"CLASS_UID_NETWORK_ACTIVITY": 4001,
	}
)

Enum value maps for NetworkActivity_ClassUid.

View Source 
var (
	NetworkActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	NetworkActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for NetworkActivity_DispositionId.

View Source 
var (
	NetworkActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	NetworkActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for NetworkActivity_SeverityId.

View Source 
var (
	NetworkActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	NetworkActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for NetworkActivity_StatusId.

View Source 
var (
	HttpActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	HttpActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for HttpActivity_ActionId.

View Source 
var (
	HttpActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CONNECT",
		2:  "ACTIVITY_ID_DELETE",
		3:  "ACTIVITY_ID_GET",
		4:  "ACTIVITY_ID_HEAD",
		5:  "ACTIVITY_ID_OPTIONS",
		6:  "ACTIVITY_ID_POST",
		7:  "ACTIVITY_ID_PUT",
		8:  "ACTIVITY_ID_TRACE",
		99: "ACTIVITY_ID_OTHER",
	}
	HttpActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CONNECT": 1,
		"ACTIVITY_ID_DELETE":  2,
		"ACTIVITY_ID_GET":     3,
		"ACTIVITY_ID_HEAD":    4,
		"ACTIVITY_ID_OPTIONS": 5,
		"ACTIVITY_ID_POST":    6,
		"ACTIVITY_ID_PUT":     7,
		"ACTIVITY_ID_TRACE":   8,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for HttpActivity_ActivityId.

View Source 
var (
	HttpActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	HttpActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for HttpActivity_CategoryUid.

View Source 
var (
	HttpActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4002: "CLASS_UID_HTTP_ACTIVITY",
	}
	HttpActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":       0,
		"CLASS_UID_HTTP_ACTIVITY": 4002,
	}
)

Enum value maps for HttpActivity_ClassUid.

View Source 
var (
	HttpActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	HttpActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for HttpActivity_DispositionId.

View Source 
var (
	HttpActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	HttpActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for HttpActivity_SeverityId.

View Source 
var (
	HttpActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	HttpActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for HttpActivity_StatusId.

View Source 
var (
	DnsActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	DnsActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for DnsActivity_ActionId.

View Source 
var (
	DnsActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		2:  "ACTIVITY_ID_RESPONSE",
		6:  "ACTIVITY_ID_TRAFFIC",
		99: "ACTIVITY_ID_OTHER",
	}
	DnsActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":  0,
		"ACTIVITY_ID_QUERY":    1,
		"ACTIVITY_ID_RESPONSE": 2,
		"ACTIVITY_ID_TRAFFIC":  6,
		"ACTIVITY_ID_OTHER":    99,
	}
)

Enum value maps for DnsActivity_ActivityId.

View Source 
var (
	DnsActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	DnsActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for DnsActivity_CategoryUid.

View Source 
var (
	DnsActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4003: "CLASS_UID_DNS_ACTIVITY",
	}
	DnsActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_DNS_ACTIVITY": 4003,
	}
)

Enum value maps for DnsActivity_ClassUid.

View Source 
var (
	DnsActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	DnsActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for DnsActivity_DispositionId.

View Source 
var (
	DnsActivity_RcodeId_name = map[int32]string{
		0:  "RCODE_ID_NOERROR",
		1:  "RCODE_ID_FORMERROR",
		2:  "RCODE_ID_SERVERROR",
		3:  "RCODE_ID_NXDOMAIN",
		4:  "RCODE_ID_NOTIMP",
		5:  "RCODE_ID_REFUSED",
		6:  "RCODE_ID_YXDOMAIN",
		7:  "RCODE_ID_YXRRSET",
		8:  "RCODE_ID_NXRRSET",
		9:  "RCODE_ID_NOTAUTH",
		10: "RCODE_ID_NOTZONE",
		11: "RCODE_ID_DSOTYPENI",
		16: "RCODE_ID_BADSIG_VERS",
		17: "RCODE_ID_BADKEY",
		18: "RCODE_ID_BADTIME",
		19: "RCODE_ID_BADMODE",
		20: "RCODE_ID_BADNAME",
		21: "RCODE_ID_BADALG",
		22: "RCODE_ID_BADTRUNC",
		23: "RCODE_ID_BADCOOKIE",
		24: "RCODE_ID_UNASSIGNED",
		25: "RCODE_ID_RESERVED",
		99: "RCODE_ID_OTHER",
	}
	DnsActivity_RcodeId_value = map[string]int32{
		"RCODE_ID_NOERROR":     0,
		"RCODE_ID_FORMERROR":   1,
		"RCODE_ID_SERVERROR":   2,
		"RCODE_ID_NXDOMAIN":    3,
		"RCODE_ID_NOTIMP":      4,
		"RCODE_ID_REFUSED":     5,
		"RCODE_ID_YXDOMAIN":    6,
		"RCODE_ID_YXRRSET":     7,
		"RCODE_ID_NXRRSET":     8,
		"RCODE_ID_NOTAUTH":     9,
		"RCODE_ID_NOTZONE":     10,
		"RCODE_ID_DSOTYPENI":   11,
		"RCODE_ID_BADSIG_VERS": 16,
		"RCODE_ID_BADKEY":      17,
		"RCODE_ID_BADTIME":     18,
		"RCODE_ID_BADMODE":     19,
		"RCODE_ID_BADNAME":     20,
		"RCODE_ID_BADALG":      21,
		"RCODE_ID_BADTRUNC":    22,
		"RCODE_ID_BADCOOKIE":   23,
		"RCODE_ID_UNASSIGNED":  24,
		"RCODE_ID_RESERVED":    25,
		"RCODE_ID_OTHER":       99,
	}
)

Enum value maps for DnsActivity_RcodeId.

View Source 
var (
	DnsActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	DnsActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for DnsActivity_SeverityId.

View Source 
var (
	DnsActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	DnsActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for DnsActivity_StatusId.

View Source 
var (
	DhcpActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	DhcpActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for DhcpActivity_ActionId.

View Source 
var (
	DhcpActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_DISCOVER",
		2:  "ACTIVITY_ID_OFFER",
		3:  "ACTIVITY_ID_REQUEST",
		4:  "ACTIVITY_ID_DECLINE",
		5:  "ACTIVITY_ID_ACK",
		6:  "ACTIVITY_ID_NAK",
		7:  "ACTIVITY_ID_RELEASE",
		8:  "ACTIVITY_ID_INFORM",
		9:  "ACTIVITY_ID_EXPIRE",
		99: "ACTIVITY_ID_OTHER",
	}
	DhcpActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":  0,
		"ACTIVITY_ID_DISCOVER": 1,
		"ACTIVITY_ID_OFFER":    2,
		"ACTIVITY_ID_REQUEST":  3,
		"ACTIVITY_ID_DECLINE":  4,
		"ACTIVITY_ID_ACK":      5,
		"ACTIVITY_ID_NAK":      6,
		"ACTIVITY_ID_RELEASE":  7,
		"ACTIVITY_ID_INFORM":   8,
		"ACTIVITY_ID_EXPIRE":   9,
		"ACTIVITY_ID_OTHER":    99,
	}
)

Enum value maps for DhcpActivity_ActivityId.

View Source 
var (
	DhcpActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	DhcpActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for DhcpActivity_CategoryUid.

View Source 
var (
	DhcpActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4004: "CLASS_UID_DHCP_ACTIVITY",
	}
	DhcpActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":       0,
		"CLASS_UID_DHCP_ACTIVITY": 4004,
	}
)

Enum value maps for DhcpActivity_ClassUid.

View Source 
var (
	DhcpActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	DhcpActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for DhcpActivity_DispositionId.

View Source 
var (
	DhcpActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	DhcpActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for DhcpActivity_SeverityId.

View Source 
var (
	DhcpActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	DhcpActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for DhcpActivity_StatusId.

View Source 
var (
	RdpActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	RdpActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for RdpActivity_ActionId.

View Source 
var (
	RdpActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_INITIAL_REQUEST",
		2:  "ACTIVITY_ID_INITIAL_RESPONSE",
		3:  "ACTIVITY_ID_CONNECT_REQUEST",
		4:  "ACTIVITY_ID_CONNECT_RESPONSE",
		5:  "ACTIVITY_ID_TLS_HANDSHAKE",
		6:  "ACTIVITY_ID_TRAFFIC",
		99: "ACTIVITY_ID_OTHER",
	}
	RdpActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":          0,
		"ACTIVITY_ID_INITIAL_REQUEST":  1,
		"ACTIVITY_ID_INITIAL_RESPONSE": 2,
		"ACTIVITY_ID_CONNECT_REQUEST":  3,
		"ACTIVITY_ID_CONNECT_RESPONSE": 4,
		"ACTIVITY_ID_TLS_HANDSHAKE":    5,
		"ACTIVITY_ID_TRAFFIC":          6,
		"ACTIVITY_ID_OTHER":            99,
	}
)

Enum value maps for RdpActivity_ActivityId.

View Source 
var (
	RdpActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	RdpActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for RdpActivity_CategoryUid.

View Source 
var (
	RdpActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4005: "CLASS_UID_RDP_ACTIVITY",
	}
	RdpActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_RDP_ACTIVITY": 4005,
	}
)

Enum value maps for RdpActivity_ClassUid.

View Source 
var (
	RdpActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	RdpActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for RdpActivity_DispositionId.

View Source 
var (
	RdpActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	RdpActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for RdpActivity_SeverityId.

View Source 
var (
	RdpActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	RdpActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for RdpActivity_StatusId.

View Source 
var (
	SmbActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	SmbActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for SmbActivity_ActionId.

View Source 
var (
	SmbActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_FILE_SUPERSEDE",
		2:  "ACTIVITY_ID_FILE_OPEN",
		3:  "ACTIVITY_ID_FILE_CREATE",
		4:  "ACTIVITY_ID_FILE_OPEN_IF",
		5:  "ACTIVITY_ID_FILE_OVERWRITE",
		6:  "ACTIVITY_ID_FILE_OVERWRITE_IF",
		99: "ACTIVITY_ID_OTHER",
	}
	SmbActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":           0,
		"ACTIVITY_ID_FILE_SUPERSEDE":    1,
		"ACTIVITY_ID_FILE_OPEN":         2,
		"ACTIVITY_ID_FILE_CREATE":       3,
		"ACTIVITY_ID_FILE_OPEN_IF":      4,
		"ACTIVITY_ID_FILE_OVERWRITE":    5,
		"ACTIVITY_ID_FILE_OVERWRITE_IF": 6,
		"ACTIVITY_ID_OTHER":             99,
	}
)

Enum value maps for SmbActivity_ActivityId.

View Source 
var (
	SmbActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	SmbActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for SmbActivity_CategoryUid.

View Source 
var (
	SmbActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4006: "CLASS_UID_SMB_ACTIVITY",
	}
	SmbActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_SMB_ACTIVITY": 4006,
	}
)

Enum value maps for SmbActivity_ClassUid.

View Source 
var (
	SmbActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	SmbActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for SmbActivity_DispositionId.

View Source 
var (
	SmbActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	SmbActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for SmbActivity_SeverityId.

View Source 
var (
	SmbActivity_ShareTypeId_name = map[int32]string{
		0:  "SHARE_TYPE_ID_UNKNOWN",
		1:  "SHARE_TYPE_ID_FILE",
		2:  "SHARE_TYPE_ID_PIPE",
		3:  "SHARE_TYPE_ID_PRINT",
		99: "SHARE_TYPE_ID_OTHER",
	}
	SmbActivity_ShareTypeId_value = map[string]int32{
		"SHARE_TYPE_ID_UNKNOWN": 0,
		"SHARE_TYPE_ID_FILE":    1,
		"SHARE_TYPE_ID_PIPE":    2,
		"SHARE_TYPE_ID_PRINT":   3,
		"SHARE_TYPE_ID_OTHER":   99,
	}
)

Enum value maps for SmbActivity_ShareTypeId.

View Source 
var (
	SmbActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	SmbActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for SmbActivity_StatusId.

View Source 
var (
	SshActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	SshActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for SshActivity_ActionId.

View Source 
var (
	SshActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_OPEN",
		2:  "ACTIVITY_ID_CLOSE",
		3:  "ACTIVITY_ID_RESET",
		4:  "ACTIVITY_ID_FAIL",
		5:  "ACTIVITY_ID_REFUSE",
		6:  "ACTIVITY_ID_TRAFFIC",
		99: "ACTIVITY_ID_OTHER",
	}
	SshActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_OPEN":    1,
		"ACTIVITY_ID_CLOSE":   2,
		"ACTIVITY_ID_RESET":   3,
		"ACTIVITY_ID_FAIL":    4,
		"ACTIVITY_ID_REFUSE":  5,
		"ACTIVITY_ID_TRAFFIC": 6,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for SshActivity_ActivityId.

View Source 
var (
	SshActivity_AuthTypeId_name = map[int32]string{
		0:  "AUTH_TYPE_ID_UNKNOWN",
		1:  "AUTH_TYPE_ID_CERTIFICATE_BASED",
		2:  "AUTH_TYPE_ID_GSSAPI",
		3:  "AUTH_TYPE_ID_HOST_BASED",
		4:  "AUTH_TYPE_ID_KEYBOARD_INTERACTIVE",
		5:  "AUTH_TYPE_ID_PASSWORD",
		6:  "AUTH_TYPE_ID_PUBLIC_KEY",
		99: "AUTH_TYPE_ID_OTHER",
	}
	SshActivity_AuthTypeId_value = map[string]int32{
		"AUTH_TYPE_ID_UNKNOWN":              0,
		"AUTH_TYPE_ID_CERTIFICATE_BASED":    1,
		"AUTH_TYPE_ID_GSSAPI":               2,
		"AUTH_TYPE_ID_HOST_BASED":           3,
		"AUTH_TYPE_ID_KEYBOARD_INTERACTIVE": 4,
		"AUTH_TYPE_ID_PASSWORD":             5,
		"AUTH_TYPE_ID_PUBLIC_KEY":           6,
		"AUTH_TYPE_ID_OTHER":                99,
	}
)

Enum value maps for SshActivity_AuthTypeId.

View Source 
var (
	SshActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	SshActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for SshActivity_CategoryUid.

View Source 
var (
	SshActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4007: "CLASS_UID_SSH_ACTIVITY",
	}
	SshActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_SSH_ACTIVITY": 4007,
	}
)

Enum value maps for SshActivity_ClassUid.

View Source 
var (
	SshActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	SshActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for SshActivity_DispositionId.

View Source 
var (
	SshActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	SshActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for SshActivity_SeverityId.

View Source 
var (
	SshActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	SshActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for SshActivity_StatusId.

View Source 
var (
	FtpActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	FtpActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for FtpActivity_ActionId.

View Source 
var (
	FtpActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_PUT",
		2:  "ACTIVITY_ID_GET",
		3:  "ACTIVITY_ID_POLL",
		4:  "ACTIVITY_ID_DELETE",
		5:  "ACTIVITY_ID_RENAME",
		6:  "ACTIVITY_ID_LIST",
		99: "ACTIVITY_ID_OTHER",
	}
	FtpActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_PUT":     1,
		"ACTIVITY_ID_GET":     2,
		"ACTIVITY_ID_POLL":    3,
		"ACTIVITY_ID_DELETE":  4,
		"ACTIVITY_ID_RENAME":  5,
		"ACTIVITY_ID_LIST":    6,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for FtpActivity_ActivityId.

View Source 
var (
	FtpActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	FtpActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for FtpActivity_CategoryUid.

View Source 
var (
	FtpActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4008: "CLASS_UID_FTP_ACTIVITY",
	}
	FtpActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_FTP_ACTIVITY": 4008,
	}
)

Enum value maps for FtpActivity_ClassUid.

View Source 
var (
	FtpActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	FtpActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for FtpActivity_DispositionId.

View Source 
var (
	FtpActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	FtpActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for FtpActivity_SeverityId.

View Source 
var (
	FtpActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	FtpActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for FtpActivity_StatusId.

View Source 
var (
	EmailActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	EmailActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for EmailActivity_ActionId.

View Source 
var (
	EmailActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_SEND",
		2:  "ACTIVITY_ID_RECEIVE",
		3:  "ACTIVITY_ID_SCAN",
		99: "ACTIVITY_ID_OTHER",
	}
	EmailActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_SEND":    1,
		"ACTIVITY_ID_RECEIVE": 2,
		"ACTIVITY_ID_SCAN":    3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for EmailActivity_ActivityId.

View Source 
var (
	EmailActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	EmailActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for EmailActivity_CategoryUid.

View Source 
var (
	EmailActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4009: "CLASS_UID_EMAIL_ACTIVITY",
	}
	EmailActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":        0,
		"CLASS_UID_EMAIL_ACTIVITY": 4009,
	}
)

Enum value maps for EmailActivity_ClassUid.

View Source 
var (
	EmailActivity_DirectionId_name = map[int32]string{
		0:  "DIRECTION_ID_UNKNOWN",
		1:  "DIRECTION_ID_INBOUND",
		2:  "DIRECTION_ID_OUTBOUND",
		3:  "DIRECTION_ID_INTERNAL",
		99: "DIRECTION_ID_OTHER",
	}
	EmailActivity_DirectionId_value = map[string]int32{
		"DIRECTION_ID_UNKNOWN":  0,
		"DIRECTION_ID_INBOUND":  1,
		"DIRECTION_ID_OUTBOUND": 2,
		"DIRECTION_ID_INTERNAL": 3,
		"DIRECTION_ID_OTHER":    99,
	}
)

Enum value maps for EmailActivity_DirectionId.

View Source 
var (
	EmailActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	EmailActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for EmailActivity_DispositionId.

View Source 
var (
	EmailActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	EmailActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for EmailActivity_SeverityId.

View Source 
var (
	EmailActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	EmailActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for EmailActivity_StatusId.

View Source 
var (
	NetworkFileActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	NetworkFileActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for NetworkFileActivity_ActionId.

View Source 
var (
	NetworkFileActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_UPLOAD",
		2:  "ACTIVITY_ID_DOWNLOAD",
		3:  "ACTIVITY_ID_UPDATE",
		4:  "ACTIVITY_ID_DELETE",
		5:  "ACTIVITY_ID_RENAME",
		6:  "ACTIVITY_ID_COPY",
		7:  "ACTIVITY_ID_MOVE",
		8:  "ACTIVITY_ID_RESTORE",
		9:  "ACTIVITY_ID_PREVIEW",
		10: "ACTIVITY_ID_LOCK",
		11: "ACTIVITY_ID_UNLOCK",
		12: "ACTIVITY_ID_SHARE",
		13: "ACTIVITY_ID_UNSHARE",
		14: "ACTIVITY_ID_OPEN",
		15: "ACTIVITY_ID_SYNC",
		16: "ACTIVITY_ID_UNSYNC",
		99: "ACTIVITY_ID_OTHER",
	}
	NetworkFileActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":  0,
		"ACTIVITY_ID_UPLOAD":   1,
		"ACTIVITY_ID_DOWNLOAD": 2,
		"ACTIVITY_ID_UPDATE":   3,
		"ACTIVITY_ID_DELETE":   4,
		"ACTIVITY_ID_RENAME":   5,
		"ACTIVITY_ID_COPY":     6,
		"ACTIVITY_ID_MOVE":     7,
		"ACTIVITY_ID_RESTORE":  8,
		"ACTIVITY_ID_PREVIEW":  9,
		"ACTIVITY_ID_LOCK":     10,
		"ACTIVITY_ID_UNLOCK":   11,
		"ACTIVITY_ID_SHARE":    12,
		"ACTIVITY_ID_UNSHARE":  13,
		"ACTIVITY_ID_OPEN":     14,
		"ACTIVITY_ID_SYNC":     15,
		"ACTIVITY_ID_UNSYNC":   16,
		"ACTIVITY_ID_OTHER":    99,
	}
)

Enum value maps for NetworkFileActivity_ActivityId.

View Source 
var (
	NetworkFileActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	NetworkFileActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for NetworkFileActivity_CategoryUid.

View Source 
var (
	NetworkFileActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4010: "CLASS_UID_NETWORK_FILE_ACTIVITY",
	}
	NetworkFileActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":               0,
		"CLASS_UID_NETWORK_FILE_ACTIVITY": 4010,
	}
)

Enum value maps for NetworkFileActivity_ClassUid.

View Source 
var (
	NetworkFileActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	NetworkFileActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for NetworkFileActivity_DispositionId.

View Source 
var (
	NetworkFileActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	NetworkFileActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for NetworkFileActivity_SeverityId.

View Source 
var (
	NetworkFileActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	NetworkFileActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for NetworkFileActivity_StatusId.

View Source 
var (
	EmailFileActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	EmailFileActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for EmailFileActivity_ActionId.

View Source 
var (
	EmailFileActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_SEND",
		2:  "ACTIVITY_ID_RECEIVE",
		3:  "ACTIVITY_ID_SCAN",
		99: "ACTIVITY_ID_OTHER",
	}
	EmailFileActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_SEND":    1,
		"ACTIVITY_ID_RECEIVE": 2,
		"ACTIVITY_ID_SCAN":    3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for EmailFileActivity_ActivityId.

View Source 
var (
	EmailFileActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	EmailFileActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for EmailFileActivity_CategoryUid.

View Source 
var (
	EmailFileActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4011: "CLASS_UID_EMAIL_FILE_ACTIVITY",
	}
	EmailFileActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":             0,
		"CLASS_UID_EMAIL_FILE_ACTIVITY": 4011,
	}
)

Enum value maps for EmailFileActivity_ClassUid.

View Source 
var (
	EmailFileActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	EmailFileActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for EmailFileActivity_DispositionId.

View Source 
var (
	EmailFileActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	EmailFileActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for EmailFileActivity_SeverityId.

View Source 
var (
	EmailFileActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	EmailFileActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for EmailFileActivity_StatusId.

View Source 
var (
	EmailUrlActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	EmailUrlActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for EmailUrlActivity_ActionId.

View Source 
var (
	EmailUrlActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_SEND",
		2:  "ACTIVITY_ID_RECEIVE",
		3:  "ACTIVITY_ID_SCAN",
		99: "ACTIVITY_ID_OTHER",
	}
	EmailUrlActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_SEND":    1,
		"ACTIVITY_ID_RECEIVE": 2,
		"ACTIVITY_ID_SCAN":    3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for EmailUrlActivity_ActivityId.

View Source 
var (
	EmailUrlActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	EmailUrlActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for EmailUrlActivity_CategoryUid.

View Source 
var (
	EmailUrlActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4012: "CLASS_UID_EMAIL_URL_ACTIVITY",
	}
	EmailUrlActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":            0,
		"CLASS_UID_EMAIL_URL_ACTIVITY": 4012,
	}
)

Enum value maps for EmailUrlActivity_ClassUid.

View Source 
var (
	EmailUrlActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	EmailUrlActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for EmailUrlActivity_DispositionId.

View Source 
var (
	EmailUrlActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	EmailUrlActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for EmailUrlActivity_SeverityId.

View Source 
var (
	EmailUrlActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	EmailUrlActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for EmailUrlActivity_StatusId.

View Source 
var (
	NtpActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	NtpActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for NtpActivity_ActionId.

View Source 
var (
	NtpActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_SYMMETRIC_ACTIVE_EXCHANGE",
		2:  "ACTIVITY_ID_SYMMETRIC_PASSIVE_RESPONSE",
		3:  "ACTIVITY_ID_CLIENT_SYNCHRONIZATION",
		4:  "ACTIVITY_ID_SERVER_RESPONSE",
		5:  "ACTIVITY_ID_BROADCAST",
		6:  "ACTIVITY_ID_CONTROL",
		7:  "ACTIVITY_ID_PRIVATE_USE_CASE",
		99: "ACTIVITY_ID_OTHER",
	}
	NtpActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":                    0,
		"ACTIVITY_ID_SYMMETRIC_ACTIVE_EXCHANGE":  1,
		"ACTIVITY_ID_SYMMETRIC_PASSIVE_RESPONSE": 2,
		"ACTIVITY_ID_CLIENT_SYNCHRONIZATION":     3,
		"ACTIVITY_ID_SERVER_RESPONSE":            4,
		"ACTIVITY_ID_BROADCAST":                  5,
		"ACTIVITY_ID_CONTROL":                    6,
		"ACTIVITY_ID_PRIVATE_USE_CASE":           7,
		"ACTIVITY_ID_OTHER":                      99,
	}
)

Enum value maps for NtpActivity_ActivityId.

View Source 
var (
	NtpActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	NtpActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for NtpActivity_CategoryUid.

View Source 
var (
	NtpActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4013: "CLASS_UID_NTP_ACTIVITY",
	}
	NtpActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_NTP_ACTIVITY": 4013,
	}
)

Enum value maps for NtpActivity_ClassUid.

View Source 
var (
	NtpActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	NtpActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for NtpActivity_DispositionId.

View Source 
var (
	NtpActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	NtpActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for NtpActivity_SeverityId.

View Source 
var (
	NtpActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	NtpActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for NtpActivity_StatusId.

View Source 
var (
	NtpActivity_StratumId_name = map[int32]string{
		0:  "STRATUM_ID_UNKNOWN",
		1:  "STRATUM_ID_PRIMARY_SERVER",
		2:  "STRATUM_ID_SECONDARY_SERVER",
		16: "STRATUM_ID_UNSYNCHRONIZED",
		17: "STRATUM_ID_RESERVED",
		99: "STRATUM_ID_OTHER",
	}
	NtpActivity_StratumId_value = map[string]int32{
		"STRATUM_ID_UNKNOWN":          0,
		"STRATUM_ID_PRIMARY_SERVER":   1,
		"STRATUM_ID_SECONDARY_SERVER": 2,
		"STRATUM_ID_UNSYNCHRONIZED":   16,
		"STRATUM_ID_RESERVED":         17,
		"STRATUM_ID_OTHER":            99,
	}
)

Enum value maps for NtpActivity_StratumId.

View Source 
var (
	TunnelActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	TunnelActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for TunnelActivity_ActionId.

View Source 
var (
	TunnelActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_OPEN",
		2:  "ACTIVITY_ID_CLOSE",
		3:  "ACTIVITY_ID_RENEW",
		99: "ACTIVITY_ID_OTHER",
	}
	TunnelActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_OPEN":    1,
		"ACTIVITY_ID_CLOSE":   2,
		"ACTIVITY_ID_RENEW":   3,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for TunnelActivity_ActivityId.

View Source 
var (
	TunnelActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		4: "CATEGORY_UID_NETWORK_ACTIVITY",
	}
	TunnelActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":          0,
		"CATEGORY_UID_NETWORK_ACTIVITY": 4,
	}
)

Enum value maps for TunnelActivity_CategoryUid.

View Source 
var (
	TunnelActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		4014: "CLASS_UID_TUNNEL_ACTIVITY",
	}
	TunnelActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":         0,
		"CLASS_UID_TUNNEL_ACTIVITY": 4014,
	}
)

Enum value maps for TunnelActivity_ClassUid.

View Source 
var (
	TunnelActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	TunnelActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for TunnelActivity_DispositionId.

View Source 
var (
	TunnelActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	TunnelActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for TunnelActivity_SeverityId.

View Source 
var (
	TunnelActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	TunnelActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for TunnelActivity_StatusId.

View Source 
var (
	TunnelActivity_TunnelTypeId_name = map[int32]string{
		0:  "TUNNEL_TYPE_ID_UNKNOWN",
		1:  "TUNNEL_TYPE_ID_SPLIT_TUNNEL",
		2:  "TUNNEL_TYPE_ID_FULL_TUNNEL",
		99: "TUNNEL_TYPE_ID_OTHER",
	}
	TunnelActivity_TunnelTypeId_value = map[string]int32{
		"TUNNEL_TYPE_ID_UNKNOWN":      0,
		"TUNNEL_TYPE_ID_SPLIT_TUNNEL": 1,
		"TUNNEL_TYPE_ID_FULL_TUNNEL":  2,
		"TUNNEL_TYPE_ID_OTHER":        99,
	}
)

Enum value maps for TunnelActivity_TunnelTypeId.

View Source 
var (
	InventoryInfo_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LOG",
		2:  "ACTIVITY_ID_COLLECT",
		99: "ACTIVITY_ID_OTHER",
	}
	InventoryInfo_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_LOG":     1,
		"ACTIVITY_ID_COLLECT": 2,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for InventoryInfo_ActivityId.

View Source 
var (
	InventoryInfo_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	InventoryInfo_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for InventoryInfo_CategoryUid.

View Source 
var (
	InventoryInfo_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5001: "CLASS_UID_DEVICE_INVENTORY_INFO",
	}
	InventoryInfo_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":               0,
		"CLASS_UID_DEVICE_INVENTORY_INFO": 5001,
	}
)

Enum value maps for InventoryInfo_ClassUid.

View Source 
var (
	InventoryInfo_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	InventoryInfo_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for InventoryInfo_SeverityId.

View Source 
var (
	InventoryInfo_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	InventoryInfo_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for InventoryInfo_StatusId.

View Source 
var (
	ConfigState_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LOG",
		2:  "ACTIVITY_ID_COLLECT",
		99: "ACTIVITY_ID_OTHER",
	}
	ConfigState_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_LOG":     1,
		"ACTIVITY_ID_COLLECT": 2,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ConfigState_ActivityId.

View Source 
var (
	ConfigState_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	ConfigState_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for ConfigState_CategoryUid.

View Source 
var (
	ConfigState_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5002: "CLASS_UID_DEVICE_CONFIG_STATE",
	}
	ConfigState_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":             0,
		"CLASS_UID_DEVICE_CONFIG_STATE": 5002,
	}
)

Enum value maps for ConfigState_ClassUid.

View Source 
var (
	ConfigState_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ConfigState_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ConfigState_SeverityId.

View Source 
var (
	ConfigState_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ConfigState_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ConfigState_StatusId.

View Source 
var (
	UserInventory_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LOG",
		2:  "ACTIVITY_ID_COLLECT",
		99: "ACTIVITY_ID_OTHER",
	}
	UserInventory_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_LOG":     1,
		"ACTIVITY_ID_COLLECT": 2,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for UserInventory_ActivityId.

View Source 
var (
	UserInventory_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	UserInventory_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for UserInventory_CategoryUid.

View Source 
var (
	UserInventory_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5003: "CLASS_UID_USER_INVENTORY_INFO",
	}
	UserInventory_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":             0,
		"CLASS_UID_USER_INVENTORY_INFO": 5003,
	}
)

Enum value maps for UserInventory_ClassUid.

View Source 
var (
	UserInventory_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	UserInventory_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for UserInventory_SeverityId.

View Source 
var (
	UserInventory_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	UserInventory_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for UserInventory_StatusId.

View Source 
var (
	PatchState_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LOG",
		2:  "ACTIVITY_ID_COLLECT",
		99: "ACTIVITY_ID_OTHER",
	}
	PatchState_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_LOG":     1,
		"ACTIVITY_ID_COLLECT": 2,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for PatchState_ActivityId.

View Source 
var (
	PatchState_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	PatchState_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for PatchState_CategoryUid.

View Source 
var (
	PatchState_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5004: "CLASS_UID_OPERATING_SYSTEM_PATCH_STATE",
	}
	PatchState_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                      0,
		"CLASS_UID_OPERATING_SYSTEM_PATCH_STATE": 5004,
	}
)

Enum value maps for PatchState_ClassUid.

View Source 
var (
	PatchState_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	PatchState_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for PatchState_SeverityId.

View Source 
var (
	PatchState_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	PatchState_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for PatchState_StatusId.

View Source 
var (
	RegistryKeyQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	RegistryKeyQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for RegistryKeyQuery_ActivityId.

View Source 
var (
	RegistryKeyQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	RegistryKeyQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for RegistryKeyQuery_CategoryUid.

View Source 
var (
	RegistryKeyQuery_ClassUid_name = map[int32]string{
		0:      "CLASS_UID_UNKNOWN",
		205004: "CLASS_UID_REGISTRY_KEY_QUERY",
	}
	RegistryKeyQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":            0,
		"CLASS_UID_REGISTRY_KEY_QUERY": 205004,
	}
)

Enum value maps for RegistryKeyQuery_ClassUid.

View Source 
var (
	RegistryKeyQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	RegistryKeyQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for RegistryKeyQuery_QueryResultId.

View Source 
var (
	RegistryKeyQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	RegistryKeyQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for RegistryKeyQuery_SeverityId.

View Source 
var (
	RegistryKeyQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	RegistryKeyQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for RegistryKeyQuery_StatusId.

View Source 
var (
	RegistryValueQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	RegistryValueQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for RegistryValueQuery_ActivityId.

View Source 
var (
	RegistryValueQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	RegistryValueQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for RegistryValueQuery_CategoryUid.

View Source 
var (
	RegistryValueQuery_ClassUid_name = map[int32]string{
		0:      "CLASS_UID_UNKNOWN",
		205005: "CLASS_UID_REGISTRY_VALUE_QUERY",
	}
	RegistryValueQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":              0,
		"CLASS_UID_REGISTRY_VALUE_QUERY": 205005,
	}
)

Enum value maps for RegistryValueQuery_ClassUid.

View Source 
var (
	RegistryValueQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	RegistryValueQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for RegistryValueQuery_QueryResultId.

View Source 
var (
	RegistryValueQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	RegistryValueQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for RegistryValueQuery_SeverityId.

View Source 
var (
	RegistryValueQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	RegistryValueQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for RegistryValueQuery_StatusId.

View Source 
var (
	KernelObjectQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	KernelObjectQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for KernelObjectQuery_ActivityId.

View Source 
var (
	KernelObjectQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	KernelObjectQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for KernelObjectQuery_CategoryUid.

View Source 
var (
	KernelObjectQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5006: "CLASS_UID_KERNEL_OBJECT_QUERY",
	}
	KernelObjectQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":             0,
		"CLASS_UID_KERNEL_OBJECT_QUERY": 5006,
	}
)

Enum value maps for KernelObjectQuery_ClassUid.

View Source 
var (
	KernelObjectQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	KernelObjectQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for KernelObjectQuery_QueryResultId.

View Source 
var (
	KernelObjectQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	KernelObjectQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for KernelObjectQuery_SeverityId.

View Source 
var (
	KernelObjectQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	KernelObjectQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for KernelObjectQuery_StatusId.

View Source 
var (
	FileQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	FileQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for FileQuery_ActivityId.

View Source 
var (
	FileQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	FileQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for FileQuery_CategoryUid.

View Source 
var (
	FileQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5007: "CLASS_UID_FILE_QUERY",
	}
	FileQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":    0,
		"CLASS_UID_FILE_QUERY": 5007,
	}
)

Enum value maps for FileQuery_ClassUid.

View Source 
var (
	FileQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	FileQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for FileQuery_QueryResultId.

View Source 
var (
	FileQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	FileQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for FileQuery_SeverityId.

View Source 
var (
	FileQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	FileQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for FileQuery_StatusId.

View Source 
var (
	FolderQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	FolderQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for FolderQuery_ActivityId.

View Source 
var (
	FolderQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	FolderQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for FolderQuery_CategoryUid.

View Source 
var (
	FolderQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5008: "CLASS_UID_FOLDER_QUERY",
	}
	FolderQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_FOLDER_QUERY": 5008,
	}
)

Enum value maps for FolderQuery_ClassUid.

View Source 
var (
	FolderQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	FolderQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for FolderQuery_QueryResultId.

View Source 
var (
	FolderQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	FolderQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for FolderQuery_SeverityId.

View Source 
var (
	FolderQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	FolderQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for FolderQuery_StatusId.

View Source 
var (
	AdminGroupQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	AdminGroupQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for AdminGroupQuery_ActivityId.

View Source 
var (
	AdminGroupQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	AdminGroupQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for AdminGroupQuery_CategoryUid.

View Source 
var (
	AdminGroupQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5009: "CLASS_UID_ADMIN_GROUP_QUERY",
	}
	AdminGroupQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":           0,
		"CLASS_UID_ADMIN_GROUP_QUERY": 5009,
	}
)

Enum value maps for AdminGroupQuery_ClassUid.

View Source 
var (
	AdminGroupQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	AdminGroupQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for AdminGroupQuery_QueryResultId.

View Source 
var (
	AdminGroupQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	AdminGroupQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for AdminGroupQuery_SeverityId.

View Source 
var (
	AdminGroupQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	AdminGroupQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for AdminGroupQuery_StatusId.

View Source 
var (
	JobQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	JobQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for JobQuery_ActivityId.

View Source 
var (
	JobQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	JobQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for JobQuery_CategoryUid.

View Source 
var (
	JobQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5010: "CLASS_UID_JOB_QUERY",
	}
	JobQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":   0,
		"CLASS_UID_JOB_QUERY": 5010,
	}
)

Enum value maps for JobQuery_ClassUid.

View Source 
var (
	JobQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	JobQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for JobQuery_QueryResultId.

View Source 
var (
	JobQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	JobQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for JobQuery_SeverityId.

View Source 
var (
	JobQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	JobQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for JobQuery_StatusId.

View Source 
var (
	ModuleQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	ModuleQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ModuleQuery_ActivityId.

View Source 
var (
	ModuleQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	ModuleQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for ModuleQuery_CategoryUid.

View Source 
var (
	ModuleQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5011: "CLASS_UID_MODULE_QUERY",
	}
	ModuleQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_MODULE_QUERY": 5011,
	}
)

Enum value maps for ModuleQuery_ClassUid.

View Source 
var (
	ModuleQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	ModuleQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for ModuleQuery_QueryResultId.

View Source 
var (
	ModuleQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ModuleQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ModuleQuery_SeverityId.

View Source 
var (
	ModuleQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ModuleQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ModuleQuery_StatusId.

View Source 
var (
	NetworkConnectionQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	NetworkConnectionQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for NetworkConnectionQuery_ActivityId.

View Source 
var (
	NetworkConnectionQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	NetworkConnectionQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for NetworkConnectionQuery_CategoryUid.

View Source 
var (
	NetworkConnectionQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5012: "CLASS_UID_NETWORK_CONNECTION_QUERY",
	}
	NetworkConnectionQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                  0,
		"CLASS_UID_NETWORK_CONNECTION_QUERY": 5012,
	}
)

Enum value maps for NetworkConnectionQuery_ClassUid.

View Source 
var (
	NetworkConnectionQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	NetworkConnectionQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for NetworkConnectionQuery_QueryResultId.

View Source 
var (
	NetworkConnectionQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	NetworkConnectionQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for NetworkConnectionQuery_SeverityId.

View Source 
var (
	NetworkConnectionQuery_StateId_name = map[int32]string{
		0:  "STATE_ID_UNKNOWN",
		1:  "STATE_ID_ESTABLISHED",
		2:  "STATE_ID_SYN_SENT",
		3:  "STATE_ID_SYN_RECV",
		4:  "STATE_ID_FIN_WAIT1",
		5:  "STATE_ID_FIN_WAIT2",
		6:  "STATE_ID_TIME_WAIT",
		7:  "STATE_ID_CLOSED",
		8:  "STATE_ID_CLOSE_WAIT",
		9:  "STATE_ID_LAST_ACK",
		10: "STATE_ID_LISTEN",
		11: "STATE_ID_CLOSING",
		99: "STATE_ID_OTHER",
	}
	NetworkConnectionQuery_StateId_value = map[string]int32{
		"STATE_ID_UNKNOWN":     0,
		"STATE_ID_ESTABLISHED": 1,
		"STATE_ID_SYN_SENT":    2,
		"STATE_ID_SYN_RECV":    3,
		"STATE_ID_FIN_WAIT1":   4,
		"STATE_ID_FIN_WAIT2":   5,
		"STATE_ID_TIME_WAIT":   6,
		"STATE_ID_CLOSED":      7,
		"STATE_ID_CLOSE_WAIT":  8,
		"STATE_ID_LAST_ACK":    9,
		"STATE_ID_LISTEN":      10,
		"STATE_ID_CLOSING":     11,
		"STATE_ID_OTHER":       99,
	}
)

Enum value maps for NetworkConnectionQuery_StateId.

View Source 
var (
	NetworkConnectionQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	NetworkConnectionQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for NetworkConnectionQuery_StatusId.

View Source 
var (
	NetworksQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	NetworksQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for NetworksQuery_ActivityId.

View Source 
var (
	NetworksQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	NetworksQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for NetworksQuery_CategoryUid.

View Source 
var (
	NetworksQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5013: "CLASS_UID_NETWORKS_QUERY",
	}
	NetworksQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":        0,
		"CLASS_UID_NETWORKS_QUERY": 5013,
	}
)

Enum value maps for NetworksQuery_ClassUid.

View Source 
var (
	NetworksQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	NetworksQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for NetworksQuery_QueryResultId.

View Source 
var (
	NetworksQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	NetworksQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for NetworksQuery_SeverityId.

View Source 
var (
	NetworksQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	NetworksQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for NetworksQuery_StatusId.

View Source 
var (
	PeripheralDeviceQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	PeripheralDeviceQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for PeripheralDeviceQuery_ActivityId.

View Source 
var (
	PeripheralDeviceQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	PeripheralDeviceQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for PeripheralDeviceQuery_CategoryUid.

View Source 
var (
	PeripheralDeviceQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5014: "CLASS_UID_PERIPHERAL_DEVICE_QUERY",
	}
	PeripheralDeviceQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                 0,
		"CLASS_UID_PERIPHERAL_DEVICE_QUERY": 5014,
	}
)

Enum value maps for PeripheralDeviceQuery_ClassUid.

View Source 
var (
	PeripheralDeviceQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	PeripheralDeviceQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for PeripheralDeviceQuery_QueryResultId.

View Source 
var (
	PeripheralDeviceQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	PeripheralDeviceQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for PeripheralDeviceQuery_SeverityId.

View Source 
var (
	PeripheralDeviceQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	PeripheralDeviceQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for PeripheralDeviceQuery_StatusId.

View Source 
var (
	ProcessQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	ProcessQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ProcessQuery_ActivityId.

View Source 
var (
	ProcessQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	ProcessQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for ProcessQuery_CategoryUid.

View Source 
var (
	ProcessQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5015: "CLASS_UID_PROCESS_QUERY",
	}
	ProcessQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":       0,
		"CLASS_UID_PROCESS_QUERY": 5015,
	}
)

Enum value maps for ProcessQuery_ClassUid.

View Source 
var (
	ProcessQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	ProcessQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for ProcessQuery_QueryResultId.

View Source 
var (
	ProcessQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ProcessQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ProcessQuery_SeverityId.

View Source 
var (
	ProcessQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ProcessQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ProcessQuery_StatusId.

View Source 
var (
	ServiceQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	ServiceQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ServiceQuery_ActivityId.

View Source 
var (
	ServiceQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	ServiceQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for ServiceQuery_CategoryUid.

View Source 
var (
	ServiceQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5016: "CLASS_UID_SERVICE_QUERY",
	}
	ServiceQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":       0,
		"CLASS_UID_SERVICE_QUERY": 5016,
	}
)

Enum value maps for ServiceQuery_ClassUid.

View Source 
var (
	ServiceQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	ServiceQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for ServiceQuery_QueryResultId.

View Source 
var (
	ServiceQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ServiceQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ServiceQuery_SeverityId.

View Source 
var (
	ServiceQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ServiceQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ServiceQuery_StatusId.

View Source 
var (
	SessionQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	SessionQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for SessionQuery_ActivityId.

View Source 
var (
	SessionQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	SessionQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for SessionQuery_CategoryUid.

View Source 
var (
	SessionQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5017: "CLASS_UID_USER_SESSION_QUERY",
	}
	SessionQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":            0,
		"CLASS_UID_USER_SESSION_QUERY": 5017,
	}
)

Enum value maps for SessionQuery_ClassUid.

View Source 
var (
	SessionQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	SessionQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for SessionQuery_QueryResultId.

View Source 
var (
	SessionQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	SessionQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for SessionQuery_SeverityId.

View Source 
var (
	SessionQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	SessionQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for SessionQuery_StatusId.

View Source 
var (
	UserQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	UserQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for UserQuery_ActivityId.

View Source 
var (
	UserQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	UserQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for UserQuery_CategoryUid.

View Source 
var (
	UserQuery_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5018: "CLASS_UID_USER_QUERY",
	}
	UserQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":    0,
		"CLASS_UID_USER_QUERY": 5018,
	}
)

Enum value maps for UserQuery_ClassUid.

View Source 
var (
	UserQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	UserQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for UserQuery_QueryResultId.

View Source 
var (
	UserQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	UserQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for UserQuery_SeverityId.

View Source 
var (
	UserQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	UserQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for UserQuery_StatusId.

View Source 
var (
	DeviceConfigStateChange_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_LOG",
		2:  "ACTIVITY_ID_COLLECT",
		99: "ACTIVITY_ID_OTHER",
	}
	DeviceConfigStateChange_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_LOG":     1,
		"ACTIVITY_ID_COLLECT": 2,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for DeviceConfigStateChange_ActivityId.

View Source 
var (
	DeviceConfigStateChange_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	DeviceConfigStateChange_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for DeviceConfigStateChange_CategoryUid.

View Source 
var (
	DeviceConfigStateChange_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		5019: "CLASS_UID_DEVICE_CONFIG_STATE_CHANGE",
	}
	DeviceConfigStateChange_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                    0,
		"CLASS_UID_DEVICE_CONFIG_STATE_CHANGE": 5019,
	}
)

Enum value maps for DeviceConfigStateChange_ClassUid.

View Source 
var (
	DeviceConfigStateChange_PrevSecurityLevelId_name = map[int32]string{
		0:  "PREV_SECURITY_LEVEL_ID_UNKNOWN",
		1:  "PREV_SECURITY_LEVEL_ID_SECURE",
		2:  "PREV_SECURITY_LEVEL_ID_AT_RISK",
		3:  "PREV_SECURITY_LEVEL_ID_COMPROMISED",
		99: "PREV_SECURITY_LEVEL_ID_OTHER",
	}
	DeviceConfigStateChange_PrevSecurityLevelId_value = map[string]int32{
		"PREV_SECURITY_LEVEL_ID_UNKNOWN":     0,
		"PREV_SECURITY_LEVEL_ID_SECURE":      1,
		"PREV_SECURITY_LEVEL_ID_AT_RISK":     2,
		"PREV_SECURITY_LEVEL_ID_COMPROMISED": 3,
		"PREV_SECURITY_LEVEL_ID_OTHER":       99,
	}
)

Enum value maps for DeviceConfigStateChange_PrevSecurityLevelId.

View Source 
var (
	DeviceConfigStateChange_SecurityLevelId_name = map[int32]string{
		0:  "SECURITY_LEVEL_ID_UNKNOWN",
		1:  "SECURITY_LEVEL_ID_SECURE",
		2:  "SECURITY_LEVEL_ID_AT_RISK",
		3:  "SECURITY_LEVEL_ID_COMPROMISED",
		99: "SECURITY_LEVEL_ID_OTHER",
	}
	DeviceConfigStateChange_SecurityLevelId_value = map[string]int32{
		"SECURITY_LEVEL_ID_UNKNOWN":     0,
		"SECURITY_LEVEL_ID_SECURE":      1,
		"SECURITY_LEVEL_ID_AT_RISK":     2,
		"SECURITY_LEVEL_ID_COMPROMISED": 3,
		"SECURITY_LEVEL_ID_OTHER":       99,
	}
)

Enum value maps for DeviceConfigStateChange_SecurityLevelId.

View Source 
var (
	DeviceConfigStateChange_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	DeviceConfigStateChange_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for DeviceConfigStateChange_SeverityId.

View Source 
var (
	DeviceConfigStateChange_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	DeviceConfigStateChange_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for DeviceConfigStateChange_StatusId.

View Source 
var (
	PrefetchQuery_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_QUERY",
		99: "ACTIVITY_ID_OTHER",
	}
	PrefetchQuery_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_QUERY":   1,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for PrefetchQuery_ActivityId.

View Source 
var (
	PrefetchQuery_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		5: "CATEGORY_UID_DISCOVERY",
	}
	PrefetchQuery_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":   0,
		"CATEGORY_UID_DISCOVERY": 5,
	}
)

Enum value maps for PrefetchQuery_CategoryUid.

View Source 
var (
	PrefetchQuery_ClassUid_name = map[int32]string{
		0:      "CLASS_UID_UNKNOWN",
		205019: "CLASS_UID_PREFETCH_QUERY",
	}
	PrefetchQuery_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":        0,
		"CLASS_UID_PREFETCH_QUERY": 205019,
	}
)

Enum value maps for PrefetchQuery_ClassUid.

View Source 
var (
	PrefetchQuery_QueryResultId_name = map[int32]string{
		0:  "QUERY_RESULT_ID_UNKNOWN",
		1:  "QUERY_RESULT_ID_EXISTS",
		2:  "QUERY_RESULT_ID_PARTIAL",
		3:  "QUERY_RESULT_ID_DOES_NOT_EXIST",
		4:  "QUERY_RESULT_ID_ERROR",
		5:  "QUERY_RESULT_ID_UNSUPPORTED",
		99: "QUERY_RESULT_ID_OTHER",
	}
	PrefetchQuery_QueryResultId_value = map[string]int32{
		"QUERY_RESULT_ID_UNKNOWN":        0,
		"QUERY_RESULT_ID_EXISTS":         1,
		"QUERY_RESULT_ID_PARTIAL":        2,
		"QUERY_RESULT_ID_DOES_NOT_EXIST": 3,
		"QUERY_RESULT_ID_ERROR":          4,
		"QUERY_RESULT_ID_UNSUPPORTED":    5,
		"QUERY_RESULT_ID_OTHER":          99,
	}
)

Enum value maps for PrefetchQuery_QueryResultId.

View Source 
var (
	PrefetchQuery_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	PrefetchQuery_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for PrefetchQuery_SeverityId.

View Source 
var (
	PrefetchQuery_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	PrefetchQuery_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for PrefetchQuery_StatusId.

View Source 
var (
	WebResourcesActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	WebResourcesActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for WebResourcesActivity_ActionId.

View Source 
var (
	WebResourcesActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_READ",
		3:  "ACTIVITY_ID_UPDATE",
		4:  "ACTIVITY_ID_DELETE",
		5:  "ACTIVITY_ID_SEARCH",
		6:  "ACTIVITY_ID_IMPORT",
		7:  "ACTIVITY_ID_EXPORT",
		8:  "ACTIVITY_ID_SHARE",
		99: "ACTIVITY_ID_OTHER",
	}
	WebResourcesActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_READ":    2,
		"ACTIVITY_ID_UPDATE":  3,
		"ACTIVITY_ID_DELETE":  4,
		"ACTIVITY_ID_SEARCH":  5,
		"ACTIVITY_ID_IMPORT":  6,
		"ACTIVITY_ID_EXPORT":  7,
		"ACTIVITY_ID_SHARE":   8,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for WebResourcesActivity_ActivityId.

View Source 
var (
	WebResourcesActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		6: "CATEGORY_UID_APPLICATION_ACTIVITY",
	}
	WebResourcesActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":              0,
		"CATEGORY_UID_APPLICATION_ACTIVITY": 6,
	}
)

Enum value maps for WebResourcesActivity_CategoryUid.

View Source 
var (
	WebResourcesActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		6001: "CLASS_UID_WEB_RESOURCES_ACTIVITY",
	}
	WebResourcesActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                0,
		"CLASS_UID_WEB_RESOURCES_ACTIVITY": 6001,
	}
)

Enum value maps for WebResourcesActivity_ClassUid.

View Source 
var (
	WebResourcesActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	WebResourcesActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for WebResourcesActivity_DispositionId.

View Source 
var (
	WebResourcesActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	WebResourcesActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for WebResourcesActivity_SeverityId.

View Source 
var (
	WebResourcesActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	WebResourcesActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for WebResourcesActivity_StatusId.

View Source 
var (
	ApplicationLifecycle_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_INSTALL",
		2:  "ACTIVITY_ID_REMOVE",
		3:  "ACTIVITY_ID_START",
		4:  "ACTIVITY_ID_STOP",
		99: "ACTIVITY_ID_OTHER",
	}
	ApplicationLifecycle_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_INSTALL": 1,
		"ACTIVITY_ID_REMOVE":  2,
		"ACTIVITY_ID_START":   3,
		"ACTIVITY_ID_STOP":    4,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ApplicationLifecycle_ActivityId.

View Source 
var (
	ApplicationLifecycle_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		6: "CATEGORY_UID_APPLICATION_ACTIVITY",
	}
	ApplicationLifecycle_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":              0,
		"CATEGORY_UID_APPLICATION_ACTIVITY": 6,
	}
)

Enum value maps for ApplicationLifecycle_CategoryUid.

View Source 
var (
	ApplicationLifecycle_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		6002: "CLASS_UID_APPLICATION_LIFECYCLE",
	}
	ApplicationLifecycle_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":               0,
		"CLASS_UID_APPLICATION_LIFECYCLE": 6002,
	}
)

Enum value maps for ApplicationLifecycle_ClassUid.

View Source 
var (
	ApplicationLifecycle_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ApplicationLifecycle_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ApplicationLifecycle_SeverityId.

View Source 
var (
	ApplicationLifecycle_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ApplicationLifecycle_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ApplicationLifecycle_StatusId.

View Source 
var (
	ApiActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_CREATE",
		2:  "ACTIVITY_ID_READ",
		3:  "ACTIVITY_ID_UPDATE",
		4:  "ACTIVITY_ID_DELETE",
		99: "ACTIVITY_ID_OTHER",
	}
	ApiActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_CREATE":  1,
		"ACTIVITY_ID_READ":    2,
		"ACTIVITY_ID_UPDATE":  3,
		"ACTIVITY_ID_DELETE":  4,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for ApiActivity_ActivityId.

View Source 
var (
	ApiActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		6: "CATEGORY_UID_APPLICATION_ACTIVITY",
	}
	ApiActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":              0,
		"CATEGORY_UID_APPLICATION_ACTIVITY": 6,
	}
)

Enum value maps for ApiActivity_CategoryUid.

View Source 
var (
	ApiActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		6003: "CLASS_UID_API_ACTIVITY",
	}
	ApiActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":      0,
		"CLASS_UID_API_ACTIVITY": 6003,
	}
)

Enum value maps for ApiActivity_ClassUid.

View Source 
var (
	ApiActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ApiActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ApiActivity_SeverityId.

View Source 
var (
	ApiActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ApiActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ApiActivity_StatusId.

View Source 
var (
	WebResourceAccessActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_ACCESS_GRANT",
		2:  "ACTIVITY_ID_ACCESS_DENY",
		3:  "ACTIVITY_ID_ACCESS_REVOKE",
		4:  "ACTIVITY_ID_ACCESS_ERROR",
		99: "ACTIVITY_ID_OTHER",
	}
	WebResourceAccessActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":       0,
		"ACTIVITY_ID_ACCESS_GRANT":  1,
		"ACTIVITY_ID_ACCESS_DENY":   2,
		"ACTIVITY_ID_ACCESS_REVOKE": 3,
		"ACTIVITY_ID_ACCESS_ERROR":  4,
		"ACTIVITY_ID_OTHER":         99,
	}
)

Enum value maps for WebResourceAccessActivity_ActivityId.

View Source 
var (
	WebResourceAccessActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		6: "CATEGORY_UID_APPLICATION_ACTIVITY",
	}
	WebResourceAccessActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":              0,
		"CATEGORY_UID_APPLICATION_ACTIVITY": 6,
	}
)

Enum value maps for WebResourceAccessActivity_CategoryUid.

View Source 
var (
	WebResourceAccessActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		6004: "CLASS_UID_WEB_RESOURCE_ACCESS_ACTIVITY",
	}
	WebResourceAccessActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":                      0,
		"CLASS_UID_WEB_RESOURCE_ACCESS_ACTIVITY": 6004,
	}
)

Enum value maps for WebResourceAccessActivity_ClassUid.

View Source 
var (
	WebResourceAccessActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	WebResourceAccessActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for WebResourceAccessActivity_SeverityId.

View Source 
var (
	WebResourceAccessActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	WebResourceAccessActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for WebResourceAccessActivity_StatusId.

View Source 
var (
	DatastoreActivity_ActionId_name = map[int32]string{
		0:  "ACTION_ID_UNKNOWN",
		1:  "ACTION_ID_ALLOWED",
		2:  "ACTION_ID_DENIED",
		99: "ACTION_ID_OTHER",
	}
	DatastoreActivity_ActionId_value = map[string]int32{
		"ACTION_ID_UNKNOWN": 0,
		"ACTION_ID_ALLOWED": 1,
		"ACTION_ID_DENIED":  2,
		"ACTION_ID_OTHER":   99,
	}
)

Enum value maps for DatastoreActivity_ActionId.

View Source 
var (
	DatastoreActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_READ",
		2:  "ACTIVITY_ID_UPDATE",
		3:  "ACTIVITY_ID_CONNECT",
		4:  "ACTIVITY_ID_QUERY",
		5:  "ACTIVITY_ID_WRITE",
		6:  "ACTIVITY_ID_CREATE",
		7:  "ACTIVITY_ID_DELETE",
		8:  "ACTIVITY_ID_LIST",
		9:  "ACTIVITY_ID_ENCRYPT",
		10: "ACTIVITY_ID_DECRYPT",
		99: "ACTIVITY_ID_OTHER",
	}
	DatastoreActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN": 0,
		"ACTIVITY_ID_READ":    1,
		"ACTIVITY_ID_UPDATE":  2,
		"ACTIVITY_ID_CONNECT": 3,
		"ACTIVITY_ID_QUERY":   4,
		"ACTIVITY_ID_WRITE":   5,
		"ACTIVITY_ID_CREATE":  6,
		"ACTIVITY_ID_DELETE":  7,
		"ACTIVITY_ID_LIST":    8,
		"ACTIVITY_ID_ENCRYPT": 9,
		"ACTIVITY_ID_DECRYPT": 10,
		"ACTIVITY_ID_OTHER":   99,
	}
)

Enum value maps for DatastoreActivity_ActivityId.

View Source 
var (
	DatastoreActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		6: "CATEGORY_UID_APPLICATION_ACTIVITY",
	}
	DatastoreActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":              0,
		"CATEGORY_UID_APPLICATION_ACTIVITY": 6,
	}
)

Enum value maps for DatastoreActivity_CategoryUid.

View Source 
var (
	DatastoreActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		6005: "CLASS_UID_DATASTORE_ACTIVITY",
	}
	DatastoreActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":            0,
		"CLASS_UID_DATASTORE_ACTIVITY": 6005,
	}
)

Enum value maps for DatastoreActivity_ClassUid.

View Source 
var (
	DatastoreActivity_DispositionId_name = map[int32]string{
		0:  "DISPOSITION_ID_UNKNOWN",
		1:  "DISPOSITION_ID_ALLOWED",
		2:  "DISPOSITION_ID_BLOCKED",
		3:  "DISPOSITION_ID_QUARANTINED",
		4:  "DISPOSITION_ID_ISOLATED",
		5:  "DISPOSITION_ID_DELETED",
		6:  "DISPOSITION_ID_DROPPED",
		7:  "DISPOSITION_ID_CUSTOM_ACTION",
		8:  "DISPOSITION_ID_APPROVED",
		9:  "DISPOSITION_ID_RESTORED",
		10: "DISPOSITION_ID_EXONERATED",
		11: "DISPOSITION_ID_CORRECTED",
		12: "DISPOSITION_ID_PARTIALLY_CORRECTED",
		13: "DISPOSITION_ID_UNCORRECTED",
		14: "DISPOSITION_ID_DELAYED",
		15: "DISPOSITION_ID_DETECTED",
		16: "DISPOSITION_ID_NO_ACTION",
		17: "DISPOSITION_ID_LOGGED",
		18: "DISPOSITION_ID_TAGGED",
		19: "DISPOSITION_ID_ALERT",
		20: "DISPOSITION_ID_COUNT",
		21: "DISPOSITION_ID_RESET",
		22: "DISPOSITION_ID_CAPTCHA",
		23: "DISPOSITION_ID_CHALLENGE",
		24: "DISPOSITION_ID_ACCESS_REVOKED",
		25: "DISPOSITION_ID_REJECTED",
		26: "DISPOSITION_ID_UNAUTHORIZED",
		27: "DISPOSITION_ID_ERROR",
		99: "DISPOSITION_ID_OTHER",
	}
	DatastoreActivity_DispositionId_value = map[string]int32{
		"DISPOSITION_ID_UNKNOWN":             0,
		"DISPOSITION_ID_ALLOWED":             1,
		"DISPOSITION_ID_BLOCKED":             2,
		"DISPOSITION_ID_QUARANTINED":         3,
		"DISPOSITION_ID_ISOLATED":            4,
		"DISPOSITION_ID_DELETED":             5,
		"DISPOSITION_ID_DROPPED":             6,
		"DISPOSITION_ID_CUSTOM_ACTION":       7,
		"DISPOSITION_ID_APPROVED":            8,
		"DISPOSITION_ID_RESTORED":            9,
		"DISPOSITION_ID_EXONERATED":          10,
		"DISPOSITION_ID_CORRECTED":           11,
		"DISPOSITION_ID_PARTIALLY_CORRECTED": 12,
		"DISPOSITION_ID_UNCORRECTED":         13,
		"DISPOSITION_ID_DELAYED":             14,
		"DISPOSITION_ID_DETECTED":            15,
		"DISPOSITION_ID_NO_ACTION":           16,
		"DISPOSITION_ID_LOGGED":              17,
		"DISPOSITION_ID_TAGGED":              18,
		"DISPOSITION_ID_ALERT":               19,
		"DISPOSITION_ID_COUNT":               20,
		"DISPOSITION_ID_RESET":               21,
		"DISPOSITION_ID_CAPTCHA":             22,
		"DISPOSITION_ID_CHALLENGE":           23,
		"DISPOSITION_ID_ACCESS_REVOKED":      24,
		"DISPOSITION_ID_REJECTED":            25,
		"DISPOSITION_ID_UNAUTHORIZED":        26,
		"DISPOSITION_ID_ERROR":               27,
		"DISPOSITION_ID_OTHER":               99,
	}
)

Enum value maps for DatastoreActivity_DispositionId.

View Source 
var (
	DatastoreActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	DatastoreActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for DatastoreActivity_SeverityId.

View Source 
var (
	DatastoreActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	DatastoreActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for DatastoreActivity_StatusId.

View Source 
var (
	DatastoreActivity_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_DATABASE",
		2:  "TYPE_ID_DATABUCKET",
		3:  "TYPE_ID_TABLE",
		99: "TYPE_ID_OTHER",
	}
	DatastoreActivity_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":    0,
		"TYPE_ID_DATABASE":   1,
		"TYPE_ID_DATABUCKET": 2,
		"TYPE_ID_TABLE":      3,
		"TYPE_ID_OTHER":      99,
	}
)

Enum value maps for DatastoreActivity_TypeId.

View Source 
var (
	FileHosting_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_UPLOAD",
		2:  "ACTIVITY_ID_DOWNLOAD",
		3:  "ACTIVITY_ID_UPDATE",
		4:  "ACTIVITY_ID_DELETE",
		5:  "ACTIVITY_ID_RENAME",
		6:  "ACTIVITY_ID_COPY",
		7:  "ACTIVITY_ID_MOVE",
		8:  "ACTIVITY_ID_RESTORE",
		9:  "ACTIVITY_ID_PREVIEW",
		10: "ACTIVITY_ID_LOCK",
		11: "ACTIVITY_ID_UNLOCK",
		12: "ACTIVITY_ID_SHARE",
		13: "ACTIVITY_ID_UNSHARE",
		14: "ACTIVITY_ID_OPEN",
		15: "ACTIVITY_ID_SYNC",
		16: "ACTIVITY_ID_UNSYNC",
		99: "ACTIVITY_ID_OTHER",
	}
	FileHosting_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":  0,
		"ACTIVITY_ID_UPLOAD":   1,
		"ACTIVITY_ID_DOWNLOAD": 2,
		"ACTIVITY_ID_UPDATE":   3,
		"ACTIVITY_ID_DELETE":   4,
		"ACTIVITY_ID_RENAME":   5,
		"ACTIVITY_ID_COPY":     6,
		"ACTIVITY_ID_MOVE":     7,
		"ACTIVITY_ID_RESTORE":  8,
		"ACTIVITY_ID_PREVIEW":  9,
		"ACTIVITY_ID_LOCK":     10,
		"ACTIVITY_ID_UNLOCK":   11,
		"ACTIVITY_ID_SHARE":    12,
		"ACTIVITY_ID_UNSHARE":  13,
		"ACTIVITY_ID_OPEN":     14,
		"ACTIVITY_ID_SYNC":     15,
		"ACTIVITY_ID_UNSYNC":   16,
		"ACTIVITY_ID_OTHER":    99,
	}
)

Enum value maps for FileHosting_ActivityId.

View Source 
var (
	FileHosting_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		6: "CATEGORY_UID_APPLICATION_ACTIVITY",
	}
	FileHosting_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":              0,
		"CATEGORY_UID_APPLICATION_ACTIVITY": 6,
	}
)

Enum value maps for FileHosting_CategoryUid.

View Source 
var (
	FileHosting_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		6006: "CLASS_UID_FILE_HOSTING_ACTIVITY",
	}
	FileHosting_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":               0,
		"CLASS_UID_FILE_HOSTING_ACTIVITY": 6006,
	}
)

Enum value maps for FileHosting_ClassUid.

View Source 
var (
	FileHosting_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	FileHosting_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for FileHosting_SeverityId.

View Source 
var (
	FileHosting_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	FileHosting_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for FileHosting_StatusId.

View Source 
var (
	ScanActivity_ActivityId_name = map[int32]string{
		0:  "ACTIVITY_ID_UNKNOWN",
		1:  "ACTIVITY_ID_STARTED",
		2:  "ACTIVITY_ID_COMPLETED",
		3:  "ACTIVITY_ID_CANCELLED",
		4:  "ACTIVITY_ID_DURATION_VIOLATION",
		5:  "ACTIVITY_ID_PAUSE_VIOLATION",
		6:  "ACTIVITY_ID_ERROR",
		7:  "ACTIVITY_ID_PAUSED",
		8:  "ACTIVITY_ID_RESUMED",
		9:  "ACTIVITY_ID_RESTARTED",
		10: "ACTIVITY_ID_DELAYED",
		99: "ACTIVITY_ID_OTHER",
	}
	ScanActivity_ActivityId_value = map[string]int32{
		"ACTIVITY_ID_UNKNOWN":            0,
		"ACTIVITY_ID_STARTED":            1,
		"ACTIVITY_ID_COMPLETED":          2,
		"ACTIVITY_ID_CANCELLED":          3,
		"ACTIVITY_ID_DURATION_VIOLATION": 4,
		"ACTIVITY_ID_PAUSE_VIOLATION":    5,
		"ACTIVITY_ID_ERROR":              6,
		"ACTIVITY_ID_PAUSED":             7,
		"ACTIVITY_ID_RESUMED":            8,
		"ACTIVITY_ID_RESTARTED":          9,
		"ACTIVITY_ID_DELAYED":            10,
		"ACTIVITY_ID_OTHER":              99,
	}
)

Enum value maps for ScanActivity_ActivityId.

View Source 
var (
	ScanActivity_CategoryUid_name = map[int32]string{
		0: "CATEGORY_UID_UNKNOWN",
		6: "CATEGORY_UID_APPLICATION_ACTIVITY",
	}
	ScanActivity_CategoryUid_value = map[string]int32{
		"CATEGORY_UID_UNKNOWN":              0,
		"CATEGORY_UID_APPLICATION_ACTIVITY": 6,
	}
)

Enum value maps for ScanActivity_CategoryUid.

View Source 
var (
	ScanActivity_ClassUid_name = map[int32]string{
		0:    "CLASS_UID_UNKNOWN",
		6007: "CLASS_UID_SCAN_ACTIVITY",
	}
	ScanActivity_ClassUid_value = map[string]int32{
		"CLASS_UID_UNKNOWN":       0,
		"CLASS_UID_SCAN_ACTIVITY": 6007,
	}
)

Enum value maps for ScanActivity_ClassUid.

View Source 
var (
	ScanActivity_SeverityId_name = map[int32]string{
		0:  "SEVERITY_ID_UNKNOWN",
		1:  "SEVERITY_ID_INFORMATIONAL",
		2:  "SEVERITY_ID_LOW",
		3:  "SEVERITY_ID_MEDIUM",
		4:  "SEVERITY_ID_HIGH",
		5:  "SEVERITY_ID_CRITICAL",
		6:  "SEVERITY_ID_FATAL",
		99: "SEVERITY_ID_OTHER",
	}
	ScanActivity_SeverityId_value = map[string]int32{
		"SEVERITY_ID_UNKNOWN":       0,
		"SEVERITY_ID_INFORMATIONAL": 1,
		"SEVERITY_ID_LOW":           2,
		"SEVERITY_ID_MEDIUM":        3,
		"SEVERITY_ID_HIGH":          4,
		"SEVERITY_ID_CRITICAL":      5,
		"SEVERITY_ID_FATAL":         6,
		"SEVERITY_ID_OTHER":         99,
	}
)

Enum value maps for ScanActivity_SeverityId.

View Source 
var (
	ScanActivity_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_SUCCESS",
		2:  "STATUS_ID_FAILURE",
		99: "STATUS_ID_OTHER",
	}
	ScanActivity_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_SUCCESS": 1,
		"STATUS_ID_FAILURE": 2,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for ScanActivity_StatusId.

View Source 
var (
	Device_RiskLevelId_name = map[int32]string{
		0: "RISK_LEVEL_ID_INFO",
		1: "RISK_LEVEL_ID_LOW",
		2: "RISK_LEVEL_ID_MEDIUM",
		3: "RISK_LEVEL_ID_HIGH",
		4: "RISK_LEVEL_ID_CRITICAL",
	}
	Device_RiskLevelId_value = map[string]int32{
		"RISK_LEVEL_ID_INFO":     0,
		"RISK_LEVEL_ID_LOW":      1,
		"RISK_LEVEL_ID_MEDIUM":   2,
		"RISK_LEVEL_ID_HIGH":     3,
		"RISK_LEVEL_ID_CRITICAL": 4,
	}
)

Enum value maps for Device_RiskLevelId.

View Source 
var (
	Device_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_SERVER",
		2:  "TYPE_ID_DESKTOP",
		3:  "TYPE_ID_LAPTOP",
		4:  "TYPE_ID_TABLET",
		5:  "TYPE_ID_MOBILE",
		6:  "TYPE_ID_VIRTUAL",
		7:  "TYPE_ID_IOT",
		8:  "TYPE_ID_BROWSER",
		9:  "TYPE_ID_FIREWALL",
		10: "TYPE_ID_SWITCH",
		11: "TYPE_ID_HUB",
		99: "TYPE_ID_OTHER",
	}
	Device_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":  0,
		"TYPE_ID_SERVER":   1,
		"TYPE_ID_DESKTOP":  2,
		"TYPE_ID_LAPTOP":   3,
		"TYPE_ID_TABLET":   4,
		"TYPE_ID_MOBILE":   5,
		"TYPE_ID_VIRTUAL":  6,
		"TYPE_ID_IOT":      7,
		"TYPE_ID_BROWSER":  8,
		"TYPE_ID_FIREWALL": 9,
		"TYPE_ID_SWITCH":   10,
		"TYPE_ID_HUB":      11,
		"TYPE_ID_OTHER":    99,
	}
)

Enum value maps for Device_TypeId.

View Source 
var (
	File_ConfidentialityId_name = map[int32]string{
		0:  "CONFIDENTIALITY_ID_UNKNOWN",
		1:  "CONFIDENTIALITY_ID_NOT_CONFIDENTIAL",
		2:  "CONFIDENTIALITY_ID_CONFIDENTIAL",
		3:  "CONFIDENTIALITY_ID_SECRET",
		4:  "CONFIDENTIALITY_ID_TOP_SECRET",
		5:  "CONFIDENTIALITY_ID_PRIVATE",
		6:  "CONFIDENTIALITY_ID_RESTRICTED",
		99: "CONFIDENTIALITY_ID_OTHER",
	}
	File_ConfidentialityId_value = map[string]int32{
		"CONFIDENTIALITY_ID_UNKNOWN":          0,
		"CONFIDENTIALITY_ID_NOT_CONFIDENTIAL": 1,
		"CONFIDENTIALITY_ID_CONFIDENTIAL":     2,
		"CONFIDENTIALITY_ID_SECRET":           3,
		"CONFIDENTIALITY_ID_TOP_SECRET":       4,
		"CONFIDENTIALITY_ID_PRIVATE":          5,
		"CONFIDENTIALITY_ID_RESTRICTED":       6,
		"CONFIDENTIALITY_ID_OTHER":            99,
	}
)

Enum value maps for File_ConfidentialityId.

View Source 
var (
	File_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_REGULAR_FILE",
		2:  "TYPE_ID_FOLDER",
		3:  "TYPE_ID_CHARACTER_DEVICE",
		4:  "TYPE_ID_BLOCK_DEVICE",
		5:  "TYPE_ID_LOCAL_SOCKET",
		6:  "TYPE_ID_NAMED_PIPE",
		7:  "TYPE_ID_SYMBOLIC_LINK",
		99: "TYPE_ID_OTHER",
	}
	File_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":          0,
		"TYPE_ID_REGULAR_FILE":     1,
		"TYPE_ID_FOLDER":           2,
		"TYPE_ID_CHARACTER_DEVICE": 3,
		"TYPE_ID_BLOCK_DEVICE":     4,
		"TYPE_ID_LOCAL_SOCKET":     5,
		"TYPE_ID_NAMED_PIPE":       6,
		"TYPE_ID_SYMBOLIC_LINK":    7,
		"TYPE_ID_OTHER":            99,
	}
)

Enum value maps for File_TypeId.

View Source 
var (
	Malware_ClassificationIds_name = map[int32]string{
		0:  "CLASSIFICATION_IDS_UNKNOWN",
		1:  "CLASSIFICATION_IDS_ADWARE",
		2:  "CLASSIFICATION_IDS_BACKDOOR",
		3:  "CLASSIFICATION_IDS_BOT",
		4:  "CLASSIFICATION_IDS_BOOTKIT",
		5:  "CLASSIFICATION_IDS_DDOS",
		6:  "CLASSIFICATION_IDS_DOWNLOADER",
		7:  "CLASSIFICATION_IDS_DROPPER",
		8:  "CLASSIFICATION_IDS_EXPLOIT_KIT",
		9:  "CLASSIFICATION_IDS_KEYLOGGER",
		10: "CLASSIFICATION_IDS_RANSOMWARE",
		11: "CLASSIFICATION_IDS_REMOTE_ACCESS_TROJAN",
		13: "CLASSIFICATION_IDS_RESOURCE_EXPLOITATION",
		14: "CLASSIFICATION_IDS_ROGUE_SECURITY_SOFTWARE",
		15: "CLASSIFICATION_IDS_ROOTKIT",
		16: "CLASSIFICATION_IDS_SCREEN_CAPTURE",
		17: "CLASSIFICATION_IDS_SPYWARE",
		18: "CLASSIFICATION_IDS_TROJAN",
		19: "CLASSIFICATION_IDS_VIRUS",
		20: "CLASSIFICATION_IDS_WEBSHELL",
		21: "CLASSIFICATION_IDS_WIPER",
		22: "CLASSIFICATION_IDS_WORM",
		99: "CLASSIFICATION_IDS_OTHER",
	}
	Malware_ClassificationIds_value = map[string]int32{
		"CLASSIFICATION_IDS_UNKNOWN":                 0,
		"CLASSIFICATION_IDS_ADWARE":                  1,
		"CLASSIFICATION_IDS_BACKDOOR":                2,
		"CLASSIFICATION_IDS_BOT":                     3,
		"CLASSIFICATION_IDS_BOOTKIT":                 4,
		"CLASSIFICATION_IDS_DDOS":                    5,
		"CLASSIFICATION_IDS_DOWNLOADER":              6,
		"CLASSIFICATION_IDS_DROPPER":                 7,
		"CLASSIFICATION_IDS_EXPLOIT_KIT":             8,
		"CLASSIFICATION_IDS_KEYLOGGER":               9,
		"CLASSIFICATION_IDS_RANSOMWARE":              10,
		"CLASSIFICATION_IDS_REMOTE_ACCESS_TROJAN":    11,
		"CLASSIFICATION_IDS_RESOURCE_EXPLOITATION":   13,
		"CLASSIFICATION_IDS_ROGUE_SECURITY_SOFTWARE": 14,
		"CLASSIFICATION_IDS_ROOTKIT":                 15,
		"CLASSIFICATION_IDS_SCREEN_CAPTURE":          16,
		"CLASSIFICATION_IDS_SPYWARE":                 17,
		"CLASSIFICATION_IDS_TROJAN":                  18,
		"CLASSIFICATION_IDS_VIRUS":                   19,
		"CLASSIFICATION_IDS_WEBSHELL":                20,
		"CLASSIFICATION_IDS_WIPER":                   21,
		"CLASSIFICATION_IDS_WORM":                    22,
		"CLASSIFICATION_IDS_OTHER":                   99,
	}
)

Enum value maps for Malware_ClassificationIds.

View Source 
var (
	Observable_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_HOSTNAME",
		2:  "TYPE_ID_IP_ADDRESS",
		3:  "TYPE_ID_MAC_ADDRESS",
		4:  "TYPE_ID_USER_NAME",
		5:  "TYPE_ID_EMAIL_ADDRESS",
		6:  "TYPE_ID_URL_STRING",
		7:  "TYPE_ID_FILE_NAME",
		8:  "TYPE_ID_HASH",
		9:  "TYPE_ID_PROCESS_NAME",
		10: "TYPE_ID_RESOURCE_UID",
		11: "TYPE_ID_PORT",
		12: "TYPE_ID_SUBNET",
		13: "TYPE_ID_COMMAND_LINE",
		14: "TYPE_ID_COUNTRY",
		15: "TYPE_ID_PROCESS_ID",
		16: "TYPE_ID_HTTP_USER_AGENT",
		99: "TYPE_ID_OTHER",
	}
	Observable_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":         0,
		"TYPE_ID_HOSTNAME":        1,
		"TYPE_ID_IP_ADDRESS":      2,
		"TYPE_ID_MAC_ADDRESS":     3,
		"TYPE_ID_USER_NAME":       4,
		"TYPE_ID_EMAIL_ADDRESS":   5,
		"TYPE_ID_URL_STRING":      6,
		"TYPE_ID_FILE_NAME":       7,
		"TYPE_ID_HASH":            8,
		"TYPE_ID_PROCESS_NAME":    9,
		"TYPE_ID_RESOURCE_UID":    10,
		"TYPE_ID_PORT":            11,
		"TYPE_ID_SUBNET":          12,
		"TYPE_ID_COMMAND_LINE":    13,
		"TYPE_ID_COUNTRY":         14,
		"TYPE_ID_PROCESS_ID":      15,
		"TYPE_ID_HTTP_USER_AGENT": 16,
		"TYPE_ID_OTHER":           99,
	}
)

Enum value maps for Observable_TypeId.

View Source 
var (
	RegValue_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_REG_BINARY",
		2:  "TYPE_ID_REG_DWORD",
		3:  "TYPE_ID_REG_DWORD_BIG_ENDIAN",
		4:  "TYPE_ID_REG_EXPAND_SZ",
		5:  "TYPE_ID_REG_LINK",
		6:  "TYPE_ID_REG_MULTI_SZ",
		7:  "TYPE_ID_REG_NONE",
		8:  "TYPE_ID_REG_QWORD",
		9:  "TYPE_ID_REG_QWORD_LITTLE_ENDIAN",
		10: "TYPE_ID_REG_SZ",
		99: "TYPE_ID_OTHER",
	}
	RegValue_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":                 0,
		"TYPE_ID_REG_BINARY":              1,
		"TYPE_ID_REG_DWORD":               2,
		"TYPE_ID_REG_DWORD_BIG_ENDIAN":    3,
		"TYPE_ID_REG_EXPAND_SZ":           4,
		"TYPE_ID_REG_LINK":                5,
		"TYPE_ID_REG_MULTI_SZ":            6,
		"TYPE_ID_REG_NONE":                7,
		"TYPE_ID_REG_QWORD":               8,
		"TYPE_ID_REG_QWORD_LITTLE_ENDIAN": 9,
		"TYPE_ID_REG_SZ":                  10,
		"TYPE_ID_OTHER":                   99,
	}
)

Enum value maps for RegValue_TypeId.

View Source 
var (
	Kernel_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_SHARED_MUTEX",
		2:  "TYPE_ID_SYSTEM_CALL",
		99: "TYPE_ID_OTHER",
	}
	Kernel_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":      0,
		"TYPE_ID_SHARED_MUTEX": 1,
		"TYPE_ID_SYSTEM_CALL":  2,
		"TYPE_ID_OTHER":        99,
	}
)

Enum value maps for Kernel_TypeId.

View Source 
var (
	WinResource_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_DIRECTORY",
		2:  "TYPE_ID_EVENT",
		3:  "TYPE_ID_TIMER",
		4:  "TYPE_ID_DEVICE",
		5:  "TYPE_ID_MUTANT",
		6:  "TYPE_ID_TYPE",
		7:  "TYPE_ID_FILE",
		8:  "TYPE_ID_TOKEN",
		9:  "TYPE_ID_THREAD",
		10: "TYPE_ID_SECTION",
		11: "TYPE_ID_WINDOWSTATION",
		12: "TYPE_ID_DEBUGOBJECT",
		13: "TYPE_ID_FILTERCOMMUNICATIONPORT",
		14: "TYPE_ID_EVENTPAIR",
		15: "TYPE_ID_DRIVER",
		16: "TYPE_ID_IOCOMPLETION",
		17: "TYPE_ID_CONTROLLER",
		18: "TYPE_ID_SYMBOLICLINK",
		19: "TYPE_ID_WMIGUID",
		20: "TYPE_ID_PROCESS",
		21: "TYPE_ID_PROFILE",
		22: "TYPE_ID_DESKTOP",
		23: "TYPE_ID_KEYEDEVENT",
		24: "TYPE_ID_ADAPTER",
		25: "TYPE_ID_KEY",
		26: "TYPE_ID_WAITABLEPORT",
		27: "TYPE_ID_CALLBACK",
		28: "TYPE_ID_SEMAPHORE",
		29: "TYPE_ID_JOB",
		30: "TYPE_ID_PORT",
		31: "TYPE_ID_FILTERCONNECTIONPORT",
		32: "TYPE_ID_ALPC_PORT",
		33: "TYPE_ID_SAM_ALIAS",
		34: "TYPE_ID_SAM_GROUP",
		35: "TYPE_ID_SAM_USER",
		36: "TYPE_ID_SAM_DOMAIN",
		37: "TYPE_ID_SAM_SERVER",
		99: "TYPE_ID_OTHER",
	}
	WinResource_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":                 0,
		"TYPE_ID_DIRECTORY":               1,
		"TYPE_ID_EVENT":                   2,
		"TYPE_ID_TIMER":                   3,
		"TYPE_ID_DEVICE":                  4,
		"TYPE_ID_MUTANT":                  5,
		"TYPE_ID_TYPE":                    6,
		"TYPE_ID_FILE":                    7,
		"TYPE_ID_TOKEN":                   8,
		"TYPE_ID_THREAD":                  9,
		"TYPE_ID_SECTION":                 10,
		"TYPE_ID_WINDOWSTATION":           11,
		"TYPE_ID_DEBUGOBJECT":             12,
		"TYPE_ID_FILTERCOMMUNICATIONPORT": 13,
		"TYPE_ID_EVENTPAIR":               14,
		"TYPE_ID_DRIVER":                  15,
		"TYPE_ID_IOCOMPLETION":            16,
		"TYPE_ID_CONTROLLER":              17,
		"TYPE_ID_SYMBOLICLINK":            18,
		"TYPE_ID_WMIGUID":                 19,
		"TYPE_ID_PROCESS":                 20,
		"TYPE_ID_PROFILE":                 21,
		"TYPE_ID_DESKTOP":                 22,
		"TYPE_ID_KEYEDEVENT":              23,
		"TYPE_ID_ADAPTER":                 24,
		"TYPE_ID_KEY":                     25,
		"TYPE_ID_WAITABLEPORT":            26,
		"TYPE_ID_CALLBACK":                27,
		"TYPE_ID_SEMAPHORE":               28,
		"TYPE_ID_JOB":                     29,
		"TYPE_ID_PORT":                    30,
		"TYPE_ID_FILTERCONNECTIONPORT":    31,
		"TYPE_ID_ALPC_PORT":               32,
		"TYPE_ID_SAM_ALIAS":               33,
		"TYPE_ID_SAM_GROUP":               34,
		"TYPE_ID_SAM_USER":                35,
		"TYPE_ID_SAM_DOMAIN":              36,
		"TYPE_ID_SAM_SERVER":              37,
		"TYPE_ID_OTHER":                   99,
	}
)

Enum value maps for WinResource_TypeId.

View Source 
var (
	Process_IntegrityId_name = map[int32]string{
		0:  "INTEGRITY_ID_UNKNOWN",
		1:  "INTEGRITY_ID_UNTRUSTED",
		2:  "INTEGRITY_ID_LOW",
		3:  "INTEGRITY_ID_MEDIUM",
		4:  "INTEGRITY_ID_HIGH",
		5:  "INTEGRITY_ID_SYSTEM",
		6:  "INTEGRITY_ID_PROTECTED",
		99: "INTEGRITY_ID_OTHER",
	}
	Process_IntegrityId_value = map[string]int32{
		"INTEGRITY_ID_UNKNOWN":   0,
		"INTEGRITY_ID_UNTRUSTED": 1,
		"INTEGRITY_ID_LOW":       2,
		"INTEGRITY_ID_MEDIUM":    3,
		"INTEGRITY_ID_HIGH":      4,
		"INTEGRITY_ID_SYSTEM":    5,
		"INTEGRITY_ID_PROTECTED": 6,
		"INTEGRITY_ID_OTHER":     99,
	}
)

Enum value maps for Process_IntegrityId.

View Source 
var (
	Module_LoadTypeId_name = map[int32]string{
		0:  "LOAD_TYPE_ID_UNKNOWN",
		1:  "LOAD_TYPE_ID_STANDARD",
		2:  "LOAD_TYPE_ID_NON_STANDARD",
		3:  "LOAD_TYPE_ID_SHELLCODE",
		4:  "LOAD_TYPE_ID_MAPPED",
		5:  "LOAD_TYPE_ID_NONSTANDARD_BACKED",
		99: "LOAD_TYPE_ID_OTHER",
	}
	Module_LoadTypeId_value = map[string]int32{
		"LOAD_TYPE_ID_UNKNOWN":            0,
		"LOAD_TYPE_ID_STANDARD":           1,
		"LOAD_TYPE_ID_NON_STANDARD":       2,
		"LOAD_TYPE_ID_SHELLCODE":          3,
		"LOAD_TYPE_ID_MAPPED":             4,
		"LOAD_TYPE_ID_NONSTANDARD_BACKED": 5,
		"LOAD_TYPE_ID_OTHER":              99,
	}
)

Enum value maps for Module_LoadTypeId.

View Source 
var (
	Job_RunStateId_name = map[int32]string{
		0:  "RUN_STATE_ID_UNKNOWN",
		1:  "RUN_STATE_ID_READY",
		2:  "RUN_STATE_ID_QUEUED",
		3:  "RUN_STATE_ID_RUNNING",
		4:  "RUN_STATE_ID_STOPPED",
		99: "RUN_STATE_ID_OTHER",
	}
	Job_RunStateId_value = map[string]int32{
		"RUN_STATE_ID_UNKNOWN": 0,
		"RUN_STATE_ID_READY":   1,
		"RUN_STATE_ID_QUEUED":  2,
		"RUN_STATE_ID_RUNNING": 3,
		"RUN_STATE_ID_STOPPED": 4,
		"RUN_STATE_ID_OTHER":   99,
	}
)

Enum value maps for Job_RunStateId.

View Source 
var (
	Analytic_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_RULE",
		2:  "TYPE_ID_BEHAVIORAL",
		3:  "TYPE_ID_STATISTICAL",
		5:  "TYPE_ID_FINGERPRINTING",
		6:  "TYPE_ID_TAGGING",
		7:  "TYPE_ID_KEYWORD_MATCH",
		8:  "TYPE_ID_REGULAR_EXPRESSIONS",
		9:  "TYPE_ID_EXACT_DATA_MATCH",
		10: "TYPE_ID_PARTIAL_DATA_MATCH",
		11: "TYPE_ID_INDEXED_DATA_MATCH",
		99: "TYPE_ID_OTHER",
	}
	Analytic_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":             0,
		"TYPE_ID_RULE":                1,
		"TYPE_ID_BEHAVIORAL":          2,
		"TYPE_ID_STATISTICAL":         3,
		"TYPE_ID_FINGERPRINTING":      5,
		"TYPE_ID_TAGGING":             6,
		"TYPE_ID_KEYWORD_MATCH":       7,
		"TYPE_ID_REGULAR_EXPRESSIONS": 8,
		"TYPE_ID_EXACT_DATA_MATCH":    9,
		"TYPE_ID_PARTIAL_DATA_MATCH":  10,
		"TYPE_ID_INDEXED_DATA_MATCH":  11,
		"TYPE_ID_OTHER":               99,
	}
)

Enum value maps for Analytic_TypeId.

View Source 
var (
	Compliance_StatusId_name = map[int32]string{
		0:  "STATUS_ID_UNKNOWN",
		1:  "STATUS_ID_PASS",
		2:  "STATUS_ID_WARNING",
		3:  "STATUS_ID_FAIL",
		99: "STATUS_ID_OTHER",
	}
	Compliance_StatusId_value = map[string]int32{
		"STATUS_ID_UNKNOWN": 0,
		"STATUS_ID_PASS":    1,
		"STATUS_ID_WARNING": 2,
		"STATUS_ID_FAIL":    3,
		"STATUS_ID_OTHER":   99,
	}
)

Enum value maps for Compliance_StatusId.

View Source 
var (
	KillChainPhase_PhaseId_name = map[int32]string{
		0:  "PHASE_ID_UNKNOWN",
		1:  "PHASE_ID_RECONNAISSANCE",
		2:  "PHASE_ID_WEAPONIZATION",
		3:  "PHASE_ID_DELIVERY",
		4:  "PHASE_ID_EXPLOITATION",
		5:  "PHASE_ID_INSTALLATION",
		6:  "PHASE_ID_COMMAND_CONTROL",
		7:  "PHASE_ID_ACTIONS_ON_OBJECTIVES",
		99: "PHASE_ID_OTHER",
	}
	KillChainPhase_PhaseId_value = map[string]int32{
		"PHASE_ID_UNKNOWN":               0,
		"PHASE_ID_RECONNAISSANCE":        1,
		"PHASE_ID_WEAPONIZATION":         2,
		"PHASE_ID_DELIVERY":              3,
		"PHASE_ID_EXPLOITATION":          4,
		"PHASE_ID_INSTALLATION":          5,
		"PHASE_ID_COMMAND_CONTROL":       6,
		"PHASE_ID_ACTIONS_ON_OBJECTIVES": 7,
		"PHASE_ID_OTHER":                 99,
	}
)

Enum value maps for KillChainPhase_PhaseId.

View Source 
var (
	User_RiskLevelId_name = map[int32]string{
		0: "RISK_LEVEL_ID_INFO",
		1: "RISK_LEVEL_ID_LOW",
		2: "RISK_LEVEL_ID_MEDIUM",
		3: "RISK_LEVEL_ID_HIGH",
		4: "RISK_LEVEL_ID_CRITICAL",
	}
	User_RiskLevelId_value = map[string]int32{
		"RISK_LEVEL_ID_INFO":     0,
		"RISK_LEVEL_ID_LOW":      1,
		"RISK_LEVEL_ID_MEDIUM":   2,
		"RISK_LEVEL_ID_HIGH":     3,
		"RISK_LEVEL_ID_CRITICAL": 4,
	}
)

Enum value maps for User_RiskLevelId.

View Source 
var (
	User_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_USER",
		2:  "TYPE_ID_ADMIN",
		3:  "TYPE_ID_SYSTEM",
		99: "TYPE_ID_OTHER",
	}
	User_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN": 0,
		"TYPE_ID_USER":    1,
		"TYPE_ID_ADMIN":   2,
		"TYPE_ID_SYSTEM":  3,
		"TYPE_ID_OTHER":   99,
	}
)

Enum value maps for User_TypeId.

View Source 
var (
	DataSecurity_CategoryId_name = map[int32]string{
		0:  "CATEGORY_ID_UNKNOWN",
		1:  "CATEGORY_ID_PERSONAL",
		2:  "CATEGORY_ID_GOVERNMENTAL",
		3:  "CATEGORY_ID_FINANCIAL",
		4:  "CATEGORY_ID_BUSINESS",
		5:  "CATEGORY_ID_MILITARY_AND_LAW_ENFORCEMENT",
		6:  "CATEGORY_ID_SECURITY",
		99: "CATEGORY_ID_OTHER",
	}
	DataSecurity_CategoryId_value = map[string]int32{
		"CATEGORY_ID_UNKNOWN":                      0,
		"CATEGORY_ID_PERSONAL":                     1,
		"CATEGORY_ID_GOVERNMENTAL":                 2,
		"CATEGORY_ID_FINANCIAL":                    3,
		"CATEGORY_ID_BUSINESS":                     4,
		"CATEGORY_ID_MILITARY_AND_LAW_ENFORCEMENT": 5,
		"CATEGORY_ID_SECURITY":                     6,
		"CATEGORY_ID_OTHER":                        99,
	}
)

Enum value maps for DataSecurity_CategoryId.

View Source 
var (
	DataSecurity_ConfidentialityId_name = map[int32]string{
		0:  "CONFIDENTIALITY_ID_UNKNOWN",
		1:  "CONFIDENTIALITY_ID_NOT_CONFIDENTIAL",
		2:  "CONFIDENTIALITY_ID_CONFIDENTIAL",
		3:  "CONFIDENTIALITY_ID_SECRET",
		4:  "CONFIDENTIALITY_ID_TOP_SECRET",
		5:  "CONFIDENTIALITY_ID_PRIVATE",
		6:  "CONFIDENTIALITY_ID_RESTRICTED",
		99: "CONFIDENTIALITY_ID_OTHER",
	}
	DataSecurity_ConfidentialityId_value = map[string]int32{
		"CONFIDENTIALITY_ID_UNKNOWN":          0,
		"CONFIDENTIALITY_ID_NOT_CONFIDENTIAL": 1,
		"CONFIDENTIALITY_ID_CONFIDENTIAL":     2,
		"CONFIDENTIALITY_ID_SECRET":           3,
		"CONFIDENTIALITY_ID_TOP_SECRET":       4,
		"CONFIDENTIALITY_ID_PRIVATE":          5,
		"CONFIDENTIALITY_ID_RESTRICTED":       6,
		"CONFIDENTIALITY_ID_OTHER":            99,
	}
)

Enum value maps for DataSecurity_ConfidentialityId.

View Source 
var (
	DataSecurity_DataLifecycleStateId_name = map[int32]string{
		0: "DATA_LIFECYCLE_STATE_ID_UNKNOWN",
		1: "DATA_LIFECYCLE_STATE_ID_DATA_AT_REST",
		2: "DATA_LIFECYCLE_STATE_ID_DATA_IN_TRANSIT",
		3: "DATA_LIFECYCLE_STATE_ID_DATA_IN_USE",
	}
	DataSecurity_DataLifecycleStateId_value = map[string]int32{
		"DATA_LIFECYCLE_STATE_ID_UNKNOWN":         0,
		"DATA_LIFECYCLE_STATE_ID_DATA_AT_REST":    1,
		"DATA_LIFECYCLE_STATE_ID_DATA_IN_TRANSIT": 2,
		"DATA_LIFECYCLE_STATE_ID_DATA_IN_USE":     3,
	}
)

Enum value maps for DataSecurity_DataLifecycleStateId.

View Source 
var (
	DataSecurity_DetectionSystemId_name = map[int32]string{
		0:  "DETECTION_SYSTEM_ID_UNKNOWN",
		1:  "DETECTION_SYSTEM_ID_ENDPOINT",
		2:  "DETECTION_SYSTEM_ID_DLP_GATEWAY",
		3:  "DETECTION_SYSTEM_ID_MOBILE_DEVICE_MANAGEMENT",
		4:  "DETECTION_SYSTEM_ID_DATA_DISCOVERY_CLASSIFICATION",
		5:  "DETECTION_SYSTEM_ID_SECURE_WEB_GATEWAY",
		6:  "DETECTION_SYSTEM_ID_SECURE_EMAIL_GATEWAY",
		7:  "DETECTION_SYSTEM_ID_DIGITAL_RIGHTS_MANAGEMENT",
		8:  "DETECTION_SYSTEM_ID_CLOUD_ACCESS_SECURITY_BROKER",
		9:  "DETECTION_SYSTEM_ID_DATABASE_ACTIVITY_MONITORING",
		10: "DETECTION_SYSTEM_ID_APPLICATION_LEVEL_DLP",
		11: "DETECTION_SYSTEM_ID_DEVELOPER_SECURITY",
		12: "DETECTION_SYSTEM_ID_DATA_SECURITY_POSTURE_MANAGEMENT",
		99: "DETECTION_SYSTEM_ID_OTHER",
	}
	DataSecurity_DetectionSystemId_value = map[string]int32{
		"DETECTION_SYSTEM_ID_UNKNOWN":                          0,
		"DETECTION_SYSTEM_ID_ENDPOINT":                         1,
		"DETECTION_SYSTEM_ID_DLP_GATEWAY":                      2,
		"DETECTION_SYSTEM_ID_MOBILE_DEVICE_MANAGEMENT":         3,
		"DETECTION_SYSTEM_ID_DATA_DISCOVERY_CLASSIFICATION":    4,
		"DETECTION_SYSTEM_ID_SECURE_WEB_GATEWAY":               5,
		"DETECTION_SYSTEM_ID_SECURE_EMAIL_GATEWAY":             6,
		"DETECTION_SYSTEM_ID_DIGITAL_RIGHTS_MANAGEMENT":        7,
		"DETECTION_SYSTEM_ID_CLOUD_ACCESS_SECURITY_BROKER":     8,
		"DETECTION_SYSTEM_ID_DATABASE_ACTIVITY_MONITORING":     9,
		"DETECTION_SYSTEM_ID_APPLICATION_LEVEL_DLP":            10,
		"DETECTION_SYSTEM_ID_DEVELOPER_SECURITY":               11,
		"DETECTION_SYSTEM_ID_DATA_SECURITY_POSTURE_MANAGEMENT": 12,
		"DETECTION_SYSTEM_ID_OTHER":                            99,
	}
)

Enum value maps for DataSecurity_DetectionSystemId.

View Source 
var (
	Database_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_RELATIONAL",
		2:  "TYPE_ID_NETWORK",
		3:  "TYPE_ID_OBJECT_ORIENTED",
		4:  "TYPE_ID_CENTRALIZED",
		5:  "TYPE_ID_OPERATIONAL",
		6:  "TYPE_ID_NOSQL",
		99: "TYPE_ID_OTHER",
	}
	Database_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":         0,
		"TYPE_ID_RELATIONAL":      1,
		"TYPE_ID_NETWORK":         2,
		"TYPE_ID_OBJECT_ORIENTED": 3,
		"TYPE_ID_CENTRALIZED":     4,
		"TYPE_ID_OPERATIONAL":     5,
		"TYPE_ID_NOSQL":           6,
		"TYPE_ID_OTHER":           99,
	}
)

Enum value maps for Database_TypeId.

View Source 
var (
	Databucket_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_S3",
		2:  "TYPE_ID_AZURE_BLOB",
		3:  "TYPE_ID_GCP_BUCKET",
		99: "TYPE_ID_OTHER",
	}
	Databucket_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":    0,
		"TYPE_ID_S3":         1,
		"TYPE_ID_AZURE_BLOB": 2,
		"TYPE_ID_GCP_BUCKET": 3,
		"TYPE_ID_OTHER":      99,
	}
)

Enum value maps for Databucket_TypeId.

View Source 
var (
	NetworkEndpoint_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_SERVER",
		2:  "TYPE_ID_DESKTOP",
		3:  "TYPE_ID_LAPTOP",
		4:  "TYPE_ID_TABLET",
		5:  "TYPE_ID_MOBILE",
		6:  "TYPE_ID_VIRTUAL",
		7:  "TYPE_ID_IOT",
		8:  "TYPE_ID_BROWSER",
		9:  "TYPE_ID_FIREWALL",
		10: "TYPE_ID_SWITCH",
		11: "TYPE_ID_HUB",
		99: "TYPE_ID_OTHER",
	}
	NetworkEndpoint_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":  0,
		"TYPE_ID_SERVER":   1,
		"TYPE_ID_DESKTOP":  2,
		"TYPE_ID_LAPTOP":   3,
		"TYPE_ID_TABLET":   4,
		"TYPE_ID_MOBILE":   5,
		"TYPE_ID_VIRTUAL":  6,
		"TYPE_ID_IOT":      7,
		"TYPE_ID_BROWSER":  8,
		"TYPE_ID_FIREWALL": 9,
		"TYPE_ID_SWITCH":   10,
		"TYPE_ID_HUB":      11,
		"TYPE_ID_OTHER":    99,
	}
)

Enum value maps for NetworkEndpoint_TypeId.

View Source 
var (
	AuthFactor_FactorTypeId_name = map[int32]string{
		0:  "FACTOR_TYPE_ID_UNKNOWN",
		1:  "FACTOR_TYPE_ID_SMS",
		2:  "FACTOR_TYPE_ID_SECURITY_QUESTION",
		3:  "FACTOR_TYPE_ID_PHONE_CALL",
		4:  "FACTOR_TYPE_ID_BIOMETRIC",
		5:  "FACTOR_TYPE_ID_PUSH_NOTIFICATION",
		6:  "FACTOR_TYPE_ID_HARDWARE_TOKEN",
		7:  "FACTOR_TYPE_ID_OTP",
		8:  "FACTOR_TYPE_ID_EMAIL",
		9:  "FACTOR_TYPE_ID_U2F",
		10: "FACTOR_TYPE_ID_WEBAUTHN",
		11: "FACTOR_TYPE_ID_PASSWORD",
		99: "FACTOR_TYPE_ID_OTHER",
	}
	AuthFactor_FactorTypeId_value = map[string]int32{
		"FACTOR_TYPE_ID_UNKNOWN":           0,
		"FACTOR_TYPE_ID_SMS":               1,
		"FACTOR_TYPE_ID_SECURITY_QUESTION": 2,
		"FACTOR_TYPE_ID_PHONE_CALL":        3,
		"FACTOR_TYPE_ID_BIOMETRIC":         4,
		"FACTOR_TYPE_ID_PUSH_NOTIFICATION": 5,
		"FACTOR_TYPE_ID_HARDWARE_TOKEN":    6,
		"FACTOR_TYPE_ID_OTP":               7,
		"FACTOR_TYPE_ID_EMAIL":             8,
		"FACTOR_TYPE_ID_U2F":               9,
		"FACTOR_TYPE_ID_WEBAUTHN":          10,
		"FACTOR_TYPE_ID_PASSWORD":          11,
		"FACTOR_TYPE_ID_OTHER":             99,
	}
)

Enum value maps for AuthFactor_FactorTypeId.

View Source 
var (
	NetworkConnectionInfo_BoundaryId_name = map[int32]string{
		0:  "BOUNDARY_ID_UNKNOWN",
		1:  "BOUNDARY_ID_LOCALHOST",
		2:  "BOUNDARY_ID_INTERNAL",
		3:  "BOUNDARY_ID_EXTERNAL",
		4:  "BOUNDARY_ID_SAME_VPC",
		5:  "BOUNDARY_ID_INTERNET_VPC_GATEWAY",
		6:  "BOUNDARY_ID_VIRTUAL_PRIVATE_GATEWAY",
		7:  "BOUNDARY_ID_INTRA_REGION_VPC",
		8:  "BOUNDARY_ID_INTER_REGION_VPC",
		9:  "BOUNDARY_ID_LOCAL_GATEWAY",
		10: "BOUNDARY_ID_GATEWAY_VPC",
		11: "BOUNDARY_ID_INTERNET_GATEWAY",
		99: "BOUNDARY_ID_OTHER",
	}
	NetworkConnectionInfo_BoundaryId_value = map[string]int32{
		"BOUNDARY_ID_UNKNOWN":                 0,
		"BOUNDARY_ID_LOCALHOST":               1,
		"BOUNDARY_ID_INTERNAL":                2,
		"BOUNDARY_ID_EXTERNAL":                3,
		"BOUNDARY_ID_SAME_VPC":                4,
		"BOUNDARY_ID_INTERNET_VPC_GATEWAY":    5,
		"BOUNDARY_ID_VIRTUAL_PRIVATE_GATEWAY": 6,
		"BOUNDARY_ID_INTRA_REGION_VPC":        7,
		"BOUNDARY_ID_INTER_REGION_VPC":        8,
		"BOUNDARY_ID_LOCAL_GATEWAY":           9,
		"BOUNDARY_ID_GATEWAY_VPC":             10,
		"BOUNDARY_ID_INTERNET_GATEWAY":        11,
		"BOUNDARY_ID_OTHER":                   99,
	}
)

Enum value maps for NetworkConnectionInfo_BoundaryId.

View Source 
var (
	NetworkConnectionInfo_DirectionId_name = map[int32]string{
		0:  "DIRECTION_ID_UNKNOWN",
		1:  "DIRECTION_ID_INBOUND",
		2:  "DIRECTION_ID_OUTBOUND",
		3:  "DIRECTION_ID_LATERAL",
		99: "DIRECTION_ID_OTHER",
	}
	NetworkConnectionInfo_DirectionId_value = map[string]int32{
		"DIRECTION_ID_UNKNOWN":  0,
		"DIRECTION_ID_INBOUND":  1,
		"DIRECTION_ID_OUTBOUND": 2,
		"DIRECTION_ID_LATERAL":  3,
		"DIRECTION_ID_OTHER":    99,
	}
)

Enum value maps for NetworkConnectionInfo_DirectionId.

View Source 
var (
	NetworkConnectionInfo_ProtocolVerId_name = map[int32]string{
		0:  "PROTOCOL_VER_ID_UNKNOWN",
		4:  "PROTOCOL_VER_ID_INTERNET_PROTOCOL_VERSION_4_IPV4",
		6:  "PROTOCOL_VER_ID_INTERNET_PROTOCOL_VERSION_6_IPV6",
		99: "PROTOCOL_VER_ID_OTHER",
	}
	NetworkConnectionInfo_ProtocolVerId_value = map[string]int32{
		"PROTOCOL_VER_ID_UNKNOWN":                          0,
		"PROTOCOL_VER_ID_INTERNET_PROTOCOL_VERSION_4_IPV4": 4,
		"PROTOCOL_VER_ID_INTERNET_PROTOCOL_VERSION_6_IPV6": 6,
		"PROTOCOL_VER_ID_OTHER":                            99,
	}
)

Enum value maps for NetworkConnectionInfo_ProtocolVerId.

View Source 
var (
	NetworkProxy_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_SERVER",
		2:  "TYPE_ID_DESKTOP",
		3:  "TYPE_ID_LAPTOP",
		4:  "TYPE_ID_TABLET",
		5:  "TYPE_ID_MOBILE",
		6:  "TYPE_ID_VIRTUAL",
		7:  "TYPE_ID_IOT",
		8:  "TYPE_ID_BROWSER",
		9:  "TYPE_ID_FIREWALL",
		10: "TYPE_ID_SWITCH",
		11: "TYPE_ID_HUB",
		99: "TYPE_ID_OTHER",
	}
	NetworkProxy_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":  0,
		"TYPE_ID_SERVER":   1,
		"TYPE_ID_DESKTOP":  2,
		"TYPE_ID_LAPTOP":   3,
		"TYPE_ID_TABLET":   4,
		"TYPE_ID_MOBILE":   5,
		"TYPE_ID_VIRTUAL":  6,
		"TYPE_ID_IOT":      7,
		"TYPE_ID_BROWSER":  8,
		"TYPE_ID_FIREWALL": 9,
		"TYPE_ID_SWITCH":   10,
		"TYPE_ID_HUB":      11,
		"TYPE_ID_OTHER":    99,
	}
)

Enum value maps for NetworkProxy_TypeId.

View Source 
var (
	Url_CategoryIds_name = map[int32]string{
		0:   "CATEGORY_IDS_UNKNOWN",
		1:   "CATEGORY_IDS_ADULT_MATURE_CONTENT",
		3:   "CATEGORY_IDS_PORNOGRAPHY",
		4:   "CATEGORY_IDS_SEX_EDUCATION",
		5:   "CATEGORY_IDS_INTIMATE_APPAREL_SWIMSUIT",
		6:   "CATEGORY_IDS_NUDITY",
		7:   "CATEGORY_IDS_EXTREME",
		9:   "CATEGORY_IDS_SCAM_QUESTIONABLE_ILLEGAL",
		11:  "CATEGORY_IDS_GAMBLING",
		14:  "CATEGORY_IDS_VIOLENCE_HATE_RACISM",
		15:  "CATEGORY_IDS_WEAPONS",
		16:  "CATEGORY_IDS_ABORTION",
		17:  "CATEGORY_IDS_HACKING",
		18:  "CATEGORY_IDS_PHISHING",
		20:  "CATEGORY_IDS_ENTERTAINMENT",
		21:  "CATEGORY_IDS_BUSINESS_ECONOMY",
		22:  "CATEGORY_IDS_ALTERNATIVE_SPIRITUALITY_BELIEF",
		23:  "CATEGORY_IDS_ALCOHOL",
		24:  "CATEGORY_IDS_TOBACCO",
		25:  "CATEGORY_IDS_CONTROLLED_SUBSTANCES",
		26:  "CATEGORY_IDS_CHILD_PORNOGRAPHY",
		27:  "CATEGORY_IDS_EDUCATION",
		29:  "CATEGORY_IDS_CHARITABLE_ORGANIZATIONS",
		30:  "CATEGORY_IDS_ART_CULTURE",
		31:  "CATEGORY_IDS_FINANCIAL_SERVICES",
		32:  "CATEGORY_IDS_BROKERAGE_TRADING",
		33:  "CATEGORY_IDS_GAMES",
		34:  "CATEGORY_IDS_GOVERNMENT_LEGAL",
		35:  "CATEGORY_IDS_MILITARY",
		36:  "CATEGORY_IDS_POLITICAL_SOCIAL_ADVOCACY",
		37:  "CATEGORY_IDS_HEALTH",
		38:  "CATEGORY_IDS_TECHNOLOGY_INTERNET",
		40:  "CATEGORY_IDS_SEARCH_ENGINES_PORTALS",
		43:  "CATEGORY_IDS_MALICIOUS_SOURCES_MALNETS",
		44:  "CATEGORY_IDS_MALICIOUS_OUTBOUND_DATA_BOTNETS",
		45:  "CATEGORY_IDS_JOB_SEARCH_CAREERS",
		46:  "CATEGORY_IDS_NEWS_MEDIA",
		47:  "CATEGORY_IDS_PERSONALS_DATING",
		49:  "CATEGORY_IDS_REFERENCE",
		50:  "CATEGORY_IDS_MIXED_CONTENT_POTENTIALLY_ADULT",
		51:  "CATEGORY_IDS_CHAT_IM_SMS",
		52:  "CATEGORY_IDS_EMAIL",
		53:  "CATEGORY_IDS_NEWSGROUPS_FORUMS",
		54:  "CATEGORY_IDS_RELIGION",
		55:  "CATEGORY_IDS_SOCIAL_NETWORKING",
		56:  "CATEGORY_IDS_FILE_STORAGE_SHARING",
		57:  "CATEGORY_IDS_REMOTE_ACCESS_TOOLS",
		58:  "CATEGORY_IDS_SHOPPING",
		59:  "CATEGORY_IDS_AUCTIONS",
		60:  "CATEGORY_IDS_REAL_ESTATE",
		61:  "CATEGORY_IDS_SOCIETY_DAILY_LIVING",
		63:  "CATEGORY_IDS_PERSONAL_SITES",
		64:  "CATEGORY_IDS_RESTAURANTS_DINING_FOOD",
		65:  "CATEGORY_IDS_SPORTS_RECREATION",
		66:  "CATEGORY_IDS_TRAVEL",
		67:  "CATEGORY_IDS_VEHICLES",
		68:  "CATEGORY_IDS_HUMOR_JOKES",
		71:  "CATEGORY_IDS_SOFTWARE_DOWNLOADS",
		83:  "CATEGORY_IDS_PEER_TO_PEER_P2P",
		84:  "CATEGORY_IDS_AUDIO_VIDEO_CLIPS",
		85:  "CATEGORY_IDS_OFFICE_BUSINESS_APPLICATIONS",
		86:  "CATEGORY_IDS_PROXY_AVOIDANCE",
		87:  "CATEGORY_IDS_FOR_KIDS",
		88:  "CATEGORY_IDS_WEB_ADS_ANALYTICS",
		89:  "CATEGORY_IDS_WEB_HOSTING",
		90:  "CATEGORY_IDS_UNCATEGORIZED",
		92:  "CATEGORY_IDS_SUSPICIOUS",
		93:  "CATEGORY_IDS_SEXUAL_EXPRESSION",
		95:  "CATEGORY_IDS_TRANSLATION",
		96:  "CATEGORY_IDS_NON_VIEWABLE_INFRASTRUCTURE",
		97:  "CATEGORY_IDS_CONTENT_SERVERS",
		98:  "CATEGORY_IDS_PLACEHOLDERS",
		99:  "CATEGORY_IDS_OTHER",
		101: "CATEGORY_IDS_SPAM",
		102: "CATEGORY_IDS_POTENTIALLY_UNWANTED_SOFTWARE",
		103: "CATEGORY_IDS_DYNAMIC_DNS_HOST",
		106: "CATEGORY_IDS_E_CARD_INVITATIONS",
		107: "CATEGORY_IDS_INFORMATIONAL",
		108: "CATEGORY_IDS_COMPUTER_INFORMATION_SECURITY",
		109: "CATEGORY_IDS_INTERNET_CONNECTED_DEVICES",
		110: "CATEGORY_IDS_INTERNET_TELEPHONY",
		111: "CATEGORY_IDS_ONLINE_MEETINGS",
		112: "CATEGORY_IDS_MEDIA_SHARING",
		113: "CATEGORY_IDS_RADIO_AUDIO_STREAMS",
		114: "CATEGORY_IDS_TV_VIDEO_STREAMS",
		118: "CATEGORY_IDS_PIRACY_COPYRIGHT_CONCERNS",
		121: "CATEGORY_IDS_MARIJUANA",
	}
	Url_CategoryIds_value = map[string]int32{
		"CATEGORY_IDS_UNKNOWN":                         0,
		"CATEGORY_IDS_ADULT_MATURE_CONTENT":            1,
		"CATEGORY_IDS_PORNOGRAPHY":                     3,
		"CATEGORY_IDS_SEX_EDUCATION":                   4,
		"CATEGORY_IDS_INTIMATE_APPAREL_SWIMSUIT":       5,
		"CATEGORY_IDS_NUDITY":                          6,
		"CATEGORY_IDS_EXTREME":                         7,
		"CATEGORY_IDS_SCAM_QUESTIONABLE_ILLEGAL":       9,
		"CATEGORY_IDS_GAMBLING":                        11,
		"CATEGORY_IDS_VIOLENCE_HATE_RACISM":            14,
		"CATEGORY_IDS_WEAPONS":                         15,
		"CATEGORY_IDS_ABORTION":                        16,
		"CATEGORY_IDS_HACKING":                         17,
		"CATEGORY_IDS_PHISHING":                        18,
		"CATEGORY_IDS_ENTERTAINMENT":                   20,
		"CATEGORY_IDS_BUSINESS_ECONOMY":                21,
		"CATEGORY_IDS_ALTERNATIVE_SPIRITUALITY_BELIEF": 22,
		"CATEGORY_IDS_ALCOHOL":                         23,
		"CATEGORY_IDS_TOBACCO":                         24,
		"CATEGORY_IDS_CONTROLLED_SUBSTANCES":           25,
		"CATEGORY_IDS_CHILD_PORNOGRAPHY":               26,
		"CATEGORY_IDS_EDUCATION":                       27,
		"CATEGORY_IDS_CHARITABLE_ORGANIZATIONS":        29,
		"CATEGORY_IDS_ART_CULTURE":                     30,
		"CATEGORY_IDS_FINANCIAL_SERVICES":              31,
		"CATEGORY_IDS_BROKERAGE_TRADING":               32,
		"CATEGORY_IDS_GAMES":                           33,
		"CATEGORY_IDS_GOVERNMENT_LEGAL":                34,
		"CATEGORY_IDS_MILITARY":                        35,
		"CATEGORY_IDS_POLITICAL_SOCIAL_ADVOCACY":       36,
		"CATEGORY_IDS_HEALTH":                          37,
		"CATEGORY_IDS_TECHNOLOGY_INTERNET":             38,
		"CATEGORY_IDS_SEARCH_ENGINES_PORTALS":          40,
		"CATEGORY_IDS_MALICIOUS_SOURCES_MALNETS":       43,
		"CATEGORY_IDS_MALICIOUS_OUTBOUND_DATA_BOTNETS": 44,
		"CATEGORY_IDS_JOB_SEARCH_CAREERS":              45,
		"CATEGORY_IDS_NEWS_MEDIA":                      46,
		"CATEGORY_IDS_PERSONALS_DATING":                47,
		"CATEGORY_IDS_REFERENCE":                       49,
		"CATEGORY_IDS_MIXED_CONTENT_POTENTIALLY_ADULT": 50,
		"CATEGORY_IDS_CHAT_IM_SMS":                     51,
		"CATEGORY_IDS_EMAIL":                           52,
		"CATEGORY_IDS_NEWSGROUPS_FORUMS":               53,
		"CATEGORY_IDS_RELIGION":                        54,
		"CATEGORY_IDS_SOCIAL_NETWORKING":               55,
		"CATEGORY_IDS_FILE_STORAGE_SHARING":            56,
		"CATEGORY_IDS_REMOTE_ACCESS_TOOLS":             57,
		"CATEGORY_IDS_SHOPPING":                        58,
		"CATEGORY_IDS_AUCTIONS":                        59,
		"CATEGORY_IDS_REAL_ESTATE":                     60,
		"CATEGORY_IDS_SOCIETY_DAILY_LIVING":            61,
		"CATEGORY_IDS_PERSONAL_SITES":                  63,
		"CATEGORY_IDS_RESTAURANTS_DINING_FOOD":         64,
		"CATEGORY_IDS_SPORTS_RECREATION":               65,
		"CATEGORY_IDS_TRAVEL":                          66,
		"CATEGORY_IDS_VEHICLES":                        67,
		"CATEGORY_IDS_HUMOR_JOKES":                     68,
		"CATEGORY_IDS_SOFTWARE_DOWNLOADS":              71,
		"CATEGORY_IDS_PEER_TO_PEER_P2P":                83,
		"CATEGORY_IDS_AUDIO_VIDEO_CLIPS":               84,
		"CATEGORY_IDS_OFFICE_BUSINESS_APPLICATIONS":    85,
		"CATEGORY_IDS_PROXY_AVOIDANCE":                 86,
		"CATEGORY_IDS_FOR_KIDS":                        87,
		"CATEGORY_IDS_WEB_ADS_ANALYTICS":               88,
		"CATEGORY_IDS_WEB_HOSTING":                     89,
		"CATEGORY_IDS_UNCATEGORIZED":                   90,
		"CATEGORY_IDS_SUSPICIOUS":                      92,
		"CATEGORY_IDS_SEXUAL_EXPRESSION":               93,
		"CATEGORY_IDS_TRANSLATION":                     95,
		"CATEGORY_IDS_NON_VIEWABLE_INFRASTRUCTURE":     96,
		"CATEGORY_IDS_CONTENT_SERVERS":                 97,
		"CATEGORY_IDS_PLACEHOLDERS":                    98,
		"CATEGORY_IDS_OTHER":                           99,
		"CATEGORY_IDS_SPAM":                            101,
		"CATEGORY_IDS_POTENTIALLY_UNWANTED_SOFTWARE":   102,
		"CATEGORY_IDS_DYNAMIC_DNS_HOST":                103,
		"CATEGORY_IDS_E_CARD_INVITATIONS":              106,
		"CATEGORY_IDS_INFORMATIONAL":                   107,
		"CATEGORY_IDS_COMPUTER_INFORMATION_SECURITY":   108,
		"CATEGORY_IDS_INTERNET_CONNECTED_DEVICES":      109,
		"CATEGORY_IDS_INTERNET_TELEPHONY":              110,
		"CATEGORY_IDS_ONLINE_MEETINGS":                 111,
		"CATEGORY_IDS_MEDIA_SHARING":                   112,
		"CATEGORY_IDS_RADIO_AUDIO_STREAMS":             113,
		"CATEGORY_IDS_TV_VIDEO_STREAMS":                114,
		"CATEGORY_IDS_PIRACY_COPYRIGHT_CONCERNS":       118,
		"CATEGORY_IDS_MARIJUANA":                       121,
	}
)

Enum value maps for Url_CategoryIds.

View Source 
var (
	DnsAnswer_FlagIds_name = map[int32]string{
		0:  "FLAG_IDS_UNKNOWN",
		1:  "FLAG_IDS_AUTHORITATIVE_ANSWER",
		2:  "FLAG_IDS_TRUNCATED_RESPONSE",
		3:  "FLAG_IDS_RECURSION_DESIRED",
		4:  "FLAG_IDS_RECURSION_AVAILABLE",
		5:  "FLAG_IDS_AUTHENTIC_DATA",
		6:  "FLAG_IDS_CHECKING_DISABLED",
		99: "FLAG_IDS_OTHER",
	}
	DnsAnswer_FlagIds_value = map[string]int32{
		"FLAG_IDS_UNKNOWN":              0,
		"FLAG_IDS_AUTHORITATIVE_ANSWER": 1,
		"FLAG_IDS_TRUNCATED_RESPONSE":   2,
		"FLAG_IDS_RECURSION_DESIRED":    3,
		"FLAG_IDS_RECURSION_AVAILABLE":  4,
		"FLAG_IDS_AUTHENTIC_DATA":       5,
		"FLAG_IDS_CHECKING_DISABLED":    6,
		"FLAG_IDS_OTHER":                99,
	}
)

Enum value maps for DnsAnswer_FlagIds.

View Source 
var (
	DnsQuery_OpcodeId_name = map[int32]string{
		0: "OPCODE_ID_QUERY",
		1: "OPCODE_ID_INVERSE_QUERY",
		2: "OPCODE_ID_STATUS",
		3: "OPCODE_ID_RESERVED",
		4: "OPCODE_ID_NOTIFY",
		5: "OPCODE_ID_UPDATE",
		6: "OPCODE_ID_DSO_MESSAGE",
	}
	DnsQuery_OpcodeId_value = map[string]int32{
		"OPCODE_ID_QUERY":         0,
		"OPCODE_ID_INVERSE_QUERY": 1,
		"OPCODE_ID_STATUS":        2,
		"OPCODE_ID_RESERVED":      3,
		"OPCODE_ID_NOTIFY":        4,
		"OPCODE_ID_UPDATE":        5,
		"OPCODE_ID_DSO_MESSAGE":   6,
	}
)

Enum value maps for DnsQuery_OpcodeId.

View Source 
var (
	NetworkInterface_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_WIRED",
		2:  "TYPE_ID_WIRELESS",
		3:  "TYPE_ID_MOBILE",
		4:  "TYPE_ID_TUNNEL",
		99: "TYPE_ID_OTHER",
	}
	NetworkInterface_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":  0,
		"TYPE_ID_WIRED":    1,
		"TYPE_ID_WIRELESS": 2,
		"TYPE_ID_MOBILE":   3,
		"TYPE_ID_TUNNEL":   4,
		"TYPE_ID_OTHER":    99,
	}
)

Enum value maps for NetworkInterface_TypeId.

View Source 
var (
	SecurityState_StateId_name = map[int32]string{
		0:  "STATE_ID_UNKNOWN",
		1:  "STATE_ID_MISSING_OR_OUTDATED_CONTENT",
		2:  "STATE_ID_POLICY_MISMATCH",
		3:  "STATE_ID_IN_NETWORK_QUARANTINE",
		4:  "STATE_ID_PROTECTION_OFF",
		5:  "STATE_ID_PROTECTION_MALFUNCTION",
		6:  "STATE_ID_PROTECTION_NOT_LICENSED",
		7:  "STATE_ID_UNREMEDIATED_THREAT",
		8:  "STATE_ID_SUSPICIOUS_REPUTATION",
		9:  "STATE_ID_REBOOT_PENDING",
		10: "STATE_ID_CONTENT_IS_LOCKED",
		11: "STATE_ID_NOT_INSTALLED",
		12: "STATE_ID_WRITABLE_SYSTEM_PARTITION",
		13: "STATE_ID_SAFETYNET_FAILURE",
		14: "STATE_ID_FAILED_BOOT_VERIFY",
		15: "STATE_ID_MODIFIED_EXECUTION_ENVIRONMENT",
		16: "STATE_ID_SELINUX_DISABLED",
		17: "STATE_ID_ELEVATED_PRIVILEGE_SHELL",
		18: "STATE_ID_IOS_FILE_SYSTEM_ALTERED",
		19: "STATE_ID_OPEN_REMOTE_ACCESS",
		20: "STATE_ID_OTA_UPDATES_DISABLED",
		21: "STATE_ID_ROOTED",
		22: "STATE_ID_ANDROID_PARTITION_MODIFIED",
		23: "STATE_ID_COMPLIANCE_FAILURE",
		99: "STATE_ID_OTHER",
	}
	SecurityState_StateId_value = map[string]int32{
		"STATE_ID_UNKNOWN":                        0,
		"STATE_ID_MISSING_OR_OUTDATED_CONTENT":    1,
		"STATE_ID_POLICY_MISMATCH":                2,
		"STATE_ID_IN_NETWORK_QUARANTINE":          3,
		"STATE_ID_PROTECTION_OFF":                 4,
		"STATE_ID_PROTECTION_MALFUNCTION":         5,
		"STATE_ID_PROTECTION_NOT_LICENSED":        6,
		"STATE_ID_UNREMEDIATED_THREAT":            7,
		"STATE_ID_SUSPICIOUS_REPUTATION":          8,
		"STATE_ID_REBOOT_PENDING":                 9,
		"STATE_ID_CONTENT_IS_LOCKED":              10,
		"STATE_ID_NOT_INSTALLED":                  11,
		"STATE_ID_WRITABLE_SYSTEM_PARTITION":      12,
		"STATE_ID_SAFETYNET_FAILURE":              13,
		"STATE_ID_FAILED_BOOT_VERIFY":             14,
		"STATE_ID_MODIFIED_EXECUTION_ENVIRONMENT": 15,
		"STATE_ID_SELINUX_DISABLED":               16,
		"STATE_ID_ELEVATED_PRIVILEGE_SHELL":       17,
		"STATE_ID_IOS_FILE_SYSTEM_ALTERED":        18,
		"STATE_ID_OPEN_REMOTE_ACCESS":             19,
		"STATE_ID_OTA_UPDATES_DISABLED":           20,
		"STATE_ID_ROOTED":                         21,
		"STATE_ID_ANDROID_PARTITION_MODIFIED":     22,
		"STATE_ID_COMPLIANCE_FAILURE":             23,
		"STATE_ID_OTHER":                          99,
	}
)

Enum value maps for SecurityState_StateId.

View Source 
var (
	Scan_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_MANUAL",
		2:  "TYPE_ID_SCHEDULED",
		3:  "TYPE_ID_UPDATED_CONTENT",
		4:  "TYPE_ID_QUARANTINED_ITEMS",
		5:  "TYPE_ID_ATTACHED_MEDIA",
		6:  "TYPE_ID_USER_LOGON",
		7:  "TYPE_ID_ELAM",
		99: "TYPE_ID_OTHER",
	}
	Scan_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":           0,
		"TYPE_ID_MANUAL":            1,
		"TYPE_ID_SCHEDULED":         2,
		"TYPE_ID_UPDATED_CONTENT":   3,
		"TYPE_ID_QUARANTINED_ITEMS": 4,
		"TYPE_ID_ATTACHED_MEDIA":    5,
		"TYPE_ID_USER_LOGON":        6,
		"TYPE_ID_ELAM":              7,
		"TYPE_ID_OTHER":             99,
	}
)

Enum value maps for Scan_TypeId.

View Source 
var (
	Account_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_LDAP_ACCOUNT",
		2:  "TYPE_ID_WINDOWS_ACCOUNT",
		3:  "TYPE_ID_AWS_IAM_USER",
		4:  "TYPE_ID_AWS_IAM_ROLE",
		5:  "TYPE_ID_GCP_ACCOUNT",
		6:  "TYPE_ID_AZURE_AD_ACCOUNT",
		7:  "TYPE_ID_MAC_OS_ACCOUNT",
		8:  "TYPE_ID_APPLE_ACCOUNT",
		9:  "TYPE_ID_LINUX_ACCOUNT",
		10: "TYPE_ID_AWS_ACCOUNT",
		99: "TYPE_ID_OTHER",
	}
	Account_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":          0,
		"TYPE_ID_LDAP_ACCOUNT":     1,
		"TYPE_ID_WINDOWS_ACCOUNT":  2,
		"TYPE_ID_AWS_IAM_USER":     3,
		"TYPE_ID_AWS_IAM_ROLE":     4,
		"TYPE_ID_GCP_ACCOUNT":      5,
		"TYPE_ID_AZURE_AD_ACCOUNT": 6,
		"TYPE_ID_MAC_OS_ACCOUNT":   7,
		"TYPE_ID_APPLE_ACCOUNT":    8,
		"TYPE_ID_LINUX_ACCOUNT":    9,
		"TYPE_ID_AWS_ACCOUNT":      10,
		"TYPE_ID_OTHER":            99,
	}
)

Enum value maps for Account_TypeId.

View Source 
var (
	Agent_TypeId_name = map[int32]string{
		0:  "TYPE_ID_UNKNOWN",
		1:  "TYPE_ID_ENDPOINT_DETECTION_AND_RESPONSE",
		2:  "TYPE_ID_DATA_LOSS_PREVENTION",
		3:  "TYPE_ID_BACKUP_RECOVERY",
		4:  "TYPE_ID_PERFORMANCE_MONITORING_OBSERVABILITY",
		5:  "TYPE_ID_VULNERABILITY_MANAGEMENT",
		6:  "TYPE_ID_LOG_FORWARDING",
		7:  "TYPE_ID_MOBILE_DEVICE_MANAGEMENT",
		8:  "TYPE_ID_CONFIGURATION_MANAGEMENT",
		9:  "TYPE_ID_REMOTE_ACCESS",
		99: "TYPE_ID_OTHER",
	}
	Agent_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":                              0,
		"TYPE_ID_ENDPOINT_DETECTION_AND_RESPONSE":      1,
		"TYPE_ID_DATA_LOSS_PREVENTION":                 2,
		"TYPE_ID_BACKUP_RECOVERY":                      3,
		"TYPE_ID_PERFORMANCE_MONITORING_OBSERVABILITY": 4,
		"TYPE_ID_VULNERABILITY_MANAGEMENT":             5,
		"TYPE_ID_LOG_FORWARDING":                       6,
		"TYPE_ID_MOBILE_DEVICE_MANAGEMENT":             7,
		"TYPE_ID_CONFIGURATION_MANAGEMENT":             8,
		"TYPE_ID_REMOTE_ACCESS":                        9,
		"TYPE_ID_OTHER":                                99,
	}
)

Enum value maps for Agent_TypeId.

View Source 
var (
	Os_TypeId_name = map[int32]string{
		0:   "TYPE_ID_UNKNOWN",
		99:  "TYPE_ID_OTHER",
		100: "TYPE_ID_WINDOWS",
		101: "TYPE_ID_WINDOWS_MOBILE",
		200: "TYPE_ID_LINUX",
		201: "TYPE_ID_ANDROID",
		300: "TYPE_ID_MACOS",
		301: "TYPE_ID_IOS",
		302: "TYPE_ID_IPADOS",
		400: "TYPE_ID_SOLARIS",
		401: "TYPE_ID_AIX",
		402: "TYPE_ID_HP_UX",
	}
	Os_TypeId_value = map[string]int32{
		"TYPE_ID_UNKNOWN":        0,
		"TYPE_ID_OTHER":          99,
		"TYPE_ID_WINDOWS":        100,
		"TYPE_ID_WINDOWS_MOBILE": 101,
		"TYPE_ID_LINUX":          200,
		"TYPE_ID_ANDROID":        201,
		"TYPE_ID_MACOS":          300,
		"TYPE_ID_IOS":            301,
		"TYPE_ID_IPADOS":         302,
		"TYPE_ID_SOLARIS":        400,
		"TYPE_ID_AIX":            401,
		"TYPE_ID_HP_UX":          402,
	}
)

Enum value maps for Os_TypeId.

View Source 
var (
	DataClassification_CategoryId_name = map[int32]string{
		0:  "CATEGORY_ID_UNKNOWN",
		1:  "CATEGORY_ID_PERSONAL",
		2:  "CATEGORY_ID_GOVERNMENTAL",
		3:  "CATEGORY_ID_FINANCIAL",
		4:  "CATEGORY_ID_BUSINESS",
		5:  "CATEGORY_ID_MILITARY_AND_LAW_ENFORCEMENT",
		6:  "CATEGORY_ID_SECURITY",
		99: "CATEGORY_ID_OTHER",
	}
	DataClassification_CategoryId_value = map[string]int32{
		"CATEGORY_ID_UNKNOWN":                      0,
		"CATEGORY_ID_PERSONAL":                     1,
		"CATEGORY_ID_GOVERNMENTAL":                 2,
		"CATEGORY_ID_FINANCIAL":                    3,
		"CATEGORY_ID_BUSINESS":                     4,
		"CATEGORY_ID_MILITARY_AND_LAW_ENFORCEMENT": 5,
		"CATEGORY_ID_SECURITY":                     6,
		"CATEGORY_ID_OTHER":                        99,
	}
)

Enum value maps for DataClassification_CategoryId.

View Source 
var (
	DataClassification_ConfidentialityId_name = map[int32]string{
		0:  "CONFIDENTIALITY_ID_UNKNOWN",
		1:  "CONFIDENTIALITY_ID_NOT_CONFIDENTIAL",
		2:  "CONFIDENTIALITY_ID_CONFIDENTIAL",
		3:  "CONFIDENTIALITY_ID_SECRET",
		4:  "CONFIDENTIALITY_ID_TOP_SECRET",
		5:  "CONFIDENTIALITY_ID_PRIVATE",
		6:  "CONFIDENTIALITY_ID_RESTRICTED",
		99: "CONFIDENTIALITY_ID_OTHER",
	}
	DataClassification_ConfidentialityId_value = map[string]int32{
		"CONFIDENTIALITY_ID_UNKNOWN":          0,
		"CONFIDENTIALITY_ID_NOT_CONFIDENTIAL": 1,
		"CONFIDENTIALITY_ID_CONFIDENTIAL":     2,
		"CONFIDENTIALITY_ID_SECRET":           3,
		"CONFIDENTIALITY_ID_TOP_SECRET":       4,
		"CONFIDENTIALITY_ID_PRIVATE":          5,
		"CONFIDENTIALITY_ID_RESTRICTED":       6,
		"CONFIDENTIALITY_ID_OTHER":            99,
	}
)

Enum value maps for DataClassification_ConfidentialityId.

View Source 
var (
	Fingerprint_AlgorithmId_name = map[int32]string{
		0:  "ALGORITHM_ID_UNKNOWN",
		1:  "ALGORITHM_ID_MD5",
		2:  "ALGORITHM_ID_SHA_1",
		3:  "ALGORITHM_ID_SHA_256",
		4:  "ALGORITHM_ID_SHA_512",
		5:  "ALGORITHM_ID_CTPH",
		6:  "ALGORITHM_ID_TLSH",
		7:  "ALGORITHM_ID_QUICKXORHASH",
		99: "ALGORITHM_ID_OTHER",
	}
	Fingerprint_AlgorithmId_value = map[string]int32{
		"ALGORITHM_ID_UNKNOWN":      0,
		"ALGORITHM_ID_MD5":          1,
		"ALGORITHM_ID_SHA_1":        2,
		"ALGORITHM_ID_SHA_256":      3,
		"ALGORITHM_ID_SHA_512":      4,
		"ALGORITHM_ID_CTPH":         5,
		"ALGORITHM_ID_TLSH":         6,
		"ALGORITHM_ID_QUICKXORHASH": 7,
		"ALGORITHM_ID_OTHER":        99,
	}
)

Enum value maps for Fingerprint_AlgorithmId.

View Source 
var (
	DigitalSignature_AlgorithmId_name = map[int32]string{
		0:  "ALGORITHM_ID_UNKNOWN",
		1:  "ALGORITHM_ID_DSA",
		2:  "ALGORITHM_ID_RSA",
		3:  "ALGORITHM_ID_ECDSA",
		4:  "ALGORITHM_ID_AUTHENTICODE",
		99: "ALGORITHM_ID_OTHER",
	}
	DigitalSignature_AlgorithmId_value = map[string]int32{
		"ALGORITHM_ID_UNKNOWN":      0,
		"ALGORITHM_ID_DSA":          1,
		"ALGORITHM_ID_RSA":          2,
		"ALGORITHM_ID_ECDSA":        3,
		"ALGORITHM_ID_AUTHENTICODE": 4,
		"ALGORITHM_ID_OTHER":        99,
	}
)

Enum value maps for DigitalSignature_AlgorithmId.

View Source 
var (
	Reputation_ScoreId_name = map[int32]string{
		0:  "SCORE_ID_UNKNOWN",
		1:  "SCORE_ID_VERY_SAFE",
		2:  "SCORE_ID_SAFE",
		3:  "SCORE_ID_PROBABLY_SAFE",
		4:  "SCORE_ID_LEANS_SAFE",
		5:  "SCORE_ID_MAY_NOT_BE_SAFE",
		6:  "SCORE_ID_EXERCISE_CAUTION",
		7:  "SCORE_ID_SUSPICIOUS_RISKY",
		8:  "SCORE_ID_POSSIBLY_MALICIOUS",
		9:  "SCORE_ID_PROBABLY_MALICIOUS",
		10: "SCORE_ID_MALICIOUS",
		99: "SCORE_ID_OTHER",
	}
	Reputation_ScoreId_value = map[string]int32{
		"SCORE_ID_UNKNOWN":            0,
		"SCORE_ID_VERY_SAFE":          1,
		"SCORE_ID_SAFE":               2,
		"SCORE_ID_PROBABLY_SAFE":      3,
		"SCORE_ID_LEANS_SAFE":         4,
		"SCORE_ID_MAY_NOT_BE_SAFE":    5,
		"SCORE_ID_EXERCISE_CAUTION":   6,
		"SCORE_ID_SUSPICIOUS_RISKY":   7,
		"SCORE_ID_POSSIBLY_MALICIOUS": 8,
		"SCORE_ID_PROBABLY_MALICIOUS": 9,
		"SCORE_ID_MALICIOUS":          10,
		"SCORE_ID_OTHER":              99,
	}
)

Enum value maps for Reputation_ScoreId.

View Source 
var (
	TlsExtension_TypeId_name = map[int32]string{
		0:  "TYPE_ID_SERVER_NAME",
		1:  "TYPE_ID_MAXIMUM_FRAGMENT_LENGTH",
		5:  "TYPE_ID_STATUS_REQUEST",
		10: "TYPE_ID_SUPPORTED_GROUPS",
		13: "TYPE_ID_SIGNATURE_ALGORITHMS",
		14: "TYPE_ID_USE_SRTP",
		15: "TYPE_ID_HEARTBEAT",
		16: "TYPE_ID_APPLICATION_LAYER_PROTOCOL_NEGOTIATION",
		18: "TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP",
		19: "TYPE_ID_CLIENT_CERTIFICATE_TYPE",
		20: "TYPE_ID_SERVER_CERTIFICATE_TYPE",
		21: "TYPE_ID_PADDING",
		41: "TYPE_ID_PRE_SHARED_KEY",
		42: "TYPE_ID_EARLY_DATA",
		43: "TYPE_ID_SUPPORTED_VERSIONS",
		44: "TYPE_ID_COOKIE",
		45: "TYPE_ID_PSK_KEY_EXCHANGE_MODES",
		47: "TYPE_ID_CERTIFICATE_AUTHORITIES",
		48: "TYPE_ID_OID_FILTERS",
		49: "TYPE_ID_POST_HANDSHAKE_AUTH",
		50: "TYPE_ID_SIGNATURE_ALGORITHMS_CERT",
		51: "TYPE_ID_KEY_SHARE",
		99: "TYPE_ID_OTHER",
	}
	TlsExtension_TypeId_value = map[string]int32{
		"TYPE_ID_SERVER_NAME":                            0,
		"TYPE_ID_MAXIMUM_FRAGMENT_LENGTH":                1,
		"TYPE_ID_STATUS_REQUEST":                         5,
		"TYPE_ID_SUPPORTED_GROUPS":                       10,
		"TYPE_ID_SIGNATURE_ALGORITHMS":                   13,
		"TYPE_ID_USE_SRTP":                               14,
		"TYPE_ID_HEARTBEAT":                              15,
		"TYPE_ID_APPLICATION_LAYER_PROTOCOL_NEGOTIATION": 16,
		"TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP":           18,
		"TYPE_ID_CLIENT_CERTIFICATE_TYPE":                19,
		"TYPE_ID_SERVER_CERTIFICATE_TYPE":                20,
		"TYPE_ID_PADDING":                                21,
		"TYPE_ID_PRE_SHARED_KEY":                         41,
		"TYPE_ID_EARLY_DATA":                             42,
		"TYPE_ID_SUPPORTED_VERSIONS":                     43,
		"TYPE_ID_COOKIE":                                 44,
		"TYPE_ID_PSK_KEY_EXCHANGE_MODES":                 45,
		"TYPE_ID_CERTIFICATE_AUTHORITIES":                47,
		"TYPE_ID_OID_FILTERS":                            48,
		"TYPE_ID_POST_HANDSHAKE_AUTH":                    49,
		"TYPE_ID_SIGNATURE_ALGORITHMS_CERT":              50,
		"TYPE_ID_KEY_SHARE":                              51,
		"TYPE_ID_OTHER":                                  99,
	}
)

Enum value maps for TlsExtension_TypeId.

View Source 
var File_ocsf_schema_v1_ocsf_schema_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Account 

type Account struct {
	Labels []string        `protobuf:"bytes,1,rep,name=labels,proto3" json:"labels,omitempty"`
	Name   *string         `protobuf:"bytes,2,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Type   *string         `protobuf:"bytes,3,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId *Account_TypeId `protobuf:"varint,4,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Account_TypeId,oneof" json:"type_id,omitempty"`
	Uid    *string         `protobuf:"bytes,5,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Account is an OSF object defined in ocsf objects/account.json

The Account object contains details about the account that initiated or performed a specific activity within a system or application.

func (*Account) Descriptor deprecated 

func (*Account) Descriptor() ([]byte, []int)

Deprecated: Use Account.ProtoReflect.Descriptor instead.

func (*Account) GetLabels 

func (x *Account) GetLabels() []string

func (*Account) GetName 

func (x *Account) GetName() string

func (*Account) GetType 

func (x *Account) GetType() string

func (*Account) GetTypeId 

func (x *Account) GetTypeId() Account_TypeId

func (*Account) GetUid 

func (x *Account) GetUid() string

func (*Account) ProtoMessage 

func (*Account) ProtoMessage()

func (*Account) ProtoReflect 

func (x *Account) ProtoReflect() protoreflect.Message

func (*Account) Reset 

func (x *Account) Reset()

func (*Account) String 

func (x *Account) String() string

type AccountChange 

type AccountChange struct {
	ActivityId     AccountChange_ActivityId  `` /* 137-byte string literal not displayed */
	ActivityName   *string                   `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                    `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                      `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                   `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    AccountChange_CategoryUid `` /* 141-byte string literal not displayed */
	ClassName      *string                   `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       AccountChange_ClassUid    `` /* 129-byte string literal not displayed */
	Cloud          *Cloud                    `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                    `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                   `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                    `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                    `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp    `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment             `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	HttpRequest    *HttpRequest              `protobuf:"bytes,16,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	Message        *string                   `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                 `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable             `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	Policy         *Policy                   `protobuf:"bytes,20,opt,name=policy,proto3" json:"policy,omitempty"`
	RawData        *string                   `protobuf:"bytes,21,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                   `protobuf:"bytes,22,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     AccountChange_SeverityId  `` /* 138-byte string literal not displayed */
	SrcEndpoint    *NetworkEndpoint          `protobuf:"bytes,24,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                    `protobuf:"varint,25,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp    `protobuf:"bytes,26,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                   `protobuf:"bytes,27,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                   `protobuf:"bytes,28,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                   `protobuf:"bytes,29,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *AccountChange_StatusId   `` /* 136-byte string literal not displayed */
	Time           int64                     `protobuf:"varint,31,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp    `protobuf:"bytes,32,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                    `protobuf:"varint,33,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                   `protobuf:"bytes,34,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                     `protobuf:"varint,35,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct          `protobuf:"bytes,36,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	User           *User                     `protobuf:"bytes,37,opt,name=user,proto3" json:"user,omitempty"`
	UserResult     *User                     `protobuf:"bytes,38,opt,name=user_result,json=userResult,proto3" json:"user_result,omitempty"`
	// contains filtered or unexported fields
}

AccountChange is an OSF event in category "Identity & Access Management" called Account Change defined in ocsf events/iam/account_change.json

Account Change events report when specific user account management tasks are performed, such as a user/role being created, changed, deleted, renamed, disabled, enabled, locked out or unlocked.

func (*AccountChange) Descriptor deprecated 

func (*AccountChange) Descriptor() ([]byte, []int)

Deprecated: Use AccountChange.ProtoReflect.Descriptor instead.

func (*AccountChange) GetActivityId 

func (x *AccountChange) GetActivityId() AccountChange_ActivityId

func (*AccountChange) GetActivityName 

func (x *AccountChange) GetActivityName() string

func (*AccountChange) GetActor 

func (x *AccountChange) GetActor() *Actor

func (*AccountChange) GetApi 

func (x *AccountChange) GetApi() *Api

func (*AccountChange) GetCategoryName 

func (x *AccountChange) GetCategoryName() string

func (*AccountChange) GetCategoryUid 

func (x *AccountChange) GetCategoryUid() AccountChange_CategoryUid

func (*AccountChange) GetClassName 

func (x *AccountChange) GetClassName() string

func (*AccountChange) GetClassUid 

func (x *AccountChange) GetClassUid() AccountChange_ClassUid

func (*AccountChange) GetCloud 

func (x *AccountChange) GetCloud() *Cloud

func (*AccountChange) GetCount 

func (x *AccountChange) GetCount() int32

func (*AccountChange) GetDevice 

func (x *AccountChange) GetDevice() *Device

func (*AccountChange) GetDuration 

func (x *AccountChange) GetDuration() int32

func (*AccountChange) GetEndTime 

func (x *AccountChange) GetEndTime() int64

func (*AccountChange) GetEndTimeDt 

func (x *AccountChange) GetEndTimeDt() *timestamppb.Timestamp

func (*AccountChange) GetEnrichments 

func (x *AccountChange) GetEnrichments() []*Enrichment

func (*AccountChange) GetHttpRequest 

func (x *AccountChange) GetHttpRequest() *HttpRequest

func (*AccountChange) GetMessage 

func (x *AccountChange) GetMessage() string

func (*AccountChange) GetMetadata 

func (x *AccountChange) GetMetadata() *Metadata

func (*AccountChange) GetObservables 

func (x *AccountChange) GetObservables() []*Observable

func (*AccountChange) GetPolicy 

func (x *AccountChange) GetPolicy() *Policy

func (*AccountChange) GetRawData 

func (x *AccountChange) GetRawData() string

func (*AccountChange) GetSeverity 

func (x *AccountChange) GetSeverity() string

func (*AccountChange) GetSeverityId 

func (x *AccountChange) GetSeverityId() AccountChange_SeverityId

func (*AccountChange) GetSrcEndpoint 

func (x *AccountChange) GetSrcEndpoint() *NetworkEndpoint

func (*AccountChange) GetStartTime 

func (x *AccountChange) GetStartTime() int64

func (*AccountChange) GetStartTimeDt 

func (x *AccountChange) GetStartTimeDt() *timestamppb.Timestamp

func (*AccountChange) GetStatus 

func (x *AccountChange) GetStatus() string

func (*AccountChange) GetStatusCode 

func (x *AccountChange) GetStatusCode() string

func (*AccountChange) GetStatusDetail 

func (x *AccountChange) GetStatusDetail() string

func (*AccountChange) GetStatusId 

func (x *AccountChange) GetStatusId() AccountChange_StatusId

func (*AccountChange) GetTime 

func (x *AccountChange) GetTime() int64

func (*AccountChange) GetTimeDt 

func (x *AccountChange) GetTimeDt() *timestamppb.Timestamp

func (*AccountChange) GetTimezoneOffset 

func (x *AccountChange) GetTimezoneOffset() int32

func (*AccountChange) GetTypeName 

func (x *AccountChange) GetTypeName() string

func (*AccountChange) GetTypeUid 

func (x *AccountChange) GetTypeUid() int64

func (*AccountChange) GetUnmapped 

func (x *AccountChange) GetUnmapped() *structpb.Struct

func (*AccountChange) GetUser 

func (x *AccountChange) GetUser() *User

func (*AccountChange) GetUserResult 

func (x *AccountChange) GetUserResult() *User

func (*AccountChange) ProtoMessage 

func (*AccountChange) ProtoMessage()

func (*AccountChange) ProtoReflect 

func (x *AccountChange) ProtoReflect() protoreflect.Message

func (*AccountChange) Reset 

func (x *AccountChange) Reset()

func (*AccountChange) String 

func (x *AccountChange) String() string

type AccountChange_ActivityId 

type AccountChange_ActivityId int32
const (
	AccountChange_ACTIVITY_ID_UNKNOWN         AccountChange_ActivityId = 0
	AccountChange_ACTIVITY_ID_CREATE          AccountChange_ActivityId = 1 // A user/role was created.
	AccountChange_ACTIVITY_ID_ENABLE          AccountChange_ActivityId = 2 // A user/role was enabled.
	AccountChange_ACTIVITY_ID_PASSWORD_CHANGE AccountChange_ActivityId = 3 // An attempt was made to change an account's
	// password.
	AccountChange_ACTIVITY_ID_PASSWORD_RESET AccountChange_ActivityId = 4 // An attempt was made to reset an account's
	// password.
	AccountChange_ACTIVITY_ID_DISABLE       AccountChange_ActivityId = 5 // A user/role was disabled.
	AccountChange_ACTIVITY_ID_DELETE        AccountChange_ActivityId = 6 // A user/role was deleted.
	AccountChange_ACTIVITY_ID_ATTACH_POLICY AccountChange_ActivityId = 7 // An IAM Policy was attached to a user/role.
	AccountChange_ACTIVITY_ID_DETACH_POLICY AccountChange_ActivityId = 8 // An IAM Policy was detached from a
	// user/role.
	AccountChange_ACTIVITY_ID_LOCK              AccountChange_ActivityId = 9  // A user account was locked out.
	AccountChange_ACTIVITY_ID_MFA_FACTOR_ENABLE AccountChange_ActivityId = 10 // An authentication factor was enabled for
	// an account.
	AccountChange_ACTIVITY_ID_MFA_FACTOR_DISABLE AccountChange_ActivityId = 11 // An authentication factor was disabled for
	// an account.
	AccountChange_ACTIVITY_ID_OTHER AccountChange_ActivityId = 99
)

func (AccountChange_ActivityId) Descriptor 

func (AccountChange_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (AccountChange_ActivityId) Enum 

func (x AccountChange_ActivityId) Enum() *AccountChange_ActivityId

func (AccountChange_ActivityId) EnumDescriptor deprecated 

func (AccountChange_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccountChange_ActivityId.Descriptor instead.

func (AccountChange_ActivityId) Number 

func (x AccountChange_ActivityId) Number() protoreflect.EnumNumber

func (AccountChange_ActivityId) String 

func (x AccountChange_ActivityId) String() string

func (AccountChange_ActivityId) Type 

func (AccountChange_ActivityId) Type() protoreflect.EnumType

type AccountChange_CategoryUid 

type AccountChange_CategoryUid int32
const (
	AccountChange_CATEGORY_UID_UNKNOWN                    AccountChange_CategoryUid = 0
	AccountChange_CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT AccountChange_CategoryUid = 3
)

func (AccountChange_CategoryUid) Descriptor 

func (AccountChange_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (AccountChange_CategoryUid) Enum 

func (x AccountChange_CategoryUid) Enum() *AccountChange_CategoryUid

func (AccountChange_CategoryUid) EnumDescriptor deprecated 

func (AccountChange_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccountChange_CategoryUid.Descriptor instead.

func (AccountChange_CategoryUid) Number 

func (x AccountChange_CategoryUid) Number() protoreflect.EnumNumber

func (AccountChange_CategoryUid) String 

func (x AccountChange_CategoryUid) String() string

func (AccountChange_CategoryUid) Type 

func (AccountChange_CategoryUid) Type() protoreflect.EnumType

type AccountChange_ClassUid 

type AccountChange_ClassUid int32
const (
	AccountChange_CLASS_UID_UNKNOWN        AccountChange_ClassUid = 0
	AccountChange_CLASS_UID_ACCOUNT_CHANGE AccountChange_ClassUid = 3001
)

func (AccountChange_ClassUid) Descriptor 

func (AccountChange_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (AccountChange_ClassUid) Enum 

func (x AccountChange_ClassUid) Enum() *AccountChange_ClassUid

func (AccountChange_ClassUid) EnumDescriptor deprecated 

func (AccountChange_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccountChange_ClassUid.Descriptor instead.

func (AccountChange_ClassUid) Number 

func (x AccountChange_ClassUid) Number() protoreflect.EnumNumber

func (AccountChange_ClassUid) String 

func (x AccountChange_ClassUid) String() string

func (AccountChange_ClassUid) Type 

func (AccountChange_ClassUid) Type() protoreflect.EnumType

type AccountChange_SeverityId 

type AccountChange_SeverityId int32
const (
	AccountChange_SEVERITY_ID_UNKNOWN       AccountChange_SeverityId = 0 // The event/finding severity is unknown.
	AccountChange_SEVERITY_ID_INFORMATIONAL AccountChange_SeverityId = 1 // Informational message. No action required.
	AccountChange_SEVERITY_ID_LOW           AccountChange_SeverityId = 2 // The user decides if action is needed.
	AccountChange_SEVERITY_ID_MEDIUM        AccountChange_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	AccountChange_SEVERITY_ID_HIGH     AccountChange_SeverityId = 4 // Action is required immediately.
	AccountChange_SEVERITY_ID_CRITICAL AccountChange_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	AccountChange_SEVERITY_ID_FATAL AccountChange_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	AccountChange_SEVERITY_ID_OTHER AccountChange_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (AccountChange_SeverityId) Descriptor 

func (AccountChange_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (AccountChange_SeverityId) Enum 

func (x AccountChange_SeverityId) Enum() *AccountChange_SeverityId

func (AccountChange_SeverityId) EnumDescriptor deprecated 

func (AccountChange_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccountChange_SeverityId.Descriptor instead.

func (AccountChange_SeverityId) Number 

func (x AccountChange_SeverityId) Number() protoreflect.EnumNumber

func (AccountChange_SeverityId) String 

func (x AccountChange_SeverityId) String() string

func (AccountChange_SeverityId) Type 

func (AccountChange_SeverityId) Type() protoreflect.EnumType

type AccountChange_StatusId 

type AccountChange_StatusId int32
const (
	AccountChange_STATUS_ID_UNKNOWN AccountChange_StatusId = 0 // The status is unknown.
	AccountChange_STATUS_ID_SUCCESS AccountChange_StatusId = 1
	AccountChange_STATUS_ID_FAILURE AccountChange_StatusId = 2
	AccountChange_STATUS_ID_OTHER   AccountChange_StatusId = 99 // The event status is not mapped. See the
)

func (AccountChange_StatusId) Descriptor 

func (AccountChange_StatusId) Descriptor() protoreflect.EnumDescriptor

func (AccountChange_StatusId) Enum 

func (x AccountChange_StatusId) Enum() *AccountChange_StatusId

func (AccountChange_StatusId) EnumDescriptor deprecated 

func (AccountChange_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AccountChange_StatusId.Descriptor instead.

func (AccountChange_StatusId) Number 

func (x AccountChange_StatusId) Number() protoreflect.EnumNumber

func (AccountChange_StatusId) String 

func (x AccountChange_StatusId) String() string

func (AccountChange_StatusId) Type 

func (AccountChange_StatusId) Type() protoreflect.EnumType

type Account_TypeId 

type Account_TypeId int32
const (
	Account_TYPE_ID_UNKNOWN          Account_TypeId = 0 // The account type is unknown.
	Account_TYPE_ID_LDAP_ACCOUNT     Account_TypeId = 1
	Account_TYPE_ID_WINDOWS_ACCOUNT  Account_TypeId = 2
	Account_TYPE_ID_AWS_IAM_USER     Account_TypeId = 3
	Account_TYPE_ID_AWS_IAM_ROLE     Account_TypeId = 4
	Account_TYPE_ID_GCP_ACCOUNT      Account_TypeId = 5
	Account_TYPE_ID_AZURE_AD_ACCOUNT Account_TypeId = 6
	Account_TYPE_ID_MAC_OS_ACCOUNT   Account_TypeId = 7
	Account_TYPE_ID_APPLE_ACCOUNT    Account_TypeId = 8
	Account_TYPE_ID_LINUX_ACCOUNT    Account_TypeId = 9
	Account_TYPE_ID_AWS_ACCOUNT      Account_TypeId = 10
	Account_TYPE_ID_OTHER            Account_TypeId = 99 // The account type is not mapped.
)

func (Account_TypeId) Descriptor 

func (Account_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Account_TypeId) Enum 

func (x Account_TypeId) Enum() *Account_TypeId

func (Account_TypeId) EnumDescriptor deprecated 

func (Account_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Account_TypeId.Descriptor instead.

func (Account_TypeId) Number 

func (x Account_TypeId) Number() protoreflect.EnumNumber

func (Account_TypeId) String 

func (x Account_TypeId) String() string

func (Account_TypeId) Type 

func (Account_TypeId) Type() protoreflect.EnumType

type Actor 

type Actor struct {
	AppName        *string          `protobuf:"bytes,1,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	AppUid         *string          `protobuf:"bytes,2,opt,name=app_uid,json=appUid,proto3,oneof" json:"app_uid,omitempty"`
	Authorizations []*Authorization `protobuf:"bytes,3,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	Idp            *Idp             `protobuf:"bytes,4,opt,name=idp,proto3" json:"idp,omitempty"`
	InvokedBy      *string          `protobuf:"bytes,5,opt,name=invoked_by,json=invokedBy,proto3,oneof" json:"invoked_by,omitempty"`
	Process        *Process         `protobuf:"bytes,6,opt,name=process,proto3" json:"process,omitempty"`
	Session        *Session         `protobuf:"bytes,7,opt,name=session,proto3" json:"session,omitempty"`
	User           *User            `protobuf:"bytes,8,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

Actor is an OSF object defined in ocsf objects/actor.json

The Actor object contains details about the user, role, application, service, or process that initiated or performed a specific activity.

func (*Actor) Descriptor deprecated 

func (*Actor) Descriptor() ([]byte, []int)

Deprecated: Use Actor.ProtoReflect.Descriptor instead.

func (*Actor) GetAppName 

func (x *Actor) GetAppName() string

func (*Actor) GetAppUid 

func (x *Actor) GetAppUid() string

func (*Actor) GetAuthorizations 

func (x *Actor) GetAuthorizations() []*Authorization

func (*Actor) GetIdp 

func (x *Actor) GetIdp() *Idp

func (*Actor) GetInvokedBy 

func (x *Actor) GetInvokedBy() string

func (*Actor) GetProcess 

func (x *Actor) GetProcess() *Process

func (*Actor) GetSession 

func (x *Actor) GetSession() *Session

func (*Actor) GetUser 

func (x *Actor) GetUser() *User

func (*Actor) ProtoMessage 

func (*Actor) ProtoMessage()

func (*Actor) ProtoReflect 

func (x *Actor) ProtoReflect() protoreflect.Message

func (*Actor) Reset 

func (x *Actor) Reset()

func (*Actor) String 

func (x *Actor) String() string

type AdminGroupQuery 

type AdminGroupQuery struct {
	ActivityId     AdminGroupQuery_ActivityId    `` /* 139-byte string literal not displayed */
	ActivityName   *string                       `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                        `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                          `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                       `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    AdminGroupQuery_CategoryUid   `` /* 143-byte string literal not displayed */
	ClassName      *string                       `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       AdminGroupQuery_ClassUid      `` /* 131-byte string literal not displayed */
	Cloud          *Cloud                        `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                        `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                       `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                        `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                        `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp        `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                 `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Group          *Group                        `protobuf:"bytes,16,opt,name=group,proto3" json:"group,omitempty"`
	Message        *string                       `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                     `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                 `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                    `protobuf:"bytes,20,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                       `protobuf:"bytes,21,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  AdminGroupQuery_QueryResultId `` /* 154-byte string literal not displayed */
	RawData        *string                       `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                       `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     AdminGroupQuery_SeverityId    `` /* 140-byte string literal not displayed */
	StartTime      *int64                        `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp        `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                       `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                       `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                       `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *AdminGroupQuery_StatusId     `` /* 138-byte string literal not displayed */
	Time           int64                         `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp        `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                        `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                       `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                         `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct              `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	Users          []*User                       `protobuf:"bytes,38,rep,name=users,proto3" json:"users,omitempty"`
	// contains filtered or unexported fields
}

AdminGroupQuery is an OSF event in category "Discovery" called Admin Group Query defined in ocsf events/discovery/group_query.json

Admin Group Query events report information about administrative groups.

func (*AdminGroupQuery) Descriptor deprecated 

func (*AdminGroupQuery) Descriptor() ([]byte, []int)

Deprecated: Use AdminGroupQuery.ProtoReflect.Descriptor instead.

func (*AdminGroupQuery) GetActivityId 

func (x *AdminGroupQuery) GetActivityId() AdminGroupQuery_ActivityId

func (*AdminGroupQuery) GetActivityName 

func (x *AdminGroupQuery) GetActivityName() string

func (*AdminGroupQuery) GetActor 

func (x *AdminGroupQuery) GetActor() *Actor

func (*AdminGroupQuery) GetApi 

func (x *AdminGroupQuery) GetApi() *Api

func (*AdminGroupQuery) GetCategoryName 

func (x *AdminGroupQuery) GetCategoryName() string

func (*AdminGroupQuery) GetCategoryUid 

func (x *AdminGroupQuery) GetCategoryUid() AdminGroupQuery_CategoryUid

func (*AdminGroupQuery) GetClassName 

func (x *AdminGroupQuery) GetClassName() string

func (*AdminGroupQuery) GetClassUid 

func (x *AdminGroupQuery) GetClassUid() AdminGroupQuery_ClassUid

func (*AdminGroupQuery) GetCloud 

func (x *AdminGroupQuery) GetCloud() *Cloud

func (*AdminGroupQuery) GetCount 

func (x *AdminGroupQuery) GetCount() int32

func (*AdminGroupQuery) GetDevice 

func (x *AdminGroupQuery) GetDevice() *Device

func (*AdminGroupQuery) GetDuration 

func (x *AdminGroupQuery) GetDuration() int32

func (*AdminGroupQuery) GetEndTime 

func (x *AdminGroupQuery) GetEndTime() int64

func (*AdminGroupQuery) GetEndTimeDt 

func (x *AdminGroupQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*AdminGroupQuery) GetEnrichments 

func (x *AdminGroupQuery) GetEnrichments() []*Enrichment

func (*AdminGroupQuery) GetGroup 

func (x *AdminGroupQuery) GetGroup() *Group

func (*AdminGroupQuery) GetMessage 

func (x *AdminGroupQuery) GetMessage() string

func (*AdminGroupQuery) GetMetadata 

func (x *AdminGroupQuery) GetMetadata() *Metadata

func (*AdminGroupQuery) GetObservables 

func (x *AdminGroupQuery) GetObservables() []*Observable

func (*AdminGroupQuery) GetQueryInfo 

func (x *AdminGroupQuery) GetQueryInfo() *QueryInfo

func (*AdminGroupQuery) GetQueryResult 

func (x *AdminGroupQuery) GetQueryResult() string

func (*AdminGroupQuery) GetQueryResultId 

func (x *AdminGroupQuery) GetQueryResultId() AdminGroupQuery_QueryResultId

func (*AdminGroupQuery) GetRawData 

func (x *AdminGroupQuery) GetRawData() string

func (*AdminGroupQuery) GetSeverity 

func (x *AdminGroupQuery) GetSeverity() string

func (*AdminGroupQuery) GetSeverityId 

func (x *AdminGroupQuery) GetSeverityId() AdminGroupQuery_SeverityId

func (*AdminGroupQuery) GetStartTime 

func (x *AdminGroupQuery) GetStartTime() int64

func (*AdminGroupQuery) GetStartTimeDt 

func (x *AdminGroupQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*AdminGroupQuery) GetStatus 

func (x *AdminGroupQuery) GetStatus() string

func (*AdminGroupQuery) GetStatusCode 

func (x *AdminGroupQuery) GetStatusCode() string

func (*AdminGroupQuery) GetStatusDetail 

func (x *AdminGroupQuery) GetStatusDetail() string

func (*AdminGroupQuery) GetStatusId 

func (x *AdminGroupQuery) GetStatusId() AdminGroupQuery_StatusId

func (*AdminGroupQuery) GetTime 

func (x *AdminGroupQuery) GetTime() int64

func (*AdminGroupQuery) GetTimeDt 

func (x *AdminGroupQuery) GetTimeDt() *timestamppb.Timestamp

func (*AdminGroupQuery) GetTimezoneOffset 

func (x *AdminGroupQuery) GetTimezoneOffset() int32

func (*AdminGroupQuery) GetTypeName 

func (x *AdminGroupQuery) GetTypeName() string

func (*AdminGroupQuery) GetTypeUid 

func (x *AdminGroupQuery) GetTypeUid() int64

func (*AdminGroupQuery) GetUnmapped 

func (x *AdminGroupQuery) GetUnmapped() *structpb.Struct

func (*AdminGroupQuery) GetUsers 

func (x *AdminGroupQuery) GetUsers() []*User

func (*AdminGroupQuery) ProtoMessage 

func (*AdminGroupQuery) ProtoMessage()

func (*AdminGroupQuery) ProtoReflect 

func (x *AdminGroupQuery) ProtoReflect() protoreflect.Message

func (*AdminGroupQuery) Reset 

func (x *AdminGroupQuery) Reset()

func (*AdminGroupQuery) String 

func (x *AdminGroupQuery) String() string

type AdminGroupQuery_ActivityId 

type AdminGroupQuery_ActivityId int32
const (
	AdminGroupQuery_ACTIVITY_ID_UNKNOWN AdminGroupQuery_ActivityId = 0
	AdminGroupQuery_ACTIVITY_ID_QUERY   AdminGroupQuery_ActivityId = 1 // The discovered results are via a query request.
	AdminGroupQuery_ACTIVITY_ID_OTHER   AdminGroupQuery_ActivityId = 99
)

func (AdminGroupQuery_ActivityId) Descriptor 

func (AdminGroupQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (AdminGroupQuery_ActivityId) Enum 

func (x AdminGroupQuery_ActivityId) Enum() *AdminGroupQuery_ActivityId

func (AdminGroupQuery_ActivityId) EnumDescriptor deprecated 

func (AdminGroupQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AdminGroupQuery_ActivityId.Descriptor instead.

func (AdminGroupQuery_ActivityId) Number 

func (x AdminGroupQuery_ActivityId) Number() protoreflect.EnumNumber

func (AdminGroupQuery_ActivityId) String 

func (x AdminGroupQuery_ActivityId) String() string

func (AdminGroupQuery_ActivityId) Type 

func (AdminGroupQuery_ActivityId) Type() protoreflect.EnumType

type AdminGroupQuery_CategoryUid 

type AdminGroupQuery_CategoryUid int32
const (
	AdminGroupQuery_CATEGORY_UID_UNKNOWN   AdminGroupQuery_CategoryUid = 0
	AdminGroupQuery_CATEGORY_UID_DISCOVERY AdminGroupQuery_CategoryUid = 5
)

func (AdminGroupQuery_CategoryUid) Descriptor 

func (AdminGroupQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (AdminGroupQuery_CategoryUid) Enum 

func (x AdminGroupQuery_CategoryUid) Enum() *AdminGroupQuery_CategoryUid

func (AdminGroupQuery_CategoryUid) EnumDescriptor deprecated 

func (AdminGroupQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use AdminGroupQuery_CategoryUid.Descriptor instead.

func (AdminGroupQuery_CategoryUid) Number 

func (x AdminGroupQuery_CategoryUid) Number() protoreflect.EnumNumber

func (AdminGroupQuery_CategoryUid) String 

func (x AdminGroupQuery_CategoryUid) String() string

func (AdminGroupQuery_CategoryUid) Type 

func (AdminGroupQuery_CategoryUid) Type() protoreflect.EnumType

type AdminGroupQuery_ClassUid 

type AdminGroupQuery_ClassUid int32
const (
	AdminGroupQuery_CLASS_UID_UNKNOWN           AdminGroupQuery_ClassUid = 0
	AdminGroupQuery_CLASS_UID_ADMIN_GROUP_QUERY AdminGroupQuery_ClassUid = 5009
)

func (AdminGroupQuery_ClassUid) Descriptor 

func (AdminGroupQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (AdminGroupQuery_ClassUid) Enum 

func (x AdminGroupQuery_ClassUid) Enum() *AdminGroupQuery_ClassUid

func (AdminGroupQuery_ClassUid) EnumDescriptor deprecated 

func (AdminGroupQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use AdminGroupQuery_ClassUid.Descriptor instead.

func (AdminGroupQuery_ClassUid) Number 

func (x AdminGroupQuery_ClassUid) Number() protoreflect.EnumNumber

func (AdminGroupQuery_ClassUid) String 

func (x AdminGroupQuery_ClassUid) String() string

func (AdminGroupQuery_ClassUid) Type 

func (AdminGroupQuery_ClassUid) Type() protoreflect.EnumType

type AdminGroupQuery_QueryResultId 

type AdminGroupQuery_QueryResultId int32
const (
	AdminGroupQuery_QUERY_RESULT_ID_UNKNOWN        AdminGroupQuery_QueryResultId = 0  // The query result is unknown.
	AdminGroupQuery_QUERY_RESULT_ID_EXISTS         AdminGroupQuery_QueryResultId = 1  // The target was found.
	AdminGroupQuery_QUERY_RESULT_ID_PARTIAL        AdminGroupQuery_QueryResultId = 2  // The target was partially found.
	AdminGroupQuery_QUERY_RESULT_ID_DOES_NOT_EXIST AdminGroupQuery_QueryResultId = 3  // The target was not found.
	AdminGroupQuery_QUERY_RESULT_ID_ERROR          AdminGroupQuery_QueryResultId = 4  // The discovery attempt failed.
	AdminGroupQuery_QUERY_RESULT_ID_UNSUPPORTED    AdminGroupQuery_QueryResultId = 5  // Discovery of the target was not supported.
	AdminGroupQuery_QUERY_RESULT_ID_OTHER          AdminGroupQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (AdminGroupQuery_QueryResultId) Descriptor 

func (AdminGroupQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (AdminGroupQuery_QueryResultId) Enum 

func (x AdminGroupQuery_QueryResultId) Enum() *AdminGroupQuery_QueryResultId

func (AdminGroupQuery_QueryResultId) EnumDescriptor deprecated 

func (AdminGroupQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AdminGroupQuery_QueryResultId.Descriptor instead.

func (AdminGroupQuery_QueryResultId) Number 

func (x AdminGroupQuery_QueryResultId) Number() protoreflect.EnumNumber

func (AdminGroupQuery_QueryResultId) String 

func (x AdminGroupQuery_QueryResultId) String() string

func (AdminGroupQuery_QueryResultId) Type 

func (AdminGroupQuery_QueryResultId) Type() protoreflect.EnumType

type AdminGroupQuery_SeverityId 

type AdminGroupQuery_SeverityId int32
const (
	AdminGroupQuery_SEVERITY_ID_UNKNOWN       AdminGroupQuery_SeverityId = 0 // The event/finding severity is unknown.
	AdminGroupQuery_SEVERITY_ID_INFORMATIONAL AdminGroupQuery_SeverityId = 1 // Informational message. No action required.
	AdminGroupQuery_SEVERITY_ID_LOW           AdminGroupQuery_SeverityId = 2 // The user decides if action is needed.
	AdminGroupQuery_SEVERITY_ID_MEDIUM        AdminGroupQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	AdminGroupQuery_SEVERITY_ID_HIGH     AdminGroupQuery_SeverityId = 4 // Action is required immediately.
	AdminGroupQuery_SEVERITY_ID_CRITICAL AdminGroupQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	AdminGroupQuery_SEVERITY_ID_FATAL AdminGroupQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	AdminGroupQuery_SEVERITY_ID_OTHER AdminGroupQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (AdminGroupQuery_SeverityId) Descriptor 

func (AdminGroupQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (AdminGroupQuery_SeverityId) Enum 

func (x AdminGroupQuery_SeverityId) Enum() *AdminGroupQuery_SeverityId

func (AdminGroupQuery_SeverityId) EnumDescriptor deprecated 

func (AdminGroupQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AdminGroupQuery_SeverityId.Descriptor instead.

func (AdminGroupQuery_SeverityId) Number 

func (x AdminGroupQuery_SeverityId) Number() protoreflect.EnumNumber

func (AdminGroupQuery_SeverityId) String 

func (x AdminGroupQuery_SeverityId) String() string

func (AdminGroupQuery_SeverityId) Type 

func (AdminGroupQuery_SeverityId) Type() protoreflect.EnumType

type AdminGroupQuery_StatusId 

type AdminGroupQuery_StatusId int32
const (
	AdminGroupQuery_STATUS_ID_UNKNOWN AdminGroupQuery_StatusId = 0 // The status is unknown.
	AdminGroupQuery_STATUS_ID_SUCCESS AdminGroupQuery_StatusId = 1
	AdminGroupQuery_STATUS_ID_FAILURE AdminGroupQuery_StatusId = 2
	AdminGroupQuery_STATUS_ID_OTHER   AdminGroupQuery_StatusId = 99 // The event status is not mapped. See the
)

func (AdminGroupQuery_StatusId) Descriptor 

func (AdminGroupQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (AdminGroupQuery_StatusId) Enum 

func (x AdminGroupQuery_StatusId) Enum() *AdminGroupQuery_StatusId

func (AdminGroupQuery_StatusId) EnumDescriptor deprecated 

func (AdminGroupQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AdminGroupQuery_StatusId.Descriptor instead.

func (AdminGroupQuery_StatusId) Number 

func (x AdminGroupQuery_StatusId) Number() protoreflect.EnumNumber

func (AdminGroupQuery_StatusId) String 

func (x AdminGroupQuery_StatusId) String() string

func (AdminGroupQuery_StatusId) Type 

func (AdminGroupQuery_StatusId) Type() protoreflect.EnumType

type AffectedCode 

type AffectedCode struct {
	EndLine     *int32       `protobuf:"varint,1,opt,name=end_line,json=endLine,proto3,oneof" json:"end_line,omitempty"`
	File        *File        `protobuf:"bytes,2,opt,name=file,proto3" json:"file,omitempty"`
	Owner       *User        `protobuf:"bytes,3,opt,name=owner,proto3" json:"owner,omitempty"`
	Remediation *Remediation `protobuf:"bytes,4,opt,name=remediation,proto3" json:"remediation,omitempty"`
	StartLine   *int32       `protobuf:"varint,5,opt,name=start_line,json=startLine,proto3,oneof" json:"start_line,omitempty"`
	// contains filtered or unexported fields
}

AffectedCode is an OSF object defined in ocsf objects/affected_code.json

The Affected Code object describes details about a code block identified as vulnerable.

func (*AffectedCode) Descriptor deprecated 

func (*AffectedCode) Descriptor() ([]byte, []int)

Deprecated: Use AffectedCode.ProtoReflect.Descriptor instead.

func (*AffectedCode) GetEndLine 

func (x *AffectedCode) GetEndLine() int32

func (*AffectedCode) GetFile 

func (x *AffectedCode) GetFile() *File

func (*AffectedCode) GetOwner 

func (x *AffectedCode) GetOwner() *User

func (*AffectedCode) GetRemediation 

func (x *AffectedCode) GetRemediation() *Remediation

func (*AffectedCode) GetStartLine 

func (x *AffectedCode) GetStartLine() int32

func (*AffectedCode) ProtoMessage 

func (*AffectedCode) ProtoMessage()

func (*AffectedCode) ProtoReflect 

func (x *AffectedCode) ProtoReflect() protoreflect.Message

func (*AffectedCode) Reset 

func (x *AffectedCode) Reset()

func (*AffectedCode) String 

func (x *AffectedCode) String() string

type AffectedPackage 

type AffectedPackage struct {
	Architecture   *string      `protobuf:"bytes,1,opt,name=architecture,proto3,oneof" json:"architecture,omitempty"`
	Epoch          *int32       `protobuf:"varint,2,opt,name=epoch,proto3,oneof" json:"epoch,omitempty"`
	FixedInVersion *string      `protobuf:"bytes,3,opt,name=fixed_in_version,json=fixedInVersion,proto3,oneof" json:"fixed_in_version,omitempty"`
	License        *string      `protobuf:"bytes,4,opt,name=license,proto3,oneof" json:"license,omitempty"`
	Name           string       `protobuf:"bytes,5,opt,name=name,proto3" json:"name,omitempty"`
	PackageManager *string      `protobuf:"bytes,6,opt,name=package_manager,json=packageManager,proto3,oneof" json:"package_manager,omitempty"`
	Path           *string      `protobuf:"bytes,7,opt,name=path,proto3,oneof" json:"path,omitempty"`
	Purl           *string      `protobuf:"bytes,8,opt,name=purl,proto3,oneof" json:"purl,omitempty"`
	Release        *string      `protobuf:"bytes,9,opt,name=release,proto3,oneof" json:"release,omitempty"`
	Remediation    *Remediation `protobuf:"bytes,10,opt,name=remediation,proto3" json:"remediation,omitempty"`
	Version        string       `protobuf:"bytes,11,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

AffectedPackage is an OSF object defined in ocsf objects/affected_package.json

The Affected Package object describes details about a software package identified as affected by a vulnerability/vulnerabilities.

func (*AffectedPackage) Descriptor deprecated 

func (*AffectedPackage) Descriptor() ([]byte, []int)

Deprecated: Use AffectedPackage.ProtoReflect.Descriptor instead.

func (*AffectedPackage) GetArchitecture 

func (x *AffectedPackage) GetArchitecture() string

func (*AffectedPackage) GetEpoch 

func (x *AffectedPackage) GetEpoch() int32

func (*AffectedPackage) GetFixedInVersion 

func (x *AffectedPackage) GetFixedInVersion() string

func (*AffectedPackage) GetLicense 

func (x *AffectedPackage) GetLicense() string

func (*AffectedPackage) GetName 

func (x *AffectedPackage) GetName() string

func (*AffectedPackage) GetPackageManager 

func (x *AffectedPackage) GetPackageManager() string

func (*AffectedPackage) GetPath 

func (x *AffectedPackage) GetPath() string

func (*AffectedPackage) GetPurl 

func (x *AffectedPackage) GetPurl() string

func (*AffectedPackage) GetRelease 

func (x *AffectedPackage) GetRelease() string

func (*AffectedPackage) GetRemediation 

func (x *AffectedPackage) GetRemediation() *Remediation

func (*AffectedPackage) GetVersion 

func (x *AffectedPackage) GetVersion() string

func (*AffectedPackage) ProtoMessage 

func (*AffectedPackage) ProtoMessage()

func (*AffectedPackage) ProtoReflect 

func (x *AffectedPackage) ProtoReflect() protoreflect.Message

func (*AffectedPackage) Reset 

func (x *AffectedPackage) Reset()

func (*AffectedPackage) String 

func (x *AffectedPackage) String() string

type Agent 

type Agent struct {
	Name       *string       `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Policies   []*Policy     `protobuf:"bytes,2,rep,name=policies,proto3" json:"policies,omitempty"`
	Type       *string       `protobuf:"bytes,3,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId     *Agent_TypeId `protobuf:"varint,4,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Agent_TypeId,oneof" json:"type_id,omitempty"`
	Uid        *string       `protobuf:"bytes,5,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	UidAlt     *string       `protobuf:"bytes,6,opt,name=uid_alt,json=uidAlt,proto3,oneof" json:"uid_alt,omitempty"`
	VendorName *string       `protobuf:"bytes,7,opt,name=vendor_name,json=vendorName,proto3,oneof" json:"vendor_name,omitempty"`
	Version    *string       `protobuf:"bytes,8,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Agent is an OSF object defined in ocsf objects/agent.json

An Agent (also known as a Sensor) is typically installed on an Operating System (OS) and serves as a specialized software component that can be designed to monitor, detect, collect, archive, or take action. These activities and possible actions are defined by the upstream system controlling the Agent and its intended purpose. For instance, an Agent can include Endpoint Detection & Response (EDR) agents, backup/disaster recovery sensors, Application Performance Monitoring or profiling sensors, and similar software.

func (*Agent) Descriptor deprecated 

func (*Agent) Descriptor() ([]byte, []int)

Deprecated: Use Agent.ProtoReflect.Descriptor instead.

func (*Agent) GetName 

func (x *Agent) GetName() string

func (*Agent) GetPolicies 

func (x *Agent) GetPolicies() []*Policy

func (*Agent) GetType 

func (x *Agent) GetType() string

func (*Agent) GetTypeId 

func (x *Agent) GetTypeId() Agent_TypeId

func (*Agent) GetUid 

func (x *Agent) GetUid() string

func (*Agent) GetUidAlt 

func (x *Agent) GetUidAlt() string

func (*Agent) GetVendorName 

func (x *Agent) GetVendorName() string

func (*Agent) GetVersion 

func (x *Agent) GetVersion() string

func (*Agent) ProtoMessage 

func (*Agent) ProtoMessage()

func (*Agent) ProtoReflect 

func (x *Agent) ProtoReflect() protoreflect.Message

func (*Agent) Reset 

func (x *Agent) Reset()

func (*Agent) String 

func (x *Agent) String() string

type Agent_TypeId 

type Agent_TypeId int32
const (
	Agent_TYPE_ID_UNKNOWN                         Agent_TypeId = 0 // The type is unknown.
	Agent_TYPE_ID_ENDPOINT_DETECTION_AND_RESPONSE Agent_TypeId = 1 // Any EDR sensor or agent. Or
	// any tool that provides
	// similar threat detection,
	// anti-malware, anti-ransomware,
	// or similar capabilities.
	// E.g., Crowdstrike Falcon,
	// Microsoft Defender for
	// Endpoint, Wazuh.
	Agent_TYPE_ID_DATA_LOSS_PREVENTION Agent_TypeId = 2 // Any DLP sensor or agent. Or
	// any tool that provides
	// similar data classification,
	// data loss detection, and/or
	// data loss prevention
	// capabilities. E.g.,
	// Forcepoint DLP, Microsoft
	// Purview, Symantec DLP.
	Agent_TYPE_ID_BACKUP_RECOVERY Agent_TypeId = 3 // Any agent or sensor that
	// provides backups, archival,
	// or recovery capabilities.
	// E.g., Azure Backup, AWS
	// Backint Agent.
	Agent_TYPE_ID_PERFORMANCE_MONITORING_OBSERVABILITY Agent_TypeId = 4 // Any agent or sensor that
	// provides Application
	// Performance Monitoring
	// (APM), active tracing,
	// profiling, or other
	// observability use cases and
	// optionally forwards the
	// logs. E.g., New Relic Agent,
	// Datadog Agent, Azure Monitor
	// Agent.
	Agent_TYPE_ID_VULNERABILITY_MANAGEMENT Agent_TypeId = 5 // Any agent or sensor that
	// provides vulnerability
	// management or scanning
	// capabilities. E.g., Qualys
	// VMDR, Microsoft Defender for
	// Endpoint, Crowdstrike
	// Spotlight, Amazon Inspector
	// Agent.
	Agent_TYPE_ID_LOG_FORWARDING Agent_TypeId = 6 // Any agent or sensor that
	// forwards logs to a 3rd party
	// storage system such as a
	// data lake or SIEM. E.g.,
	// Splunk Universal Forwarder,
	// Tenzir, FluentBit, Amazon
	// CloudWatch Agent, Amazon
	// Kinesis Agent.
	Agent_TYPE_ID_MOBILE_DEVICE_MANAGEMENT Agent_TypeId = 7 // Any agent or sensor
	// responsible for providing
	// Mobile Device Management
	// (MDM) or Mobile Enterprise
	// Management (MEM)
	// capabilities. E.g.,
	// JumpCloud Agent, Esper
	// Agent, Jamf Pro binary.
	Agent_TYPE_ID_CONFIGURATION_MANAGEMENT Agent_TypeId = 8 // Any agent or sensor that
	// provides configuration
	// management of a device, such
	// as scanning for software,
	// license management, or
	// applying configurations.
	// E.g., AWS Systems Manager
	// Agent, Flexera, ServiceNow
	// MID Server.
	Agent_TYPE_ID_REMOTE_ACCESS Agent_TypeId = 9 // Any agent or sensor that
	// provides remote access
	// capabilities to a device.
	// E.g., BeyondTrust, Amazon
	// Systems Manager Agent,
	// Verkada Agent.
	Agent_TYPE_ID_OTHER Agent_TypeId = 99 // The type is not mapped. See
)

func (Agent_TypeId) Descriptor 

func (Agent_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Agent_TypeId) Enum 

func (x Agent_TypeId) Enum() *Agent_TypeId

func (Agent_TypeId) EnumDescriptor deprecated 

func (Agent_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Agent_TypeId.Descriptor instead.

func (Agent_TypeId) Number 

func (x Agent_TypeId) Number() protoreflect.EnumNumber

func (Agent_TypeId) String 

func (x Agent_TypeId) String() string

func (Agent_TypeId) Type 

func (Agent_TypeId) Type() protoreflect.EnumType

type Analytic 

type Analytic struct {
	Category         *string         `protobuf:"bytes,1,opt,name=category,proto3,oneof" json:"category,omitempty"`
	Desc             *string         `protobuf:"bytes,2,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Name             *string         `protobuf:"bytes,3,opt,name=name,proto3,oneof" json:"name,omitempty"`
	RelatedAnalytics []*Analytic     `protobuf:"bytes,4,rep,name=related_analytics,json=relatedAnalytics,proto3" json:"related_analytics,omitempty"`
	Type             *string         `protobuf:"bytes,5,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId           Analytic_TypeId `protobuf:"varint,6,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Analytic_TypeId" json:"type_id,omitempty"`
	Uid              *string         `protobuf:"bytes,7,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version          *string         `protobuf:"bytes,8,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Analytic is an OSF object defined in ocsf objects/analytic.json

The Analytic object contains details about the analytic technique used to analyze and derive insights from the data or information that led to the creation of a finding or conclusion.

func (*Analytic) Descriptor deprecated 

func (*Analytic) Descriptor() ([]byte, []int)

Deprecated: Use Analytic.ProtoReflect.Descriptor instead.

func (*Analytic) GetCategory 

func (x *Analytic) GetCategory() string

func (*Analytic) GetDesc 

func (x *Analytic) GetDesc() string

func (*Analytic) GetName 

func (x *Analytic) GetName() string

func (*Analytic) GetRelatedAnalytics 

func (x *Analytic) GetRelatedAnalytics() []*Analytic

func (*Analytic) GetType 

func (x *Analytic) GetType() string

func (*Analytic) GetTypeId 

func (x *Analytic) GetTypeId() Analytic_TypeId

func (*Analytic) GetUid 

func (x *Analytic) GetUid() string

func (*Analytic) GetVersion 

func (x *Analytic) GetVersion() string

func (*Analytic) ProtoMessage 

func (*Analytic) ProtoMessage()

func (*Analytic) ProtoReflect 

func (x *Analytic) ProtoReflect() protoreflect.Message

func (*Analytic) Reset 

func (x *Analytic) Reset()

func (*Analytic) String 

func (x *Analytic) String() string

type Analytic_TypeId 

type Analytic_TypeId int32
const (
	Analytic_TYPE_ID_UNKNOWN Analytic_TypeId = 0
	Analytic_TYPE_ID_RULE    Analytic_TypeId = 1 // A Rule in security analytics refers to
	// predefined criteria or conditions set to
	// monitor, alert, or enforce policies, playing
	// a crucial role in access control, threat
	// detection, and regulatory compliance across
	// security systems.
	Analytic_TYPE_ID_BEHAVIORAL Analytic_TypeId = 2 // Behavioral analytics focus on monitoring and
	// analyzing user or system actions to identify
	// deviations from established patterns, aiding
	// in the detection of insider threats, fraud,
	// and advanced persistent threats (APTs).
	Analytic_TYPE_ID_STATISTICAL Analytic_TypeId = 3 // Statistical analytics pertains to analyzing
	// data patterns and anomalies using statistical
	// models to predict, detect, and respond to
	// potential threats, enhancing overall security
	// posture through informed decision-making.
	Analytic_TYPE_ID_FINGERPRINTING Analytic_TypeId = 5 // Fingerprinting is the technique of collecting
	// detailed system data, including software
	// versions and configurations, to enhance
	// threat detection, data loss prevention (DLP),
	// and endpoint detection and response (EDR)
	// capabilities.
	Analytic_TYPE_ID_TAGGING Analytic_TypeId = 6 // Tagging refers to the practice of assigning
	// labels or identifiers to data, users, assets,
	// or activities to monitor, control access, and
	// facilitate incident response across various
	// security domains such as DLP and EDR.
	Analytic_TYPE_ID_KEYWORD_MATCH Analytic_TypeId = 7 // Keyword Match involves scanning content for
	// specific terms to identify sensitive
	// information, potential threats, or policy
	// violations, aiding in DLP and compliance
	// monitoring.
	Analytic_TYPE_ID_REGULAR_EXPRESSIONS Analytic_TypeId = 8 // Regular Expressions are used to define
	// complex search patterns for identifying,
	// validating, and extracting specific data sets
	// or threats within digital content, enhancing
	// DLP, EDR, and threat detection mechanisms.
	Analytic_TYPE_ID_EXACT_DATA_MATCH Analytic_TypeId = 9 // Exact Data Match is a precise comparison
	// technique used to detect the unauthorized use
	// or exposure of specific, sensitive
	// information, crucial for enforcing DLP
	// policies and protecting against data
	// breaches.
	Analytic_TYPE_ID_PARTIAL_DATA_MATCH Analytic_TypeId = 10 // Partial Data Match involves identifying
	// instances where segments of sensitive
	// information or patterns match, facilitating
	// nuanced DLP and threat detection without
	// requiring complete data conformity.
	Analytic_TYPE_ID_INDEXED_DATA_MATCH Analytic_TypeId = 11 // Indexed Data Match refers to comparing
	// content against a pre-compiled index of
	// sensitive information to efficiently detect
	// and prevent unauthorized access or breaches,
	// streamlining DLP and compliance efforts.
	Analytic_TYPE_ID_OTHER Analytic_TypeId = 99
)

func (Analytic_TypeId) Descriptor 

func (Analytic_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Analytic_TypeId) Enum 

func (x Analytic_TypeId) Enum() *Analytic_TypeId

func (Analytic_TypeId) EnumDescriptor deprecated 

func (Analytic_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Analytic_TypeId.Descriptor instead.

func (Analytic_TypeId) Number 

func (x Analytic_TypeId) Number() protoreflect.EnumNumber

func (Analytic_TypeId) String 

func (x Analytic_TypeId) String() string

func (Analytic_TypeId) Type 

func (Analytic_TypeId) Type() protoreflect.EnumType

type Api 

type Api struct {
	Group     *Group    `protobuf:"bytes,1,opt,name=group,proto3" json:"group,omitempty"`
	Operation string    `protobuf:"bytes,2,opt,name=operation,proto3" json:"operation,omitempty"`
	Request   *Request  `protobuf:"bytes,3,opt,name=request,proto3" json:"request,omitempty"`
	Response  *Response `protobuf:"bytes,4,opt,name=response,proto3" json:"response,omitempty"`
	Service   *Service  `protobuf:"bytes,5,opt,name=service,proto3" json:"service,omitempty"`
	Version   *string   `protobuf:"bytes,6,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Api is an OSF object defined in ocsf objects/api.json

The API, or Application Programming Interface, object represents information pertaining to an API request and response.

func (*Api) Descriptor deprecated 

func (*Api) Descriptor() ([]byte, []int)

Deprecated: Use Api.ProtoReflect.Descriptor instead.

func (*Api) GetGroup 

func (x *Api) GetGroup() *Group

func (*Api) GetOperation 

func (x *Api) GetOperation() string

func (*Api) GetRequest 

func (x *Api) GetRequest() *Request

func (*Api) GetResponse 

func (x *Api) GetResponse() *Response

func (*Api) GetService 

func (x *Api) GetService() *Service

func (*Api) GetVersion 

func (x *Api) GetVersion() string

func (*Api) ProtoMessage 

func (*Api) ProtoMessage()

func (*Api) ProtoReflect 

func (x *Api) ProtoReflect() protoreflect.Message

func (*Api) Reset 

func (x *Api) Reset()

func (*Api) String 

func (x *Api) String() string

type ApiActivity 

type ApiActivity struct {
	ActivityId     ApiActivity_ActivityId  `` /* 135-byte string literal not displayed */
	ActivityName   *string                 `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                  `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                    `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                 `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    ApiActivity_CategoryUid `` /* 139-byte string literal not displayed */
	ClassName      *string                 `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       ApiActivity_ClassUid    `` /* 127-byte string literal not displayed */
	Cloud          *Cloud                  `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                  `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	DstEndpoint    *NetworkEndpoint        `protobuf:"bytes,11,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration       *int32                  `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                  `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp  `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment           `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	HttpRequest    *HttpRequest            `protobuf:"bytes,16,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	Message        *string                 `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata               `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable           `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                 `protobuf:"bytes,20,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Resources      []*ResourceDetails      `protobuf:"bytes,21,rep,name=resources,proto3" json:"resources,omitempty"`
	Severity       *string                 `protobuf:"bytes,22,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     ApiActivity_SeverityId  `` /* 136-byte string literal not displayed */
	SrcEndpoint    *NetworkEndpoint        `protobuf:"bytes,24,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                  `protobuf:"varint,25,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp  `protobuf:"bytes,26,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                 `protobuf:"bytes,27,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                 `protobuf:"bytes,28,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                 `protobuf:"bytes,29,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *ApiActivity_StatusId   `` /* 134-byte string literal not displayed */
	Time           int64                   `protobuf:"varint,31,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp  `protobuf:"bytes,32,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                  `protobuf:"varint,33,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                 `protobuf:"bytes,34,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                   `protobuf:"varint,35,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct        `protobuf:"bytes,36,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ApiActivity is an OSF event in category "Application Activity" called API Activity defined in ocsf events/application/api.json

API events describe general CRUD (Create, Read, Update, Delete) API activities, e.g. (AWS Cloudtrail)

func (*ApiActivity) Descriptor deprecated 

func (*ApiActivity) Descriptor() ([]byte, []int)

Deprecated: Use ApiActivity.ProtoReflect.Descriptor instead.

func (*ApiActivity) GetActivityId 

func (x *ApiActivity) GetActivityId() ApiActivity_ActivityId

func (*ApiActivity) GetActivityName 

func (x *ApiActivity) GetActivityName() string

func (*ApiActivity) GetActor 

func (x *ApiActivity) GetActor() *Actor

func (*ApiActivity) GetApi 

func (x *ApiActivity) GetApi() *Api

func (*ApiActivity) GetCategoryName 

func (x *ApiActivity) GetCategoryName() string

func (*ApiActivity) GetCategoryUid 

func (x *ApiActivity) GetCategoryUid() ApiActivity_CategoryUid

func (*ApiActivity) GetClassName 

func (x *ApiActivity) GetClassName() string

func (*ApiActivity) GetClassUid 

func (x *ApiActivity) GetClassUid() ApiActivity_ClassUid

func (*ApiActivity) GetCloud 

func (x *ApiActivity) GetCloud() *Cloud

func (*ApiActivity) GetCount 

func (x *ApiActivity) GetCount() int32

func (*ApiActivity) GetDstEndpoint 

func (x *ApiActivity) GetDstEndpoint() *NetworkEndpoint

func (*ApiActivity) GetDuration 

func (x *ApiActivity) GetDuration() int32

func (*ApiActivity) GetEndTime 

func (x *ApiActivity) GetEndTime() int64

func (*ApiActivity) GetEndTimeDt 

func (x *ApiActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*ApiActivity) GetEnrichments 

func (x *ApiActivity) GetEnrichments() []*Enrichment

func (*ApiActivity) GetHttpRequest 

func (x *ApiActivity) GetHttpRequest() *HttpRequest

func (*ApiActivity) GetMessage 

func (x *ApiActivity) GetMessage() string

func (*ApiActivity) GetMetadata 

func (x *ApiActivity) GetMetadata() *Metadata

func (*ApiActivity) GetObservables 

func (x *ApiActivity) GetObservables() []*Observable

func (*ApiActivity) GetRawData 

func (x *ApiActivity) GetRawData() string

func (*ApiActivity) GetResources 

func (x *ApiActivity) GetResources() []*ResourceDetails

func (*ApiActivity) GetSeverity 

func (x *ApiActivity) GetSeverity() string

func (*ApiActivity) GetSeverityId 

func (x *ApiActivity) GetSeverityId() ApiActivity_SeverityId

func (*ApiActivity) GetSrcEndpoint 

func (x *ApiActivity) GetSrcEndpoint() *NetworkEndpoint

func (*ApiActivity) GetStartTime 

func (x *ApiActivity) GetStartTime() int64

func (*ApiActivity) GetStartTimeDt 

func (x *ApiActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*ApiActivity) GetStatus 

func (x *ApiActivity) GetStatus() string

func (*ApiActivity) GetStatusCode 

func (x *ApiActivity) GetStatusCode() string

func (*ApiActivity) GetStatusDetail 

func (x *ApiActivity) GetStatusDetail() string

func (*ApiActivity) GetStatusId 

func (x *ApiActivity) GetStatusId() ApiActivity_StatusId

func (*ApiActivity) GetTime 

func (x *ApiActivity) GetTime() int64

func (*ApiActivity) GetTimeDt 

func (x *ApiActivity) GetTimeDt() *timestamppb.Timestamp

func (*ApiActivity) GetTimezoneOffset 

func (x *ApiActivity) GetTimezoneOffset() int32

func (*ApiActivity) GetTypeName 

func (x *ApiActivity) GetTypeName() string

func (*ApiActivity) GetTypeUid 

func (x *ApiActivity) GetTypeUid() int64

func (*ApiActivity) GetUnmapped 

func (x *ApiActivity) GetUnmapped() *structpb.Struct

func (*ApiActivity) ProtoMessage 

func (*ApiActivity) ProtoMessage()

func (*ApiActivity) ProtoReflect 

func (x *ApiActivity) ProtoReflect() protoreflect.Message

func (*ApiActivity) Reset 

func (x *ApiActivity) Reset()

func (*ApiActivity) String 

func (x *ApiActivity) String() string

type ApiActivity_ActivityId 

type ApiActivity_ActivityId int32
const (
	ApiActivity_ACTIVITY_ID_UNKNOWN ApiActivity_ActivityId = 0
	ApiActivity_ACTIVITY_ID_CREATE  ApiActivity_ActivityId = 1 // The API call in the event pertains to a 'create'
	// activity.
	ApiActivity_ACTIVITY_ID_READ ApiActivity_ActivityId = 2 // The API call in the event pertains to a 'read'
	// activity.
	ApiActivity_ACTIVITY_ID_UPDATE ApiActivity_ActivityId = 3 // The API call in the event pertains to a 'update'
	// activity.
	ApiActivity_ACTIVITY_ID_DELETE ApiActivity_ActivityId = 4 // The API call in the event pertains to a 'delete'
	// activity.
	ApiActivity_ACTIVITY_ID_OTHER ApiActivity_ActivityId = 99
)

func (ApiActivity_ActivityId) Descriptor 

func (ApiActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ApiActivity_ActivityId) Enum 

func (x ApiActivity_ActivityId) Enum() *ApiActivity_ActivityId

func (ApiActivity_ActivityId) EnumDescriptor deprecated 

func (ApiActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApiActivity_ActivityId.Descriptor instead.

func (ApiActivity_ActivityId) Number 

func (x ApiActivity_ActivityId) Number() protoreflect.EnumNumber

func (ApiActivity_ActivityId) String 

func (x ApiActivity_ActivityId) String() string

func (ApiActivity_ActivityId) Type 

func (ApiActivity_ActivityId) Type() protoreflect.EnumType

type ApiActivity_CategoryUid 

type ApiActivity_CategoryUid int32
const (
	ApiActivity_CATEGORY_UID_UNKNOWN              ApiActivity_CategoryUid = 0
	ApiActivity_CATEGORY_UID_APPLICATION_ACTIVITY ApiActivity_CategoryUid = 6
)

func (ApiActivity_CategoryUid) Descriptor 

func (ApiActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ApiActivity_CategoryUid) Enum 

func (x ApiActivity_CategoryUid) Enum() *ApiActivity_CategoryUid

func (ApiActivity_CategoryUid) EnumDescriptor deprecated 

func (ApiActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApiActivity_CategoryUid.Descriptor instead.

func (ApiActivity_CategoryUid) Number 

func (x ApiActivity_CategoryUid) Number() protoreflect.EnumNumber

func (ApiActivity_CategoryUid) String 

func (x ApiActivity_CategoryUid) String() string

func (ApiActivity_CategoryUid) Type 

func (ApiActivity_CategoryUid) Type() protoreflect.EnumType

type ApiActivity_ClassUid 

type ApiActivity_ClassUid int32
const (
	ApiActivity_CLASS_UID_UNKNOWN      ApiActivity_ClassUid = 0
	ApiActivity_CLASS_UID_API_ACTIVITY ApiActivity_ClassUid = 6003
)

func (ApiActivity_ClassUid) Descriptor 

func (ApiActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ApiActivity_ClassUid) Enum 

func (x ApiActivity_ClassUid) Enum() *ApiActivity_ClassUid

func (ApiActivity_ClassUid) EnumDescriptor deprecated 

func (ApiActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApiActivity_ClassUid.Descriptor instead.

func (ApiActivity_ClassUid) Number 

func (x ApiActivity_ClassUid) Number() protoreflect.EnumNumber

func (ApiActivity_ClassUid) String 

func (x ApiActivity_ClassUid) String() string

func (ApiActivity_ClassUid) Type 

func (ApiActivity_ClassUid) Type() protoreflect.EnumType

type ApiActivity_SeverityId 

type ApiActivity_SeverityId int32
const (
	ApiActivity_SEVERITY_ID_UNKNOWN       ApiActivity_SeverityId = 0 // The event/finding severity is unknown.
	ApiActivity_SEVERITY_ID_INFORMATIONAL ApiActivity_SeverityId = 1 // Informational message. No action required.
	ApiActivity_SEVERITY_ID_LOW           ApiActivity_SeverityId = 2 // The user decides if action is needed.
	ApiActivity_SEVERITY_ID_MEDIUM        ApiActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ApiActivity_SEVERITY_ID_HIGH     ApiActivity_SeverityId = 4 // Action is required immediately.
	ApiActivity_SEVERITY_ID_CRITICAL ApiActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ApiActivity_SEVERITY_ID_FATAL ApiActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ApiActivity_SEVERITY_ID_OTHER ApiActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ApiActivity_SeverityId) Descriptor 

func (ApiActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ApiActivity_SeverityId) Enum 

func (x ApiActivity_SeverityId) Enum() *ApiActivity_SeverityId

func (ApiActivity_SeverityId) EnumDescriptor deprecated 

func (ApiActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApiActivity_SeverityId.Descriptor instead.

func (ApiActivity_SeverityId) Number 

func (x ApiActivity_SeverityId) Number() protoreflect.EnumNumber

func (ApiActivity_SeverityId) String 

func (x ApiActivity_SeverityId) String() string

func (ApiActivity_SeverityId) Type 

func (ApiActivity_SeverityId) Type() protoreflect.EnumType

type ApiActivity_StatusId 

type ApiActivity_StatusId int32
const (
	ApiActivity_STATUS_ID_UNKNOWN ApiActivity_StatusId = 0 // The status is unknown.
	ApiActivity_STATUS_ID_SUCCESS ApiActivity_StatusId = 1
	ApiActivity_STATUS_ID_FAILURE ApiActivity_StatusId = 2
	ApiActivity_STATUS_ID_OTHER   ApiActivity_StatusId = 99 // The event status is not mapped. See the
)

func (ApiActivity_StatusId) Descriptor 

func (ApiActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ApiActivity_StatusId) Enum 

func (x ApiActivity_StatusId) Enum() *ApiActivity_StatusId

func (ApiActivity_StatusId) EnumDescriptor deprecated 

func (ApiActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApiActivity_StatusId.Descriptor instead.

func (ApiActivity_StatusId) Number 

func (x ApiActivity_StatusId) Number() protoreflect.EnumNumber

func (ApiActivity_StatusId) String 

func (x ApiActivity_StatusId) String() string

func (ApiActivity_StatusId) Type 

func (ApiActivity_StatusId) Type() protoreflect.EnumType

type ApplicationLifecycle 

type ApplicationLifecycle struct {
	ActivityId     ApplicationLifecycle_ActivityId  `` /* 144-byte string literal not displayed */
	ActivityName   *string                          `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                           `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                             `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	App            *Product                         `protobuf:"bytes,5,opt,name=app,proto3" json:"app,omitempty"`
	CategoryName   *string                          `protobuf:"bytes,6,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    ApplicationLifecycle_CategoryUid `` /* 148-byte string literal not displayed */
	ClassName      *string                          `protobuf:"bytes,8,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       ApplicationLifecycle_ClassUid    `` /* 136-byte string literal not displayed */
	Cloud          *Cloud                           `protobuf:"bytes,10,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                           `protobuf:"varint,11,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                          `protobuf:"bytes,12,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                           `protobuf:"varint,13,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                           `protobuf:"varint,14,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp           `protobuf:"bytes,15,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                    `protobuf:"bytes,16,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                          `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                        `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                    `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                          `protobuf:"bytes,20,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                          `protobuf:"bytes,21,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     ApplicationLifecycle_SeverityId  `` /* 145-byte string literal not displayed */
	StartTime      *int64                           `protobuf:"varint,23,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp           `protobuf:"bytes,24,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                          `protobuf:"bytes,25,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                          `protobuf:"bytes,26,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                          `protobuf:"bytes,27,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *ApplicationLifecycle_StatusId   `` /* 143-byte string literal not displayed */
	Time           int64                            `protobuf:"varint,29,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp           `protobuf:"bytes,30,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                           `protobuf:"varint,31,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                          `protobuf:"bytes,32,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                            `protobuf:"varint,33,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                 `protobuf:"bytes,34,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ApplicationLifecycle is an OSF event in category "Application Activity" called Application Lifecycle defined in ocsf events/application/application_lifecycle.json

Application Lifecycle events report installation, removal, start, stop of an application or service.

func (*ApplicationLifecycle) Descriptor deprecated 

func (*ApplicationLifecycle) Descriptor() ([]byte, []int)

Deprecated: Use ApplicationLifecycle.ProtoReflect.Descriptor instead.

func (*ApplicationLifecycle) GetActivityId 

func (x *ApplicationLifecycle) GetActivityId() ApplicationLifecycle_ActivityId

func (*ApplicationLifecycle) GetActivityName 

func (x *ApplicationLifecycle) GetActivityName() string

func (*ApplicationLifecycle) GetActor 

func (x *ApplicationLifecycle) GetActor() *Actor

func (*ApplicationLifecycle) GetApi 

func (x *ApplicationLifecycle) GetApi() *Api

func (*ApplicationLifecycle) GetApp 

func (x *ApplicationLifecycle) GetApp() *Product

func (*ApplicationLifecycle) GetCategoryName 

func (x *ApplicationLifecycle) GetCategoryName() string

func (*ApplicationLifecycle) GetCategoryUid 

func (x *ApplicationLifecycle) GetCategoryUid() ApplicationLifecycle_CategoryUid

func (*ApplicationLifecycle) GetClassName 

func (x *ApplicationLifecycle) GetClassName() string

func (*ApplicationLifecycle) GetClassUid 

func (x *ApplicationLifecycle) GetClassUid() ApplicationLifecycle_ClassUid

func (*ApplicationLifecycle) GetCloud 

func (x *ApplicationLifecycle) GetCloud() *Cloud

func (*ApplicationLifecycle) GetCount 

func (x *ApplicationLifecycle) GetCount() int32

func (*ApplicationLifecycle) GetDevice 

func (x *ApplicationLifecycle) GetDevice() *Device

func (*ApplicationLifecycle) GetDuration 

func (x *ApplicationLifecycle) GetDuration() int32

func (*ApplicationLifecycle) GetEndTime 

func (x *ApplicationLifecycle) GetEndTime() int64

func (*ApplicationLifecycle) GetEndTimeDt 

func (x *ApplicationLifecycle) GetEndTimeDt() *timestamppb.Timestamp

func (*ApplicationLifecycle) GetEnrichments 

func (x *ApplicationLifecycle) GetEnrichments() []*Enrichment

func (*ApplicationLifecycle) GetMessage 

func (x *ApplicationLifecycle) GetMessage() string

func (*ApplicationLifecycle) GetMetadata 

func (x *ApplicationLifecycle) GetMetadata() *Metadata

func (*ApplicationLifecycle) GetObservables 

func (x *ApplicationLifecycle) GetObservables() []*Observable

func (*ApplicationLifecycle) GetRawData 

func (x *ApplicationLifecycle) GetRawData() string

func (*ApplicationLifecycle) GetSeverity 

func (x *ApplicationLifecycle) GetSeverity() string

func (*ApplicationLifecycle) GetSeverityId 

func (x *ApplicationLifecycle) GetSeverityId() ApplicationLifecycle_SeverityId

func (*ApplicationLifecycle) GetStartTime 

func (x *ApplicationLifecycle) GetStartTime() int64

func (*ApplicationLifecycle) GetStartTimeDt 

func (x *ApplicationLifecycle) GetStartTimeDt() *timestamppb.Timestamp

func (*ApplicationLifecycle) GetStatus 

func (x *ApplicationLifecycle) GetStatus() string

func (*ApplicationLifecycle) GetStatusCode 

func (x *ApplicationLifecycle) GetStatusCode() string

func (*ApplicationLifecycle) GetStatusDetail 

func (x *ApplicationLifecycle) GetStatusDetail() string

func (*ApplicationLifecycle) GetStatusId 

func (x *ApplicationLifecycle) GetStatusId() ApplicationLifecycle_StatusId

func (*ApplicationLifecycle) GetTime 

func (x *ApplicationLifecycle) GetTime() int64

func (*ApplicationLifecycle) GetTimeDt 

func (x *ApplicationLifecycle) GetTimeDt() *timestamppb.Timestamp

func (*ApplicationLifecycle) GetTimezoneOffset 

func (x *ApplicationLifecycle) GetTimezoneOffset() int32

func (*ApplicationLifecycle) GetTypeName 

func (x *ApplicationLifecycle) GetTypeName() string

func (*ApplicationLifecycle) GetTypeUid 

func (x *ApplicationLifecycle) GetTypeUid() int64

func (*ApplicationLifecycle) GetUnmapped 

func (x *ApplicationLifecycle) GetUnmapped() *structpb.Struct

func (*ApplicationLifecycle) ProtoMessage 

func (*ApplicationLifecycle) ProtoMessage()

func (*ApplicationLifecycle) ProtoReflect 

func (x *ApplicationLifecycle) ProtoReflect() protoreflect.Message

func (*ApplicationLifecycle) Reset 

func (x *ApplicationLifecycle) Reset()

func (*ApplicationLifecycle) String 

func (x *ApplicationLifecycle) String() string

type ApplicationLifecycle_ActivityId 

type ApplicationLifecycle_ActivityId int32
const (
	ApplicationLifecycle_ACTIVITY_ID_UNKNOWN ApplicationLifecycle_ActivityId = 0
	ApplicationLifecycle_ACTIVITY_ID_INSTALL ApplicationLifecycle_ActivityId = 1
	ApplicationLifecycle_ACTIVITY_ID_REMOVE  ApplicationLifecycle_ActivityId = 2
	ApplicationLifecycle_ACTIVITY_ID_START   ApplicationLifecycle_ActivityId = 3
	ApplicationLifecycle_ACTIVITY_ID_STOP    ApplicationLifecycle_ActivityId = 4
	ApplicationLifecycle_ACTIVITY_ID_OTHER   ApplicationLifecycle_ActivityId = 99
)

func (ApplicationLifecycle_ActivityId) Descriptor 

func (ApplicationLifecycle_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ApplicationLifecycle_ActivityId) Enum 

func (x ApplicationLifecycle_ActivityId) Enum() *ApplicationLifecycle_ActivityId

func (ApplicationLifecycle_ActivityId) EnumDescriptor deprecated 

func (ApplicationLifecycle_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApplicationLifecycle_ActivityId.Descriptor instead.

func (ApplicationLifecycle_ActivityId) Number 

func (x ApplicationLifecycle_ActivityId) Number() protoreflect.EnumNumber

func (ApplicationLifecycle_ActivityId) String 

func (x ApplicationLifecycle_ActivityId) String() string

func (ApplicationLifecycle_ActivityId) Type 

func (ApplicationLifecycle_ActivityId) Type() protoreflect.EnumType

type ApplicationLifecycle_CategoryUid 

type ApplicationLifecycle_CategoryUid int32
const (
	ApplicationLifecycle_CATEGORY_UID_UNKNOWN              ApplicationLifecycle_CategoryUid = 0
	ApplicationLifecycle_CATEGORY_UID_APPLICATION_ACTIVITY ApplicationLifecycle_CategoryUid = 6
)

func (ApplicationLifecycle_CategoryUid) Descriptor 

func (ApplicationLifecycle_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ApplicationLifecycle_CategoryUid) Enum 

func (x ApplicationLifecycle_CategoryUid) Enum() *ApplicationLifecycle_CategoryUid

func (ApplicationLifecycle_CategoryUid) EnumDescriptor deprecated 

func (ApplicationLifecycle_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApplicationLifecycle_CategoryUid.Descriptor instead.

func (ApplicationLifecycle_CategoryUid) Number 

func (x ApplicationLifecycle_CategoryUid) Number() protoreflect.EnumNumber

func (ApplicationLifecycle_CategoryUid) String 

func (x ApplicationLifecycle_CategoryUid) String() string

func (ApplicationLifecycle_CategoryUid) Type 

func (ApplicationLifecycle_CategoryUid) Type() protoreflect.EnumType

type ApplicationLifecycle_ClassUid 

type ApplicationLifecycle_ClassUid int32
const (
	ApplicationLifecycle_CLASS_UID_UNKNOWN               ApplicationLifecycle_ClassUid = 0
	ApplicationLifecycle_CLASS_UID_APPLICATION_LIFECYCLE ApplicationLifecycle_ClassUid = 6002
)

func (ApplicationLifecycle_ClassUid) Descriptor 

func (ApplicationLifecycle_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ApplicationLifecycle_ClassUid) Enum 

func (x ApplicationLifecycle_ClassUid) Enum() *ApplicationLifecycle_ClassUid

func (ApplicationLifecycle_ClassUid) EnumDescriptor deprecated 

func (ApplicationLifecycle_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApplicationLifecycle_ClassUid.Descriptor instead.

func (ApplicationLifecycle_ClassUid) Number 

func (x ApplicationLifecycle_ClassUid) Number() protoreflect.EnumNumber

func (ApplicationLifecycle_ClassUid) String 

func (x ApplicationLifecycle_ClassUid) String() string

func (ApplicationLifecycle_ClassUid) Type 

func (ApplicationLifecycle_ClassUid) Type() protoreflect.EnumType

type ApplicationLifecycle_SeverityId 

type ApplicationLifecycle_SeverityId int32
const (
	ApplicationLifecycle_SEVERITY_ID_UNKNOWN       ApplicationLifecycle_SeverityId = 0 // The event/finding severity is unknown.
	ApplicationLifecycle_SEVERITY_ID_INFORMATIONAL ApplicationLifecycle_SeverityId = 1 // Informational message. No action required.
	ApplicationLifecycle_SEVERITY_ID_LOW           ApplicationLifecycle_SeverityId = 2 // The user decides if action is needed.
	ApplicationLifecycle_SEVERITY_ID_MEDIUM        ApplicationLifecycle_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ApplicationLifecycle_SEVERITY_ID_HIGH     ApplicationLifecycle_SeverityId = 4 // Action is required immediately.
	ApplicationLifecycle_SEVERITY_ID_CRITICAL ApplicationLifecycle_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ApplicationLifecycle_SEVERITY_ID_FATAL ApplicationLifecycle_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ApplicationLifecycle_SEVERITY_ID_OTHER ApplicationLifecycle_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ApplicationLifecycle_SeverityId) Descriptor 

func (ApplicationLifecycle_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ApplicationLifecycle_SeverityId) Enum 

func (x ApplicationLifecycle_SeverityId) Enum() *ApplicationLifecycle_SeverityId

func (ApplicationLifecycle_SeverityId) EnumDescriptor deprecated 

func (ApplicationLifecycle_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApplicationLifecycle_SeverityId.Descriptor instead.

func (ApplicationLifecycle_SeverityId) Number 

func (x ApplicationLifecycle_SeverityId) Number() protoreflect.EnumNumber

func (ApplicationLifecycle_SeverityId) String 

func (x ApplicationLifecycle_SeverityId) String() string

func (ApplicationLifecycle_SeverityId) Type 

func (ApplicationLifecycle_SeverityId) Type() protoreflect.EnumType

type ApplicationLifecycle_StatusId 

type ApplicationLifecycle_StatusId int32
const (
	ApplicationLifecycle_STATUS_ID_UNKNOWN ApplicationLifecycle_StatusId = 0 // The status is unknown.
	ApplicationLifecycle_STATUS_ID_SUCCESS ApplicationLifecycle_StatusId = 1
	ApplicationLifecycle_STATUS_ID_FAILURE ApplicationLifecycle_StatusId = 2
	ApplicationLifecycle_STATUS_ID_OTHER   ApplicationLifecycle_StatusId = 99 // The event status is not mapped. See the
)

func (ApplicationLifecycle_StatusId) Descriptor 

func (ApplicationLifecycle_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ApplicationLifecycle_StatusId) Enum 

func (x ApplicationLifecycle_StatusId) Enum() *ApplicationLifecycle_StatusId

func (ApplicationLifecycle_StatusId) EnumDescriptor deprecated 

func (ApplicationLifecycle_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ApplicationLifecycle_StatusId.Descriptor instead.

func (ApplicationLifecycle_StatusId) Number 

func (x ApplicationLifecycle_StatusId) Number() protoreflect.EnumNumber

func (ApplicationLifecycle_StatusId) String 

func (x ApplicationLifecycle_StatusId) String() string

func (ApplicationLifecycle_StatusId) Type 

func (ApplicationLifecycle_StatusId) Type() protoreflect.EnumType

type Attack 

type Attack struct {
	SubTechnique *SubTechnique `protobuf:"bytes,1,opt,name=sub_technique,json=subTechnique,proto3" json:"sub_technique,omitempty"`
	Tactic       *Tactic       `protobuf:"bytes,2,opt,name=tactic,proto3" json:"tactic,omitempty"`
	Tactics      []*Tactic     `protobuf:"bytes,3,rep,name=tactics,proto3" json:"tactics,omitempty"`
	Technique    *Technique    `protobuf:"bytes,4,opt,name=technique,proto3" json:"technique,omitempty"`
	Version      *string       `protobuf:"bytes,5,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Attack is an OSF object defined in ocsf objects/attack.json

The <a target='_blank' href='https://attack.mitre.org'>MITRE ATT&CK®</a> object describes the tactic, technique & sub-technique associated to an attack as defined in <a target='_blank' href='https://attack.mitre.org/wiki/ATT&CK_Matrix'>ATT&CK Matrix<sup>TM</sup></a>.

func (*Attack) Descriptor deprecated 

func (*Attack) Descriptor() ([]byte, []int)

Deprecated: Use Attack.ProtoReflect.Descriptor instead.

func (*Attack) GetSubTechnique 

func (x *Attack) GetSubTechnique() *SubTechnique

func (*Attack) GetTactic 

func (x *Attack) GetTactic() *Tactic

func (*Attack) GetTactics 

func (x *Attack) GetTactics() []*Tactic

func (*Attack) GetTechnique 

func (x *Attack) GetTechnique() *Technique

func (*Attack) GetVersion 

func (x *Attack) GetVersion() string

func (*Attack) ProtoMessage 

func (*Attack) ProtoMessage()

func (*Attack) ProtoReflect 

func (x *Attack) ProtoReflect() protoreflect.Message

func (*Attack) Reset 

func (x *Attack) Reset()

func (*Attack) String 

func (x *Attack) String() string

type AuthFactor 

type AuthFactor struct {
	Device            *Device                 `protobuf:"bytes,1,opt,name=device,proto3" json:"device,omitempty"`
	EmailAddr         *string                 `protobuf:"bytes,2,opt,name=email_addr,json=emailAddr,proto3,oneof" json:"email_addr,omitempty"`
	FactorType        *string                 `protobuf:"bytes,3,opt,name=factor_type,json=factorType,proto3,oneof" json:"factor_type,omitempty"`
	FactorTypeId      AuthFactor_FactorTypeId `` /* 144-byte string literal not displayed */
	IsHotp            *bool                   `protobuf:"varint,5,opt,name=is_hotp,json=isHotp,proto3,oneof" json:"is_hotp,omitempty"`
	IsTotp            *bool                   `protobuf:"varint,6,opt,name=is_totp,json=isTotp,proto3,oneof" json:"is_totp,omitempty"`
	PhoneNumber       *string                 `protobuf:"bytes,7,opt,name=phone_number,json=phoneNumber,proto3,oneof" json:"phone_number,omitempty"`
	Provider          *string                 `protobuf:"bytes,8,opt,name=provider,proto3,oneof" json:"provider,omitempty"`
	SecurityQuestions []string                `protobuf:"bytes,9,rep,name=security_questions,json=securityQuestions,proto3" json:"security_questions,omitempty"`
	// contains filtered or unexported fields
}

AuthFactor is an OSF object defined in ocsf objects/auth_factor.json

An Authentication Factor object describes a category of methods used for identity verification in an authentication attempt.

func (*AuthFactor) Descriptor deprecated 

func (*AuthFactor) Descriptor() ([]byte, []int)

Deprecated: Use AuthFactor.ProtoReflect.Descriptor instead.

func (*AuthFactor) GetDevice 

func (x *AuthFactor) GetDevice() *Device

func (*AuthFactor) GetEmailAddr 

func (x *AuthFactor) GetEmailAddr() string

func (*AuthFactor) GetFactorType 

func (x *AuthFactor) GetFactorType() string

func (*AuthFactor) GetFactorTypeId 

func (x *AuthFactor) GetFactorTypeId() AuthFactor_FactorTypeId

func (*AuthFactor) GetIsHotp 

func (x *AuthFactor) GetIsHotp() bool

func (*AuthFactor) GetIsTotp 

func (x *AuthFactor) GetIsTotp() bool

func (*AuthFactor) GetPhoneNumber 

func (x *AuthFactor) GetPhoneNumber() string

func (*AuthFactor) GetProvider 

func (x *AuthFactor) GetProvider() string

func (*AuthFactor) GetSecurityQuestions 

func (x *AuthFactor) GetSecurityQuestions() []string

func (*AuthFactor) ProtoMessage 

func (*AuthFactor) ProtoMessage()

func (*AuthFactor) ProtoReflect 

func (x *AuthFactor) ProtoReflect() protoreflect.Message

func (*AuthFactor) Reset 

func (x *AuthFactor) Reset()

func (*AuthFactor) String 

func (x *AuthFactor) String() string

type AuthFactor_FactorTypeId 

type AuthFactor_FactorTypeId int32
const (
	AuthFactor_FACTOR_TYPE_ID_UNKNOWN AuthFactor_FactorTypeId = 0
	AuthFactor_FACTOR_TYPE_ID_SMS     AuthFactor_FactorTypeId = 1 // User receives and inputs a code sent to
	// their mobile device via SMS text
	// message.
	AuthFactor_FACTOR_TYPE_ID_SECURITY_QUESTION AuthFactor_FactorTypeId = 2 // The user responds to a security question
	// as part of a question-based
	// authentication factor
	AuthFactor_FACTOR_TYPE_ID_PHONE_CALL AuthFactor_FactorTypeId = 3 // System calls the user's registered phone
	// number and requires the user to answer
	// and provide a response.
	AuthFactor_FACTOR_TYPE_ID_BIOMETRIC AuthFactor_FactorTypeId = 4 // Devices that verify identity-based on
	// user's physical identifiers, such as
	// fingerprint scanners or retina scanners.
	AuthFactor_FACTOR_TYPE_ID_PUSH_NOTIFICATION AuthFactor_FactorTypeId = 5 // Push notification is sent to user's
	// registered device and requires the user
	// to acknowledge.
	AuthFactor_FACTOR_TYPE_ID_HARDWARE_TOKEN AuthFactor_FactorTypeId = 6 // Physical device that generates a code to
	// be used for authentication.
	AuthFactor_FACTOR_TYPE_ID_OTP AuthFactor_FactorTypeId = 7 // Application generates a one-time password
	// (OTP) for use in authentication.
	AuthFactor_FACTOR_TYPE_ID_EMAIL AuthFactor_FactorTypeId = 8 // A code or link is sent to a user's
	// registered email address.
	AuthFactor_FACTOR_TYPE_ID_U2F AuthFactor_FactorTypeId = 9 // Typically involves a hardware token,
	// which the user physically interacts with
	// to authenticate.
	AuthFactor_FACTOR_TYPE_ID_WEBAUTHN AuthFactor_FactorTypeId = 10 // Web-based API that enables users to
	// register devices as authentication
	// factors.
	AuthFactor_FACTOR_TYPE_ID_PASSWORD AuthFactor_FactorTypeId = 11 // The user enters a password that they
	// have previously established.
	AuthFactor_FACTOR_TYPE_ID_OTHER AuthFactor_FactorTypeId = 99
)

func (AuthFactor_FactorTypeId) Descriptor 

func (AuthFactor_FactorTypeId) Descriptor() protoreflect.EnumDescriptor

func (AuthFactor_FactorTypeId) Enum 

func (x AuthFactor_FactorTypeId) Enum() *AuthFactor_FactorTypeId

func (AuthFactor_FactorTypeId) EnumDescriptor deprecated 

func (AuthFactor_FactorTypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AuthFactor_FactorTypeId.Descriptor instead.

func (AuthFactor_FactorTypeId) Number 

func (x AuthFactor_FactorTypeId) Number() protoreflect.EnumNumber

func (AuthFactor_FactorTypeId) String 

func (x AuthFactor_FactorTypeId) String() string

func (AuthFactor_FactorTypeId) Type 

func (AuthFactor_FactorTypeId) Type() protoreflect.EnumType

type Authentication 

type Authentication struct {
	ActivityId     Authentication_ActivityId      `` /* 138-byte string literal not displayed */
	ActivityName   *string                        `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                         `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                           `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	AuthFactors    []*AuthFactor                  `protobuf:"bytes,5,rep,name=auth_factors,json=authFactors,proto3" json:"auth_factors,omitempty"`
	AuthProtocol   *string                        `protobuf:"bytes,6,opt,name=auth_protocol,json=authProtocol,proto3,oneof" json:"auth_protocol,omitempty"`
	AuthProtocolId *Authentication_AuthProtocolId `` /* 162-byte string literal not displayed */
	CategoryName   *string                        `protobuf:"bytes,8,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    Authentication_CategoryUid     `` /* 142-byte string literal not displayed */
	Certificate    *Certificate                   `protobuf:"bytes,10,opt,name=certificate,proto3" json:"certificate,omitempty"`
	ClassName      *string                        `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       Authentication_ClassUid        `` /* 131-byte string literal not displayed */
	Cloud          *Cloud                         `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                         `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                        `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	DstEndpoint    *NetworkEndpoint               `protobuf:"bytes,16,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration       *int32                         `protobuf:"varint,17,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                         `protobuf:"varint,18,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp         `protobuf:"bytes,19,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                  `protobuf:"bytes,20,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	HttpRequest    *HttpRequest                   `protobuf:"bytes,21,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	IsCleartext    *bool                          `protobuf:"varint,22,opt,name=is_cleartext,json=isCleartext,proto3,oneof" json:"is_cleartext,omitempty"`
	IsMfa          *bool                          `protobuf:"varint,23,opt,name=is_mfa,json=isMfa,proto3,oneof" json:"is_mfa,omitempty"`
	IsNewLogon     *bool                          `protobuf:"varint,24,opt,name=is_new_logon,json=isNewLogon,proto3,oneof" json:"is_new_logon,omitempty"`
	IsRemote       *bool                          `protobuf:"varint,25,opt,name=is_remote,json=isRemote,proto3,oneof" json:"is_remote,omitempty"`
	LogonProcess   *Process                       `protobuf:"bytes,26,opt,name=logon_process,json=logonProcess,proto3" json:"logon_process,omitempty"`
	LogonType      *string                        `protobuf:"bytes,27,opt,name=logon_type,json=logonType,proto3,oneof" json:"logon_type,omitempty"`
	LogonTypeId    *Authentication_LogonTypeId    `` /* 151-byte string literal not displayed */
	Message        *string                        `protobuf:"bytes,29,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                      `protobuf:"bytes,30,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                  `protobuf:"bytes,31,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                        `protobuf:"bytes,32,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Service        *Service                       `protobuf:"bytes,33,opt,name=service,proto3" json:"service,omitempty"`
	Session        *Session                       `protobuf:"bytes,34,opt,name=session,proto3" json:"session,omitempty"`
	Severity       *string                        `protobuf:"bytes,35,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     Authentication_SeverityId      `` /* 139-byte string literal not displayed */
	SrcEndpoint    *NetworkEndpoint               `protobuf:"bytes,37,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                         `protobuf:"varint,38,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp         `protobuf:"bytes,39,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                        `protobuf:"bytes,40,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                        `protobuf:"bytes,41,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                        `protobuf:"bytes,42,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *Authentication_StatusId       `` /* 137-byte string literal not displayed */
	Time           int64                          `protobuf:"varint,44,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp         `protobuf:"bytes,45,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                         `protobuf:"varint,46,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                        `protobuf:"bytes,47,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                          `protobuf:"varint,48,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct               `protobuf:"bytes,49,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	User           *User                          `protobuf:"bytes,50,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

Authentication is an OSF event in category "Identity & Access Management" called Authentication defined in ocsf events/iam/authentication.json

Authentication events report authentication session activities such as user attempts a logon or logoff, successfully or otherwise.

func (*Authentication) Descriptor deprecated 

func (*Authentication) Descriptor() ([]byte, []int)

Deprecated: Use Authentication.ProtoReflect.Descriptor instead.

func (*Authentication) GetActivityId 

func (x *Authentication) GetActivityId() Authentication_ActivityId

func (*Authentication) GetActivityName 

func (x *Authentication) GetActivityName() string

func (*Authentication) GetActor 

func (x *Authentication) GetActor() *Actor

func (*Authentication) GetApi 

func (x *Authentication) GetApi() *Api

func (*Authentication) GetAuthFactors 

func (x *Authentication) GetAuthFactors() []*AuthFactor

func (*Authentication) GetAuthProtocol 

func (x *Authentication) GetAuthProtocol() string

func (*Authentication) GetAuthProtocolId 

func (x *Authentication) GetAuthProtocolId() Authentication_AuthProtocolId

func (*Authentication) GetCategoryName 

func (x *Authentication) GetCategoryName() string

func (*Authentication) GetCategoryUid 

func (x *Authentication) GetCategoryUid() Authentication_CategoryUid

func (*Authentication) GetCertificate 

func (x *Authentication) GetCertificate() *Certificate

func (*Authentication) GetClassName 

func (x *Authentication) GetClassName() string

func (*Authentication) GetClassUid 

func (x *Authentication) GetClassUid() Authentication_ClassUid

func (*Authentication) GetCloud 

func (x *Authentication) GetCloud() *Cloud

func (*Authentication) GetCount 

func (x *Authentication) GetCount() int32

func (*Authentication) GetDevice 

func (x *Authentication) GetDevice() *Device

func (*Authentication) GetDstEndpoint 

func (x *Authentication) GetDstEndpoint() *NetworkEndpoint

func (*Authentication) GetDuration 

func (x *Authentication) GetDuration() int32

func (*Authentication) GetEndTime 

func (x *Authentication) GetEndTime() int64

func (*Authentication) GetEndTimeDt 

func (x *Authentication) GetEndTimeDt() *timestamppb.Timestamp

func (*Authentication) GetEnrichments 

func (x *Authentication) GetEnrichments() []*Enrichment

func (*Authentication) GetHttpRequest 

func (x *Authentication) GetHttpRequest() *HttpRequest

func (*Authentication) GetIsCleartext 

func (x *Authentication) GetIsCleartext() bool

func (*Authentication) GetIsMfa 

func (x *Authentication) GetIsMfa() bool

func (*Authentication) GetIsNewLogon 

func (x *Authentication) GetIsNewLogon() bool

func (*Authentication) GetIsRemote 

func (x *Authentication) GetIsRemote() bool

func (*Authentication) GetLogonProcess 

func (x *Authentication) GetLogonProcess() *Process

func (*Authentication) GetLogonType 

func (x *Authentication) GetLogonType() string

func (*Authentication) GetLogonTypeId 

func (x *Authentication) GetLogonTypeId() Authentication_LogonTypeId

func (*Authentication) GetMessage 

func (x *Authentication) GetMessage() string

func (*Authentication) GetMetadata 

func (x *Authentication) GetMetadata() *Metadata

func (*Authentication) GetObservables 

func (x *Authentication) GetObservables() []*Observable

func (*Authentication) GetRawData 

func (x *Authentication) GetRawData() string

func (*Authentication) GetService 

func (x *Authentication) GetService() *Service

func (*Authentication) GetSession 

func (x *Authentication) GetSession() *Session

func (*Authentication) GetSeverity 

func (x *Authentication) GetSeverity() string

func (*Authentication) GetSeverityId 

func (x *Authentication) GetSeverityId() Authentication_SeverityId

func (*Authentication) GetSrcEndpoint 

func (x *Authentication) GetSrcEndpoint() *NetworkEndpoint

func (*Authentication) GetStartTime 

func (x *Authentication) GetStartTime() int64

func (*Authentication) GetStartTimeDt 

func (x *Authentication) GetStartTimeDt() *timestamppb.Timestamp

func (*Authentication) GetStatus 

func (x *Authentication) GetStatus() string

func (*Authentication) GetStatusCode 

func (x *Authentication) GetStatusCode() string

func (*Authentication) GetStatusDetail 

func (x *Authentication) GetStatusDetail() string

func (*Authentication) GetStatusId 

func (x *Authentication) GetStatusId() Authentication_StatusId

func (*Authentication) GetTime 

func (x *Authentication) GetTime() int64

func (*Authentication) GetTimeDt 

func (x *Authentication) GetTimeDt() *timestamppb.Timestamp

func (*Authentication) GetTimezoneOffset 

func (x *Authentication) GetTimezoneOffset() int32

func (*Authentication) GetTypeName 

func (x *Authentication) GetTypeName() string

func (*Authentication) GetTypeUid 

func (x *Authentication) GetTypeUid() int64

func (*Authentication) GetUnmapped 

func (x *Authentication) GetUnmapped() *structpb.Struct

func (*Authentication) GetUser 

func (x *Authentication) GetUser() *User

func (*Authentication) ProtoMessage 

func (*Authentication) ProtoMessage()

func (*Authentication) ProtoReflect 

func (x *Authentication) ProtoReflect() protoreflect.Message

func (*Authentication) Reset 

func (x *Authentication) Reset()

func (*Authentication) String 

func (x *Authentication) String() string

type Authentication_ActivityId 

type Authentication_ActivityId int32
const (
	Authentication_ACTIVITY_ID_UNKNOWN Authentication_ActivityId = 0
	Authentication_ACTIVITY_ID_LOGON   Authentication_ActivityId = 1 // A new logon session was requested.
	Authentication_ACTIVITY_ID_LOGOFF  Authentication_ActivityId = 2 // A logon session was terminated and no
	// longer exists.
	Authentication_ACTIVITY_ID_AUTHENTICATION_TICKET Authentication_ActivityId = 3 // A Kerberos authentication ticket (TGT)
	// was requested.
	Authentication_ACTIVITY_ID_SERVICE_TICKET_REQUEST Authentication_ActivityId = 4 // A Kerberos service ticket was
	// requested.
	Authentication_ACTIVITY_ID_SERVICE_TICKET_RENEW Authentication_ActivityId = 5 // A Kerberos service ticket was renewed.
	Authentication_ACTIVITY_ID_PREAUTH              Authentication_ActivityId = 6 // A preauthentication stage was engaged.
	Authentication_ACTIVITY_ID_OTHER                Authentication_ActivityId = 99
)

func (Authentication_ActivityId) Descriptor 

func (Authentication_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (Authentication_ActivityId) Enum 

func (x Authentication_ActivityId) Enum() *Authentication_ActivityId

func (Authentication_ActivityId) EnumDescriptor deprecated 

func (Authentication_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Authentication_ActivityId.Descriptor instead.

func (Authentication_ActivityId) Number 

func (x Authentication_ActivityId) Number() protoreflect.EnumNumber

func (Authentication_ActivityId) String 

func (x Authentication_ActivityId) String() string

func (Authentication_ActivityId) Type 

func (Authentication_ActivityId) Type() protoreflect.EnumType

type Authentication_AuthProtocolId 

type Authentication_AuthProtocolId int32
const (
	Authentication_AUTH_PROTOCOL_ID_UNKNOWN   Authentication_AuthProtocolId = 0 // The authentication protocol is unknown.
	Authentication_AUTH_PROTOCOL_ID_NTLM      Authentication_AuthProtocolId = 1
	Authentication_AUTH_PROTOCOL_ID_KERBEROS  Authentication_AuthProtocolId = 2
	Authentication_AUTH_PROTOCOL_ID_DIGEST    Authentication_AuthProtocolId = 3
	Authentication_AUTH_PROTOCOL_ID_OPENID    Authentication_AuthProtocolId = 4
	Authentication_AUTH_PROTOCOL_ID_SAML      Authentication_AuthProtocolId = 5
	Authentication_AUTH_PROTOCOL_ID_OAUTH_2_0 Authentication_AuthProtocolId = 6
	Authentication_AUTH_PROTOCOL_ID_PAP       Authentication_AuthProtocolId = 7
	Authentication_AUTH_PROTOCOL_ID_CHAP      Authentication_AuthProtocolId = 8
	Authentication_AUTH_PROTOCOL_ID_EAP       Authentication_AuthProtocolId = 9
	Authentication_AUTH_PROTOCOL_ID_RADIUS    Authentication_AuthProtocolId = 10
	Authentication_AUTH_PROTOCOL_ID_OTHER     Authentication_AuthProtocolId = 99 // The authentication protocol is not mapped. See
)

func (Authentication_AuthProtocolId) Descriptor 

func (Authentication_AuthProtocolId) Descriptor() protoreflect.EnumDescriptor

func (Authentication_AuthProtocolId) Enum 

func (x Authentication_AuthProtocolId) Enum() *Authentication_AuthProtocolId

func (Authentication_AuthProtocolId) EnumDescriptor deprecated 

func (Authentication_AuthProtocolId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Authentication_AuthProtocolId.Descriptor instead.

func (Authentication_AuthProtocolId) Number 

func (x Authentication_AuthProtocolId) Number() protoreflect.EnumNumber

func (Authentication_AuthProtocolId) String 

func (x Authentication_AuthProtocolId) String() string

func (Authentication_AuthProtocolId) Type 

func (Authentication_AuthProtocolId) Type() protoreflect.EnumType

type Authentication_CategoryUid 

type Authentication_CategoryUid int32
const (
	Authentication_CATEGORY_UID_UNKNOWN                    Authentication_CategoryUid = 0
	Authentication_CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT Authentication_CategoryUid = 3
)

func (Authentication_CategoryUid) Descriptor 

func (Authentication_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (Authentication_CategoryUid) Enum 

func (x Authentication_CategoryUid) Enum() *Authentication_CategoryUid

func (Authentication_CategoryUid) EnumDescriptor deprecated 

func (Authentication_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use Authentication_CategoryUid.Descriptor instead.

func (Authentication_CategoryUid) Number 

func (x Authentication_CategoryUid) Number() protoreflect.EnumNumber

func (Authentication_CategoryUid) String 

func (x Authentication_CategoryUid) String() string

func (Authentication_CategoryUid) Type 

func (Authentication_CategoryUid) Type() protoreflect.EnumType

type Authentication_ClassUid 

type Authentication_ClassUid int32
const (
	Authentication_CLASS_UID_UNKNOWN        Authentication_ClassUid = 0
	Authentication_CLASS_UID_AUTHENTICATION Authentication_ClassUid = 3002
)

func (Authentication_ClassUid) Descriptor 

func (Authentication_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (Authentication_ClassUid) Enum 

func (x Authentication_ClassUid) Enum() *Authentication_ClassUid

func (Authentication_ClassUid) EnumDescriptor deprecated 

func (Authentication_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use Authentication_ClassUid.Descriptor instead.

func (Authentication_ClassUid) Number 

func (x Authentication_ClassUid) Number() protoreflect.EnumNumber

func (Authentication_ClassUid) String 

func (x Authentication_ClassUid) String() string

func (Authentication_ClassUid) Type 

func (Authentication_ClassUid) Type() protoreflect.EnumType

type Authentication_LogonTypeId 

type Authentication_LogonTypeId int32
const (
	Authentication_LOGON_TYPE_ID_UNKNOWN Authentication_LogonTypeId = 0 // The logon type is unknown.
	Authentication_LOGON_TYPE_ID_SYSTEM  Authentication_LogonTypeId = 1 // Used only by the System account,
	// for example at system startup.
	Authentication_LOGON_TYPE_ID_INTERACTIVE Authentication_LogonTypeId = 2 // A local logon to device console.
	Authentication_LOGON_TYPE_ID_NETWORK     Authentication_LogonTypeId = 3 // A user or device logged onto this
	// device from the network.
	Authentication_LOGON_TYPE_ID_BATCH Authentication_LogonTypeId = 4 // A batch server logon, where
	// processes may be executing on
	// behalf of a user without their
	// direct intervention.
	Authentication_LOGON_TYPE_ID_OS_SERVICE Authentication_LogonTypeId = 5 // A logon by a service or daemon
	// that was started by the OS.
	Authentication_LOGON_TYPE_ID_UNLOCK            Authentication_LogonTypeId = 7 // A user unlocked the device.
	Authentication_LOGON_TYPE_ID_NETWORK_CLEARTEXT Authentication_LogonTypeId = 8 // A user logged on to this device
	// from the network. The user's
	// password in the authentication
	// package was not hashed.
	Authentication_LOGON_TYPE_ID_NEW_CREDENTIALS Authentication_LogonTypeId = 9 // A caller cloned its current token
	// and specified new credentials for
	// outbound connections. The new
	// logon session has the same local
	// identity, but uses different
	// credentials for other network
	// connections.
	Authentication_LOGON_TYPE_ID_REMOTE_INTERACTIVE Authentication_LogonTypeId = 10 // A remote logon using Terminal
	// Services or remote desktop
	// application.
	Authentication_LOGON_TYPE_ID_CACHED_INTERACTIVE Authentication_LogonTypeId = 11 // A user logged on to this device
	// with network credentials that
	// were stored locally on the device
	// and the domain controller was not
	// contacted to verify the
	// credentials.
	Authentication_LOGON_TYPE_ID_CACHED_REMOTE_INTERACTIVE Authentication_LogonTypeId = 12 // Same as Remote Interactive. This
	// is used for internal auditing.
	Authentication_LOGON_TYPE_ID_CACHED_UNLOCK Authentication_LogonTypeId = 13 // Workstation logon.
	Authentication_LOGON_TYPE_ID_OTHER         Authentication_LogonTypeId = 99 // The logon type is not mapped. See
)

func (Authentication_LogonTypeId) Descriptor 

func (Authentication_LogonTypeId) Descriptor() protoreflect.EnumDescriptor

func (Authentication_LogonTypeId) Enum 

func (x Authentication_LogonTypeId) Enum() *Authentication_LogonTypeId

func (Authentication_LogonTypeId) EnumDescriptor deprecated 

func (Authentication_LogonTypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Authentication_LogonTypeId.Descriptor instead.

func (Authentication_LogonTypeId) Number 

func (x Authentication_LogonTypeId) Number() protoreflect.EnumNumber

func (Authentication_LogonTypeId) String 

func (x Authentication_LogonTypeId) String() string

func (Authentication_LogonTypeId) Type 

func (Authentication_LogonTypeId) Type() protoreflect.EnumType

type Authentication_SeverityId 

type Authentication_SeverityId int32
const (
	Authentication_SEVERITY_ID_UNKNOWN       Authentication_SeverityId = 0 // The event/finding severity is unknown.
	Authentication_SEVERITY_ID_INFORMATIONAL Authentication_SeverityId = 1 // Informational message. No action required.
	Authentication_SEVERITY_ID_LOW           Authentication_SeverityId = 2 // The user decides if action is needed.
	Authentication_SEVERITY_ID_MEDIUM        Authentication_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	Authentication_SEVERITY_ID_HIGH     Authentication_SeverityId = 4 // Action is required immediately.
	Authentication_SEVERITY_ID_CRITICAL Authentication_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	Authentication_SEVERITY_ID_FATAL Authentication_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	Authentication_SEVERITY_ID_OTHER Authentication_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (Authentication_SeverityId) Descriptor 

func (Authentication_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (Authentication_SeverityId) Enum 

func (x Authentication_SeverityId) Enum() *Authentication_SeverityId

func (Authentication_SeverityId) EnumDescriptor deprecated 

func (Authentication_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Authentication_SeverityId.Descriptor instead.

func (Authentication_SeverityId) Number 

func (x Authentication_SeverityId) Number() protoreflect.EnumNumber

func (Authentication_SeverityId) String 

func (x Authentication_SeverityId) String() string

func (Authentication_SeverityId) Type 

func (Authentication_SeverityId) Type() protoreflect.EnumType

type Authentication_StatusId 

type Authentication_StatusId int32
const (
	Authentication_STATUS_ID_UNKNOWN Authentication_StatusId = 0 // The status is unknown.
	Authentication_STATUS_ID_SUCCESS Authentication_StatusId = 1
	Authentication_STATUS_ID_FAILURE Authentication_StatusId = 2
	Authentication_STATUS_ID_OTHER   Authentication_StatusId = 99 // The event status is not mapped. See the
)

func (Authentication_StatusId) Descriptor 

func (Authentication_StatusId) Descriptor() protoreflect.EnumDescriptor

func (Authentication_StatusId) Enum 

func (x Authentication_StatusId) Enum() *Authentication_StatusId

func (Authentication_StatusId) EnumDescriptor deprecated 

func (Authentication_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Authentication_StatusId.Descriptor instead.

func (Authentication_StatusId) Number 

func (x Authentication_StatusId) Number() protoreflect.EnumNumber

func (Authentication_StatusId) String 

func (x Authentication_StatusId) String() string

func (Authentication_StatusId) Type 

func (Authentication_StatusId) Type() protoreflect.EnumType

type Authorization 

type Authorization struct {
	Decision *string `protobuf:"bytes,1,opt,name=decision,proto3,oneof" json:"decision,omitempty"`
	Policy   *Policy `protobuf:"bytes,2,opt,name=policy,proto3" json:"policy,omitempty"`
	// contains filtered or unexported fields
}

Authorization is an OSF object defined in ocsf objects/authorization.json

The Authorization Result object provides details about the authorization outcome and associated policies related to activity.

func (*Authorization) Descriptor deprecated 

func (*Authorization) Descriptor() ([]byte, []int)

Deprecated: Use Authorization.ProtoReflect.Descriptor instead.

func (*Authorization) GetDecision 

func (x *Authorization) GetDecision() string

func (*Authorization) GetPolicy 

func (x *Authorization) GetPolicy() *Policy

func (*Authorization) ProtoMessage 

func (*Authorization) ProtoMessage()

func (*Authorization) ProtoReflect 

func (x *Authorization) ProtoReflect() protoreflect.Message

func (*Authorization) Reset 

func (x *Authorization) Reset()

func (*Authorization) String 

func (x *Authorization) String() string

type AuthorizeSession 

type AuthorizeSession struct {
	ActivityId     AuthorizeSession_ActivityId  `` /* 140-byte string literal not displayed */
	ActivityName   *string                      `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                       `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                         `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                      `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    AuthorizeSession_CategoryUid `` /* 144-byte string literal not displayed */
	ClassName      *string                      `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       AuthorizeSession_ClassUid    `` /* 132-byte string literal not displayed */
	Cloud          *Cloud                       `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                       `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                      `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	DstEndpoint    *NetworkEndpoint             `protobuf:"bytes,12,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration       *int32                       `protobuf:"varint,13,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                       `protobuf:"varint,14,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp       `protobuf:"bytes,15,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                `protobuf:"bytes,16,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Group          *Group                       `protobuf:"bytes,17,opt,name=group,proto3" json:"group,omitempty"`
	HttpRequest    *HttpRequest                 `protobuf:"bytes,18,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	Message        *string                      `protobuf:"bytes,19,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                    `protobuf:"bytes,20,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                `protobuf:"bytes,21,rep,name=observables,proto3" json:"observables,omitempty"`
	Privileges     []string                     `protobuf:"bytes,22,rep,name=privileges,proto3" json:"privileges,omitempty"`
	RawData        *string                      `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Session        *Session                     `protobuf:"bytes,24,opt,name=session,proto3" json:"session,omitempty"`
	Severity       *string                      `protobuf:"bytes,25,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     AuthorizeSession_SeverityId  `` /* 141-byte string literal not displayed */
	SrcEndpoint    *NetworkEndpoint             `protobuf:"bytes,27,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                       `protobuf:"varint,28,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp       `protobuf:"bytes,29,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                      `protobuf:"bytes,30,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                      `protobuf:"bytes,31,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                      `protobuf:"bytes,32,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *AuthorizeSession_StatusId   `` /* 139-byte string literal not displayed */
	Time           int64                        `protobuf:"varint,34,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp       `protobuf:"bytes,35,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                       `protobuf:"varint,36,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                      `protobuf:"bytes,37,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                        `protobuf:"varint,38,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct             `protobuf:"bytes,39,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	User           *User                        `protobuf:"bytes,40,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

AuthorizeSession is an OSF event in category "Identity & Access Management" called Authorize Session defined in ocsf events/iam/authorize_session.json

Authorize Session events report privileges or groups assigned to a new user session, usually at login time.

func (*AuthorizeSession) Descriptor deprecated 

func (*AuthorizeSession) Descriptor() ([]byte, []int)

Deprecated: Use AuthorizeSession.ProtoReflect.Descriptor instead.

func (*AuthorizeSession) GetActivityId 

func (x *AuthorizeSession) GetActivityId() AuthorizeSession_ActivityId

func (*AuthorizeSession) GetActivityName 

func (x *AuthorizeSession) GetActivityName() string

func (*AuthorizeSession) GetActor 

func (x *AuthorizeSession) GetActor() *Actor

func (*AuthorizeSession) GetApi 

func (x *AuthorizeSession) GetApi() *Api

func (*AuthorizeSession) GetCategoryName 

func (x *AuthorizeSession) GetCategoryName() string

func (*AuthorizeSession) GetCategoryUid 

func (x *AuthorizeSession) GetCategoryUid() AuthorizeSession_CategoryUid

func (*AuthorizeSession) GetClassName 

func (x *AuthorizeSession) GetClassName() string

func (*AuthorizeSession) GetClassUid 

func (x *AuthorizeSession) GetClassUid() AuthorizeSession_ClassUid

func (*AuthorizeSession) GetCloud 

func (x *AuthorizeSession) GetCloud() *Cloud

func (*AuthorizeSession) GetCount 

func (x *AuthorizeSession) GetCount() int32

func (*AuthorizeSession) GetDevice 

func (x *AuthorizeSession) GetDevice() *Device

func (*AuthorizeSession) GetDstEndpoint 

func (x *AuthorizeSession) GetDstEndpoint() *NetworkEndpoint

func (*AuthorizeSession) GetDuration 

func (x *AuthorizeSession) GetDuration() int32

func (*AuthorizeSession) GetEndTime 

func (x *AuthorizeSession) GetEndTime() int64

func (*AuthorizeSession) GetEndTimeDt 

func (x *AuthorizeSession) GetEndTimeDt() *timestamppb.Timestamp

func (*AuthorizeSession) GetEnrichments 

func (x *AuthorizeSession) GetEnrichments() []*Enrichment

func (*AuthorizeSession) GetGroup 

func (x *AuthorizeSession) GetGroup() *Group

func (*AuthorizeSession) GetHttpRequest 

func (x *AuthorizeSession) GetHttpRequest() *HttpRequest

func (*AuthorizeSession) GetMessage 

func (x *AuthorizeSession) GetMessage() string

func (*AuthorizeSession) GetMetadata 

func (x *AuthorizeSession) GetMetadata() *Metadata

func (*AuthorizeSession) GetObservables 

func (x *AuthorizeSession) GetObservables() []*Observable

func (*AuthorizeSession) GetPrivileges 

func (x *AuthorizeSession) GetPrivileges() []string

func (*AuthorizeSession) GetRawData 

func (x *AuthorizeSession) GetRawData() string

func (*AuthorizeSession) GetSession 

func (x *AuthorizeSession) GetSession() *Session

func (*AuthorizeSession) GetSeverity 

func (x *AuthorizeSession) GetSeverity() string

func (*AuthorizeSession) GetSeverityId 

func (x *AuthorizeSession) GetSeverityId() AuthorizeSession_SeverityId

func (*AuthorizeSession) GetSrcEndpoint 

func (x *AuthorizeSession) GetSrcEndpoint() *NetworkEndpoint

func (*AuthorizeSession) GetStartTime 

func (x *AuthorizeSession) GetStartTime() int64

func (*AuthorizeSession) GetStartTimeDt 

func (x *AuthorizeSession) GetStartTimeDt() *timestamppb.Timestamp

func (*AuthorizeSession) GetStatus 

func (x *AuthorizeSession) GetStatus() string

func (*AuthorizeSession) GetStatusCode 

func (x *AuthorizeSession) GetStatusCode() string

func (*AuthorizeSession) GetStatusDetail 

func (x *AuthorizeSession) GetStatusDetail() string

func (*AuthorizeSession) GetStatusId 

func (x *AuthorizeSession) GetStatusId() AuthorizeSession_StatusId

func (*AuthorizeSession) GetTime 

func (x *AuthorizeSession) GetTime() int64

func (*AuthorizeSession) GetTimeDt 

func (x *AuthorizeSession) GetTimeDt() *timestamppb.Timestamp

func (*AuthorizeSession) GetTimezoneOffset 

func (x *AuthorizeSession) GetTimezoneOffset() int32

func (*AuthorizeSession) GetTypeName 

func (x *AuthorizeSession) GetTypeName() string

func (*AuthorizeSession) GetTypeUid 

func (x *AuthorizeSession) GetTypeUid() int64

func (*AuthorizeSession) GetUnmapped 

func (x *AuthorizeSession) GetUnmapped() *structpb.Struct

func (*AuthorizeSession) GetUser 

func (x *AuthorizeSession) GetUser() *User

func (*AuthorizeSession) ProtoMessage 

func (*AuthorizeSession) ProtoMessage()

func (*AuthorizeSession) ProtoReflect 

func (x *AuthorizeSession) ProtoReflect() protoreflect.Message

func (*AuthorizeSession) Reset 

func (x *AuthorizeSession) Reset()

func (*AuthorizeSession) String 

func (x *AuthorizeSession) String() string

type AuthorizeSession_ActivityId 

type AuthorizeSession_ActivityId int32
const (
	AuthorizeSession_ACTIVITY_ID_UNKNOWN           AuthorizeSession_ActivityId = 0
	AuthorizeSession_ACTIVITY_ID_ASSIGN_PRIVILEGES AuthorizeSession_ActivityId = 1 // Assign special privileges to a new logon.
	AuthorizeSession_ACTIVITY_ID_ASSIGN_GROUPS     AuthorizeSession_ActivityId = 2 // Assign special groups to a new logon.
	AuthorizeSession_ACTIVITY_ID_OTHER             AuthorizeSession_ActivityId = 99
)

func (AuthorizeSession_ActivityId) Descriptor 

func (AuthorizeSession_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (AuthorizeSession_ActivityId) Enum 

func (x AuthorizeSession_ActivityId) Enum() *AuthorizeSession_ActivityId

func (AuthorizeSession_ActivityId) EnumDescriptor deprecated 

func (AuthorizeSession_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AuthorizeSession_ActivityId.Descriptor instead.

func (AuthorizeSession_ActivityId) Number 

func (x AuthorizeSession_ActivityId) Number() protoreflect.EnumNumber

func (AuthorizeSession_ActivityId) String 

func (x AuthorizeSession_ActivityId) String() string

func (AuthorizeSession_ActivityId) Type 

func (AuthorizeSession_ActivityId) Type() protoreflect.EnumType

type AuthorizeSession_CategoryUid 

type AuthorizeSession_CategoryUid int32
const (
	AuthorizeSession_CATEGORY_UID_UNKNOWN                    AuthorizeSession_CategoryUid = 0
	AuthorizeSession_CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT AuthorizeSession_CategoryUid = 3
)

func (AuthorizeSession_CategoryUid) Descriptor 

func (AuthorizeSession_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (AuthorizeSession_CategoryUid) Enum 

func (x AuthorizeSession_CategoryUid) Enum() *AuthorizeSession_CategoryUid

func (AuthorizeSession_CategoryUid) EnumDescriptor deprecated 

func (AuthorizeSession_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use AuthorizeSession_CategoryUid.Descriptor instead.

func (AuthorizeSession_CategoryUid) Number 

func (x AuthorizeSession_CategoryUid) Number() protoreflect.EnumNumber

func (AuthorizeSession_CategoryUid) String 

func (x AuthorizeSession_CategoryUid) String() string

func (AuthorizeSession_CategoryUid) Type 

func (AuthorizeSession_CategoryUid) Type() protoreflect.EnumType

type AuthorizeSession_ClassUid 

type AuthorizeSession_ClassUid int32
const (
	AuthorizeSession_CLASS_UID_UNKNOWN           AuthorizeSession_ClassUid = 0
	AuthorizeSession_CLASS_UID_AUTHORIZE_SESSION AuthorizeSession_ClassUid = 3003
)

func (AuthorizeSession_ClassUid) Descriptor 

func (AuthorizeSession_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (AuthorizeSession_ClassUid) Enum 

func (x AuthorizeSession_ClassUid) Enum() *AuthorizeSession_ClassUid

func (AuthorizeSession_ClassUid) EnumDescriptor deprecated 

func (AuthorizeSession_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use AuthorizeSession_ClassUid.Descriptor instead.

func (AuthorizeSession_ClassUid) Number 

func (x AuthorizeSession_ClassUid) Number() protoreflect.EnumNumber

func (AuthorizeSession_ClassUid) String 

func (x AuthorizeSession_ClassUid) String() string

func (AuthorizeSession_ClassUid) Type 

func (AuthorizeSession_ClassUid) Type() protoreflect.EnumType

type AuthorizeSession_SeverityId 

type AuthorizeSession_SeverityId int32
const (
	AuthorizeSession_SEVERITY_ID_UNKNOWN       AuthorizeSession_SeverityId = 0 // The event/finding severity is unknown.
	AuthorizeSession_SEVERITY_ID_INFORMATIONAL AuthorizeSession_SeverityId = 1 // Informational message. No action required.
	AuthorizeSession_SEVERITY_ID_LOW           AuthorizeSession_SeverityId = 2 // The user decides if action is needed.
	AuthorizeSession_SEVERITY_ID_MEDIUM        AuthorizeSession_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	AuthorizeSession_SEVERITY_ID_HIGH     AuthorizeSession_SeverityId = 4 // Action is required immediately.
	AuthorizeSession_SEVERITY_ID_CRITICAL AuthorizeSession_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	AuthorizeSession_SEVERITY_ID_FATAL AuthorizeSession_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	AuthorizeSession_SEVERITY_ID_OTHER AuthorizeSession_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (AuthorizeSession_SeverityId) Descriptor 

func (AuthorizeSession_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (AuthorizeSession_SeverityId) Enum 

func (x AuthorizeSession_SeverityId) Enum() *AuthorizeSession_SeverityId

func (AuthorizeSession_SeverityId) EnumDescriptor deprecated 

func (AuthorizeSession_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AuthorizeSession_SeverityId.Descriptor instead.

func (AuthorizeSession_SeverityId) Number 

func (x AuthorizeSession_SeverityId) Number() protoreflect.EnumNumber

func (AuthorizeSession_SeverityId) String 

func (x AuthorizeSession_SeverityId) String() string

func (AuthorizeSession_SeverityId) Type 

func (AuthorizeSession_SeverityId) Type() protoreflect.EnumType

type AuthorizeSession_StatusId 

type AuthorizeSession_StatusId int32
const (
	AuthorizeSession_STATUS_ID_UNKNOWN AuthorizeSession_StatusId = 0 // The status is unknown.
	AuthorizeSession_STATUS_ID_SUCCESS AuthorizeSession_StatusId = 1
	AuthorizeSession_STATUS_ID_FAILURE AuthorizeSession_StatusId = 2
	AuthorizeSession_STATUS_ID_OTHER   AuthorizeSession_StatusId = 99 // The event status is not mapped. See the
)

func (AuthorizeSession_StatusId) Descriptor 

func (AuthorizeSession_StatusId) Descriptor() protoreflect.EnumDescriptor

func (AuthorizeSession_StatusId) Enum 

func (x AuthorizeSession_StatusId) Enum() *AuthorizeSession_StatusId

func (AuthorizeSession_StatusId) EnumDescriptor deprecated 

func (AuthorizeSession_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use AuthorizeSession_StatusId.Descriptor instead.

func (AuthorizeSession_StatusId) Number 

func (x AuthorizeSession_StatusId) Number() protoreflect.EnumNumber

func (AuthorizeSession_StatusId) String 

func (x AuthorizeSession_StatusId) String() string

func (AuthorizeSession_StatusId) Type 

func (AuthorizeSession_StatusId) Type() protoreflect.EnumType

type AutonomousSystem 

type AutonomousSystem struct {
	Name   *string `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Number *int32  `protobuf:"varint,2,opt,name=number,proto3,oneof" json:"number,omitempty"`
	// contains filtered or unexported fields
}

AutonomousSystem is an OSF object defined in ocsf objects/autonomous_system.json

An autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain that presents a common, clearly defined routing policy to the internet.

func (*AutonomousSystem) Descriptor deprecated 

func (*AutonomousSystem) Descriptor() ([]byte, []int)

Deprecated: Use AutonomousSystem.ProtoReflect.Descriptor instead.

func (*AutonomousSystem) GetName 

func (x *AutonomousSystem) GetName() string

func (*AutonomousSystem) GetNumber 

func (x *AutonomousSystem) GetNumber() int32

func (*AutonomousSystem) ProtoMessage 

func (*AutonomousSystem) ProtoMessage()

func (*AutonomousSystem) ProtoReflect 

func (x *AutonomousSystem) ProtoReflect() protoreflect.Message

func (*AutonomousSystem) Reset 

func (x *AutonomousSystem) Reset()

func (*AutonomousSystem) String 

func (x *AutonomousSystem) String() string

type Certificate 

type Certificate struct {
	CreatedTime      *int64                 `protobuf:"varint,1,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt    *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	ExpirationTime   *int64                 `protobuf:"varint,3,opt,name=expiration_time,json=expirationTime,proto3,oneof" json:"expiration_time,omitempty"`
	ExpirationTimeDt *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=expiration_time_dt,json=expirationTimeDt,proto3,oneof" json:"expiration_time_dt,omitempty"`
	Fingerprints     []*Fingerprint         `protobuf:"bytes,5,rep,name=fingerprints,proto3" json:"fingerprints,omitempty"`
	Issuer           string                 `protobuf:"bytes,6,opt,name=issuer,proto3" json:"issuer,omitempty"`
	SerialNumber     string                 `protobuf:"bytes,7,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"`
	Subject          *string                `protobuf:"bytes,8,opt,name=subject,proto3,oneof" json:"subject,omitempty"`
	Uid              *string                `protobuf:"bytes,9,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version          *string                `protobuf:"bytes,10,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Certificate is an OSF object defined in ocsf objects/certificate.json

The Digital Certificate, also known as a Public Key Certificate, object contains information about the ownership and usage of a public key. It serves as a means to establish trust in the authenticity and integrity of the public key and the associated entity. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:Certificate/'>d3f:Certificate</a>.

func (*Certificate) Descriptor deprecated 

func (*Certificate) Descriptor() ([]byte, []int)

Deprecated: Use Certificate.ProtoReflect.Descriptor instead.

func (*Certificate) GetCreatedTime 

func (x *Certificate) GetCreatedTime() int64

func (*Certificate) GetCreatedTimeDt 

func (x *Certificate) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Certificate) GetExpirationTime 

func (x *Certificate) GetExpirationTime() int64

func (*Certificate) GetExpirationTimeDt 

func (x *Certificate) GetExpirationTimeDt() *timestamppb.Timestamp

func (*Certificate) GetFingerprints 

func (x *Certificate) GetFingerprints() []*Fingerprint

func (*Certificate) GetIssuer 

func (x *Certificate) GetIssuer() string

func (*Certificate) GetSerialNumber 

func (x *Certificate) GetSerialNumber() string

func (*Certificate) GetSubject 

func (x *Certificate) GetSubject() string

func (*Certificate) GetUid 

func (x *Certificate) GetUid() string

func (*Certificate) GetVersion 

func (x *Certificate) GetVersion() string

func (*Certificate) ProtoMessage 

func (*Certificate) ProtoMessage()

func (*Certificate) ProtoReflect 

func (x *Certificate) ProtoReflect() protoreflect.Message

func (*Certificate) Reset 

func (x *Certificate) Reset()

func (*Certificate) String 

func (x *Certificate) String() string

type CisBenchmarkResult 

type CisBenchmarkResult struct {
	Desc        *string      `protobuf:"bytes,1,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Name        string       `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	Remediation *Remediation `protobuf:"bytes,3,opt,name=remediation,proto3" json:"remediation,omitempty"`
	Rule        *Rule        `protobuf:"bytes,4,opt,name=rule,proto3" json:"rule,omitempty"`
	// contains filtered or unexported fields
}

CisBenchmarkResult is an OSF object defined in ocsf objects/cis_benchmark_result.json

The CIS Benchmark Result object contains information as defined by the Center for Internet Security (<a target='_blank' href='https://www.cisecurity.org/cis-benchmarks/'>CIS</a>) benchmark result. CIS Benchmarks are a collection of best practices for securely configuring IT systems, software, networks, and cloud infrastructure.

func (*CisBenchmarkResult) Descriptor deprecated 

func (*CisBenchmarkResult) Descriptor() ([]byte, []int)

Deprecated: Use CisBenchmarkResult.ProtoReflect.Descriptor instead.

func (*CisBenchmarkResult) GetDesc 

func (x *CisBenchmarkResult) GetDesc() string

func (*CisBenchmarkResult) GetName 

func (x *CisBenchmarkResult) GetName() string

func (*CisBenchmarkResult) GetRemediation 

func (x *CisBenchmarkResult) GetRemediation() *Remediation

func (*CisBenchmarkResult) GetRule 

func (x *CisBenchmarkResult) GetRule() *Rule

func (*CisBenchmarkResult) ProtoMessage 

func (*CisBenchmarkResult) ProtoMessage()

func (*CisBenchmarkResult) ProtoReflect 

func (x *CisBenchmarkResult) ProtoReflect() protoreflect.Message

func (*CisBenchmarkResult) Reset 

func (x *CisBenchmarkResult) Reset()

func (*CisBenchmarkResult) String 

func (x *CisBenchmarkResult) String() string

type CisCsc 

type CisCsc struct {
	Control string  `protobuf:"bytes,1,opt,name=control,proto3" json:"control,omitempty"`
	Version *string `protobuf:"bytes,2,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

CisCsc is an OSF object defined in ocsf objects/cis_csc.json

The CIS Critical Security Control (CSC) contains information as defined by the Center for Internet Security Critical Security Control <a target='_blank' href='https://www.cisecurity.org/controls'>(CIS CSC)</a>. Prioritized set of actions to protect your organization and data from cyber- attack vectors.

func (*CisCsc) Descriptor deprecated 

func (*CisCsc) Descriptor() ([]byte, []int)

Deprecated: Use CisCsc.ProtoReflect.Descriptor instead.

func (*CisCsc) GetControl 

func (x *CisCsc) GetControl() string

func (*CisCsc) GetVersion 

func (x *CisCsc) GetVersion() string

func (*CisCsc) ProtoMessage 

func (*CisCsc) ProtoMessage()

func (*CisCsc) ProtoReflect 

func (x *CisCsc) ProtoReflect() protoreflect.Message

func (*CisCsc) Reset 

func (x *CisCsc) Reset()

func (*CisCsc) String 

func (x *CisCsc) String() string

type Cloud 

type Cloud struct {
	Account    *Account      `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
	Org        *Organization `protobuf:"bytes,2,opt,name=org,proto3" json:"org,omitempty"`
	ProjectUid *string       `protobuf:"bytes,3,opt,name=project_uid,json=projectUid,proto3,oneof" json:"project_uid,omitempty"`
	Provider   string        `protobuf:"bytes,4,opt,name=provider,proto3" json:"provider,omitempty"`
	Region     *string       `protobuf:"bytes,5,opt,name=region,proto3,oneof" json:"region,omitempty"`
	Zone       *string       `protobuf:"bytes,6,opt,name=zone,proto3,oneof" json:"zone,omitempty"`
	// contains filtered or unexported fields
}

Cloud is an OSF object defined in ocsf objects/cloud.json

The Cloud object contains information about a cloud account such as AWS Account ID, regions, etc.

func (*Cloud) Descriptor deprecated 

func (*Cloud) Descriptor() ([]byte, []int)

Deprecated: Use Cloud.ProtoReflect.Descriptor instead.

func (*Cloud) GetAccount 

func (x *Cloud) GetAccount() *Account

func (*Cloud) GetOrg 

func (x *Cloud) GetOrg() *Organization

func (*Cloud) GetProjectUid 

func (x *Cloud) GetProjectUid() string

func (*Cloud) GetProvider 

func (x *Cloud) GetProvider() string

func (*Cloud) GetRegion 

func (x *Cloud) GetRegion() string

func (*Cloud) GetZone 

func (x *Cloud) GetZone() string

func (*Cloud) ProtoMessage 

func (*Cloud) ProtoMessage()

func (*Cloud) ProtoReflect 

func (x *Cloud) ProtoReflect() protoreflect.Message

func (*Cloud) Reset 

func (x *Cloud) Reset()

func (*Cloud) String 

func (x *Cloud) String() string

type Compliance 

type Compliance struct {
	Control      *string              `protobuf:"bytes,1,opt,name=control,proto3,oneof" json:"control,omitempty"`
	Requirements []string             `protobuf:"bytes,2,rep,name=requirements,proto3" json:"requirements,omitempty"`
	Standards    []string             `protobuf:"bytes,3,rep,name=standards,proto3" json:"standards,omitempty"`
	Status       *string              `protobuf:"bytes,4,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode   *string              `protobuf:"bytes,5,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail *string              `protobuf:"bytes,6,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId     *Compliance_StatusId `` /* 132-byte string literal not displayed */
	// contains filtered or unexported fields
}

Compliance is an OSF object defined in ocsf objects/compliance.json

The Compliance object contains information about Industry and Regulatory Framework standards, controls and requirements.

func (*Compliance) Descriptor deprecated 

func (*Compliance) Descriptor() ([]byte, []int)

Deprecated: Use Compliance.ProtoReflect.Descriptor instead.

func (*Compliance) GetControl 

func (x *Compliance) GetControl() string

func (*Compliance) GetRequirements 

func (x *Compliance) GetRequirements() []string

func (*Compliance) GetStandards 

func (x *Compliance) GetStandards() []string

func (*Compliance) GetStatus 

func (x *Compliance) GetStatus() string

func (*Compliance) GetStatusCode 

func (x *Compliance) GetStatusCode() string

func (*Compliance) GetStatusDetail 

func (x *Compliance) GetStatusDetail() string

func (*Compliance) GetStatusId 

func (x *Compliance) GetStatusId() Compliance_StatusId

func (*Compliance) ProtoMessage 

func (*Compliance) ProtoMessage()

func (*Compliance) ProtoReflect 

func (x *Compliance) ProtoReflect() protoreflect.Message

func (*Compliance) Reset 

func (x *Compliance) Reset()

func (*Compliance) String 

func (x *Compliance) String() string

type ComplianceFinding 

type ComplianceFinding struct {
	ActivityId      ComplianceFinding_ActivityId    `` /* 141-byte string literal not displayed */
	ActivityName    *string                         `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor           *Actor                          `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api             *Api                            `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName    *string                         `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid     ComplianceFinding_CategoryUid   `` /* 145-byte string literal not displayed */
	ClassName       *string                         `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid        ComplianceFinding_ClassUid      `` /* 133-byte string literal not displayed */
	Cloud           *Cloud                          `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Comment         *string                         `protobuf:"bytes,10,opt,name=comment,proto3,oneof" json:"comment,omitempty"`
	Compliance      *Compliance                     `protobuf:"bytes,11,opt,name=compliance,proto3" json:"compliance,omitempty"`
	Confidence      *string                         `protobuf:"bytes,12,opt,name=confidence,proto3,oneof" json:"confidence,omitempty"`
	ConfidenceId    *ComplianceFinding_ConfidenceId `` /* 156-byte string literal not displayed */
	ConfidenceScore *int32                          `protobuf:"varint,14,opt,name=confidence_score,json=confidenceScore,proto3,oneof" json:"confidence_score,omitempty"`
	Count           *int32                          `protobuf:"varint,15,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device          *Device                         `protobuf:"bytes,16,opt,name=device,proto3" json:"device,omitempty"`
	Duration        *int32                          `protobuf:"varint,17,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime         *int64                          `protobuf:"varint,18,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt       *timestamppb.Timestamp          `protobuf:"bytes,19,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments     []*Enrichment                   `protobuf:"bytes,20,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FindingInfo     *FindingInfo                    `protobuf:"bytes,21,opt,name=finding_info,json=findingInfo,proto3" json:"finding_info,omitempty"`
	Message         *string                         `protobuf:"bytes,22,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata        *Metadata                       `protobuf:"bytes,23,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables     []*Observable                   `protobuf:"bytes,24,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData         *string                         `protobuf:"bytes,25,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Remediation     *Remediation                    `protobuf:"bytes,26,opt,name=remediation,proto3" json:"remediation,omitempty"`
	Resource        *ResourceDetails                `protobuf:"bytes,27,opt,name=resource,proto3" json:"resource,omitempty"`
	Severity        *string                         `protobuf:"bytes,28,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId      ComplianceFinding_SeverityId    `` /* 142-byte string literal not displayed */
	StartTime       *int64                          `protobuf:"varint,30,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt     *timestamppb.Timestamp          `protobuf:"bytes,31,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status          *string                         `protobuf:"bytes,32,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode      *string                         `protobuf:"bytes,33,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail    *string                         `protobuf:"bytes,34,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId        *ComplianceFinding_StatusId     `` /* 140-byte string literal not displayed */
	Time            int64                           `protobuf:"varint,36,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt          *timestamppb.Timestamp          `protobuf:"bytes,37,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset  *int32                          `protobuf:"varint,38,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName        *string                         `protobuf:"bytes,39,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid         int64                           `protobuf:"varint,40,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped        *structpb.Struct                `protobuf:"bytes,41,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ComplianceFinding is an OSF event in category "Findings" called Compliance Finding defined in ocsf events/findings/compliance_finding.json

Compliance Finding events describe results of evaluations performed against resources, to check compliance with various Industry Frameworks or Security Standards such as <code>NIST SP 800-53, CIS AWS Foundations Benchmark v1.4.0, ISO/IEC 27001</code> etc.

func (*ComplianceFinding) Descriptor deprecated 

func (*ComplianceFinding) Descriptor() ([]byte, []int)

Deprecated: Use ComplianceFinding.ProtoReflect.Descriptor instead.

func (*ComplianceFinding) GetActivityId 

func (x *ComplianceFinding) GetActivityId() ComplianceFinding_ActivityId

func (*ComplianceFinding) GetActivityName 

func (x *ComplianceFinding) GetActivityName() string

func (*ComplianceFinding) GetActor 

func (x *ComplianceFinding) GetActor() *Actor

func (*ComplianceFinding) GetApi 

func (x *ComplianceFinding) GetApi() *Api

func (*ComplianceFinding) GetCategoryName 

func (x *ComplianceFinding) GetCategoryName() string

func (*ComplianceFinding) GetCategoryUid 

func (x *ComplianceFinding) GetCategoryUid() ComplianceFinding_CategoryUid

func (*ComplianceFinding) GetClassName 

func (x *ComplianceFinding) GetClassName() string

func (*ComplianceFinding) GetClassUid 

func (x *ComplianceFinding) GetClassUid() ComplianceFinding_ClassUid

func (*ComplianceFinding) GetCloud 

func (x *ComplianceFinding) GetCloud() *Cloud

func (*ComplianceFinding) GetComment 

func (x *ComplianceFinding) GetComment() string

func (*ComplianceFinding) GetCompliance 

func (x *ComplianceFinding) GetCompliance() *Compliance

func (*ComplianceFinding) GetConfidence 

func (x *ComplianceFinding) GetConfidence() string

func (*ComplianceFinding) GetConfidenceId 

func (x *ComplianceFinding) GetConfidenceId() ComplianceFinding_ConfidenceId

func (*ComplianceFinding) GetConfidenceScore 

func (x *ComplianceFinding) GetConfidenceScore() int32

func (*ComplianceFinding) GetCount 

func (x *ComplianceFinding) GetCount() int32

func (*ComplianceFinding) GetDevice 

func (x *ComplianceFinding) GetDevice() *Device

func (*ComplianceFinding) GetDuration 

func (x *ComplianceFinding) GetDuration() int32

func (*ComplianceFinding) GetEndTime 

func (x *ComplianceFinding) GetEndTime() int64

func (*ComplianceFinding) GetEndTimeDt 

func (x *ComplianceFinding) GetEndTimeDt() *timestamppb.Timestamp

func (*ComplianceFinding) GetEnrichments 

func (x *ComplianceFinding) GetEnrichments() []*Enrichment

func (*ComplianceFinding) GetFindingInfo 

func (x *ComplianceFinding) GetFindingInfo() *FindingInfo

func (*ComplianceFinding) GetMessage 

func (x *ComplianceFinding) GetMessage() string

func (*ComplianceFinding) GetMetadata 

func (x *ComplianceFinding) GetMetadata() *Metadata

func (*ComplianceFinding) GetObservables 

func (x *ComplianceFinding) GetObservables() []*Observable

func (*ComplianceFinding) GetRawData 

func (x *ComplianceFinding) GetRawData() string

func (*ComplianceFinding) GetRemediation 

func (x *ComplianceFinding) GetRemediation() *Remediation

func (*ComplianceFinding) GetResource 

func (x *ComplianceFinding) GetResource() *ResourceDetails

func (*ComplianceFinding) GetSeverity 

func (x *ComplianceFinding) GetSeverity() string

func (*ComplianceFinding) GetSeverityId 

func (x *ComplianceFinding) GetSeverityId() ComplianceFinding_SeverityId

func (*ComplianceFinding) GetStartTime 

func (x *ComplianceFinding) GetStartTime() int64

func (*ComplianceFinding) GetStartTimeDt 

func (x *ComplianceFinding) GetStartTimeDt() *timestamppb.Timestamp

func (*ComplianceFinding) GetStatus 

func (x *ComplianceFinding) GetStatus() string

func (*ComplianceFinding) GetStatusCode 

func (x *ComplianceFinding) GetStatusCode() string

func (*ComplianceFinding) GetStatusDetail 

func (x *ComplianceFinding) GetStatusDetail() string

func (*ComplianceFinding) GetStatusId 

func (x *ComplianceFinding) GetStatusId() ComplianceFinding_StatusId

func (*ComplianceFinding) GetTime 

func (x *ComplianceFinding) GetTime() int64

func (*ComplianceFinding) GetTimeDt 

func (x *ComplianceFinding) GetTimeDt() *timestamppb.Timestamp

func (*ComplianceFinding) GetTimezoneOffset 

func (x *ComplianceFinding) GetTimezoneOffset() int32

func (*ComplianceFinding) GetTypeName 

func (x *ComplianceFinding) GetTypeName() string

func (*ComplianceFinding) GetTypeUid 

func (x *ComplianceFinding) GetTypeUid() int64

func (*ComplianceFinding) GetUnmapped 

func (x *ComplianceFinding) GetUnmapped() *structpb.Struct

func (*ComplianceFinding) ProtoMessage 

func (*ComplianceFinding) ProtoMessage()

func (*ComplianceFinding) ProtoReflect 

func (x *ComplianceFinding) ProtoReflect() protoreflect.Message

func (*ComplianceFinding) Reset 

func (x *ComplianceFinding) Reset()

func (*ComplianceFinding) String 

func (x *ComplianceFinding) String() string

type ComplianceFinding_ActivityId 

type ComplianceFinding_ActivityId int32
const (
	ComplianceFinding_ACTIVITY_ID_UNKNOWN ComplianceFinding_ActivityId = 0
	ComplianceFinding_ACTIVITY_ID_CREATE  ComplianceFinding_ActivityId = 1 // A finding was created.
	ComplianceFinding_ACTIVITY_ID_UPDATE  ComplianceFinding_ActivityId = 2 // A finding was updated.
	ComplianceFinding_ACTIVITY_ID_CLOSE   ComplianceFinding_ActivityId = 3 // A finding was closed.
	ComplianceFinding_ACTIVITY_ID_OTHER   ComplianceFinding_ActivityId = 99
)

func (ComplianceFinding_ActivityId) Descriptor 

func (ComplianceFinding_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ComplianceFinding_ActivityId) Enum 

func (x ComplianceFinding_ActivityId) Enum() *ComplianceFinding_ActivityId

func (ComplianceFinding_ActivityId) EnumDescriptor deprecated 

func (ComplianceFinding_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ComplianceFinding_ActivityId.Descriptor instead.

func (ComplianceFinding_ActivityId) Number 

func (x ComplianceFinding_ActivityId) Number() protoreflect.EnumNumber

func (ComplianceFinding_ActivityId) String 

func (x ComplianceFinding_ActivityId) String() string

func (ComplianceFinding_ActivityId) Type 

func (ComplianceFinding_ActivityId) Type() protoreflect.EnumType

type ComplianceFinding_CategoryUid 

type ComplianceFinding_CategoryUid int32
const (
	ComplianceFinding_CATEGORY_UID_UNKNOWN  ComplianceFinding_CategoryUid = 0
	ComplianceFinding_CATEGORY_UID_FINDINGS ComplianceFinding_CategoryUid = 2
)

func (ComplianceFinding_CategoryUid) Descriptor 

func (ComplianceFinding_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ComplianceFinding_CategoryUid) Enum 

func (x ComplianceFinding_CategoryUid) Enum() *ComplianceFinding_CategoryUid

func (ComplianceFinding_CategoryUid) EnumDescriptor deprecated 

func (ComplianceFinding_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ComplianceFinding_CategoryUid.Descriptor instead.

func (ComplianceFinding_CategoryUid) Number 

func (x ComplianceFinding_CategoryUid) Number() protoreflect.EnumNumber

func (ComplianceFinding_CategoryUid) String 

func (x ComplianceFinding_CategoryUid) String() string

func (ComplianceFinding_CategoryUid) Type 

func (ComplianceFinding_CategoryUid) Type() protoreflect.EnumType

type ComplianceFinding_ClassUid 

type ComplianceFinding_ClassUid int32
const (
	ComplianceFinding_CLASS_UID_UNKNOWN            ComplianceFinding_ClassUid = 0
	ComplianceFinding_CLASS_UID_COMPLIANCE_FINDING ComplianceFinding_ClassUid = 2003
)

func (ComplianceFinding_ClassUid) Descriptor 

func (ComplianceFinding_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ComplianceFinding_ClassUid) Enum 

func (x ComplianceFinding_ClassUid) Enum() *ComplianceFinding_ClassUid

func (ComplianceFinding_ClassUid) EnumDescriptor deprecated 

func (ComplianceFinding_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ComplianceFinding_ClassUid.Descriptor instead.

func (ComplianceFinding_ClassUid) Number 

func (x ComplianceFinding_ClassUid) Number() protoreflect.EnumNumber

func (ComplianceFinding_ClassUid) String 

func (x ComplianceFinding_ClassUid) String() string

func (ComplianceFinding_ClassUid) Type 

func (ComplianceFinding_ClassUid) Type() protoreflect.EnumType

type ComplianceFinding_ConfidenceId 

type ComplianceFinding_ConfidenceId int32
const (
	ComplianceFinding_CONFIDENCE_ID_UNKNOWN ComplianceFinding_ConfidenceId = 0 // The normalized confidence is unknown.
	ComplianceFinding_CONFIDENCE_ID_LOW     ComplianceFinding_ConfidenceId = 1
	ComplianceFinding_CONFIDENCE_ID_MEDIUM  ComplianceFinding_ConfidenceId = 2
	ComplianceFinding_CONFIDENCE_ID_HIGH    ComplianceFinding_ConfidenceId = 3
	ComplianceFinding_CONFIDENCE_ID_OTHER   ComplianceFinding_ConfidenceId = 99 // The confidence is not mapped to the defined enum
)

func (ComplianceFinding_ConfidenceId) Descriptor 

func (ComplianceFinding_ConfidenceId) Descriptor() protoreflect.EnumDescriptor

func (ComplianceFinding_ConfidenceId) Enum 

func (x ComplianceFinding_ConfidenceId) Enum() *ComplianceFinding_ConfidenceId

func (ComplianceFinding_ConfidenceId) EnumDescriptor deprecated 

func (ComplianceFinding_ConfidenceId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ComplianceFinding_ConfidenceId.Descriptor instead.

func (ComplianceFinding_ConfidenceId) Number 

func (x ComplianceFinding_ConfidenceId) Number() protoreflect.EnumNumber

func (ComplianceFinding_ConfidenceId) String 

func (x ComplianceFinding_ConfidenceId) String() string

func (ComplianceFinding_ConfidenceId) Type 

func (ComplianceFinding_ConfidenceId) Type() protoreflect.EnumType

type ComplianceFinding_SeverityId 

type ComplianceFinding_SeverityId int32
const (
	ComplianceFinding_SEVERITY_ID_UNKNOWN       ComplianceFinding_SeverityId = 0 // The event/finding severity is unknown.
	ComplianceFinding_SEVERITY_ID_INFORMATIONAL ComplianceFinding_SeverityId = 1 // Informational message. No action required.
	ComplianceFinding_SEVERITY_ID_LOW           ComplianceFinding_SeverityId = 2 // The user decides if action is needed.
	ComplianceFinding_SEVERITY_ID_MEDIUM        ComplianceFinding_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ComplianceFinding_SEVERITY_ID_HIGH     ComplianceFinding_SeverityId = 4 // Action is required immediately.
	ComplianceFinding_SEVERITY_ID_CRITICAL ComplianceFinding_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ComplianceFinding_SEVERITY_ID_FATAL ComplianceFinding_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ComplianceFinding_SEVERITY_ID_OTHER ComplianceFinding_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ComplianceFinding_SeverityId) Descriptor 

func (ComplianceFinding_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ComplianceFinding_SeverityId) Enum 

func (x ComplianceFinding_SeverityId) Enum() *ComplianceFinding_SeverityId

func (ComplianceFinding_SeverityId) EnumDescriptor deprecated 

func (ComplianceFinding_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ComplianceFinding_SeverityId.Descriptor instead.

func (ComplianceFinding_SeverityId) Number 

func (x ComplianceFinding_SeverityId) Number() protoreflect.EnumNumber

func (ComplianceFinding_SeverityId) String 

func (x ComplianceFinding_SeverityId) String() string

func (ComplianceFinding_SeverityId) Type 

func (ComplianceFinding_SeverityId) Type() protoreflect.EnumType

type ComplianceFinding_StatusId 

type ComplianceFinding_StatusId int32
const (
	ComplianceFinding_STATUS_ID_UNKNOWN     ComplianceFinding_StatusId = 0 // The status is unknown.
	ComplianceFinding_STATUS_ID_NEW         ComplianceFinding_StatusId = 1 // The Finding is new and yet to be reviewed.
	ComplianceFinding_STATUS_ID_IN_PROGRESS ComplianceFinding_StatusId = 2 // The Finding is under review.
	ComplianceFinding_STATUS_ID_SUPPRESSED  ComplianceFinding_StatusId = 3 // The Finding was reviewed, determined to be benign
	// or a false positive and is now suppressed.
	ComplianceFinding_STATUS_ID_RESOLVED ComplianceFinding_StatusId = 4 // The Finding was reviewed, remediated and is now
	// considered resolved.
	ComplianceFinding_STATUS_ID_OTHER ComplianceFinding_StatusId = 99 // The event status is not mapped. See the
)

func (ComplianceFinding_StatusId) Descriptor 

func (ComplianceFinding_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ComplianceFinding_StatusId) Enum 

func (x ComplianceFinding_StatusId) Enum() *ComplianceFinding_StatusId

func (ComplianceFinding_StatusId) EnumDescriptor deprecated 

func (ComplianceFinding_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ComplianceFinding_StatusId.Descriptor instead.

func (ComplianceFinding_StatusId) Number 

func (x ComplianceFinding_StatusId) Number() protoreflect.EnumNumber

func (ComplianceFinding_StatusId) String 

func (x ComplianceFinding_StatusId) String() string

func (ComplianceFinding_StatusId) Type 

func (ComplianceFinding_StatusId) Type() protoreflect.EnumType

type Compliance_StatusId 

type Compliance_StatusId int32
const (
	Compliance_STATUS_ID_UNKNOWN Compliance_StatusId = 0 // The status is unknown.
	Compliance_STATUS_ID_PASS    Compliance_StatusId = 1 // The compliance check passed for all the evaluated
	// resources.
	Compliance_STATUS_ID_WARNING Compliance_StatusId = 2 // The compliance check did not yield a result due to
	// missing information.
	Compliance_STATUS_ID_FAIL Compliance_StatusId = 3 // The compliance check failed for at least one of the
	// evaluated resources.
	Compliance_STATUS_ID_OTHER Compliance_StatusId = 99 // The event status is not mapped. See the
)

func (Compliance_StatusId) Descriptor 

func (Compliance_StatusId) Descriptor() protoreflect.EnumDescriptor

func (Compliance_StatusId) Enum 

func (x Compliance_StatusId) Enum() *Compliance_StatusId

func (Compliance_StatusId) EnumDescriptor deprecated 

func (Compliance_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Compliance_StatusId.Descriptor instead.

func (Compliance_StatusId) Number 

func (x Compliance_StatusId) Number() protoreflect.EnumNumber

func (Compliance_StatusId) String 

func (x Compliance_StatusId) String() string

func (Compliance_StatusId) Type 

func (Compliance_StatusId) Type() protoreflect.EnumType

type ConfigState 

type ConfigState struct {
	ActivityId         ConfigState_ActivityId  `` /* 135-byte string literal not displayed */
	ActivityName       *string                 `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor              *Actor                  `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                *Api                    `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName       *string                 `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid        ConfigState_CategoryUid `` /* 139-byte string literal not displayed */
	CisBenchmarkResult *CisBenchmarkResult     `protobuf:"bytes,7,opt,name=cis_benchmark_result,json=cisBenchmarkResult,proto3" json:"cis_benchmark_result,omitempty"`
	ClassName          *string                 `protobuf:"bytes,8,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid           ConfigState_ClassUid    `` /* 127-byte string literal not displayed */
	Cloud              *Cloud                  `protobuf:"bytes,10,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count              *int32                  `protobuf:"varint,11,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device             *Device                 `protobuf:"bytes,12,opt,name=device,proto3" json:"device,omitempty"`
	Duration           *int32                  `protobuf:"varint,13,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime            *int64                  `protobuf:"varint,14,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt          *timestamppb.Timestamp  `protobuf:"bytes,15,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments        []*Enrichment           `protobuf:"bytes,16,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message            *string                 `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata           *Metadata               `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables        []*Observable           `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData            *string                 `protobuf:"bytes,20,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity           *string                 `protobuf:"bytes,21,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId         ConfigState_SeverityId  `` /* 136-byte string literal not displayed */
	StartTime          *int64                  `protobuf:"varint,23,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt        *timestamppb.Timestamp  `protobuf:"bytes,24,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status             *string                 `protobuf:"bytes,25,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode         *string                 `protobuf:"bytes,26,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail       *string                 `protobuf:"bytes,27,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId           *ConfigState_StatusId   `` /* 134-byte string literal not displayed */
	Time               int64                   `protobuf:"varint,29,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt             *timestamppb.Timestamp  `protobuf:"bytes,30,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset     *int32                  `protobuf:"varint,31,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName           *string                 `protobuf:"bytes,32,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid            int64                   `protobuf:"varint,33,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped           *structpb.Struct        `protobuf:"bytes,34,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ConfigState is an OSF event in category "Discovery" called Device Config State defined in ocsf events/discovery/config_state.json

Device Config State events report device configuration data and CIS Benchmark results.

func (*ConfigState) Descriptor deprecated 

func (*ConfigState) Descriptor() ([]byte, []int)

Deprecated: Use ConfigState.ProtoReflect.Descriptor instead.

func (*ConfigState) GetActivityId 

func (x *ConfigState) GetActivityId() ConfigState_ActivityId

func (*ConfigState) GetActivityName 

func (x *ConfigState) GetActivityName() string

func (*ConfigState) GetActor 

func (x *ConfigState) GetActor() *Actor

func (*ConfigState) GetApi 

func (x *ConfigState) GetApi() *Api

func (*ConfigState) GetCategoryName 

func (x *ConfigState) GetCategoryName() string

func (*ConfigState) GetCategoryUid 

func (x *ConfigState) GetCategoryUid() ConfigState_CategoryUid

func (*ConfigState) GetCisBenchmarkResult 

func (x *ConfigState) GetCisBenchmarkResult() *CisBenchmarkResult

func (*ConfigState) GetClassName 

func (x *ConfigState) GetClassName() string

func (*ConfigState) GetClassUid 

func (x *ConfigState) GetClassUid() ConfigState_ClassUid

func (*ConfigState) GetCloud 

func (x *ConfigState) GetCloud() *Cloud

func (*ConfigState) GetCount 

func (x *ConfigState) GetCount() int32

func (*ConfigState) GetDevice 

func (x *ConfigState) GetDevice() *Device

func (*ConfigState) GetDuration 

func (x *ConfigState) GetDuration() int32

func (*ConfigState) GetEndTime 

func (x *ConfigState) GetEndTime() int64

func (*ConfigState) GetEndTimeDt 

func (x *ConfigState) GetEndTimeDt() *timestamppb.Timestamp

func (*ConfigState) GetEnrichments 

func (x *ConfigState) GetEnrichments() []*Enrichment

func (*ConfigState) GetMessage 

func (x *ConfigState) GetMessage() string

func (*ConfigState) GetMetadata 

func (x *ConfigState) GetMetadata() *Metadata

func (*ConfigState) GetObservables 

func (x *ConfigState) GetObservables() []*Observable

func (*ConfigState) GetRawData 

func (x *ConfigState) GetRawData() string

func (*ConfigState) GetSeverity 

func (x *ConfigState) GetSeverity() string

func (*ConfigState) GetSeverityId 

func (x *ConfigState) GetSeverityId() ConfigState_SeverityId

func (*ConfigState) GetStartTime 

func (x *ConfigState) GetStartTime() int64

func (*ConfigState) GetStartTimeDt 

func (x *ConfigState) GetStartTimeDt() *timestamppb.Timestamp

func (*ConfigState) GetStatus 

func (x *ConfigState) GetStatus() string

func (*ConfigState) GetStatusCode 

func (x *ConfigState) GetStatusCode() string

func (*ConfigState) GetStatusDetail 

func (x *ConfigState) GetStatusDetail() string

func (*ConfigState) GetStatusId 

func (x *ConfigState) GetStatusId() ConfigState_StatusId

func (*ConfigState) GetTime 

func (x *ConfigState) GetTime() int64

func (*ConfigState) GetTimeDt 

func (x *ConfigState) GetTimeDt() *timestamppb.Timestamp

func (*ConfigState) GetTimezoneOffset 

func (x *ConfigState) GetTimezoneOffset() int32

func (*ConfigState) GetTypeName 

func (x *ConfigState) GetTypeName() string

func (*ConfigState) GetTypeUid 

func (x *ConfigState) GetTypeUid() int64

func (*ConfigState) GetUnmapped 

func (x *ConfigState) GetUnmapped() *structpb.Struct

func (*ConfigState) ProtoMessage 

func (*ConfigState) ProtoMessage()

func (*ConfigState) ProtoReflect 

func (x *ConfigState) ProtoReflect() protoreflect.Message

func (*ConfigState) Reset 

func (x *ConfigState) Reset()

func (*ConfigState) String 

func (x *ConfigState) String() string

type ConfigState_ActivityId 

type ConfigState_ActivityId int32
const (
	ConfigState_ACTIVITY_ID_UNKNOWN ConfigState_ActivityId = 0
	ConfigState_ACTIVITY_ID_LOG     ConfigState_ActivityId = 1 // The discovered information is via a log.
	ConfigState_ACTIVITY_ID_COLLECT ConfigState_ActivityId = 2 // The discovered information is via a collection
	// process.
	ConfigState_ACTIVITY_ID_OTHER ConfigState_ActivityId = 99
)

func (ConfigState_ActivityId) Descriptor 

func (ConfigState_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ConfigState_ActivityId) Enum 

func (x ConfigState_ActivityId) Enum() *ConfigState_ActivityId

func (ConfigState_ActivityId) EnumDescriptor deprecated 

func (ConfigState_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ConfigState_ActivityId.Descriptor instead.

func (ConfigState_ActivityId) Number 

func (x ConfigState_ActivityId) Number() protoreflect.EnumNumber

func (ConfigState_ActivityId) String 

func (x ConfigState_ActivityId) String() string

func (ConfigState_ActivityId) Type 

func (ConfigState_ActivityId) Type() protoreflect.EnumType

type ConfigState_CategoryUid 

type ConfigState_CategoryUid int32
const (
	ConfigState_CATEGORY_UID_UNKNOWN   ConfigState_CategoryUid = 0
	ConfigState_CATEGORY_UID_DISCOVERY ConfigState_CategoryUid = 5
)

func (ConfigState_CategoryUid) Descriptor 

func (ConfigState_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ConfigState_CategoryUid) Enum 

func (x ConfigState_CategoryUid) Enum() *ConfigState_CategoryUid

func (ConfigState_CategoryUid) EnumDescriptor deprecated 

func (ConfigState_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ConfigState_CategoryUid.Descriptor instead.

func (ConfigState_CategoryUid) Number 

func (x ConfigState_CategoryUid) Number() protoreflect.EnumNumber

func (ConfigState_CategoryUid) String 

func (x ConfigState_CategoryUid) String() string

func (ConfigState_CategoryUid) Type 

func (ConfigState_CategoryUid) Type() protoreflect.EnumType

type ConfigState_ClassUid 

type ConfigState_ClassUid int32
const (
	ConfigState_CLASS_UID_UNKNOWN             ConfigState_ClassUid = 0
	ConfigState_CLASS_UID_DEVICE_CONFIG_STATE ConfigState_ClassUid = 5002
)

func (ConfigState_ClassUid) Descriptor 

func (ConfigState_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ConfigState_ClassUid) Enum 

func (x ConfigState_ClassUid) Enum() *ConfigState_ClassUid

func (ConfigState_ClassUid) EnumDescriptor deprecated 

func (ConfigState_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ConfigState_ClassUid.Descriptor instead.

func (ConfigState_ClassUid) Number 

func (x ConfigState_ClassUid) Number() protoreflect.EnumNumber

func (ConfigState_ClassUid) String 

func (x ConfigState_ClassUid) String() string

func (ConfigState_ClassUid) Type 

func (ConfigState_ClassUid) Type() protoreflect.EnumType

type ConfigState_SeverityId 

type ConfigState_SeverityId int32
const (
	ConfigState_SEVERITY_ID_UNKNOWN       ConfigState_SeverityId = 0 // The event/finding severity is unknown.
	ConfigState_SEVERITY_ID_INFORMATIONAL ConfigState_SeverityId = 1 // Informational message. No action required.
	ConfigState_SEVERITY_ID_LOW           ConfigState_SeverityId = 2 // The user decides if action is needed.
	ConfigState_SEVERITY_ID_MEDIUM        ConfigState_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ConfigState_SEVERITY_ID_HIGH     ConfigState_SeverityId = 4 // Action is required immediately.
	ConfigState_SEVERITY_ID_CRITICAL ConfigState_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ConfigState_SEVERITY_ID_FATAL ConfigState_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ConfigState_SEVERITY_ID_OTHER ConfigState_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ConfigState_SeverityId) Descriptor 

func (ConfigState_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ConfigState_SeverityId) Enum 

func (x ConfigState_SeverityId) Enum() *ConfigState_SeverityId

func (ConfigState_SeverityId) EnumDescriptor deprecated 

func (ConfigState_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ConfigState_SeverityId.Descriptor instead.

func (ConfigState_SeverityId) Number 

func (x ConfigState_SeverityId) Number() protoreflect.EnumNumber

func (ConfigState_SeverityId) String 

func (x ConfigState_SeverityId) String() string

func (ConfigState_SeverityId) Type 

func (ConfigState_SeverityId) Type() protoreflect.EnumType

type ConfigState_StatusId 

type ConfigState_StatusId int32
const (
	ConfigState_STATUS_ID_UNKNOWN ConfigState_StatusId = 0 // The status is unknown.
	ConfigState_STATUS_ID_SUCCESS ConfigState_StatusId = 1
	ConfigState_STATUS_ID_FAILURE ConfigState_StatusId = 2
	ConfigState_STATUS_ID_OTHER   ConfigState_StatusId = 99 // The event status is not mapped. See the
)

func (ConfigState_StatusId) Descriptor 

func (ConfigState_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ConfigState_StatusId) Enum 

func (x ConfigState_StatusId) Enum() *ConfigState_StatusId

func (ConfigState_StatusId) EnumDescriptor deprecated 

func (ConfigState_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ConfigState_StatusId.Descriptor instead.

func (ConfigState_StatusId) Number 

func (x ConfigState_StatusId) Number() protoreflect.EnumNumber

func (ConfigState_StatusId) String 

func (x ConfigState_StatusId) String() string

func (ConfigState_StatusId) Type 

func (ConfigState_StatusId) Type() protoreflect.EnumType

type Container 

type Container struct {
	Hash          *Fingerprint `protobuf:"bytes,1,opt,name=hash,proto3" json:"hash,omitempty"`
	Image         *Image       `protobuf:"bytes,2,opt,name=image,proto3" json:"image,omitempty"`
	Name          *string      `protobuf:"bytes,3,opt,name=name,proto3,oneof" json:"name,omitempty"`
	NetworkDriver *string      `protobuf:"bytes,4,opt,name=network_driver,json=networkDriver,proto3,oneof" json:"network_driver,omitempty"`
	Orchestrator  *string      `protobuf:"bytes,5,opt,name=orchestrator,proto3,oneof" json:"orchestrator,omitempty"`
	PodUuid       *string      `protobuf:"bytes,6,opt,name=pod_uuid,json=podUuid,proto3,oneof" json:"pod_uuid,omitempty"`
	Runtime       *string      `protobuf:"bytes,7,opt,name=runtime,proto3,oneof" json:"runtime,omitempty"`
	Size          *int64       `protobuf:"varint,8,opt,name=size,proto3,oneof" json:"size,omitempty"`
	Tag           *string      `protobuf:"bytes,9,opt,name=tag,proto3,oneof" json:"tag,omitempty"`
	Uid           *string      `protobuf:"bytes,10,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Container is an OSF object defined in ocsf objects/container.json

The Container object describes an instance of a specific container. A container is a prepackaged, portable system image that runs isolated on an existing system using a container runtime like containerd.

func (*Container) Descriptor deprecated 

func (*Container) Descriptor() ([]byte, []int)

Deprecated: Use Container.ProtoReflect.Descriptor instead.

func (*Container) GetHash 

func (x *Container) GetHash() *Fingerprint

func (*Container) GetImage 

func (x *Container) GetImage() *Image

func (*Container) GetName 

func (x *Container) GetName() string

func (*Container) GetNetworkDriver 

func (x *Container) GetNetworkDriver() string

func (*Container) GetOrchestrator 

func (x *Container) GetOrchestrator() string

func (*Container) GetPodUuid 

func (x *Container) GetPodUuid() string

func (*Container) GetRuntime 

func (x *Container) GetRuntime() string

func (*Container) GetSize 

func (x *Container) GetSize() int64

func (*Container) GetTag 

func (x *Container) GetTag() string

func (*Container) GetUid 

func (x *Container) GetUid() string

func (*Container) ProtoMessage 

func (*Container) ProtoMessage()

func (*Container) ProtoReflect 

func (x *Container) ProtoReflect() protoreflect.Message

func (*Container) Reset 

func (x *Container) Reset()

func (*Container) String 

func (x *Container) String() string

type Cve 

type Cve struct {
	CreatedTime    *int64                 `protobuf:"varint,1,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt  *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	Cvss           []*Cvss                `protobuf:"bytes,3,rep,name=cvss,proto3" json:"cvss,omitempty"`
	Cwe            *Cwe                   `protobuf:"bytes,4,opt,name=cwe,proto3" json:"cwe,omitempty"`
	CweUid         *string                `protobuf:"bytes,5,opt,name=cwe_uid,json=cweUid,proto3,oneof" json:"cwe_uid,omitempty"`
	CweUrl         *string                `protobuf:"bytes,6,opt,name=cwe_url,json=cweUrl,proto3,oneof" json:"cwe_url,omitempty"`
	Desc           *string                `protobuf:"bytes,7,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Epss           *Epss                  `protobuf:"bytes,8,opt,name=epss,proto3" json:"epss,omitempty"`
	ModifiedTime   *int64                 `protobuf:"varint,9,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt *timestamppb.Timestamp `protobuf:"bytes,10,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	Product        *Product               `protobuf:"bytes,11,opt,name=product,proto3" json:"product,omitempty"`
	References     []string               `protobuf:"bytes,12,rep,name=references,proto3" json:"references,omitempty"`
	Title          *string                `protobuf:"bytes,13,opt,name=title,proto3,oneof" json:"title,omitempty"`
	Type           *string                `protobuf:"bytes,14,opt,name=type,proto3,oneof" json:"type,omitempty"`
	Uid            string                 `protobuf:"bytes,15,opt,name=uid,proto3" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Cve is an OSF object defined in ocsf objects/cve.json

The Common Vulnerabilities and Exposures (CVE) object represents publicly disclosed cybersecurity vulnerabilities defined in CVE Program catalog (<a target='_blank' href='https://cve.mitre.org/'>CVE</a>). There is one CVE Record for each vulnerability in the catalog.

func (*Cve) Descriptor deprecated 

func (*Cve) Descriptor() ([]byte, []int)

Deprecated: Use Cve.ProtoReflect.Descriptor instead.

func (*Cve) GetCreatedTime 

func (x *Cve) GetCreatedTime() int64

func (*Cve) GetCreatedTimeDt 

func (x *Cve) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Cve) GetCvss 

func (x *Cve) GetCvss() []*Cvss

func (*Cve) GetCwe 

func (x *Cve) GetCwe() *Cwe

func (*Cve) GetCweUid 

func (x *Cve) GetCweUid() string

func (*Cve) GetCweUrl 

func (x *Cve) GetCweUrl() string

func (*Cve) GetDesc 

func (x *Cve) GetDesc() string

func (*Cve) GetEpss 

func (x *Cve) GetEpss() *Epss

func (*Cve) GetModifiedTime 

func (x *Cve) GetModifiedTime() int64

func (*Cve) GetModifiedTimeDt 

func (x *Cve) GetModifiedTimeDt() *timestamppb.Timestamp

func (*Cve) GetProduct 

func (x *Cve) GetProduct() *Product

func (*Cve) GetReferences 

func (x *Cve) GetReferences() []string

func (*Cve) GetTitle 

func (x *Cve) GetTitle() string

func (*Cve) GetType 

func (x *Cve) GetType() string

func (*Cve) GetUid 

func (x *Cve) GetUid() string

func (*Cve) ProtoMessage 

func (*Cve) ProtoMessage()

func (*Cve) ProtoReflect 

func (x *Cve) ProtoReflect() protoreflect.Message

func (*Cve) Reset 

func (x *Cve) Reset()

func (*Cve) String 

func (x *Cve) String() string

type Cvss 

type Cvss struct {
	BaseScore    float64   `protobuf:"fixed64,1,opt,name=base_score,json=baseScore,proto3" json:"base_score,omitempty"`
	Depth        *string   `protobuf:"bytes,2,opt,name=depth,proto3,oneof" json:"depth,omitempty"`
	Metrics      []*Metric `protobuf:"bytes,3,rep,name=metrics,proto3" json:"metrics,omitempty"`
	OverallScore *float64  `protobuf:"fixed64,4,opt,name=overall_score,json=overallScore,proto3,oneof" json:"overall_score,omitempty"`
	Severity     *string   `protobuf:"bytes,5,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	VectorString *string   `protobuf:"bytes,6,opt,name=vector_string,json=vectorString,proto3,oneof" json:"vector_string,omitempty"`
	Version      string    `protobuf:"bytes,7,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Cvss is an OSF object defined in ocsf objects/cvss.json

The Common Vulnerability Scoring System (<a target='_blank' href='https://www.first.org/cvss/'>CVSS</a>) object provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity.

func (*Cvss) Descriptor deprecated 

func (*Cvss) Descriptor() ([]byte, []int)

Deprecated: Use Cvss.ProtoReflect.Descriptor instead.

func (*Cvss) GetBaseScore 

func (x *Cvss) GetBaseScore() float64

func (*Cvss) GetDepth 

func (x *Cvss) GetDepth() string

func (*Cvss) GetMetrics 

func (x *Cvss) GetMetrics() []*Metric

func (*Cvss) GetOverallScore 

func (x *Cvss) GetOverallScore() float64

func (*Cvss) GetSeverity 

func (x *Cvss) GetSeverity() string

func (*Cvss) GetVectorString 

func (x *Cvss) GetVectorString() string

func (*Cvss) GetVersion 

func (x *Cvss) GetVersion() string

func (*Cvss) ProtoMessage 

func (*Cvss) ProtoMessage()

func (*Cvss) ProtoReflect 

func (x *Cvss) ProtoReflect() protoreflect.Message

func (*Cvss) Reset 

func (x *Cvss) Reset()

func (*Cvss) String 

func (x *Cvss) String() string

type Cwe 

type Cwe struct {
	Caption *string `protobuf:"bytes,1,opt,name=caption,proto3,oneof" json:"caption,omitempty"`
	SrcUrl  *string `protobuf:"bytes,2,opt,name=src_url,json=srcUrl,proto3,oneof" json:"src_url,omitempty"`
	Uid     string  `protobuf:"bytes,3,opt,name=uid,proto3" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Cwe is an OSF object defined in ocsf objects/cwe.json

The CWE object represents a weakness in a software system that can be exploited by a threat actor to perform an attack. The CWE object is based on the <a target='_blank' href='https://cwe.mitre.org/'>Common Weakness Enumeration (CWE)</a> catalog.

func (*Cwe) Descriptor deprecated 

func (*Cwe) Descriptor() ([]byte, []int)

Deprecated: Use Cwe.ProtoReflect.Descriptor instead.

func (*Cwe) GetCaption 

func (x *Cwe) GetCaption() string

func (*Cwe) GetSrcUrl 

func (x *Cwe) GetSrcUrl() string

func (*Cwe) GetUid 

func (x *Cwe) GetUid() string

func (*Cwe) ProtoMessage 

func (*Cwe) ProtoMessage()

func (*Cwe) ProtoReflect 

func (x *Cwe) ProtoReflect() protoreflect.Message

func (*Cwe) Reset 

func (x *Cwe) Reset()

func (*Cwe) String 

func (x *Cwe) String() string

type DataClassification 

type DataClassification struct {
	Category          *string                               `protobuf:"bytes,1,opt,name=category,proto3,oneof" json:"category,omitempty"`
	CategoryId        *DataClassification_CategoryId        `` /* 148-byte string literal not displayed */
	Confidentiality   *string                               `protobuf:"bytes,3,opt,name=confidentiality,proto3,oneof" json:"confidentiality,omitempty"`
	ConfidentialityId *DataClassification_ConfidentialityId `` /* 176-byte string literal not displayed */
	Policy            *Policy                               `protobuf:"bytes,5,opt,name=policy,proto3" json:"policy,omitempty"`
	// contains filtered or unexported fields
}

DataClassification is an OSF object defined in ocsf objects/data_classification.json

The Data Classification object includes information about data classification levels and data category types.

func (*DataClassification) Descriptor deprecated 

func (*DataClassification) Descriptor() ([]byte, []int)

Deprecated: Use DataClassification.ProtoReflect.Descriptor instead.

func (*DataClassification) GetCategory 

func (x *DataClassification) GetCategory() string

func (*DataClassification) GetCategoryId 

func (x *DataClassification) GetCategoryId() DataClassification_CategoryId

func (*DataClassification) GetConfidentiality 

func (x *DataClassification) GetConfidentiality() string

func (*DataClassification) GetConfidentialityId 

func (x *DataClassification) GetConfidentialityId() DataClassification_ConfidentialityId

func (*DataClassification) GetPolicy 

func (x *DataClassification) GetPolicy() *Policy

func (*DataClassification) ProtoMessage 

func (*DataClassification) ProtoMessage()

func (*DataClassification) ProtoReflect 

func (x *DataClassification) ProtoReflect() protoreflect.Message

func (*DataClassification) Reset 

func (x *DataClassification) Reset()

func (*DataClassification) String 

func (x *DataClassification) String() string

type DataClassification_CategoryId 

type DataClassification_CategoryId int32
const (
	DataClassification_CATEGORY_ID_UNKNOWN DataClassification_CategoryId = 0 // The type is not mapped. See the
	// <code>data_type</code>
	// attribute, which contains a data
	// source specific value.
	DataClassification_CATEGORY_ID_PERSONAL DataClassification_CategoryId = 1 // Any Personally Identifiable
	// Information (PII), Electronic
	// Personal Health Information
	// (ePHI), or similarly personal
	// information. E.g., full name,
	// home address, date of birth,
	// etc.
	DataClassification_CATEGORY_ID_GOVERNMENTAL DataClassification_CategoryId = 2 // Any sensitive government
	// identification number related to
	// a person or other classified
	// material. E.g., Passport
	// numbers, driver license numbers,
	// business identification,
	// taxation identifiers, etc.
	DataClassification_CATEGORY_ID_FINANCIAL DataClassification_CategoryId = 3 // Any financially-related sensitive
	// information or Cardholder Data
	// (CHD). E.g., banking account
	// numbers, credit card numbers,
	// International Banking Account
	// Numbers (IBAN), SWIFT codes,
	// etc.
	DataClassification_CATEGORY_ID_BUSINESS DataClassification_CategoryId = 4 // Any business-specific sensitive
	// data such as intellectual
	// property, trademarks,
	// copyrights, human resource data,
	// Board of Directors meeting
	// minutes, and similar.
	DataClassification_CATEGORY_ID_MILITARY_AND_LAW_ENFORCEMENT DataClassification_CategoryId = 5 // Any mission-specific sensitive
	// data for military, law
	// enforcement, or other government
	// agencies such as specifically
	// classified data, weapon systems
	// information, or other planning
	// data.
	DataClassification_CATEGORY_ID_SECURITY DataClassification_CategoryId = 6 // Any sensitive security-related
	// data such as passwords,
	// passkeys, IP addresses, API
	// keys, credentials and similar
	// secrets. E.g., AWS Access Secret
	// Key, SaaS API Keys, user
	// passwords, database credentials,
	// etc.
	DataClassification_CATEGORY_ID_OTHER DataClassification_CategoryId = 99 // Any other type of data
)

func (DataClassification_CategoryId) Descriptor 

func (DataClassification_CategoryId) Descriptor() protoreflect.EnumDescriptor

func (DataClassification_CategoryId) Enum 

func (x DataClassification_CategoryId) Enum() *DataClassification_CategoryId

func (DataClassification_CategoryId) EnumDescriptor deprecated 

func (DataClassification_CategoryId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataClassification_CategoryId.Descriptor instead.

func (DataClassification_CategoryId) Number 

func (x DataClassification_CategoryId) Number() protoreflect.EnumNumber

func (DataClassification_CategoryId) String 

func (x DataClassification_CategoryId) String() string

func (DataClassification_CategoryId) Type 

func (DataClassification_CategoryId) Type() protoreflect.EnumType

type DataClassification_ConfidentialityId 

type DataClassification_ConfidentialityId int32
const (
	DataClassification_CONFIDENTIALITY_ID_UNKNOWN          DataClassification_ConfidentialityId = 0 // The confidentiality is unknown.
	DataClassification_CONFIDENTIALITY_ID_NOT_CONFIDENTIAL DataClassification_ConfidentialityId = 1
	DataClassification_CONFIDENTIALITY_ID_CONFIDENTIAL     DataClassification_ConfidentialityId = 2
	DataClassification_CONFIDENTIALITY_ID_SECRET           DataClassification_ConfidentialityId = 3
	DataClassification_CONFIDENTIALITY_ID_TOP_SECRET       DataClassification_ConfidentialityId = 4
	DataClassification_CONFIDENTIALITY_ID_PRIVATE          DataClassification_ConfidentialityId = 5
	DataClassification_CONFIDENTIALITY_ID_RESTRICTED       DataClassification_ConfidentialityId = 6
	DataClassification_CONFIDENTIALITY_ID_OTHER            DataClassification_ConfidentialityId = 99 // The confidentiality is not mapped.
)

func (DataClassification_ConfidentialityId) Descriptor 

func (DataClassification_ConfidentialityId) Descriptor() protoreflect.EnumDescriptor

func (DataClassification_ConfidentialityId) Enum 

func (x DataClassification_ConfidentialityId) Enum() *DataClassification_ConfidentialityId

func (DataClassification_ConfidentialityId) EnumDescriptor deprecated 

func (DataClassification_ConfidentialityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataClassification_ConfidentialityId.Descriptor instead.

func (DataClassification_ConfidentialityId) Number 

func (x DataClassification_ConfidentialityId) Number() protoreflect.EnumNumber

func (DataClassification_ConfidentialityId) String 

func (x DataClassification_ConfidentialityId) String() string

func (DataClassification_ConfidentialityId) Type 

func (DataClassification_ConfidentialityId) Type() protoreflect.EnumType

type DataSecurity 

type DataSecurity struct {
	Category             *string                            `protobuf:"bytes,1,opt,name=category,proto3,oneof" json:"category,omitempty"`
	CategoryId           *DataSecurity_CategoryId           `` /* 142-byte string literal not displayed */
	Confidentiality      *string                            `protobuf:"bytes,3,opt,name=confidentiality,proto3,oneof" json:"confidentiality,omitempty"`
	ConfidentialityId    *DataSecurity_ConfidentialityId    `` /* 170-byte string literal not displayed */
	DataLifecycleState   *string                            `protobuf:"bytes,5,opt,name=data_lifecycle_state,json=dataLifecycleState,proto3,oneof" json:"data_lifecycle_state,omitempty"`
	DataLifecycleStateId *DataSecurity_DataLifecycleStateId `` /* 186-byte string literal not displayed */
	DetectionPattern     *string                            `protobuf:"bytes,7,opt,name=detection_pattern,json=detectionPattern,proto3,oneof" json:"detection_pattern,omitempty"`
	DetectionSystem      *string                            `protobuf:"bytes,8,opt,name=detection_system,json=detectionSystem,proto3,oneof" json:"detection_system,omitempty"`
	DetectionSystemId    *DataSecurity_DetectionSystemId    `` /* 172-byte string literal not displayed */
	PatternMatch         *string                            `protobuf:"bytes,10,opt,name=pattern_match,json=patternMatch,proto3,oneof" json:"pattern_match,omitempty"`
	Policy               *Policy                            `protobuf:"bytes,11,opt,name=policy,proto3" json:"policy,omitempty"`
	// contains filtered or unexported fields
}

DataSecurity is an OSF object defined in ocsf objects/data_security.json

The Data Security object describes the characteristics, techniques and content of a Data Loss Prevention (DLP), Data Loss Detection (DLD), Data Classification, or similar tools' finding, alert, or detection mechanism(s).

func (*DataSecurity) Descriptor deprecated 

func (*DataSecurity) Descriptor() ([]byte, []int)

Deprecated: Use DataSecurity.ProtoReflect.Descriptor instead.

func (*DataSecurity) GetCategory 

func (x *DataSecurity) GetCategory() string

func (*DataSecurity) GetCategoryId 

func (x *DataSecurity) GetCategoryId() DataSecurity_CategoryId

func (*DataSecurity) GetConfidentiality 

func (x *DataSecurity) GetConfidentiality() string

func (*DataSecurity) GetConfidentialityId 

func (x *DataSecurity) GetConfidentialityId() DataSecurity_ConfidentialityId

func (*DataSecurity) GetDataLifecycleState 

func (x *DataSecurity) GetDataLifecycleState() string

func (*DataSecurity) GetDataLifecycleStateId 

func (x *DataSecurity) GetDataLifecycleStateId() DataSecurity_DataLifecycleStateId

func (*DataSecurity) GetDetectionPattern 

func (x *DataSecurity) GetDetectionPattern() string

func (*DataSecurity) GetDetectionSystem 

func (x *DataSecurity) GetDetectionSystem() string

func (*DataSecurity) GetDetectionSystemId 

func (x *DataSecurity) GetDetectionSystemId() DataSecurity_DetectionSystemId

func (*DataSecurity) GetPatternMatch 

func (x *DataSecurity) GetPatternMatch() string

func (*DataSecurity) GetPolicy 

func (x *DataSecurity) GetPolicy() *Policy

func (*DataSecurity) ProtoMessage 

func (*DataSecurity) ProtoMessage()

func (*DataSecurity) ProtoReflect 

func (x *DataSecurity) ProtoReflect() protoreflect.Message

func (*DataSecurity) Reset 

func (x *DataSecurity) Reset()

func (*DataSecurity) String 

func (x *DataSecurity) String() string

type DataSecurityFinding 

type DataSecurityFinding struct {
	Action          *string                            `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId        DataSecurityFinding_ActionId       `` /* 135-byte string literal not displayed */
	ActivityId      DataSecurityFinding_ActivityId     `` /* 143-byte string literal not displayed */
	ActivityName    *string                            `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor           *Actor                             `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api             *Api                               `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks         []*Attack                          `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations  []*Authorization                   `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName    *string                            `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid     DataSecurityFinding_CategoryUid    `` /* 148-byte string literal not displayed */
	ClassName       *string                            `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid        DataSecurityFinding_ClassUid       `` /* 136-byte string literal not displayed */
	Cloud           *Cloud                             `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Comment         *string                            `protobuf:"bytes,14,opt,name=comment,proto3,oneof" json:"comment,omitempty"`
	Confidence      *string                            `protobuf:"bytes,15,opt,name=confidence,proto3,oneof" json:"confidence,omitempty"`
	ConfidenceId    *DataSecurityFinding_ConfidenceId  `` /* 158-byte string literal not displayed */
	ConfidenceScore *int32                             `protobuf:"varint,17,opt,name=confidence_score,json=confidenceScore,proto3,oneof" json:"confidence_score,omitempty"`
	Count           *int32                             `protobuf:"varint,18,opt,name=count,proto3,oneof" json:"count,omitempty"`
	DataSecurity    *DataSecurity                      `protobuf:"bytes,19,opt,name=data_security,json=dataSecurity,proto3" json:"data_security,omitempty"`
	Database        *Database                          `protobuf:"bytes,20,opt,name=database,proto3" json:"database,omitempty"`
	Databucket      *Databucket                        `protobuf:"bytes,21,opt,name=databucket,proto3" json:"databucket,omitempty"`
	Device          *Device                            `protobuf:"bytes,22,opt,name=device,proto3" json:"device,omitempty"`
	Disposition     *string                            `protobuf:"bytes,23,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId   *DataSecurityFinding_DispositionId `` /* 162-byte string literal not displayed */
	DstEndpoint     *NetworkEndpoint                   `protobuf:"bytes,25,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration        *int32                             `protobuf:"varint,26,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime         *int64                             `protobuf:"varint,27,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt       *timestamppb.Timestamp             `protobuf:"bytes,28,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments     []*Enrichment                      `protobuf:"bytes,29,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File            *File                              `protobuf:"bytes,30,opt,name=file,proto3" json:"file,omitempty"`
	FindingInfo     *FindingInfo                       `protobuf:"bytes,31,opt,name=finding_info,json=findingInfo,proto3" json:"finding_info,omitempty"`
	FirewallRule    *FirewallRule                      `protobuf:"bytes,32,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Impact          *string                            `protobuf:"bytes,33,opt,name=impact,proto3,oneof" json:"impact,omitempty"`
	ImpactId        *DataSecurityFinding_ImpactId      `` /* 142-byte string literal not displayed */
	ImpactScore     *int32                             `protobuf:"varint,35,opt,name=impact_score,json=impactScore,proto3,oneof" json:"impact_score,omitempty"`
	Malware         []*Malware                         `protobuf:"bytes,36,rep,name=malware,proto3" json:"malware,omitempty"`
	Message         *string                            `protobuf:"bytes,37,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata        *Metadata                          `protobuf:"bytes,38,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables     []*Observable                      `protobuf:"bytes,39,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData         *string                            `protobuf:"bytes,40,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Resources       []*ResourceDetails                 `protobuf:"bytes,41,rep,name=resources,proto3" json:"resources,omitempty"`
	RiskLevel       *string                            `protobuf:"bytes,42,opt,name=risk_level,json=riskLevel,proto3,oneof" json:"risk_level,omitempty"`
	RiskLevelId     *DataSecurityFinding_RiskLevelId   `` /* 156-byte string literal not displayed */
	RiskScore       *int32                             `protobuf:"varint,44,opt,name=risk_score,json=riskScore,proto3,oneof" json:"risk_score,omitempty"`
	Severity        *string                            `protobuf:"bytes,45,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId      DataSecurityFinding_SeverityId     `` /* 144-byte string literal not displayed */
	SrcEndpoint     *NetworkEndpoint                   `protobuf:"bytes,47,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime       *int64                             `protobuf:"varint,48,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt     *timestamppb.Timestamp             `protobuf:"bytes,49,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status          *string                            `protobuf:"bytes,50,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode      *string                            `protobuf:"bytes,51,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail    *string                            `protobuf:"bytes,52,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId        *DataSecurityFinding_StatusId      `` /* 142-byte string literal not displayed */
	Table           *Table                             `protobuf:"bytes,54,opt,name=table,proto3" json:"table,omitempty"`
	Time            int64                              `protobuf:"varint,55,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt          *timestamppb.Timestamp             `protobuf:"bytes,56,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset  *int32                             `protobuf:"varint,57,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName        *string                            `protobuf:"bytes,58,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid         int64                              `protobuf:"varint,59,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped        *structpb.Struct                   `protobuf:"bytes,60,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

DataSecurityFinding is an OSF event in category "Findings" called Data Security Finding defined in ocsf events/findings/data_security_finding.json

A Data Security Finding describes detections or alerts generated by various data security products such as Data Loss Prevention (DLP), Data Classification, Secrets Management, Digital Rights Management (DRM), Data Security Posture Management (DSPM), and similar tools. These detections or alerts can be created using fingerprinting, statistical analysis, machine learning or other methodologies. The finding describes the actors and endpoints who accessed or own the sensitive data, as well as the resources which store the sensitive data.

func (*DataSecurityFinding) Descriptor deprecated 

func (*DataSecurityFinding) Descriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding.ProtoReflect.Descriptor instead.

func (*DataSecurityFinding) GetAction 

func (x *DataSecurityFinding) GetAction() string

func (*DataSecurityFinding) GetActionId 

func (x *DataSecurityFinding) GetActionId() DataSecurityFinding_ActionId

func (*DataSecurityFinding) GetActivityId 

func (x *DataSecurityFinding) GetActivityId() DataSecurityFinding_ActivityId

func (*DataSecurityFinding) GetActivityName 

func (x *DataSecurityFinding) GetActivityName() string

func (*DataSecurityFinding) GetActor 

func (x *DataSecurityFinding) GetActor() *Actor

func (*DataSecurityFinding) GetApi 

func (x *DataSecurityFinding) GetApi() *Api

func (*DataSecurityFinding) GetAttacks 

func (x *DataSecurityFinding) GetAttacks() []*Attack

func (*DataSecurityFinding) GetAuthorizations 

func (x *DataSecurityFinding) GetAuthorizations() []*Authorization

func (*DataSecurityFinding) GetCategoryName 

func (x *DataSecurityFinding) GetCategoryName() string

func (*DataSecurityFinding) GetCategoryUid 

func (x *DataSecurityFinding) GetCategoryUid() DataSecurityFinding_CategoryUid

func (*DataSecurityFinding) GetClassName 

func (x *DataSecurityFinding) GetClassName() string

func (*DataSecurityFinding) GetClassUid 

func (x *DataSecurityFinding) GetClassUid() DataSecurityFinding_ClassUid

func (*DataSecurityFinding) GetCloud 

func (x *DataSecurityFinding) GetCloud() *Cloud

func (*DataSecurityFinding) GetComment 

func (x *DataSecurityFinding) GetComment() string

func (*DataSecurityFinding) GetConfidence 

func (x *DataSecurityFinding) GetConfidence() string

func (*DataSecurityFinding) GetConfidenceId 

func (x *DataSecurityFinding) GetConfidenceId() DataSecurityFinding_ConfidenceId

func (*DataSecurityFinding) GetConfidenceScore 

func (x *DataSecurityFinding) GetConfidenceScore() int32

func (*DataSecurityFinding) GetCount 

func (x *DataSecurityFinding) GetCount() int32

func (*DataSecurityFinding) GetDataSecurity 

func (x *DataSecurityFinding) GetDataSecurity() *DataSecurity

func (*DataSecurityFinding) GetDatabase 

func (x *DataSecurityFinding) GetDatabase() *Database

func (*DataSecurityFinding) GetDatabucket 

func (x *DataSecurityFinding) GetDatabucket() *Databucket

func (*DataSecurityFinding) GetDevice 

func (x *DataSecurityFinding) GetDevice() *Device

func (*DataSecurityFinding) GetDisposition 

func (x *DataSecurityFinding) GetDisposition() string

func (*DataSecurityFinding) GetDispositionId 

func (x *DataSecurityFinding) GetDispositionId() DataSecurityFinding_DispositionId

func (*DataSecurityFinding) GetDstEndpoint 

func (x *DataSecurityFinding) GetDstEndpoint() *NetworkEndpoint

func (*DataSecurityFinding) GetDuration 

func (x *DataSecurityFinding) GetDuration() int32

func (*DataSecurityFinding) GetEndTime 

func (x *DataSecurityFinding) GetEndTime() int64

func (*DataSecurityFinding) GetEndTimeDt 

func (x *DataSecurityFinding) GetEndTimeDt() *timestamppb.Timestamp

func (*DataSecurityFinding) GetEnrichments 

func (x *DataSecurityFinding) GetEnrichments() []*Enrichment

func (*DataSecurityFinding) GetFile 

func (x *DataSecurityFinding) GetFile() *File

func (*DataSecurityFinding) GetFindingInfo 

func (x *DataSecurityFinding) GetFindingInfo() *FindingInfo

func (*DataSecurityFinding) GetFirewallRule 

func (x *DataSecurityFinding) GetFirewallRule() *FirewallRule

func (*DataSecurityFinding) GetImpact 

func (x *DataSecurityFinding) GetImpact() string

func (*DataSecurityFinding) GetImpactId 

func (x *DataSecurityFinding) GetImpactId() DataSecurityFinding_ImpactId

func (*DataSecurityFinding) GetImpactScore 

func (x *DataSecurityFinding) GetImpactScore() int32

func (*DataSecurityFinding) GetMalware 

func (x *DataSecurityFinding) GetMalware() []*Malware

func (*DataSecurityFinding) GetMessage 

func (x *DataSecurityFinding) GetMessage() string

func (*DataSecurityFinding) GetMetadata 

func (x *DataSecurityFinding) GetMetadata() *Metadata

func (*DataSecurityFinding) GetObservables 

func (x *DataSecurityFinding) GetObservables() []*Observable

func (*DataSecurityFinding) GetRawData 

func (x *DataSecurityFinding) GetRawData() string

func (*DataSecurityFinding) GetResources 

func (x *DataSecurityFinding) GetResources() []*ResourceDetails

func (*DataSecurityFinding) GetRiskLevel 

func (x *DataSecurityFinding) GetRiskLevel() string

func (*DataSecurityFinding) GetRiskLevelId 

func (x *DataSecurityFinding) GetRiskLevelId() DataSecurityFinding_RiskLevelId

func (*DataSecurityFinding) GetRiskScore 

func (x *DataSecurityFinding) GetRiskScore() int32

func (*DataSecurityFinding) GetSeverity 

func (x *DataSecurityFinding) GetSeverity() string

func (*DataSecurityFinding) GetSeverityId 

func (x *DataSecurityFinding) GetSeverityId() DataSecurityFinding_SeverityId

func (*DataSecurityFinding) GetSrcEndpoint 

func (x *DataSecurityFinding) GetSrcEndpoint() *NetworkEndpoint

func (*DataSecurityFinding) GetStartTime 

func (x *DataSecurityFinding) GetStartTime() int64

func (*DataSecurityFinding) GetStartTimeDt 

func (x *DataSecurityFinding) GetStartTimeDt() *timestamppb.Timestamp

func (*DataSecurityFinding) GetStatus 

func (x *DataSecurityFinding) GetStatus() string

func (*DataSecurityFinding) GetStatusCode 

func (x *DataSecurityFinding) GetStatusCode() string

func (*DataSecurityFinding) GetStatusDetail 

func (x *DataSecurityFinding) GetStatusDetail() string

func (*DataSecurityFinding) GetStatusId 

func (x *DataSecurityFinding) GetStatusId() DataSecurityFinding_StatusId

func (*DataSecurityFinding) GetTable 

func (x *DataSecurityFinding) GetTable() *Table

func (*DataSecurityFinding) GetTime 

func (x *DataSecurityFinding) GetTime() int64

func (*DataSecurityFinding) GetTimeDt 

func (x *DataSecurityFinding) GetTimeDt() *timestamppb.Timestamp

func (*DataSecurityFinding) GetTimezoneOffset 

func (x *DataSecurityFinding) GetTimezoneOffset() int32

func (*DataSecurityFinding) GetTypeName 

func (x *DataSecurityFinding) GetTypeName() string

func (*DataSecurityFinding) GetTypeUid 

func (x *DataSecurityFinding) GetTypeUid() int64

func (*DataSecurityFinding) GetUnmapped 

func (x *DataSecurityFinding) GetUnmapped() *structpb.Struct

func (*DataSecurityFinding) ProtoMessage 

func (*DataSecurityFinding) ProtoMessage()

func (*DataSecurityFinding) ProtoReflect 

func (x *DataSecurityFinding) ProtoReflect() protoreflect.Message

func (*DataSecurityFinding) Reset 

func (x *DataSecurityFinding) Reset()

func (*DataSecurityFinding) String 

func (x *DataSecurityFinding) String() string

type DataSecurityFinding_ActionId 

type DataSecurityFinding_ActionId int32
const (
	DataSecurityFinding_ACTION_ID_UNKNOWN DataSecurityFinding_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	DataSecurityFinding_ACTION_ID_ALLOWED DataSecurityFinding_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	DataSecurityFinding_ACTION_ID_DENIED DataSecurityFinding_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	DataSecurityFinding_ACTION_ID_OTHER DataSecurityFinding_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (DataSecurityFinding_ActionId) Descriptor 

func (DataSecurityFinding_ActionId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_ActionId) Enum 

func (x DataSecurityFinding_ActionId) Enum() *DataSecurityFinding_ActionId

func (DataSecurityFinding_ActionId) EnumDescriptor deprecated 

func (DataSecurityFinding_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_ActionId.Descriptor instead.

func (DataSecurityFinding_ActionId) Number 

func (x DataSecurityFinding_ActionId) Number() protoreflect.EnumNumber

func (DataSecurityFinding_ActionId) String 

func (x DataSecurityFinding_ActionId) String() string

func (DataSecurityFinding_ActionId) Type 

func (DataSecurityFinding_ActionId) Type() protoreflect.EnumType

type DataSecurityFinding_ActivityId 

type DataSecurityFinding_ActivityId int32
const (
	DataSecurityFinding_ACTIVITY_ID_UNKNOWN DataSecurityFinding_ActivityId = 0
	DataSecurityFinding_ACTIVITY_ID_CREATE  DataSecurityFinding_ActivityId = 1 // A new Data Security finding is created.
	DataSecurityFinding_ACTIVITY_ID_UPDATE  DataSecurityFinding_ActivityId = 2 // An existing Data Security finding is updated with
	// more information.
	DataSecurityFinding_ACTIVITY_ID_CLOSE DataSecurityFinding_ActivityId = 3 // An existing Data Security finding is closed, this
	// can be due to any resolution (e.g., True Positive,
	// False Positive, etc.).
	DataSecurityFinding_ACTIVITY_ID_SUPPRESSED DataSecurityFinding_ActivityId = 4 // An existing Data Security finding is suppressed
	// due to inaccurate detection techniques or a known
	// true negative.
	DataSecurityFinding_ACTIVITY_ID_OTHER DataSecurityFinding_ActivityId = 99
)

func (DataSecurityFinding_ActivityId) Descriptor 

func (DataSecurityFinding_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_ActivityId) Enum 

func (x DataSecurityFinding_ActivityId) Enum() *DataSecurityFinding_ActivityId

func (DataSecurityFinding_ActivityId) EnumDescriptor deprecated 

func (DataSecurityFinding_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_ActivityId.Descriptor instead.

func (DataSecurityFinding_ActivityId) Number 

func (x DataSecurityFinding_ActivityId) Number() protoreflect.EnumNumber

func (DataSecurityFinding_ActivityId) String 

func (x DataSecurityFinding_ActivityId) String() string

func (DataSecurityFinding_ActivityId) Type 

func (DataSecurityFinding_ActivityId) Type() protoreflect.EnumType

type DataSecurityFinding_CategoryUid 

type DataSecurityFinding_CategoryUid int32
const (
	DataSecurityFinding_CATEGORY_UID_UNKNOWN  DataSecurityFinding_CategoryUid = 0
	DataSecurityFinding_CATEGORY_UID_FINDINGS DataSecurityFinding_CategoryUid = 2
)

func (DataSecurityFinding_CategoryUid) Descriptor 

func (DataSecurityFinding_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_CategoryUid) Enum 

func (x DataSecurityFinding_CategoryUid) Enum() *DataSecurityFinding_CategoryUid

func (DataSecurityFinding_CategoryUid) EnumDescriptor deprecated 

func (DataSecurityFinding_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_CategoryUid.Descriptor instead.

func (DataSecurityFinding_CategoryUid) Number 

func (x DataSecurityFinding_CategoryUid) Number() protoreflect.EnumNumber

func (DataSecurityFinding_CategoryUid) String 

func (x DataSecurityFinding_CategoryUid) String() string

func (DataSecurityFinding_CategoryUid) Type 

func (DataSecurityFinding_CategoryUid) Type() protoreflect.EnumType

type DataSecurityFinding_ClassUid 

type DataSecurityFinding_ClassUid int32
const (
	DataSecurityFinding_CLASS_UID_UNKNOWN               DataSecurityFinding_ClassUid = 0
	DataSecurityFinding_CLASS_UID_DATA_SECURITY_FINDING DataSecurityFinding_ClassUid = 2006
)

func (DataSecurityFinding_ClassUid) Descriptor 

func (DataSecurityFinding_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_ClassUid) Enum 

func (x DataSecurityFinding_ClassUid) Enum() *DataSecurityFinding_ClassUid

func (DataSecurityFinding_ClassUid) EnumDescriptor deprecated 

func (DataSecurityFinding_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_ClassUid.Descriptor instead.

func (DataSecurityFinding_ClassUid) Number 

func (x DataSecurityFinding_ClassUid) Number() protoreflect.EnumNumber

func (DataSecurityFinding_ClassUid) String 

func (x DataSecurityFinding_ClassUid) String() string

func (DataSecurityFinding_ClassUid) Type 

func (DataSecurityFinding_ClassUid) Type() protoreflect.EnumType

type DataSecurityFinding_ConfidenceId 

type DataSecurityFinding_ConfidenceId int32
const (
	DataSecurityFinding_CONFIDENCE_ID_UNKNOWN DataSecurityFinding_ConfidenceId = 0 // The normalized confidence is unknown.
	DataSecurityFinding_CONFIDENCE_ID_LOW     DataSecurityFinding_ConfidenceId = 1
	DataSecurityFinding_CONFIDENCE_ID_MEDIUM  DataSecurityFinding_ConfidenceId = 2
	DataSecurityFinding_CONFIDENCE_ID_HIGH    DataSecurityFinding_ConfidenceId = 3
	DataSecurityFinding_CONFIDENCE_ID_OTHER   DataSecurityFinding_ConfidenceId = 99 // The confidence is not mapped to the defined enum
)

func (DataSecurityFinding_ConfidenceId) Descriptor 

func (DataSecurityFinding_ConfidenceId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_ConfidenceId) Enum 

func (x DataSecurityFinding_ConfidenceId) Enum() *DataSecurityFinding_ConfidenceId

func (DataSecurityFinding_ConfidenceId) EnumDescriptor deprecated 

func (DataSecurityFinding_ConfidenceId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_ConfidenceId.Descriptor instead.

func (DataSecurityFinding_ConfidenceId) Number 

func (x DataSecurityFinding_ConfidenceId) Number() protoreflect.EnumNumber

func (DataSecurityFinding_ConfidenceId) String 

func (x DataSecurityFinding_ConfidenceId) String() string

func (DataSecurityFinding_ConfidenceId) Type 

func (DataSecurityFinding_ConfidenceId) Type() protoreflect.EnumType

type DataSecurityFinding_DispositionId 

type DataSecurityFinding_DispositionId int32
const (
	DataSecurityFinding_DISPOSITION_ID_UNKNOWN DataSecurityFinding_DispositionId = 0 // The disposition was not known.
	DataSecurityFinding_DISPOSITION_ID_ALLOWED DataSecurityFinding_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	DataSecurityFinding_DISPOSITION_ID_BLOCKED DataSecurityFinding_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	DataSecurityFinding_DISPOSITION_ID_QUARANTINED DataSecurityFinding_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	DataSecurityFinding_DISPOSITION_ID_ISOLATED DataSecurityFinding_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	DataSecurityFinding_DISPOSITION_ID_DELETED DataSecurityFinding_DispositionId = 5 // A file or other content was deleted.
	DataSecurityFinding_DISPOSITION_ID_DROPPED DataSecurityFinding_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	DataSecurityFinding_DISPOSITION_ID_CUSTOM_ACTION DataSecurityFinding_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	DataSecurityFinding_DISPOSITION_ID_APPROVED DataSecurityFinding_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	DataSecurityFinding_DISPOSITION_ID_RESTORED DataSecurityFinding_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	DataSecurityFinding_DISPOSITION_ID_EXONERATED DataSecurityFinding_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	DataSecurityFinding_DISPOSITION_ID_CORRECTED DataSecurityFinding_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	DataSecurityFinding_DISPOSITION_ID_PARTIALLY_CORRECTED DataSecurityFinding_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	DataSecurityFinding_DISPOSITION_ID_UNCORRECTED DataSecurityFinding_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	DataSecurityFinding_DISPOSITION_ID_DELAYED DataSecurityFinding_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	DataSecurityFinding_DISPOSITION_ID_DETECTED DataSecurityFinding_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	DataSecurityFinding_DISPOSITION_ID_NO_ACTION DataSecurityFinding_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	DataSecurityFinding_DISPOSITION_ID_LOGGED DataSecurityFinding_DispositionId = 17 // The operation or action was logged
	// without further action.
	DataSecurityFinding_DISPOSITION_ID_TAGGED DataSecurityFinding_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	DataSecurityFinding_DISPOSITION_ID_ALERT DataSecurityFinding_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	DataSecurityFinding_DISPOSITION_ID_COUNT DataSecurityFinding_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	DataSecurityFinding_DISPOSITION_ID_RESET DataSecurityFinding_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	DataSecurityFinding_DISPOSITION_ID_CAPTCHA DataSecurityFinding_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	DataSecurityFinding_DISPOSITION_ID_CHALLENGE DataSecurityFinding_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	DataSecurityFinding_DISPOSITION_ID_ACCESS_REVOKED DataSecurityFinding_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	DataSecurityFinding_DISPOSITION_ID_REJECTED DataSecurityFinding_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	DataSecurityFinding_DISPOSITION_ID_UNAUTHORIZED DataSecurityFinding_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	DataSecurityFinding_DISPOSITION_ID_ERROR DataSecurityFinding_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	DataSecurityFinding_DISPOSITION_ID_OTHER DataSecurityFinding_DispositionId = 99 // The disposition is not listed. The
)

func (DataSecurityFinding_DispositionId) Descriptor 

func (DataSecurityFinding_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_DispositionId) Enum 

func (x DataSecurityFinding_DispositionId) Enum() *DataSecurityFinding_DispositionId

func (DataSecurityFinding_DispositionId) EnumDescriptor deprecated 

func (DataSecurityFinding_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_DispositionId.Descriptor instead.

func (DataSecurityFinding_DispositionId) Number 

func (x DataSecurityFinding_DispositionId) Number() protoreflect.EnumNumber

func (DataSecurityFinding_DispositionId) String 

func (x DataSecurityFinding_DispositionId) String() string

func (DataSecurityFinding_DispositionId) Type 

func (DataSecurityFinding_DispositionId) Type() protoreflect.EnumType

type DataSecurityFinding_ImpactId 

type DataSecurityFinding_ImpactId int32
const (
	DataSecurityFinding_IMPACT_ID_UNKNOWN  DataSecurityFinding_ImpactId = 0 // The normalized impact is unknown.
	DataSecurityFinding_IMPACT_ID_LOW      DataSecurityFinding_ImpactId = 1
	DataSecurityFinding_IMPACT_ID_MEDIUM   DataSecurityFinding_ImpactId = 2
	DataSecurityFinding_IMPACT_ID_HIGH     DataSecurityFinding_ImpactId = 3
	DataSecurityFinding_IMPACT_ID_CRITICAL DataSecurityFinding_ImpactId = 4
	DataSecurityFinding_IMPACT_ID_OTHER    DataSecurityFinding_ImpactId = 99 // The impact is not mapped. See the <code>impact</code>
)

func (DataSecurityFinding_ImpactId) Descriptor 

func (DataSecurityFinding_ImpactId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_ImpactId) Enum 

func (x DataSecurityFinding_ImpactId) Enum() *DataSecurityFinding_ImpactId

func (DataSecurityFinding_ImpactId) EnumDescriptor deprecated 

func (DataSecurityFinding_ImpactId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_ImpactId.Descriptor instead.

func (DataSecurityFinding_ImpactId) Number 

func (x DataSecurityFinding_ImpactId) Number() protoreflect.EnumNumber

func (DataSecurityFinding_ImpactId) String 

func (x DataSecurityFinding_ImpactId) String() string

func (DataSecurityFinding_ImpactId) Type 

func (DataSecurityFinding_ImpactId) Type() protoreflect.EnumType

type DataSecurityFinding_RiskLevelId 

type DataSecurityFinding_RiskLevelId int32
const (
	DataSecurityFinding_RISK_LEVEL_ID_INFO     DataSecurityFinding_RiskLevelId = 0
	DataSecurityFinding_RISK_LEVEL_ID_LOW      DataSecurityFinding_RiskLevelId = 1
	DataSecurityFinding_RISK_LEVEL_ID_MEDIUM   DataSecurityFinding_RiskLevelId = 2
	DataSecurityFinding_RISK_LEVEL_ID_HIGH     DataSecurityFinding_RiskLevelId = 3
	DataSecurityFinding_RISK_LEVEL_ID_CRITICAL DataSecurityFinding_RiskLevelId = 4
)

func (DataSecurityFinding_RiskLevelId) Descriptor 

func (DataSecurityFinding_RiskLevelId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_RiskLevelId) Enum 

func (x DataSecurityFinding_RiskLevelId) Enum() *DataSecurityFinding_RiskLevelId

func (DataSecurityFinding_RiskLevelId) EnumDescriptor deprecated 

func (DataSecurityFinding_RiskLevelId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_RiskLevelId.Descriptor instead.

func (DataSecurityFinding_RiskLevelId) Number 

func (x DataSecurityFinding_RiskLevelId) Number() protoreflect.EnumNumber

func (DataSecurityFinding_RiskLevelId) String 

func (x DataSecurityFinding_RiskLevelId) String() string

func (DataSecurityFinding_RiskLevelId) Type 

func (DataSecurityFinding_RiskLevelId) Type() protoreflect.EnumType

type DataSecurityFinding_SeverityId 

type DataSecurityFinding_SeverityId int32
const (
	DataSecurityFinding_SEVERITY_ID_UNKNOWN       DataSecurityFinding_SeverityId = 0 // The event/finding severity is unknown.
	DataSecurityFinding_SEVERITY_ID_INFORMATIONAL DataSecurityFinding_SeverityId = 1 // Informational message. No action required.
	DataSecurityFinding_SEVERITY_ID_LOW           DataSecurityFinding_SeverityId = 2 // The user decides if action is needed.
	DataSecurityFinding_SEVERITY_ID_MEDIUM        DataSecurityFinding_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	DataSecurityFinding_SEVERITY_ID_HIGH     DataSecurityFinding_SeverityId = 4 // Action is required immediately.
	DataSecurityFinding_SEVERITY_ID_CRITICAL DataSecurityFinding_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	DataSecurityFinding_SEVERITY_ID_FATAL DataSecurityFinding_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	DataSecurityFinding_SEVERITY_ID_OTHER DataSecurityFinding_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (DataSecurityFinding_SeverityId) Descriptor 

func (DataSecurityFinding_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_SeverityId) Enum 

func (x DataSecurityFinding_SeverityId) Enum() *DataSecurityFinding_SeverityId

func (DataSecurityFinding_SeverityId) EnumDescriptor deprecated 

func (DataSecurityFinding_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_SeverityId.Descriptor instead.

func (DataSecurityFinding_SeverityId) Number 

func (x DataSecurityFinding_SeverityId) Number() protoreflect.EnumNumber

func (DataSecurityFinding_SeverityId) String 

func (x DataSecurityFinding_SeverityId) String() string

func (DataSecurityFinding_SeverityId) Type 

func (DataSecurityFinding_SeverityId) Type() protoreflect.EnumType

type DataSecurityFinding_StatusId 

type DataSecurityFinding_StatusId int32
const (
	DataSecurityFinding_STATUS_ID_UNKNOWN     DataSecurityFinding_StatusId = 0 // The status is unknown.
	DataSecurityFinding_STATUS_ID_NEW         DataSecurityFinding_StatusId = 1 // The Finding is new and yet to be reviewed.
	DataSecurityFinding_STATUS_ID_IN_PROGRESS DataSecurityFinding_StatusId = 2 // The Finding is under review.
	DataSecurityFinding_STATUS_ID_SUPPRESSED  DataSecurityFinding_StatusId = 3 // The Finding was reviewed, determined to be benign
	// or a false positive and is now suppressed.
	DataSecurityFinding_STATUS_ID_RESOLVED DataSecurityFinding_StatusId = 4 // The Finding was reviewed, remediated and is now
	// considered resolved.
	DataSecurityFinding_STATUS_ID_OTHER DataSecurityFinding_StatusId = 99 // The event status is not mapped. See the
)

func (DataSecurityFinding_StatusId) Descriptor 

func (DataSecurityFinding_StatusId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurityFinding_StatusId) Enum 

func (x DataSecurityFinding_StatusId) Enum() *DataSecurityFinding_StatusId

func (DataSecurityFinding_StatusId) EnumDescriptor deprecated 

func (DataSecurityFinding_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurityFinding_StatusId.Descriptor instead.

func (DataSecurityFinding_StatusId) Number 

func (x DataSecurityFinding_StatusId) Number() protoreflect.EnumNumber

func (DataSecurityFinding_StatusId) String 

func (x DataSecurityFinding_StatusId) String() string

func (DataSecurityFinding_StatusId) Type 

func (DataSecurityFinding_StatusId) Type() protoreflect.EnumType

type DataSecurity_CategoryId 

type DataSecurity_CategoryId int32
const (
	DataSecurity_CATEGORY_ID_UNKNOWN DataSecurity_CategoryId = 0 // The type is not mapped. See the
	// <code>data_type</code>
	// attribute, which contains a data
	// source specific value.
	DataSecurity_CATEGORY_ID_PERSONAL DataSecurity_CategoryId = 1 // Any Personally Identifiable
	// Information (PII), Electronic
	// Personal Health Information
	// (ePHI), or similarly personal
	// information. E.g., full name,
	// home address, date of birth,
	// etc.
	DataSecurity_CATEGORY_ID_GOVERNMENTAL DataSecurity_CategoryId = 2 // Any sensitive government
	// identification number related to
	// a person or other classified
	// material. E.g., Passport
	// numbers, driver license numbers,
	// business identification,
	// taxation identifiers, etc.
	DataSecurity_CATEGORY_ID_FINANCIAL DataSecurity_CategoryId = 3 // Any financially-related sensitive
	// information or Cardholder Data
	// (CHD). E.g., banking account
	// numbers, credit card numbers,
	// International Banking Account
	// Numbers (IBAN), SWIFT codes,
	// etc.
	DataSecurity_CATEGORY_ID_BUSINESS DataSecurity_CategoryId = 4 // Any business-specific sensitive
	// data such as intellectual
	// property, trademarks,
	// copyrights, human resource data,
	// Board of Directors meeting
	// minutes, and similar.
	DataSecurity_CATEGORY_ID_MILITARY_AND_LAW_ENFORCEMENT DataSecurity_CategoryId = 5 // Any mission-specific sensitive
	// data for military, law
	// enforcement, or other government
	// agencies such as specifically
	// classified data, weapon systems
	// information, or other planning
	// data.
	DataSecurity_CATEGORY_ID_SECURITY DataSecurity_CategoryId = 6 // Any sensitive security-related
	// data such as passwords,
	// passkeys, IP addresses, API
	// keys, credentials and similar
	// secrets. E.g., AWS Access Secret
	// Key, SaaS API Keys, user
	// passwords, database credentials,
	// etc.
	DataSecurity_CATEGORY_ID_OTHER DataSecurity_CategoryId = 99 // Any other type of data
)

func (DataSecurity_CategoryId) Descriptor 

func (DataSecurity_CategoryId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurity_CategoryId) Enum 

func (x DataSecurity_CategoryId) Enum() *DataSecurity_CategoryId

func (DataSecurity_CategoryId) EnumDescriptor deprecated 

func (DataSecurity_CategoryId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurity_CategoryId.Descriptor instead.

func (DataSecurity_CategoryId) Number 

func (x DataSecurity_CategoryId) Number() protoreflect.EnumNumber

func (DataSecurity_CategoryId) String 

func (x DataSecurity_CategoryId) String() string

func (DataSecurity_CategoryId) Type 

func (DataSecurity_CategoryId) Type() protoreflect.EnumType

type DataSecurity_ConfidentialityId 

type DataSecurity_ConfidentialityId int32
const (
	DataSecurity_CONFIDENTIALITY_ID_UNKNOWN          DataSecurity_ConfidentialityId = 0 // The confidentiality is unknown.
	DataSecurity_CONFIDENTIALITY_ID_NOT_CONFIDENTIAL DataSecurity_ConfidentialityId = 1
	DataSecurity_CONFIDENTIALITY_ID_CONFIDENTIAL     DataSecurity_ConfidentialityId = 2
	DataSecurity_CONFIDENTIALITY_ID_SECRET           DataSecurity_ConfidentialityId = 3
	DataSecurity_CONFIDENTIALITY_ID_TOP_SECRET       DataSecurity_ConfidentialityId = 4
	DataSecurity_CONFIDENTIALITY_ID_PRIVATE          DataSecurity_ConfidentialityId = 5
	DataSecurity_CONFIDENTIALITY_ID_RESTRICTED       DataSecurity_ConfidentialityId = 6
	DataSecurity_CONFIDENTIALITY_ID_OTHER            DataSecurity_ConfidentialityId = 99 // The confidentiality is not mapped.
)

func (DataSecurity_ConfidentialityId) Descriptor 

func (DataSecurity_ConfidentialityId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurity_ConfidentialityId) Enum 

func (x DataSecurity_ConfidentialityId) Enum() *DataSecurity_ConfidentialityId

func (DataSecurity_ConfidentialityId) EnumDescriptor deprecated 

func (DataSecurity_ConfidentialityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurity_ConfidentialityId.Descriptor instead.

func (DataSecurity_ConfidentialityId) Number 

func (x DataSecurity_ConfidentialityId) Number() protoreflect.EnumNumber

func (DataSecurity_ConfidentialityId) String 

func (x DataSecurity_ConfidentialityId) String() string

func (DataSecurity_ConfidentialityId) Type 

func (DataSecurity_ConfidentialityId) Type() protoreflect.EnumType

type DataSecurity_DataLifecycleStateId 

type DataSecurity_DataLifecycleStateId int32
const (
	DataSecurity_DATA_LIFECYCLE_STATE_ID_UNKNOWN DataSecurity_DataLifecycleStateId = 0 // The type is not mapped. See the
	// <code>data_lifecycle_state</code>
	// attribute, which contains a data
	// source specific value.
	DataSecurity_DATA_LIFECYCLE_STATE_ID_DATA_AT_REST DataSecurity_DataLifecycleStateId = 1 // The data was stored on physical or
	// logcial media and was not actively
	// moving through the network nor was
	// being processed. E.g., data stored
	// in a database, PDF files in a file
	// share, or EHR records in object
	// storage.
	DataSecurity_DATA_LIFECYCLE_STATE_ID_DATA_IN_TRANSIT DataSecurity_DataLifecycleStateId = 2 // The data was actively moving
	// through the network or from one
	// physical or logical location to
	// another. E.g., emails being send,
	// data replication or Change Data
	// Capture (CDC) streams, or
	// sensitive data processed on an
	// API.
	DataSecurity_DATA_LIFECYCLE_STATE_ID_DATA_IN_USE DataSecurity_DataLifecycleStateId = 3 // The data was being processed,
)

func (DataSecurity_DataLifecycleStateId) Descriptor 

func (DataSecurity_DataLifecycleStateId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurity_DataLifecycleStateId) Enum 

func (x DataSecurity_DataLifecycleStateId) Enum() *DataSecurity_DataLifecycleStateId

func (DataSecurity_DataLifecycleStateId) EnumDescriptor deprecated 

func (DataSecurity_DataLifecycleStateId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurity_DataLifecycleStateId.Descriptor instead.

func (DataSecurity_DataLifecycleStateId) Number 

func (x DataSecurity_DataLifecycleStateId) Number() protoreflect.EnumNumber

func (DataSecurity_DataLifecycleStateId) String 

func (x DataSecurity_DataLifecycleStateId) String() string

func (DataSecurity_DataLifecycleStateId) Type 

func (DataSecurity_DataLifecycleStateId) Type() protoreflect.EnumType

type DataSecurity_DetectionSystemId 

type DataSecurity_DetectionSystemId int32
const (
	DataSecurity_DETECTION_SYSTEM_ID_UNKNOWN DataSecurity_DetectionSystemId = 0 // The type is not
	// mapped. See the
	// <code>detection_system</code>
	// attribute, which
	// contains a data
	// source specific
	// value.
	DataSecurity_DETECTION_SYSTEM_ID_ENDPOINT DataSecurity_DetectionSystemId = 1 // A dedicated agent or
	// sensor installed on
	// a device, either a
	// dedicated data
	// security tool or an
	// Endpoint Detection &
	// Response (EDR) tool
	// that can detect
	// sensitive data
	// and/or enforce data
	// security policies.
	// E.g., Forcepoint
	// DLP, Symantec DLP,
	// Microsoft Defender
	// for Endpoint (MDE).
	DataSecurity_DETECTION_SYSTEM_ID_DLP_GATEWAY DataSecurity_DetectionSystemId = 2 // A Data Loss
	// Prevention (DLP)
	// gateway that is
	// positioned in-line of
	// an information store
	// such as a network
	// share, a database,
	// or otherwise that
	// can detect sensitive
	// data and/or enforce
	// data security
	// policies.
	DataSecurity_DETECTION_SYSTEM_ID_MOBILE_DEVICE_MANAGEMENT DataSecurity_DetectionSystemId = 3 // A Mobile Device
	// Management (MDM) or
	// Enterprise Mobility
	// Management (EMM)
	// tool that can detect
	// sensitive data
	// and/or enforce data
	// security policies on
	// mobile devices
	// (e.g., cellphones,
	// tablets, End User
	// Devices [EUDs]).
	DataSecurity_DETECTION_SYSTEM_ID_DATA_DISCOVERY_CLASSIFICATION DataSecurity_DetectionSystemId = 4 // A tool that actively
	// identifies and
	// classifies sensitive
	// data in digitial
	// media and
	// information stores
	// in accordance with a
	// policy or automated
	// functionality. E.g,
	// Amazon Macie,
	// Microsoft Purview.
	DataSecurity_DETECTION_SYSTEM_ID_SECURE_WEB_GATEWAY DataSecurity_DetectionSystemId = 5 // A Secure Web Gateway
	// (SWG) is any tool
	// that can detect
	// sensitive data
	// and/or enforce data
	// security policies at
	// a network-edge such
	// as within a proxy or
	// firewall service.
	DataSecurity_DETECTION_SYSTEM_ID_SECURE_EMAIL_GATEWAY DataSecurity_DetectionSystemId = 6 // A Secure Email
	// Gateway (SEG) is any
	// tool that can detect
	// sensitive data
	// and/or enforce data
	// security policies
	// within email
	// systems. E.g.,
	// Microsoft Defender
	// for Office, Google
	// Workspaces.
	DataSecurity_DETECTION_SYSTEM_ID_DIGITAL_RIGHTS_MANAGEMENT DataSecurity_DetectionSystemId = 7 // A Digital Rights
	// Management (DRM) or
	// a dedicated
	// Information Rights
	// Management (IRM) are
	// tools which can
	// detect sensitive
	// data and/or enforce
	// data security
	// policies on digitial
	// media via policy or
	// user access rights.
	DataSecurity_DETECTION_SYSTEM_ID_CLOUD_ACCESS_SECURITY_BROKER DataSecurity_DetectionSystemId = 8 // A Cloud Access
	// Security Broker
	// (CASB) that can
	// detect sensitive
	// data and/or enforce
	// data security
	// policies in-line to
	// cloud systems such
	// as the public cloud
	// or Software-as-a-
	// Service (SaaS) tool.
	// E.g., Forcepoint
	// CASB, SkyHigh
	// Security.
	DataSecurity_DETECTION_SYSTEM_ID_DATABASE_ACTIVITY_MONITORING DataSecurity_DetectionSystemId = 9 // A Database Activity
	// Monitoring (DAM)
	// tool that can detect
	// sensitive data
	// and/or enforce data
	// security policies as
	// part of a dedicated
	// database or
	// warehouse monitoring
	// solution.
	DataSecurity_DETECTION_SYSTEM_ID_APPLICATION_LEVEL_DLP DataSecurity_DetectionSystemId = 10 // A built in Data Loss
	// Prevention (DLP) or
	// other data security
	// capability within a
	// tool or platform
	// such as an
	// Enterprise Resource
	// Planning (ERP) or
	// Customer Relations
	// Management (CRM)
	// tool that can detect
	// sensitive data
	// and/or enforce data
	// security policies.
	DataSecurity_DETECTION_SYSTEM_ID_DEVELOPER_SECURITY DataSecurity_DetectionSystemId = 11 // Any Developer
	// Security tool such
	// as an Infrastrucre-as-
	// Securty (IAC)
	// scanner, Secrets
	// Detection, or Secure
	// Software Development
	// Lifecycle (SSDLC)
	// tool that can detect
	// sensitive data
	// and/or enforce data
	// security policies.
	// E.g., TruffleHog,
	// GitGuardian, Git-
	// Secrets.
	DataSecurity_DETECTION_SYSTEM_ID_DATA_SECURITY_POSTURE_MANAGEMENT DataSecurity_DetectionSystemId = 12 // A Data Security
	// Posture Management
	// (DSPM) tool is a
	// continuous
	// monitoring and data
	// discovery solution
	// that can detect
	// sensitive data
	// and/or enforce data
	// security policies
	// for local and cloud
	// environments. E.g.,
	// Cyera, Sentra, IBM
	// Polar Security.
	DataSecurity_DETECTION_SYSTEM_ID_OTHER DataSecurity_DetectionSystemId = 99 // Any other type of
)

func (DataSecurity_DetectionSystemId) Descriptor 

func (DataSecurity_DetectionSystemId) Descriptor() protoreflect.EnumDescriptor

func (DataSecurity_DetectionSystemId) Enum 

func (x DataSecurity_DetectionSystemId) Enum() *DataSecurity_DetectionSystemId

func (DataSecurity_DetectionSystemId) EnumDescriptor deprecated 

func (DataSecurity_DetectionSystemId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DataSecurity_DetectionSystemId.Descriptor instead.

func (DataSecurity_DetectionSystemId) Number 

func (x DataSecurity_DetectionSystemId) Number() protoreflect.EnumNumber

func (DataSecurity_DetectionSystemId) String 

func (x DataSecurity_DetectionSystemId) String() string

func (DataSecurity_DetectionSystemId) Type 

func (DataSecurity_DetectionSystemId) Type() protoreflect.EnumType

type Database 

type Database struct {
	CreatedTime        *int64                 `protobuf:"varint,1,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt      *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	DataClassification *DataClassification    `protobuf:"bytes,3,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	Desc               *string                `protobuf:"bytes,4,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Groups             []*Group               `protobuf:"bytes,5,rep,name=groups,proto3" json:"groups,omitempty"`
	ModifiedTime       *int64                 `protobuf:"varint,6,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt     *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	Name               *string                `protobuf:"bytes,8,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Size               *int64                 `protobuf:"varint,9,opt,name=size,proto3,oneof" json:"size,omitempty"`
	Type               *string                `protobuf:"bytes,10,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId             Database_TypeId        `protobuf:"varint,11,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Database_TypeId" json:"type_id,omitempty"`
	Uid                *string                `protobuf:"bytes,12,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Database is an OSF object defined in ocsf objects/database.json

The database object is used for databases which are typically datastore services that contain an organized collection of structured and unstructured data or a types of data.

func (*Database) Descriptor deprecated 

func (*Database) Descriptor() ([]byte, []int)

Deprecated: Use Database.ProtoReflect.Descriptor instead.

func (*Database) GetCreatedTime 

func (x *Database) GetCreatedTime() int64

func (*Database) GetCreatedTimeDt 

func (x *Database) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Database) GetDataClassification 

func (x *Database) GetDataClassification() *DataClassification

func (*Database) GetDesc 

func (x *Database) GetDesc() string

func (*Database) GetGroups 

func (x *Database) GetGroups() []*Group

func (*Database) GetModifiedTime 

func (x *Database) GetModifiedTime() int64

func (*Database) GetModifiedTimeDt 

func (x *Database) GetModifiedTimeDt() *timestamppb.Timestamp

func (*Database) GetName 

func (x *Database) GetName() string

func (*Database) GetSize 

func (x *Database) GetSize() int64

func (*Database) GetType 

func (x *Database) GetType() string

func (*Database) GetTypeId 

func (x *Database) GetTypeId() Database_TypeId

func (*Database) GetUid 

func (x *Database) GetUid() string

func (*Database) ProtoMessage 

func (*Database) ProtoMessage()

func (*Database) ProtoReflect 

func (x *Database) ProtoReflect() protoreflect.Message

func (*Database) Reset 

func (x *Database) Reset()

func (*Database) String 

func (x *Database) String() string

type Database_TypeId 

type Database_TypeId int32
const (
	Database_TYPE_ID_UNKNOWN         Database_TypeId = 0
	Database_TYPE_ID_RELATIONAL      Database_TypeId = 1
	Database_TYPE_ID_NETWORK         Database_TypeId = 2
	Database_TYPE_ID_OBJECT_ORIENTED Database_TypeId = 3
	Database_TYPE_ID_CENTRALIZED     Database_TypeId = 4
	Database_TYPE_ID_OPERATIONAL     Database_TypeId = 5
	Database_TYPE_ID_NOSQL           Database_TypeId = 6
	Database_TYPE_ID_OTHER           Database_TypeId = 99
)

func (Database_TypeId) Descriptor 

func (Database_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Database_TypeId) Enum 

func (x Database_TypeId) Enum() *Database_TypeId

func (Database_TypeId) EnumDescriptor deprecated 

func (Database_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Database_TypeId.Descriptor instead.

func (Database_TypeId) Number 

func (x Database_TypeId) Number() protoreflect.EnumNumber

func (Database_TypeId) String 

func (x Database_TypeId) String() string

func (Database_TypeId) Type 

func (Database_TypeId) Type() protoreflect.EnumType

type Databucket 

type Databucket struct {
	CreatedTime        *int64                 `protobuf:"varint,1,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt      *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	DataClassification *DataClassification    `protobuf:"bytes,3,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	Desc               *string                `protobuf:"bytes,4,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	File               *File                  `protobuf:"bytes,5,opt,name=file,proto3" json:"file,omitempty"`
	Groups             []*Group               `protobuf:"bytes,6,rep,name=groups,proto3" json:"groups,omitempty"`
	ModifiedTime       *int64                 `protobuf:"varint,7,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt     *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	Name               *string                `protobuf:"bytes,9,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Size               *int64                 `protobuf:"varint,10,opt,name=size,proto3,oneof" json:"size,omitempty"`
	Type               *string                `protobuf:"bytes,11,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId             Databucket_TypeId      `protobuf:"varint,12,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Databucket_TypeId" json:"type_id,omitempty"`
	Uid                *string                `protobuf:"bytes,13,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Databucket is an OSF object defined in ocsf objects/databucket.json

The databucket object is a basic container that holds data, typically organized through the use of data partitions.

func (*Databucket) Descriptor deprecated 

func (*Databucket) Descriptor() ([]byte, []int)

Deprecated: Use Databucket.ProtoReflect.Descriptor instead.

func (*Databucket) GetCreatedTime 

func (x *Databucket) GetCreatedTime() int64

func (*Databucket) GetCreatedTimeDt 

func (x *Databucket) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Databucket) GetDataClassification 

func (x *Databucket) GetDataClassification() *DataClassification

func (*Databucket) GetDesc 

func (x *Databucket) GetDesc() string

func (*Databucket) GetFile 

func (x *Databucket) GetFile() *File

func (*Databucket) GetGroups 

func (x *Databucket) GetGroups() []*Group

func (*Databucket) GetModifiedTime 

func (x *Databucket) GetModifiedTime() int64

func (*Databucket) GetModifiedTimeDt 

func (x *Databucket) GetModifiedTimeDt() *timestamppb.Timestamp

func (*Databucket) GetName 

func (x *Databucket) GetName() string

func (*Databucket) GetSize 

func (x *Databucket) GetSize() int64

func (*Databucket) GetType 

func (x *Databucket) GetType() string

func (*Databucket) GetTypeId 

func (x *Databucket) GetTypeId() Databucket_TypeId

func (*Databucket) GetUid 

func (x *Databucket) GetUid() string

func (*Databucket) ProtoMessage 

func (*Databucket) ProtoMessage()

func (*Databucket) ProtoReflect 

func (x *Databucket) ProtoReflect() protoreflect.Message

func (*Databucket) Reset 

func (x *Databucket) Reset()

func (*Databucket) String 

func (x *Databucket) String() string

type Databucket_TypeId 

type Databucket_TypeId int32
const (
	Databucket_TYPE_ID_UNKNOWN    Databucket_TypeId = 0
	Databucket_TYPE_ID_S3         Databucket_TypeId = 1
	Databucket_TYPE_ID_AZURE_BLOB Databucket_TypeId = 2
	Databucket_TYPE_ID_GCP_BUCKET Databucket_TypeId = 3
	Databucket_TYPE_ID_OTHER      Databucket_TypeId = 99
)

func (Databucket_TypeId) Descriptor 

func (Databucket_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Databucket_TypeId) Enum 

func (x Databucket_TypeId) Enum() *Databucket_TypeId

func (Databucket_TypeId) EnumDescriptor deprecated 

func (Databucket_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Databucket_TypeId.Descriptor instead.

func (Databucket_TypeId) Number 

func (x Databucket_TypeId) Number() protoreflect.EnumNumber

func (Databucket_TypeId) String 

func (x Databucket_TypeId) String() string

func (Databucket_TypeId) Type 

func (Databucket_TypeId) Type() protoreflect.EnumType

type DatastoreActivity 

type DatastoreActivity struct {
	Action         *string                          `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       DatastoreActivity_ActionId       `` /* 133-byte string literal not displayed */
	ActivityId     DatastoreActivity_ActivityId     `` /* 141-byte string literal not displayed */
	ActivityName   *string                          `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                           `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                             `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                        `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization                 `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                          `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    DatastoreActivity_CategoryUid    `` /* 146-byte string literal not displayed */
	ClassName      *string                          `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       DatastoreActivity_ClassUid       `` /* 134-byte string literal not displayed */
	Cloud          *Cloud                           `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                           `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Database       *Database                        `protobuf:"bytes,15,opt,name=database,proto3" json:"database,omitempty"`
	Databucket     *Databucket                      `protobuf:"bytes,16,opt,name=databucket,proto3" json:"databucket,omitempty"`
	Disposition    *string                          `protobuf:"bytes,17,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *DatastoreActivity_DispositionId `` /* 160-byte string literal not displayed */
	DstEndpoint    *NetworkEndpoint                 `protobuf:"bytes,19,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration       *int32                           `protobuf:"varint,20,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                           `protobuf:"varint,21,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp           `protobuf:"bytes,22,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                    `protobuf:"bytes,23,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                    `protobuf:"bytes,24,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	HttpRequest    *HttpRequest                     `protobuf:"bytes,25,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	Malware        []*Malware                       `protobuf:"bytes,26,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                          `protobuf:"bytes,27,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                        `protobuf:"bytes,28,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                    `protobuf:"bytes,29,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                       `protobuf:"bytes,30,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	RawData        *string                          `protobuf:"bytes,31,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                          `protobuf:"bytes,32,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     DatastoreActivity_SeverityId     `` /* 142-byte string literal not displayed */
	SrcEndpoint    *NetworkEndpoint                 `protobuf:"bytes,34,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                           `protobuf:"varint,35,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp           `protobuf:"bytes,36,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                          `protobuf:"bytes,37,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                          `protobuf:"bytes,38,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                          `protobuf:"bytes,39,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *DatastoreActivity_StatusId      `` /* 140-byte string literal not displayed */
	Table          *Table                           `protobuf:"bytes,41,opt,name=table,proto3" json:"table,omitempty"`
	Time           int64                            `protobuf:"varint,42,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp           `protobuf:"bytes,43,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                           `protobuf:"varint,44,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Type           *string                          `protobuf:"bytes,45,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId         *DatastoreActivity_TypeId        `` /* 132-byte string literal not displayed */
	TypeName       *string                          `protobuf:"bytes,47,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                            `protobuf:"varint,48,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                 `protobuf:"bytes,49,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

DatastoreActivity is an OSF event in category "Application Activity" called Datastore Activity defined in ocsf events/application/datastore_activity.json

Datastore events describe general activities (Read, Update, Query, Delete, etc.) which affect datastores or data within those datastores, e.g. (AWS RDS, AWS S3).

func (*DatastoreActivity) Descriptor deprecated 

func (*DatastoreActivity) Descriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity.ProtoReflect.Descriptor instead.

func (*DatastoreActivity) GetAction 

func (x *DatastoreActivity) GetAction() string

func (*DatastoreActivity) GetActionId 

func (x *DatastoreActivity) GetActionId() DatastoreActivity_ActionId

func (*DatastoreActivity) GetActivityId 

func (x *DatastoreActivity) GetActivityId() DatastoreActivity_ActivityId

func (*DatastoreActivity) GetActivityName 

func (x *DatastoreActivity) GetActivityName() string

func (*DatastoreActivity) GetActor 

func (x *DatastoreActivity) GetActor() *Actor

func (*DatastoreActivity) GetApi 

func (x *DatastoreActivity) GetApi() *Api

func (*DatastoreActivity) GetAttacks 

func (x *DatastoreActivity) GetAttacks() []*Attack

func (*DatastoreActivity) GetAuthorizations 

func (x *DatastoreActivity) GetAuthorizations() []*Authorization

func (*DatastoreActivity) GetCategoryName 

func (x *DatastoreActivity) GetCategoryName() string

func (*DatastoreActivity) GetCategoryUid 

func (x *DatastoreActivity) GetCategoryUid() DatastoreActivity_CategoryUid

func (*DatastoreActivity) GetClassName 

func (x *DatastoreActivity) GetClassName() string

func (*DatastoreActivity) GetClassUid 

func (x *DatastoreActivity) GetClassUid() DatastoreActivity_ClassUid

func (*DatastoreActivity) GetCloud 

func (x *DatastoreActivity) GetCloud() *Cloud

func (*DatastoreActivity) GetCount 

func (x *DatastoreActivity) GetCount() int32

func (*DatastoreActivity) GetDatabase 

func (x *DatastoreActivity) GetDatabase() *Database

func (*DatastoreActivity) GetDatabucket 

func (x *DatastoreActivity) GetDatabucket() *Databucket

func (*DatastoreActivity) GetDisposition 

func (x *DatastoreActivity) GetDisposition() string

func (*DatastoreActivity) GetDispositionId 

func (x *DatastoreActivity) GetDispositionId() DatastoreActivity_DispositionId

func (*DatastoreActivity) GetDstEndpoint 

func (x *DatastoreActivity) GetDstEndpoint() *NetworkEndpoint

func (*DatastoreActivity) GetDuration 

func (x *DatastoreActivity) GetDuration() int32

func (*DatastoreActivity) GetEndTime 

func (x *DatastoreActivity) GetEndTime() int64

func (*DatastoreActivity) GetEndTimeDt 

func (x *DatastoreActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*DatastoreActivity) GetEnrichments 

func (x *DatastoreActivity) GetEnrichments() []*Enrichment

func (*DatastoreActivity) GetFirewallRule 

func (x *DatastoreActivity) GetFirewallRule() *FirewallRule

func (*DatastoreActivity) GetHttpRequest 

func (x *DatastoreActivity) GetHttpRequest() *HttpRequest

func (*DatastoreActivity) GetMalware 

func (x *DatastoreActivity) GetMalware() []*Malware

func (*DatastoreActivity) GetMessage 

func (x *DatastoreActivity) GetMessage() string

func (*DatastoreActivity) GetMetadata 

func (x *DatastoreActivity) GetMetadata() *Metadata

func (*DatastoreActivity) GetObservables 

func (x *DatastoreActivity) GetObservables() []*Observable

func (*DatastoreActivity) GetQueryInfo 

func (x *DatastoreActivity) GetQueryInfo() *QueryInfo

func (*DatastoreActivity) GetRawData 

func (x *DatastoreActivity) GetRawData() string

func (*DatastoreActivity) GetSeverity 

func (x *DatastoreActivity) GetSeverity() string

func (*DatastoreActivity) GetSeverityId 

func (x *DatastoreActivity) GetSeverityId() DatastoreActivity_SeverityId

func (*DatastoreActivity) GetSrcEndpoint 

func (x *DatastoreActivity) GetSrcEndpoint() *NetworkEndpoint

func (*DatastoreActivity) GetStartTime 

func (x *DatastoreActivity) GetStartTime() int64

func (*DatastoreActivity) GetStartTimeDt 

func (x *DatastoreActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*DatastoreActivity) GetStatus 

func (x *DatastoreActivity) GetStatus() string

func (*DatastoreActivity) GetStatusCode 

func (x *DatastoreActivity) GetStatusCode() string

func (*DatastoreActivity) GetStatusDetail 

func (x *DatastoreActivity) GetStatusDetail() string

func (*DatastoreActivity) GetStatusId 

func (x *DatastoreActivity) GetStatusId() DatastoreActivity_StatusId

func (*DatastoreActivity) GetTable 

func (x *DatastoreActivity) GetTable() *Table

func (*DatastoreActivity) GetTime 

func (x *DatastoreActivity) GetTime() int64

func (*DatastoreActivity) GetTimeDt 

func (x *DatastoreActivity) GetTimeDt() *timestamppb.Timestamp

func (*DatastoreActivity) GetTimezoneOffset 

func (x *DatastoreActivity) GetTimezoneOffset() int32

func (*DatastoreActivity) GetType 

func (x *DatastoreActivity) GetType() string

func (*DatastoreActivity) GetTypeId 

func (x *DatastoreActivity) GetTypeId() DatastoreActivity_TypeId

func (*DatastoreActivity) GetTypeName 

func (x *DatastoreActivity) GetTypeName() string

func (*DatastoreActivity) GetTypeUid 

func (x *DatastoreActivity) GetTypeUid() int64

func (*DatastoreActivity) GetUnmapped 

func (x *DatastoreActivity) GetUnmapped() *structpb.Struct

func (*DatastoreActivity) ProtoMessage 

func (*DatastoreActivity) ProtoMessage()

func (*DatastoreActivity) ProtoReflect 

func (x *DatastoreActivity) ProtoReflect() protoreflect.Message

func (*DatastoreActivity) Reset 

func (x *DatastoreActivity) Reset()

func (*DatastoreActivity) String 

func (x *DatastoreActivity) String() string

type DatastoreActivity_ActionId 

type DatastoreActivity_ActionId int32
const (
	DatastoreActivity_ACTION_ID_UNKNOWN DatastoreActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	DatastoreActivity_ACTION_ID_ALLOWED DatastoreActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	DatastoreActivity_ACTION_ID_DENIED DatastoreActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	DatastoreActivity_ACTION_ID_OTHER DatastoreActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (DatastoreActivity_ActionId) Descriptor 

func (DatastoreActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (DatastoreActivity_ActionId) Enum 

func (x DatastoreActivity_ActionId) Enum() *DatastoreActivity_ActionId

func (DatastoreActivity_ActionId) EnumDescriptor deprecated 

func (DatastoreActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity_ActionId.Descriptor instead.

func (DatastoreActivity_ActionId) Number 

func (x DatastoreActivity_ActionId) Number() protoreflect.EnumNumber

func (DatastoreActivity_ActionId) String 

func (x DatastoreActivity_ActionId) String() string

func (DatastoreActivity_ActionId) Type 

func (DatastoreActivity_ActionId) Type() protoreflect.EnumType

type DatastoreActivity_ActivityId 

type DatastoreActivity_ActivityId int32
const (
	DatastoreActivity_ACTIVITY_ID_UNKNOWN DatastoreActivity_ActivityId = 0
	DatastoreActivity_ACTIVITY_ID_READ    DatastoreActivity_ActivityId = 1 // The 'Read' activity involves accessing specific data
	// record details.
	DatastoreActivity_ACTIVITY_ID_UPDATE DatastoreActivity_ActivityId = 2 // The 'Update' activity pertains to modifying specific
	// data record details.
	DatastoreActivity_ACTIVITY_ID_CONNECT DatastoreActivity_ActivityId = 3 // The 'Connect' activity involves establishing a
	// connection to the datastore.
	DatastoreActivity_ACTIVITY_ID_QUERY DatastoreActivity_ActivityId = 4 // The 'Query' activity involves retrieving a filtered
	// subset of data based on specific criteria.
	DatastoreActivity_ACTIVITY_ID_WRITE DatastoreActivity_ActivityId = 5 // The 'Write' activity involves writing specific data
	// record details.
	DatastoreActivity_ACTIVITY_ID_CREATE DatastoreActivity_ActivityId = 6 // The 'Create' activity involves generating new data
	// record details.
	DatastoreActivity_ACTIVITY_ID_DELETE DatastoreActivity_ActivityId = 7 // The 'Delete' activity involves removing specific data
	// record details.
	DatastoreActivity_ACTIVITY_ID_LIST DatastoreActivity_ActivityId = 8 // The 'List' activity provides an overview of existing
	// data records.
	DatastoreActivity_ACTIVITY_ID_ENCRYPT DatastoreActivity_ActivityId = 9 // The 'Encrypt' activity involves securing data by
	// encrypting a specific data record.
	DatastoreActivity_ACTIVITY_ID_DECRYPT DatastoreActivity_ActivityId = 10 // The 'Decrypt' activity involves converting encrypted
	// data back to its original format.
	DatastoreActivity_ACTIVITY_ID_OTHER DatastoreActivity_ActivityId = 99
)

func (DatastoreActivity_ActivityId) Descriptor 

func (DatastoreActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (DatastoreActivity_ActivityId) Enum 

func (x DatastoreActivity_ActivityId) Enum() *DatastoreActivity_ActivityId

func (DatastoreActivity_ActivityId) EnumDescriptor deprecated 

func (DatastoreActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity_ActivityId.Descriptor instead.

func (DatastoreActivity_ActivityId) Number 

func (x DatastoreActivity_ActivityId) Number() protoreflect.EnumNumber

func (DatastoreActivity_ActivityId) String 

func (x DatastoreActivity_ActivityId) String() string

func (DatastoreActivity_ActivityId) Type 

func (DatastoreActivity_ActivityId) Type() protoreflect.EnumType

type DatastoreActivity_CategoryUid 

type DatastoreActivity_CategoryUid int32
const (
	DatastoreActivity_CATEGORY_UID_UNKNOWN              DatastoreActivity_CategoryUid = 0
	DatastoreActivity_CATEGORY_UID_APPLICATION_ACTIVITY DatastoreActivity_CategoryUid = 6
)

func (DatastoreActivity_CategoryUid) Descriptor 

func (DatastoreActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (DatastoreActivity_CategoryUid) Enum 

func (x DatastoreActivity_CategoryUid) Enum() *DatastoreActivity_CategoryUid

func (DatastoreActivity_CategoryUid) EnumDescriptor deprecated 

func (DatastoreActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity_CategoryUid.Descriptor instead.

func (DatastoreActivity_CategoryUid) Number 

func (x DatastoreActivity_CategoryUid) Number() protoreflect.EnumNumber

func (DatastoreActivity_CategoryUid) String 

func (x DatastoreActivity_CategoryUid) String() string

func (DatastoreActivity_CategoryUid) Type 

func (DatastoreActivity_CategoryUid) Type() protoreflect.EnumType

type DatastoreActivity_ClassUid 

type DatastoreActivity_ClassUid int32
const (
	DatastoreActivity_CLASS_UID_UNKNOWN            DatastoreActivity_ClassUid = 0
	DatastoreActivity_CLASS_UID_DATASTORE_ACTIVITY DatastoreActivity_ClassUid = 6005
)

func (DatastoreActivity_ClassUid) Descriptor 

func (DatastoreActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (DatastoreActivity_ClassUid) Enum 

func (x DatastoreActivity_ClassUid) Enum() *DatastoreActivity_ClassUid

func (DatastoreActivity_ClassUid) EnumDescriptor deprecated 

func (DatastoreActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity_ClassUid.Descriptor instead.

func (DatastoreActivity_ClassUid) Number 

func (x DatastoreActivity_ClassUid) Number() protoreflect.EnumNumber

func (DatastoreActivity_ClassUid) String 

func (x DatastoreActivity_ClassUid) String() string

func (DatastoreActivity_ClassUid) Type 

func (DatastoreActivity_ClassUid) Type() protoreflect.EnumType

type DatastoreActivity_DispositionId 

type DatastoreActivity_DispositionId int32
const (
	DatastoreActivity_DISPOSITION_ID_UNKNOWN DatastoreActivity_DispositionId = 0 // The disposition was not known.
	DatastoreActivity_DISPOSITION_ID_ALLOWED DatastoreActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	DatastoreActivity_DISPOSITION_ID_BLOCKED DatastoreActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	DatastoreActivity_DISPOSITION_ID_QUARANTINED DatastoreActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	DatastoreActivity_DISPOSITION_ID_ISOLATED DatastoreActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	DatastoreActivity_DISPOSITION_ID_DELETED DatastoreActivity_DispositionId = 5 // A file or other content was deleted.
	DatastoreActivity_DISPOSITION_ID_DROPPED DatastoreActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	DatastoreActivity_DISPOSITION_ID_CUSTOM_ACTION DatastoreActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	DatastoreActivity_DISPOSITION_ID_APPROVED DatastoreActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	DatastoreActivity_DISPOSITION_ID_RESTORED DatastoreActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	DatastoreActivity_DISPOSITION_ID_EXONERATED DatastoreActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	DatastoreActivity_DISPOSITION_ID_CORRECTED DatastoreActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	DatastoreActivity_DISPOSITION_ID_PARTIALLY_CORRECTED DatastoreActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	DatastoreActivity_DISPOSITION_ID_UNCORRECTED DatastoreActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	DatastoreActivity_DISPOSITION_ID_DELAYED DatastoreActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	DatastoreActivity_DISPOSITION_ID_DETECTED DatastoreActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	DatastoreActivity_DISPOSITION_ID_NO_ACTION DatastoreActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	DatastoreActivity_DISPOSITION_ID_LOGGED DatastoreActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	DatastoreActivity_DISPOSITION_ID_TAGGED DatastoreActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	DatastoreActivity_DISPOSITION_ID_ALERT DatastoreActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	DatastoreActivity_DISPOSITION_ID_COUNT DatastoreActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	DatastoreActivity_DISPOSITION_ID_RESET DatastoreActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	DatastoreActivity_DISPOSITION_ID_CAPTCHA DatastoreActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	DatastoreActivity_DISPOSITION_ID_CHALLENGE DatastoreActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	DatastoreActivity_DISPOSITION_ID_ACCESS_REVOKED DatastoreActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	DatastoreActivity_DISPOSITION_ID_REJECTED DatastoreActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	DatastoreActivity_DISPOSITION_ID_UNAUTHORIZED DatastoreActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	DatastoreActivity_DISPOSITION_ID_ERROR DatastoreActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	DatastoreActivity_DISPOSITION_ID_OTHER DatastoreActivity_DispositionId = 99 // The disposition is not listed. The
)

func (DatastoreActivity_DispositionId) Descriptor 

func (DatastoreActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (DatastoreActivity_DispositionId) Enum 

func (x DatastoreActivity_DispositionId) Enum() *DatastoreActivity_DispositionId

func (DatastoreActivity_DispositionId) EnumDescriptor deprecated 

func (DatastoreActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity_DispositionId.Descriptor instead.

func (DatastoreActivity_DispositionId) Number 

func (x DatastoreActivity_DispositionId) Number() protoreflect.EnumNumber

func (DatastoreActivity_DispositionId) String 

func (x DatastoreActivity_DispositionId) String() string

func (DatastoreActivity_DispositionId) Type 

func (DatastoreActivity_DispositionId) Type() protoreflect.EnumType

type DatastoreActivity_SeverityId 

type DatastoreActivity_SeverityId int32
const (
	DatastoreActivity_SEVERITY_ID_UNKNOWN       DatastoreActivity_SeverityId = 0 // The event/finding severity is unknown.
	DatastoreActivity_SEVERITY_ID_INFORMATIONAL DatastoreActivity_SeverityId = 1 // Informational message. No action required.
	DatastoreActivity_SEVERITY_ID_LOW           DatastoreActivity_SeverityId = 2 // The user decides if action is needed.
	DatastoreActivity_SEVERITY_ID_MEDIUM        DatastoreActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	DatastoreActivity_SEVERITY_ID_HIGH     DatastoreActivity_SeverityId = 4 // Action is required immediately.
	DatastoreActivity_SEVERITY_ID_CRITICAL DatastoreActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	DatastoreActivity_SEVERITY_ID_FATAL DatastoreActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	DatastoreActivity_SEVERITY_ID_OTHER DatastoreActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (DatastoreActivity_SeverityId) Descriptor 

func (DatastoreActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (DatastoreActivity_SeverityId) Enum 

func (x DatastoreActivity_SeverityId) Enum() *DatastoreActivity_SeverityId

func (DatastoreActivity_SeverityId) EnumDescriptor deprecated 

func (DatastoreActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity_SeverityId.Descriptor instead.

func (DatastoreActivity_SeverityId) Number 

func (x DatastoreActivity_SeverityId) Number() protoreflect.EnumNumber

func (DatastoreActivity_SeverityId) String 

func (x DatastoreActivity_SeverityId) String() string

func (DatastoreActivity_SeverityId) Type 

func (DatastoreActivity_SeverityId) Type() protoreflect.EnumType

type DatastoreActivity_StatusId 

type DatastoreActivity_StatusId int32
const (
	DatastoreActivity_STATUS_ID_UNKNOWN DatastoreActivity_StatusId = 0 // The status is unknown.
	DatastoreActivity_STATUS_ID_SUCCESS DatastoreActivity_StatusId = 1
	DatastoreActivity_STATUS_ID_FAILURE DatastoreActivity_StatusId = 2
	DatastoreActivity_STATUS_ID_OTHER   DatastoreActivity_StatusId = 99 // The event status is not mapped. See the
)

func (DatastoreActivity_StatusId) Descriptor 

func (DatastoreActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (DatastoreActivity_StatusId) Enum 

func (x DatastoreActivity_StatusId) Enum() *DatastoreActivity_StatusId

func (DatastoreActivity_StatusId) EnumDescriptor deprecated 

func (DatastoreActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity_StatusId.Descriptor instead.

func (DatastoreActivity_StatusId) Number 

func (x DatastoreActivity_StatusId) Number() protoreflect.EnumNumber

func (DatastoreActivity_StatusId) String 

func (x DatastoreActivity_StatusId) String() string

func (DatastoreActivity_StatusId) Type 

func (DatastoreActivity_StatusId) Type() protoreflect.EnumType

type DatastoreActivity_TypeId 

type DatastoreActivity_TypeId int32
const (
	DatastoreActivity_TYPE_ID_UNKNOWN    DatastoreActivity_TypeId = 0 // The datastore resource type is unknown.
	DatastoreActivity_TYPE_ID_DATABASE   DatastoreActivity_TypeId = 1
	DatastoreActivity_TYPE_ID_DATABUCKET DatastoreActivity_TypeId = 2
	DatastoreActivity_TYPE_ID_TABLE      DatastoreActivity_TypeId = 3
	DatastoreActivity_TYPE_ID_OTHER      DatastoreActivity_TypeId = 99 // The datastore resource type is not mapped.
)

func (DatastoreActivity_TypeId) Descriptor 

func (DatastoreActivity_TypeId) Descriptor() protoreflect.EnumDescriptor

func (DatastoreActivity_TypeId) Enum 

func (x DatastoreActivity_TypeId) Enum() *DatastoreActivity_TypeId

func (DatastoreActivity_TypeId) EnumDescriptor deprecated 

func (DatastoreActivity_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DatastoreActivity_TypeId.Descriptor instead.

func (DatastoreActivity_TypeId) Number 

func (x DatastoreActivity_TypeId) Number() protoreflect.EnumNumber

func (DatastoreActivity_TypeId) String 

func (x DatastoreActivity_TypeId) String() string

func (DatastoreActivity_TypeId) Type 

func (DatastoreActivity_TypeId) Type() protoreflect.EnumType

type DceRpc 

type DceRpc struct {
	Command         *string       `protobuf:"bytes,1,opt,name=command,proto3,oneof" json:"command,omitempty"`
	CommandResponse *string       `protobuf:"bytes,2,opt,name=command_response,json=commandResponse,proto3,oneof" json:"command_response,omitempty"`
	Flags           []string      `protobuf:"bytes,3,rep,name=flags,proto3" json:"flags,omitempty"`
	Opnum           *int32        `protobuf:"varint,4,opt,name=opnum,proto3,oneof" json:"opnum,omitempty"`
	RpcInterface    *RpcInterface `protobuf:"bytes,5,opt,name=rpc_interface,json=rpcInterface,proto3" json:"rpc_interface,omitempty"`
	// contains filtered or unexported fields
}

DceRpc is an OSF object defined in ocsf objects/dce_rpc.json

The DCE/RPC, or Distributed Computing Environment/Remote Procedure Call, object describes the remote procedure call system for distributed computing environments. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:RemoteProcedureCall/'>d3f:RemoteProcedureCall</a>.

func (*DceRpc) Descriptor deprecated 

func (*DceRpc) Descriptor() ([]byte, []int)

Deprecated: Use DceRpc.ProtoReflect.Descriptor instead.

func (*DceRpc) GetCommand 

func (x *DceRpc) GetCommand() string

func (*DceRpc) GetCommandResponse 

func (x *DceRpc) GetCommandResponse() string

func (*DceRpc) GetFlags 

func (x *DceRpc) GetFlags() []string

func (*DceRpc) GetOpnum 

func (x *DceRpc) GetOpnum() int32

func (*DceRpc) GetRpcInterface 

func (x *DceRpc) GetRpcInterface() *RpcInterface

func (*DceRpc) ProtoMessage 

func (*DceRpc) ProtoMessage()

func (*DceRpc) ProtoReflect 

func (x *DceRpc) ProtoReflect() protoreflect.Message

func (*DceRpc) Reset 

func (x *DceRpc) Reset()

func (*DceRpc) String 

func (x *DceRpc) String() string

type DetectionFinding 

type DetectionFinding struct {
	Action          *string                         `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId        DetectionFinding_ActionId       `` /* 132-byte string literal not displayed */
	ActivityId      DetectionFinding_ActivityId     `` /* 140-byte string literal not displayed */
	ActivityName    *string                         `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor           *Actor                          `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api             *Api                            `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks         []*Attack                       `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations  []*Authorization                `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName    *string                         `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid     DetectionFinding_CategoryUid    `` /* 145-byte string literal not displayed */
	ClassName       *string                         `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid        DetectionFinding_ClassUid       `` /* 133-byte string literal not displayed */
	Cloud           *Cloud                          `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Comment         *string                         `protobuf:"bytes,14,opt,name=comment,proto3,oneof" json:"comment,omitempty"`
	Confidence      *string                         `protobuf:"bytes,15,opt,name=confidence,proto3,oneof" json:"confidence,omitempty"`
	ConfidenceId    *DetectionFinding_ConfidenceId  `` /* 155-byte string literal not displayed */
	ConfidenceScore *int32                          `protobuf:"varint,17,opt,name=confidence_score,json=confidenceScore,proto3,oneof" json:"confidence_score,omitempty"`
	Count           *int32                          `protobuf:"varint,18,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device          *Device                         `protobuf:"bytes,19,opt,name=device,proto3" json:"device,omitempty"`
	Disposition     *string                         `protobuf:"bytes,20,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId   *DetectionFinding_DispositionId `` /* 159-byte string literal not displayed */
	Duration        *int32                          `protobuf:"varint,22,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime         *int64                          `protobuf:"varint,23,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt       *timestamppb.Timestamp          `protobuf:"bytes,24,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments     []*Enrichment                   `protobuf:"bytes,25,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Evidences       []*Evidences                    `protobuf:"bytes,26,rep,name=evidences,proto3" json:"evidences,omitempty"`
	FindingInfo     *FindingInfo                    `protobuf:"bytes,27,opt,name=finding_info,json=findingInfo,proto3" json:"finding_info,omitempty"`
	FirewallRule    *FirewallRule                   `protobuf:"bytes,28,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Impact          *string                         `protobuf:"bytes,29,opt,name=impact,proto3,oneof" json:"impact,omitempty"`
	ImpactId        *DetectionFinding_ImpactId      `` /* 139-byte string literal not displayed */
	ImpactScore     *int32                          `protobuf:"varint,31,opt,name=impact_score,json=impactScore,proto3,oneof" json:"impact_score,omitempty"`
	Malware         []*Malware                      `protobuf:"bytes,32,rep,name=malware,proto3" json:"malware,omitempty"`
	Message         *string                         `protobuf:"bytes,33,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata        *Metadata                       `protobuf:"bytes,34,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables     []*Observable                   `protobuf:"bytes,35,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData         *string                         `protobuf:"bytes,36,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Remediation     *Remediation                    `protobuf:"bytes,37,opt,name=remediation,proto3" json:"remediation,omitempty"`
	Resources       []*ResourceDetails              `protobuf:"bytes,38,rep,name=resources,proto3" json:"resources,omitempty"`
	RiskDetails     *string                         `protobuf:"bytes,39,opt,name=risk_details,json=riskDetails,proto3,oneof" json:"risk_details,omitempty"`
	RiskLevel       *string                         `protobuf:"bytes,40,opt,name=risk_level,json=riskLevel,proto3,oneof" json:"risk_level,omitempty"`
	RiskLevelId     *DetectionFinding_RiskLevelId   `` /* 153-byte string literal not displayed */
	RiskScore       *int32                          `protobuf:"varint,42,opt,name=risk_score,json=riskScore,proto3,oneof" json:"risk_score,omitempty"`
	Severity        *string                         `protobuf:"bytes,43,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId      DetectionFinding_SeverityId     `` /* 141-byte string literal not displayed */
	StartTime       *int64                          `protobuf:"varint,45,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt     *timestamppb.Timestamp          `protobuf:"bytes,46,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status          *string                         `protobuf:"bytes,47,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode      *string                         `protobuf:"bytes,48,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail    *string                         `protobuf:"bytes,49,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId        *DetectionFinding_StatusId      `` /* 139-byte string literal not displayed */
	Time            int64                           `protobuf:"varint,51,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt          *timestamppb.Timestamp          `protobuf:"bytes,52,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset  *int32                          `protobuf:"varint,53,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName        *string                         `protobuf:"bytes,54,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid         int64                           `protobuf:"varint,55,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped        *structpb.Struct                `protobuf:"bytes,56,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	Vulnerabilities []*Vulnerability                `protobuf:"bytes,57,rep,name=vulnerabilities,proto3" json:"vulnerabilities,omitempty"`
	// contains filtered or unexported fields
}

DetectionFinding is an OSF event in category "Findings" called Detection Finding defined in ocsf events/findings/detection_finding.json

A Detection Finding describes detections or alerts generated by security products using correlation engines, detection engines or other methodologies. Note: if the product is a security control, the <code>security_control</code> profile should be applied and its <code>attacks</code> information should be duplicated into the <code>finding_info</code> object.

func (*DetectionFinding) Descriptor deprecated 

func (*DetectionFinding) Descriptor() ([]byte, []int)

Deprecated: Use DetectionFinding.ProtoReflect.Descriptor instead.

func (*DetectionFinding) GetAction 

func (x *DetectionFinding) GetAction() string

func (*DetectionFinding) GetActionId 

func (x *DetectionFinding) GetActionId() DetectionFinding_ActionId

func (*DetectionFinding) GetActivityId 

func (x *DetectionFinding) GetActivityId() DetectionFinding_ActivityId

func (*DetectionFinding) GetActivityName 

func (x *DetectionFinding) GetActivityName() string

func (*DetectionFinding) GetActor 

func (x *DetectionFinding) GetActor() *Actor

func (*DetectionFinding) GetApi 

func (x *DetectionFinding) GetApi() *Api

func (*DetectionFinding) GetAttacks 

func (x *DetectionFinding) GetAttacks() []*Attack

func (*DetectionFinding) GetAuthorizations 

func (x *DetectionFinding) GetAuthorizations() []*Authorization

func (*DetectionFinding) GetCategoryName 

func (x *DetectionFinding) GetCategoryName() string

func (*DetectionFinding) GetCategoryUid 

func (x *DetectionFinding) GetCategoryUid() DetectionFinding_CategoryUid

func (*DetectionFinding) GetClassName 

func (x *DetectionFinding) GetClassName() string

func (*DetectionFinding) GetClassUid 

func (x *DetectionFinding) GetClassUid() DetectionFinding_ClassUid

func (*DetectionFinding) GetCloud 

func (x *DetectionFinding) GetCloud() *Cloud

func (*DetectionFinding) GetComment 

func (x *DetectionFinding) GetComment() string

func (*DetectionFinding) GetConfidence 

func (x *DetectionFinding) GetConfidence() string

func (*DetectionFinding) GetConfidenceId 

func (x *DetectionFinding) GetConfidenceId() DetectionFinding_ConfidenceId

func (*DetectionFinding) GetConfidenceScore 

func (x *DetectionFinding) GetConfidenceScore() int32

func (*DetectionFinding) GetCount 

func (x *DetectionFinding) GetCount() int32

func (*DetectionFinding) GetDevice 

func (x *DetectionFinding) GetDevice() *Device

func (*DetectionFinding) GetDisposition 

func (x *DetectionFinding) GetDisposition() string

func (*DetectionFinding) GetDispositionId 

func (x *DetectionFinding) GetDispositionId() DetectionFinding_DispositionId

func (*DetectionFinding) GetDuration 

func (x *DetectionFinding) GetDuration() int32

func (*DetectionFinding) GetEndTime 

func (x *DetectionFinding) GetEndTime() int64

func (*DetectionFinding) GetEndTimeDt 

func (x *DetectionFinding) GetEndTimeDt() *timestamppb.Timestamp

func (*DetectionFinding) GetEnrichments 

func (x *DetectionFinding) GetEnrichments() []*Enrichment

func (*DetectionFinding) GetEvidences 

func (x *DetectionFinding) GetEvidences() []*Evidences

func (*DetectionFinding) GetFindingInfo 

func (x *DetectionFinding) GetFindingInfo() *FindingInfo

func (*DetectionFinding) GetFirewallRule 

func (x *DetectionFinding) GetFirewallRule() *FirewallRule

func (*DetectionFinding) GetImpact 

func (x *DetectionFinding) GetImpact() string

func (*DetectionFinding) GetImpactId 

func (x *DetectionFinding) GetImpactId() DetectionFinding_ImpactId

func (*DetectionFinding) GetImpactScore 

func (x *DetectionFinding) GetImpactScore() int32

func (*DetectionFinding) GetMalware 

func (x *DetectionFinding) GetMalware() []*Malware

func (*DetectionFinding) GetMessage 

func (x *DetectionFinding) GetMessage() string

func (*DetectionFinding) GetMetadata 

func (x *DetectionFinding) GetMetadata() *Metadata

func (*DetectionFinding) GetObservables 

func (x *DetectionFinding) GetObservables() []*Observable

func (*DetectionFinding) GetRawData 

func (x *DetectionFinding) GetRawData() string

func (*DetectionFinding) GetRemediation 

func (x *DetectionFinding) GetRemediation() *Remediation

func (*DetectionFinding) GetResources 

func (x *DetectionFinding) GetResources() []*ResourceDetails

func (*DetectionFinding) GetRiskDetails 

func (x *DetectionFinding) GetRiskDetails() string

func (*DetectionFinding) GetRiskLevel 

func (x *DetectionFinding) GetRiskLevel() string

func (*DetectionFinding) GetRiskLevelId 

func (x *DetectionFinding) GetRiskLevelId() DetectionFinding_RiskLevelId

func (*DetectionFinding) GetRiskScore 

func (x *DetectionFinding) GetRiskScore() int32

func (*DetectionFinding) GetSeverity 

func (x *DetectionFinding) GetSeverity() string

func (*DetectionFinding) GetSeverityId 

func (x *DetectionFinding) GetSeverityId() DetectionFinding_SeverityId

func (*DetectionFinding) GetStartTime 

func (x *DetectionFinding) GetStartTime() int64

func (*DetectionFinding) GetStartTimeDt 

func (x *DetectionFinding) GetStartTimeDt() *timestamppb.Timestamp

func (*DetectionFinding) GetStatus 

func (x *DetectionFinding) GetStatus() string

func (*DetectionFinding) GetStatusCode 

func (x *DetectionFinding) GetStatusCode() string

func (*DetectionFinding) GetStatusDetail 

func (x *DetectionFinding) GetStatusDetail() string

func (*DetectionFinding) GetStatusId 

func (x *DetectionFinding) GetStatusId() DetectionFinding_StatusId

func (*DetectionFinding) GetTime 

func (x *DetectionFinding) GetTime() int64

func (*DetectionFinding) GetTimeDt 

func (x *DetectionFinding) GetTimeDt() *timestamppb.Timestamp

func (*DetectionFinding) GetTimezoneOffset 

func (x *DetectionFinding) GetTimezoneOffset() int32

func (*DetectionFinding) GetTypeName 

func (x *DetectionFinding) GetTypeName() string

func (*DetectionFinding) GetTypeUid 

func (x *DetectionFinding) GetTypeUid() int64

func (*DetectionFinding) GetUnmapped 

func (x *DetectionFinding) GetUnmapped() *structpb.Struct

func (*DetectionFinding) GetVulnerabilities 

func (x *DetectionFinding) GetVulnerabilities() []*Vulnerability

func (*DetectionFinding) ProtoMessage 

func (*DetectionFinding) ProtoMessage()

func (*DetectionFinding) ProtoReflect 

func (x *DetectionFinding) ProtoReflect() protoreflect.Message

func (*DetectionFinding) Reset 

func (x *DetectionFinding) Reset()

func (*DetectionFinding) String 

func (x *DetectionFinding) String() string

type DetectionFinding_ActionId 

type DetectionFinding_ActionId int32
const (
	DetectionFinding_ACTION_ID_UNKNOWN DetectionFinding_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	DetectionFinding_ACTION_ID_ALLOWED DetectionFinding_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	DetectionFinding_ACTION_ID_DENIED DetectionFinding_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	DetectionFinding_ACTION_ID_OTHER DetectionFinding_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (DetectionFinding_ActionId) Descriptor 

func (DetectionFinding_ActionId) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_ActionId) Enum 

func (x DetectionFinding_ActionId) Enum() *DetectionFinding_ActionId

func (DetectionFinding_ActionId) EnumDescriptor deprecated 

func (DetectionFinding_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_ActionId.Descriptor instead.

func (DetectionFinding_ActionId) Number 

func (x DetectionFinding_ActionId) Number() protoreflect.EnumNumber

func (DetectionFinding_ActionId) String 

func (x DetectionFinding_ActionId) String() string

func (DetectionFinding_ActionId) Type 

func (DetectionFinding_ActionId) Type() protoreflect.EnumType

type DetectionFinding_ActivityId 

type DetectionFinding_ActivityId int32
const (
	DetectionFinding_ACTIVITY_ID_UNKNOWN DetectionFinding_ActivityId = 0
	DetectionFinding_ACTIVITY_ID_CREATE  DetectionFinding_ActivityId = 1 // A finding was created.
	DetectionFinding_ACTIVITY_ID_UPDATE  DetectionFinding_ActivityId = 2 // A finding was updated.
	DetectionFinding_ACTIVITY_ID_CLOSE   DetectionFinding_ActivityId = 3 // A finding was closed.
	DetectionFinding_ACTIVITY_ID_OTHER   DetectionFinding_ActivityId = 99
)

func (DetectionFinding_ActivityId) Descriptor 

func (DetectionFinding_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_ActivityId) Enum 

func (x DetectionFinding_ActivityId) Enum() *DetectionFinding_ActivityId

func (DetectionFinding_ActivityId) EnumDescriptor deprecated 

func (DetectionFinding_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_ActivityId.Descriptor instead.

func (DetectionFinding_ActivityId) Number 

func (x DetectionFinding_ActivityId) Number() protoreflect.EnumNumber

func (DetectionFinding_ActivityId) String 

func (x DetectionFinding_ActivityId) String() string

func (DetectionFinding_ActivityId) Type 

func (DetectionFinding_ActivityId) Type() protoreflect.EnumType

type DetectionFinding_CategoryUid 

type DetectionFinding_CategoryUid int32
const (
	DetectionFinding_CATEGORY_UID_UNKNOWN  DetectionFinding_CategoryUid = 0
	DetectionFinding_CATEGORY_UID_FINDINGS DetectionFinding_CategoryUid = 2
)

func (DetectionFinding_CategoryUid) Descriptor 

func (DetectionFinding_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_CategoryUid) Enum 

func (x DetectionFinding_CategoryUid) Enum() *DetectionFinding_CategoryUid

func (DetectionFinding_CategoryUid) EnumDescriptor deprecated 

func (DetectionFinding_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_CategoryUid.Descriptor instead.

func (DetectionFinding_CategoryUid) Number 

func (x DetectionFinding_CategoryUid) Number() protoreflect.EnumNumber

func (DetectionFinding_CategoryUid) String 

func (x DetectionFinding_CategoryUid) String() string

func (DetectionFinding_CategoryUid) Type 

func (DetectionFinding_CategoryUid) Type() protoreflect.EnumType

type DetectionFinding_ClassUid 

type DetectionFinding_ClassUid int32
const (
	DetectionFinding_CLASS_UID_UNKNOWN           DetectionFinding_ClassUid = 0
	DetectionFinding_CLASS_UID_DETECTION_FINDING DetectionFinding_ClassUid = 2004
)

func (DetectionFinding_ClassUid) Descriptor 

func (DetectionFinding_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_ClassUid) Enum 

func (x DetectionFinding_ClassUid) Enum() *DetectionFinding_ClassUid

func (DetectionFinding_ClassUid) EnumDescriptor deprecated 

func (DetectionFinding_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_ClassUid.Descriptor instead.

func (DetectionFinding_ClassUid) Number 

func (x DetectionFinding_ClassUid) Number() protoreflect.EnumNumber

func (DetectionFinding_ClassUid) String 

func (x DetectionFinding_ClassUid) String() string

func (DetectionFinding_ClassUid) Type 

func (DetectionFinding_ClassUid) Type() protoreflect.EnumType

type DetectionFinding_ConfidenceId 

type DetectionFinding_ConfidenceId int32
const (
	DetectionFinding_CONFIDENCE_ID_UNKNOWN DetectionFinding_ConfidenceId = 0 // The normalized confidence is unknown.
	DetectionFinding_CONFIDENCE_ID_LOW     DetectionFinding_ConfidenceId = 1
	DetectionFinding_CONFIDENCE_ID_MEDIUM  DetectionFinding_ConfidenceId = 2
	DetectionFinding_CONFIDENCE_ID_HIGH    DetectionFinding_ConfidenceId = 3
	DetectionFinding_CONFIDENCE_ID_OTHER   DetectionFinding_ConfidenceId = 99 // The confidence is not mapped to the defined enum
)

func (DetectionFinding_ConfidenceId) Descriptor 

func (DetectionFinding_ConfidenceId) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_ConfidenceId) Enum 

func (x DetectionFinding_ConfidenceId) Enum() *DetectionFinding_ConfidenceId

func (DetectionFinding_ConfidenceId) EnumDescriptor deprecated 

func (DetectionFinding_ConfidenceId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_ConfidenceId.Descriptor instead.

func (DetectionFinding_ConfidenceId) Number 

func (x DetectionFinding_ConfidenceId) Number() protoreflect.EnumNumber

func (DetectionFinding_ConfidenceId) String 

func (x DetectionFinding_ConfidenceId) String() string

func (DetectionFinding_ConfidenceId) Type 

func (DetectionFinding_ConfidenceId) Type() protoreflect.EnumType

type DetectionFinding_DispositionId 

type DetectionFinding_DispositionId int32
const (
	DetectionFinding_DISPOSITION_ID_UNKNOWN DetectionFinding_DispositionId = 0 // The disposition was not known.
	DetectionFinding_DISPOSITION_ID_ALLOWED DetectionFinding_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	DetectionFinding_DISPOSITION_ID_BLOCKED DetectionFinding_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	DetectionFinding_DISPOSITION_ID_QUARANTINED DetectionFinding_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	DetectionFinding_DISPOSITION_ID_ISOLATED DetectionFinding_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	DetectionFinding_DISPOSITION_ID_DELETED DetectionFinding_DispositionId = 5 // A file or other content was deleted.
	DetectionFinding_DISPOSITION_ID_DROPPED DetectionFinding_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	DetectionFinding_DISPOSITION_ID_CUSTOM_ACTION DetectionFinding_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	DetectionFinding_DISPOSITION_ID_APPROVED DetectionFinding_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	DetectionFinding_DISPOSITION_ID_RESTORED DetectionFinding_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	DetectionFinding_DISPOSITION_ID_EXONERATED DetectionFinding_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	DetectionFinding_DISPOSITION_ID_CORRECTED DetectionFinding_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	DetectionFinding_DISPOSITION_ID_PARTIALLY_CORRECTED DetectionFinding_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	DetectionFinding_DISPOSITION_ID_UNCORRECTED DetectionFinding_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	DetectionFinding_DISPOSITION_ID_DELAYED DetectionFinding_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	DetectionFinding_DISPOSITION_ID_DETECTED DetectionFinding_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	DetectionFinding_DISPOSITION_ID_NO_ACTION DetectionFinding_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	DetectionFinding_DISPOSITION_ID_LOGGED DetectionFinding_DispositionId = 17 // The operation or action was logged
	// without further action.
	DetectionFinding_DISPOSITION_ID_TAGGED DetectionFinding_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	DetectionFinding_DISPOSITION_ID_ALERT DetectionFinding_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	DetectionFinding_DISPOSITION_ID_COUNT DetectionFinding_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	DetectionFinding_DISPOSITION_ID_RESET DetectionFinding_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	DetectionFinding_DISPOSITION_ID_CAPTCHA DetectionFinding_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	DetectionFinding_DISPOSITION_ID_CHALLENGE DetectionFinding_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	DetectionFinding_DISPOSITION_ID_ACCESS_REVOKED DetectionFinding_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	DetectionFinding_DISPOSITION_ID_REJECTED DetectionFinding_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	DetectionFinding_DISPOSITION_ID_UNAUTHORIZED DetectionFinding_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	DetectionFinding_DISPOSITION_ID_ERROR DetectionFinding_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	DetectionFinding_DISPOSITION_ID_OTHER DetectionFinding_DispositionId = 99 // The disposition is not listed. The
)

func (DetectionFinding_DispositionId) Descriptor 

func (DetectionFinding_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_DispositionId) Enum 

func (x DetectionFinding_DispositionId) Enum() *DetectionFinding_DispositionId

func (DetectionFinding_DispositionId) EnumDescriptor deprecated 

func (DetectionFinding_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_DispositionId.Descriptor instead.

func (DetectionFinding_DispositionId) Number 

func (x DetectionFinding_DispositionId) Number() protoreflect.EnumNumber

func (DetectionFinding_DispositionId) String 

func (x DetectionFinding_DispositionId) String() string

func (DetectionFinding_DispositionId) Type 

func (DetectionFinding_DispositionId) Type() protoreflect.EnumType

type DetectionFinding_ImpactId 

type DetectionFinding_ImpactId int32
const (
	DetectionFinding_IMPACT_ID_UNKNOWN  DetectionFinding_ImpactId = 0 // The normalized impact is unknown.
	DetectionFinding_IMPACT_ID_LOW      DetectionFinding_ImpactId = 1
	DetectionFinding_IMPACT_ID_MEDIUM   DetectionFinding_ImpactId = 2
	DetectionFinding_IMPACT_ID_HIGH     DetectionFinding_ImpactId = 3
	DetectionFinding_IMPACT_ID_CRITICAL DetectionFinding_ImpactId = 4
	DetectionFinding_IMPACT_ID_OTHER    DetectionFinding_ImpactId = 99 // The impact is not mapped. See the <code>impact</code>
)

func (DetectionFinding_ImpactId) Descriptor 

func (DetectionFinding_ImpactId) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_ImpactId) Enum 

func (x DetectionFinding_ImpactId) Enum() *DetectionFinding_ImpactId

func (DetectionFinding_ImpactId) EnumDescriptor deprecated 

func (DetectionFinding_ImpactId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_ImpactId.Descriptor instead.

func (DetectionFinding_ImpactId) Number 

func (x DetectionFinding_ImpactId) Number() protoreflect.EnumNumber

func (DetectionFinding_ImpactId) String 

func (x DetectionFinding_ImpactId) String() string

func (DetectionFinding_ImpactId) Type 

func (DetectionFinding_ImpactId) Type() protoreflect.EnumType

type DetectionFinding_RiskLevelId 

type DetectionFinding_RiskLevelId int32
const (
	DetectionFinding_RISK_LEVEL_ID_INFO     DetectionFinding_RiskLevelId = 0
	DetectionFinding_RISK_LEVEL_ID_LOW      DetectionFinding_RiskLevelId = 1
	DetectionFinding_RISK_LEVEL_ID_MEDIUM   DetectionFinding_RiskLevelId = 2
	DetectionFinding_RISK_LEVEL_ID_HIGH     DetectionFinding_RiskLevelId = 3
	DetectionFinding_RISK_LEVEL_ID_CRITICAL DetectionFinding_RiskLevelId = 4
)

func (DetectionFinding_RiskLevelId) Descriptor 

func (DetectionFinding_RiskLevelId) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_RiskLevelId) Enum 

func (x DetectionFinding_RiskLevelId) Enum() *DetectionFinding_RiskLevelId

func (DetectionFinding_RiskLevelId) EnumDescriptor deprecated 

func (DetectionFinding_RiskLevelId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_RiskLevelId.Descriptor instead.

func (DetectionFinding_RiskLevelId) Number 

func (x DetectionFinding_RiskLevelId) Number() protoreflect.EnumNumber

func (DetectionFinding_RiskLevelId) String 

func (x DetectionFinding_RiskLevelId) String() string

func (DetectionFinding_RiskLevelId) Type 

func (DetectionFinding_RiskLevelId) Type() protoreflect.EnumType

type DetectionFinding_SeverityId 

type DetectionFinding_SeverityId int32
const (
	DetectionFinding_SEVERITY_ID_UNKNOWN       DetectionFinding_SeverityId = 0 // The event/finding severity is unknown.
	DetectionFinding_SEVERITY_ID_INFORMATIONAL DetectionFinding_SeverityId = 1 // Informational message. No action required.
	DetectionFinding_SEVERITY_ID_LOW           DetectionFinding_SeverityId = 2 // The user decides if action is needed.
	DetectionFinding_SEVERITY_ID_MEDIUM        DetectionFinding_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	DetectionFinding_SEVERITY_ID_HIGH     DetectionFinding_SeverityId = 4 // Action is required immediately.
	DetectionFinding_SEVERITY_ID_CRITICAL DetectionFinding_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	DetectionFinding_SEVERITY_ID_FATAL DetectionFinding_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	DetectionFinding_SEVERITY_ID_OTHER DetectionFinding_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (DetectionFinding_SeverityId) Descriptor 

func (DetectionFinding_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_SeverityId) Enum 

func (x DetectionFinding_SeverityId) Enum() *DetectionFinding_SeverityId

func (DetectionFinding_SeverityId) EnumDescriptor deprecated 

func (DetectionFinding_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_SeverityId.Descriptor instead.

func (DetectionFinding_SeverityId) Number 

func (x DetectionFinding_SeverityId) Number() protoreflect.EnumNumber

func (DetectionFinding_SeverityId) String 

func (x DetectionFinding_SeverityId) String() string

func (DetectionFinding_SeverityId) Type 

func (DetectionFinding_SeverityId) Type() protoreflect.EnumType

type DetectionFinding_StatusId 

type DetectionFinding_StatusId int32
const (
	DetectionFinding_STATUS_ID_UNKNOWN     DetectionFinding_StatusId = 0 // The status is unknown.
	DetectionFinding_STATUS_ID_NEW         DetectionFinding_StatusId = 1 // The Finding is new and yet to be reviewed.
	DetectionFinding_STATUS_ID_IN_PROGRESS DetectionFinding_StatusId = 2 // The Finding is under review.
	DetectionFinding_STATUS_ID_SUPPRESSED  DetectionFinding_StatusId = 3 // The Finding was reviewed, determined to be benign
	// or a false positive and is now suppressed.
	DetectionFinding_STATUS_ID_RESOLVED DetectionFinding_StatusId = 4 // The Finding was reviewed, remediated and is now
	// considered resolved.
	DetectionFinding_STATUS_ID_OTHER DetectionFinding_StatusId = 99 // The event status is not mapped. See the
)

func (DetectionFinding_StatusId) Descriptor 

func (DetectionFinding_StatusId) Descriptor() protoreflect.EnumDescriptor

func (DetectionFinding_StatusId) Enum 

func (x DetectionFinding_StatusId) Enum() *DetectionFinding_StatusId

func (DetectionFinding_StatusId) EnumDescriptor deprecated 

func (DetectionFinding_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DetectionFinding_StatusId.Descriptor instead.

func (DetectionFinding_StatusId) Number 

func (x DetectionFinding_StatusId) Number() protoreflect.EnumNumber

func (DetectionFinding_StatusId) String 

func (x DetectionFinding_StatusId) String() string

func (DetectionFinding_StatusId) Type 

func (DetectionFinding_StatusId) Type() protoreflect.EnumType

type Device 

type Device struct {
	AgentList         []*Agent               `protobuf:"bytes,1,rep,name=agent_list,json=agentList,proto3" json:"agent_list,omitempty"`
	AutoscaleUid      *string                `protobuf:"bytes,2,opt,name=autoscale_uid,json=autoscaleUid,proto3,oneof" json:"autoscale_uid,omitempty"`
	Container         *Container             `protobuf:"bytes,3,opt,name=container,proto3" json:"container,omitempty"`
	CreatedTime       *int64                 `protobuf:"varint,4,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt     *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	Desc              *string                `protobuf:"bytes,6,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Domain            *string                `protobuf:"bytes,7,opt,name=domain,proto3,oneof" json:"domain,omitempty"`
	FirstSeenTime     *int64                 `protobuf:"varint,8,opt,name=first_seen_time,json=firstSeenTime,proto3,oneof" json:"first_seen_time,omitempty"`
	FirstSeenTimeDt   *timestamppb.Timestamp `protobuf:"bytes,9,opt,name=first_seen_time_dt,json=firstSeenTimeDt,proto3,oneof" json:"first_seen_time_dt,omitempty"`
	Groups            []*Group               `protobuf:"bytes,10,rep,name=groups,proto3" json:"groups,omitempty"`
	Hostname          *string                `protobuf:"bytes,11,opt,name=hostname,proto3,oneof" json:"hostname,omitempty"`
	HwInfo            *DeviceHwInfo          `protobuf:"bytes,12,opt,name=hw_info,json=hwInfo,proto3" json:"hw_info,omitempty"`
	Hypervisor        *string                `protobuf:"bytes,13,opt,name=hypervisor,proto3,oneof" json:"hypervisor,omitempty"`
	Image             *Image                 `protobuf:"bytes,14,opt,name=image,proto3" json:"image,omitempty"`
	Imei              *string                `protobuf:"bytes,15,opt,name=imei,proto3,oneof" json:"imei,omitempty"`
	InstanceUid       *string                `protobuf:"bytes,16,opt,name=instance_uid,json=instanceUid,proto3,oneof" json:"instance_uid,omitempty"`
	InterfaceName     *string                `protobuf:"bytes,17,opt,name=interface_name,json=interfaceName,proto3,oneof" json:"interface_name,omitempty"`
	InterfaceUid      *string                `protobuf:"bytes,18,opt,name=interface_uid,json=interfaceUid,proto3,oneof" json:"interface_uid,omitempty"`
	Ip                *string                `protobuf:"bytes,19,opt,name=ip,proto3,oneof" json:"ip,omitempty"`
	IsCompliant       *bool                  `protobuf:"varint,20,opt,name=is_compliant,json=isCompliant,proto3,oneof" json:"is_compliant,omitempty"`
	IsManaged         *bool                  `protobuf:"varint,21,opt,name=is_managed,json=isManaged,proto3,oneof" json:"is_managed,omitempty"`
	IsPersonal        *bool                  `protobuf:"varint,22,opt,name=is_personal,json=isPersonal,proto3,oneof" json:"is_personal,omitempty"`
	IsTrusted         *bool                  `protobuf:"varint,23,opt,name=is_trusted,json=isTrusted,proto3,oneof" json:"is_trusted,omitempty"`
	LastSeenTime      *int64                 `protobuf:"varint,24,opt,name=last_seen_time,json=lastSeenTime,proto3,oneof" json:"last_seen_time,omitempty"`
	LastSeenTimeDt    *timestamppb.Timestamp `protobuf:"bytes,25,opt,name=last_seen_time_dt,json=lastSeenTimeDt,proto3,oneof" json:"last_seen_time_dt,omitempty"`
	Location          *Location              `protobuf:"bytes,26,opt,name=location,proto3" json:"location,omitempty"`
	Mac               *string                `protobuf:"bytes,27,opt,name=mac,proto3,oneof" json:"mac,omitempty"`
	ModifiedTime      *int64                 `protobuf:"varint,28,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt    *timestamppb.Timestamp `protobuf:"bytes,29,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	Name              *string                `protobuf:"bytes,30,opt,name=name,proto3,oneof" json:"name,omitempty"`
	NamespacePid      *int32                 `protobuf:"varint,31,opt,name=namespace_pid,json=namespacePid,proto3,oneof" json:"namespace_pid,omitempty"`
	NetworkInterfaces []*NetworkInterface    `protobuf:"bytes,32,rep,name=network_interfaces,json=networkInterfaces,proto3" json:"network_interfaces,omitempty"`
	Org               *Organization          `protobuf:"bytes,33,opt,name=org,proto3" json:"org,omitempty"`
	Os                *Os                    `protobuf:"bytes,34,opt,name=os,proto3" json:"os,omitempty"`
	Owner             *User                  `protobuf:"bytes,35,opt,name=owner,proto3" json:"owner,omitempty"`
	Region            *string                `protobuf:"bytes,36,opt,name=region,proto3,oneof" json:"region,omitempty"`
	RiskLevel         *string                `protobuf:"bytes,37,opt,name=risk_level,json=riskLevel,proto3,oneof" json:"risk_level,omitempty"`
	RiskLevelId       *Device_RiskLevelId    `` /* 143-byte string literal not displayed */
	RiskScore         *int32                 `protobuf:"varint,39,opt,name=risk_score,json=riskScore,proto3,oneof" json:"risk_score,omitempty"`
	Subnet            *string                `protobuf:"bytes,40,opt,name=subnet,proto3,oneof" json:"subnet,omitempty"`
	SubnetUid         *string                `protobuf:"bytes,41,opt,name=subnet_uid,json=subnetUid,proto3,oneof" json:"subnet_uid,omitempty"`
	Type              *string                `protobuf:"bytes,42,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId            Device_TypeId          `protobuf:"varint,43,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Device_TypeId" json:"type_id,omitempty"`
	Uid               *string                `protobuf:"bytes,44,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	UidAlt            *string                `protobuf:"bytes,45,opt,name=uid_alt,json=uidAlt,proto3,oneof" json:"uid_alt,omitempty"`
	VlanUid           *string                `protobuf:"bytes,46,opt,name=vlan_uid,json=vlanUid,proto3,oneof" json:"vlan_uid,omitempty"`
	VpcUid            *string                `protobuf:"bytes,47,opt,name=vpc_uid,json=vpcUid,proto3,oneof" json:"vpc_uid,omitempty"`
	Zone              *string                `protobuf:"bytes,48,opt,name=zone,proto3,oneof" json:"zone,omitempty"`
	// contains filtered or unexported fields
}

Device is an OSF object defined in ocsf objects/device.json

The Device object represents an addressable computer system or host, which is typically connected to a computer network and participates in the transmission or processing of data within the computer network. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:Host/'>d3f:Host</a>.

func (*Device) Descriptor deprecated 

func (*Device) Descriptor() ([]byte, []int)

Deprecated: Use Device.ProtoReflect.Descriptor instead.

func (*Device) GetAgentList 

func (x *Device) GetAgentList() []*Agent

func (*Device) GetAutoscaleUid 

func (x *Device) GetAutoscaleUid() string

func (*Device) GetContainer 

func (x *Device) GetContainer() *Container

func (*Device) GetCreatedTime 

func (x *Device) GetCreatedTime() int64

func (*Device) GetCreatedTimeDt 

func (x *Device) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Device) GetDesc 

func (x *Device) GetDesc() string

func (*Device) GetDomain 

func (x *Device) GetDomain() string

func (*Device) GetFirstSeenTime 

func (x *Device) GetFirstSeenTime() int64

func (*Device) GetFirstSeenTimeDt 

func (x *Device) GetFirstSeenTimeDt() *timestamppb.Timestamp

func (*Device) GetGroups 

func (x *Device) GetGroups() []*Group

func (*Device) GetHostname 

func (x *Device) GetHostname() string

func (*Device) GetHwInfo 

func (x *Device) GetHwInfo() *DeviceHwInfo

func (*Device) GetHypervisor 

func (x *Device) GetHypervisor() string

func (*Device) GetImage 

func (x *Device) GetImage() *Image

func (*Device) GetImei 

func (x *Device) GetImei() string

func (*Device) GetInstanceUid 

func (x *Device) GetInstanceUid() string

func (*Device) GetInterfaceName 

func (x *Device) GetInterfaceName() string

func (*Device) GetInterfaceUid 

func (x *Device) GetInterfaceUid() string

func (*Device) GetIp 

func (x *Device) GetIp() string

func (*Device) GetIsCompliant 

func (x *Device) GetIsCompliant() bool

func (*Device) GetIsManaged 

func (x *Device) GetIsManaged() bool

func (*Device) GetIsPersonal 

func (x *Device) GetIsPersonal() bool

func (*Device) GetIsTrusted 

func (x *Device) GetIsTrusted() bool

func (*Device) GetLastSeenTime 

func (x *Device) GetLastSeenTime() int64

func (*Device) GetLastSeenTimeDt 

func (x *Device) GetLastSeenTimeDt() *timestamppb.Timestamp

func (*Device) GetLocation 

func (x *Device) GetLocation() *Location

func (*Device) GetMac 

func (x *Device) GetMac() string

func (*Device) GetModifiedTime 

func (x *Device) GetModifiedTime() int64

func (*Device) GetModifiedTimeDt 

func (x *Device) GetModifiedTimeDt() *timestamppb.Timestamp

func (*Device) GetName 

func (x *Device) GetName() string

func (*Device) GetNamespacePid 

func (x *Device) GetNamespacePid() int32

func (*Device) GetNetworkInterfaces 

func (x *Device) GetNetworkInterfaces() []*NetworkInterface

func (*Device) GetOrg 

func (x *Device) GetOrg() *Organization

func (*Device) GetOs 

func (x *Device) GetOs() *Os

func (*Device) GetOwner 

func (x *Device) GetOwner() *User

func (*Device) GetRegion 

func (x *Device) GetRegion() string

func (*Device) GetRiskLevel 

func (x *Device) GetRiskLevel() string

func (*Device) GetRiskLevelId 

func (x *Device) GetRiskLevelId() Device_RiskLevelId

func (*Device) GetRiskScore 

func (x *Device) GetRiskScore() int32

func (*Device) GetSubnet 

func (x *Device) GetSubnet() string

func (*Device) GetSubnetUid 

func (x *Device) GetSubnetUid() string

func (*Device) GetType 

func (x *Device) GetType() string

func (*Device) GetTypeId 

func (x *Device) GetTypeId() Device_TypeId

func (*Device) GetUid 

func (x *Device) GetUid() string

func (*Device) GetUidAlt 

func (x *Device) GetUidAlt() string

func (*Device) GetVlanUid 

func (x *Device) GetVlanUid() string

func (*Device) GetVpcUid 

func (x *Device) GetVpcUid() string

func (*Device) GetZone 

func (x *Device) GetZone() string

func (*Device) ProtoMessage 

func (*Device) ProtoMessage()

func (*Device) ProtoReflect 

func (x *Device) ProtoReflect() protoreflect.Message

func (*Device) Reset 

func (x *Device) Reset()

func (*Device) String 

func (x *Device) String() string

type DeviceConfigStateChange 

type DeviceConfigStateChange struct {
	ActivityId          DeviceConfigStateChange_ActivityId           `` /* 147-byte string literal not displayed */
	ActivityName        *string                                      `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                                       `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                                         `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName        *string                                      `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         DeviceConfigStateChange_CategoryUid          `` /* 151-byte string literal not displayed */
	ClassName           *string                                      `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            DeviceConfigStateChange_ClassUid             `` /* 139-byte string literal not displayed */
	Cloud               *Cloud                                       `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count               *int32                                       `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                                      `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration            *int32                                       `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                                       `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp                       `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment                                `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message             *string                                      `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                                    `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable                                `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	PrevSecurityLevel   *string                                      `protobuf:"bytes,19,opt,name=prev_security_level,json=prevSecurityLevel,proto3,oneof" json:"prev_security_level,omitempty"`
	PrevSecurityLevelId *DeviceConfigStateChange_PrevSecurityLevelId `` /* 194-byte string literal not displayed */
	PrevSecurityStates  []*SecurityState                             `protobuf:"bytes,21,rep,name=prev_security_states,json=prevSecurityStates,proto3" json:"prev_security_states,omitempty"`
	RawData             *string                                      `protobuf:"bytes,22,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	SecurityLevel       *string                                      `protobuf:"bytes,23,opt,name=security_level,json=securityLevel,proto3,oneof" json:"security_level,omitempty"`
	SecurityLevelId     *DeviceConfigStateChange_SecurityLevelId     `` /* 176-byte string literal not displayed */
	SecurityStates      []*SecurityState                             `protobuf:"bytes,25,rep,name=security_states,json=securityStates,proto3" json:"security_states,omitempty"`
	Severity            *string                                      `protobuf:"bytes,26,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          DeviceConfigStateChange_SeverityId           `` /* 148-byte string literal not displayed */
	StartTime           *int64                                       `protobuf:"varint,28,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp                       `protobuf:"bytes,29,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                                      `protobuf:"bytes,30,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                                      `protobuf:"bytes,31,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                                      `protobuf:"bytes,32,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *DeviceConfigStateChange_StatusId            `` /* 146-byte string literal not displayed */
	Time                int64                                        `protobuf:"varint,34,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp                       `protobuf:"bytes,35,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                                       `protobuf:"varint,36,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName            *string                                      `protobuf:"bytes,37,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                                        `protobuf:"varint,38,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct                             `protobuf:"bytes,39,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

DeviceConfigStateChange is an OSF event in category "Discovery" called Device Config State Change defined in ocsf events/discovery/device_config_state_change.json

Device Config State Change events report state changes that impact the security of the device.

func (*DeviceConfigStateChange) Descriptor deprecated 

func (*DeviceConfigStateChange) Descriptor() ([]byte, []int)

Deprecated: Use DeviceConfigStateChange.ProtoReflect.Descriptor instead.

func (*DeviceConfigStateChange) GetActivityId 

func (x *DeviceConfigStateChange) GetActivityId() DeviceConfigStateChange_ActivityId

func (*DeviceConfigStateChange) GetActivityName 

func (x *DeviceConfigStateChange) GetActivityName() string

func (*DeviceConfigStateChange) GetActor 

func (x *DeviceConfigStateChange) GetActor() *Actor

func (*DeviceConfigStateChange) GetApi 

func (x *DeviceConfigStateChange) GetApi() *Api

func (*DeviceConfigStateChange) GetCategoryName 

func (x *DeviceConfigStateChange) GetCategoryName() string

func (*DeviceConfigStateChange) GetCategoryUid 

func (x *DeviceConfigStateChange) GetCategoryUid() DeviceConfigStateChange_CategoryUid

func (*DeviceConfigStateChange) GetClassName 

func (x *DeviceConfigStateChange) GetClassName() string

func (*DeviceConfigStateChange) GetClassUid 

func (x *DeviceConfigStateChange) GetClassUid() DeviceConfigStateChange_ClassUid

func (*DeviceConfigStateChange) GetCloud 

func (x *DeviceConfigStateChange) GetCloud() *Cloud

func (*DeviceConfigStateChange) GetCount 

func (x *DeviceConfigStateChange) GetCount() int32

func (*DeviceConfigStateChange) GetDevice 

func (x *DeviceConfigStateChange) GetDevice() *Device

func (*DeviceConfigStateChange) GetDuration 

func (x *DeviceConfigStateChange) GetDuration() int32

func (*DeviceConfigStateChange) GetEndTime 

func (x *DeviceConfigStateChange) GetEndTime() int64

func (*DeviceConfigStateChange) GetEndTimeDt 

func (x *DeviceConfigStateChange) GetEndTimeDt() *timestamppb.Timestamp

func (*DeviceConfigStateChange) GetEnrichments 

func (x *DeviceConfigStateChange) GetEnrichments() []*Enrichment

func (*DeviceConfigStateChange) GetMessage 

func (x *DeviceConfigStateChange) GetMessage() string

func (*DeviceConfigStateChange) GetMetadata 

func (x *DeviceConfigStateChange) GetMetadata() *Metadata

func (*DeviceConfigStateChange) GetObservables 

func (x *DeviceConfigStateChange) GetObservables() []*Observable

func (*DeviceConfigStateChange) GetPrevSecurityLevel 

func (x *DeviceConfigStateChange) GetPrevSecurityLevel() string

func (*DeviceConfigStateChange) GetPrevSecurityLevelId 

func (x *DeviceConfigStateChange) GetPrevSecurityLevelId() DeviceConfigStateChange_PrevSecurityLevelId

func (*DeviceConfigStateChange) GetPrevSecurityStates 

func (x *DeviceConfigStateChange) GetPrevSecurityStates() []*SecurityState

func (*DeviceConfigStateChange) GetRawData 

func (x *DeviceConfigStateChange) GetRawData() string

func (*DeviceConfigStateChange) GetSecurityLevel 

func (x *DeviceConfigStateChange) GetSecurityLevel() string

func (*DeviceConfigStateChange) GetSecurityLevelId 

func (x *DeviceConfigStateChange) GetSecurityLevelId() DeviceConfigStateChange_SecurityLevelId

func (*DeviceConfigStateChange) GetSecurityStates 

func (x *DeviceConfigStateChange) GetSecurityStates() []*SecurityState

func (*DeviceConfigStateChange) GetSeverity 

func (x *DeviceConfigStateChange) GetSeverity() string

func (*DeviceConfigStateChange) GetSeverityId 

func (x *DeviceConfigStateChange) GetSeverityId() DeviceConfigStateChange_SeverityId

func (*DeviceConfigStateChange) GetStartTime 

func (x *DeviceConfigStateChange) GetStartTime() int64

func (*DeviceConfigStateChange) GetStartTimeDt 

func (x *DeviceConfigStateChange) GetStartTimeDt() *timestamppb.Timestamp

func (*DeviceConfigStateChange) GetStatus 

func (x *DeviceConfigStateChange) GetStatus() string

func (*DeviceConfigStateChange) GetStatusCode 

func (x *DeviceConfigStateChange) GetStatusCode() string

func (*DeviceConfigStateChange) GetStatusDetail 

func (x *DeviceConfigStateChange) GetStatusDetail() string

func (*DeviceConfigStateChange) GetStatusId 

func (x *DeviceConfigStateChange) GetStatusId() DeviceConfigStateChange_StatusId

func (*DeviceConfigStateChange) GetTime 

func (x *DeviceConfigStateChange) GetTime() int64

func (*DeviceConfigStateChange) GetTimeDt 

func (x *DeviceConfigStateChange) GetTimeDt() *timestamppb.Timestamp

func (*DeviceConfigStateChange) GetTimezoneOffset 

func (x *DeviceConfigStateChange) GetTimezoneOffset() int32

func (*DeviceConfigStateChange) GetTypeName 

func (x *DeviceConfigStateChange) GetTypeName() string

func (*DeviceConfigStateChange) GetTypeUid 

func (x *DeviceConfigStateChange) GetTypeUid() int64

func (*DeviceConfigStateChange) GetUnmapped 

func (x *DeviceConfigStateChange) GetUnmapped() *structpb.Struct

func (*DeviceConfigStateChange) ProtoMessage 

func (*DeviceConfigStateChange) ProtoMessage()

func (*DeviceConfigStateChange) ProtoReflect 

func (x *DeviceConfigStateChange) ProtoReflect() protoreflect.Message

func (*DeviceConfigStateChange) Reset 

func (x *DeviceConfigStateChange) Reset()

func (*DeviceConfigStateChange) String 

func (x *DeviceConfigStateChange) String() string

type DeviceConfigStateChange_ActivityId 

type DeviceConfigStateChange_ActivityId int32
const (
	DeviceConfigStateChange_ACTIVITY_ID_UNKNOWN DeviceConfigStateChange_ActivityId = 0
	DeviceConfigStateChange_ACTIVITY_ID_LOG     DeviceConfigStateChange_ActivityId = 1 // The discovered information is via a log.
	DeviceConfigStateChange_ACTIVITY_ID_COLLECT DeviceConfigStateChange_ActivityId = 2 // The discovered information is via a collection
	// process.
	DeviceConfigStateChange_ACTIVITY_ID_OTHER DeviceConfigStateChange_ActivityId = 99
)

func (DeviceConfigStateChange_ActivityId) Descriptor 

func (DeviceConfigStateChange_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (DeviceConfigStateChange_ActivityId) Enum 

func (x DeviceConfigStateChange_ActivityId) Enum() *DeviceConfigStateChange_ActivityId

func (DeviceConfigStateChange_ActivityId) EnumDescriptor deprecated 

func (DeviceConfigStateChange_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DeviceConfigStateChange_ActivityId.Descriptor instead.

func (DeviceConfigStateChange_ActivityId) Number 

func (x DeviceConfigStateChange_ActivityId) Number() protoreflect.EnumNumber

func (DeviceConfigStateChange_ActivityId) String 

func (x DeviceConfigStateChange_ActivityId) String() string

func (DeviceConfigStateChange_ActivityId) Type 

func (DeviceConfigStateChange_ActivityId) Type() protoreflect.EnumType

type DeviceConfigStateChange_CategoryUid 

type DeviceConfigStateChange_CategoryUid int32
const (
	DeviceConfigStateChange_CATEGORY_UID_UNKNOWN   DeviceConfigStateChange_CategoryUid = 0
	DeviceConfigStateChange_CATEGORY_UID_DISCOVERY DeviceConfigStateChange_CategoryUid = 5
)

func (DeviceConfigStateChange_CategoryUid) Descriptor 

func (DeviceConfigStateChange_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (DeviceConfigStateChange_CategoryUid) Enum 

func (x DeviceConfigStateChange_CategoryUid) Enum() *DeviceConfigStateChange_CategoryUid

func (DeviceConfigStateChange_CategoryUid) EnumDescriptor deprecated 

func (DeviceConfigStateChange_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DeviceConfigStateChange_CategoryUid.Descriptor instead.

func (DeviceConfigStateChange_CategoryUid) Number 

func (x DeviceConfigStateChange_CategoryUid) Number() protoreflect.EnumNumber

func (DeviceConfigStateChange_CategoryUid) String 

func (x DeviceConfigStateChange_CategoryUid) String() string

func (DeviceConfigStateChange_CategoryUid) Type 

func (DeviceConfigStateChange_CategoryUid) Type() protoreflect.EnumType

type DeviceConfigStateChange_ClassUid 

type DeviceConfigStateChange_ClassUid int32
const (
	DeviceConfigStateChange_CLASS_UID_UNKNOWN                    DeviceConfigStateChange_ClassUid = 0
	DeviceConfigStateChange_CLASS_UID_DEVICE_CONFIG_STATE_CHANGE DeviceConfigStateChange_ClassUid = 5019
)

func (DeviceConfigStateChange_ClassUid) Descriptor 

func (DeviceConfigStateChange_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (DeviceConfigStateChange_ClassUid) Enum 

func (x DeviceConfigStateChange_ClassUid) Enum() *DeviceConfigStateChange_ClassUid

func (DeviceConfigStateChange_ClassUid) EnumDescriptor deprecated 

func (DeviceConfigStateChange_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DeviceConfigStateChange_ClassUid.Descriptor instead.

func (DeviceConfigStateChange_ClassUid) Number 

func (x DeviceConfigStateChange_ClassUid) Number() protoreflect.EnumNumber

func (DeviceConfigStateChange_ClassUid) String 

func (x DeviceConfigStateChange_ClassUid) String() string

func (DeviceConfigStateChange_ClassUid) Type 

func (DeviceConfigStateChange_ClassUid) Type() protoreflect.EnumType

type DeviceConfigStateChange_PrevSecurityLevelId 

type DeviceConfigStateChange_PrevSecurityLevelId int32
const (
	DeviceConfigStateChange_PREV_SECURITY_LEVEL_ID_UNKNOWN     DeviceConfigStateChange_PrevSecurityLevelId = 0
	DeviceConfigStateChange_PREV_SECURITY_LEVEL_ID_SECURE      DeviceConfigStateChange_PrevSecurityLevelId = 1
	DeviceConfigStateChange_PREV_SECURITY_LEVEL_ID_AT_RISK     DeviceConfigStateChange_PrevSecurityLevelId = 2
	DeviceConfigStateChange_PREV_SECURITY_LEVEL_ID_COMPROMISED DeviceConfigStateChange_PrevSecurityLevelId = 3
	DeviceConfigStateChange_PREV_SECURITY_LEVEL_ID_OTHER       DeviceConfigStateChange_PrevSecurityLevelId = 99 // The security level is not mapped. See
)

func (DeviceConfigStateChange_PrevSecurityLevelId) Descriptor 

func (DeviceConfigStateChange_PrevSecurityLevelId) Descriptor() protoreflect.EnumDescriptor

func (DeviceConfigStateChange_PrevSecurityLevelId) Enum 

func (x DeviceConfigStateChange_PrevSecurityLevelId) Enum() *DeviceConfigStateChange_PrevSecurityLevelId

func (DeviceConfigStateChange_PrevSecurityLevelId) EnumDescriptor deprecated 

func (DeviceConfigStateChange_PrevSecurityLevelId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DeviceConfigStateChange_PrevSecurityLevelId.Descriptor instead.

func (DeviceConfigStateChange_PrevSecurityLevelId) Number 

func (x DeviceConfigStateChange_PrevSecurityLevelId) Number() protoreflect.EnumNumber

func (DeviceConfigStateChange_PrevSecurityLevelId) String 

func (x DeviceConfigStateChange_PrevSecurityLevelId) String() string

func (DeviceConfigStateChange_PrevSecurityLevelId) Type 

func (DeviceConfigStateChange_PrevSecurityLevelId) Type() protoreflect.EnumType

type DeviceConfigStateChange_SecurityLevelId 

type DeviceConfigStateChange_SecurityLevelId int32
const (
	DeviceConfigStateChange_SECURITY_LEVEL_ID_UNKNOWN     DeviceConfigStateChange_SecurityLevelId = 0
	DeviceConfigStateChange_SECURITY_LEVEL_ID_SECURE      DeviceConfigStateChange_SecurityLevelId = 1
	DeviceConfigStateChange_SECURITY_LEVEL_ID_AT_RISK     DeviceConfigStateChange_SecurityLevelId = 2
	DeviceConfigStateChange_SECURITY_LEVEL_ID_COMPROMISED DeviceConfigStateChange_SecurityLevelId = 3
	DeviceConfigStateChange_SECURITY_LEVEL_ID_OTHER       DeviceConfigStateChange_SecurityLevelId = 99 // The security level is not mapped. See the
)

func (DeviceConfigStateChange_SecurityLevelId) Descriptor 

func (DeviceConfigStateChange_SecurityLevelId) Descriptor() protoreflect.EnumDescriptor

func (DeviceConfigStateChange_SecurityLevelId) Enum 

func (x DeviceConfigStateChange_SecurityLevelId) Enum() *DeviceConfigStateChange_SecurityLevelId

func (DeviceConfigStateChange_SecurityLevelId) EnumDescriptor deprecated 

func (DeviceConfigStateChange_SecurityLevelId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DeviceConfigStateChange_SecurityLevelId.Descriptor instead.

func (DeviceConfigStateChange_SecurityLevelId) Number 

func (x DeviceConfigStateChange_SecurityLevelId) Number() protoreflect.EnumNumber

func (DeviceConfigStateChange_SecurityLevelId) String 

func (x DeviceConfigStateChange_SecurityLevelId) String() string

func (DeviceConfigStateChange_SecurityLevelId) Type 

func (DeviceConfigStateChange_SecurityLevelId) Type() protoreflect.EnumType

type DeviceConfigStateChange_SeverityId 

type DeviceConfigStateChange_SeverityId int32
const (
	DeviceConfigStateChange_SEVERITY_ID_UNKNOWN       DeviceConfigStateChange_SeverityId = 0 // The event/finding severity is unknown.
	DeviceConfigStateChange_SEVERITY_ID_INFORMATIONAL DeviceConfigStateChange_SeverityId = 1 // Informational message. No action required.
	DeviceConfigStateChange_SEVERITY_ID_LOW           DeviceConfigStateChange_SeverityId = 2 // The user decides if action is needed.
	DeviceConfigStateChange_SEVERITY_ID_MEDIUM        DeviceConfigStateChange_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	DeviceConfigStateChange_SEVERITY_ID_HIGH     DeviceConfigStateChange_SeverityId = 4 // Action is required immediately.
	DeviceConfigStateChange_SEVERITY_ID_CRITICAL DeviceConfigStateChange_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	DeviceConfigStateChange_SEVERITY_ID_FATAL DeviceConfigStateChange_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	DeviceConfigStateChange_SEVERITY_ID_OTHER DeviceConfigStateChange_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (DeviceConfigStateChange_SeverityId) Descriptor 

func (DeviceConfigStateChange_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (DeviceConfigStateChange_SeverityId) Enum 

func (x DeviceConfigStateChange_SeverityId) Enum() *DeviceConfigStateChange_SeverityId

func (DeviceConfigStateChange_SeverityId) EnumDescriptor deprecated 

func (DeviceConfigStateChange_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DeviceConfigStateChange_SeverityId.Descriptor instead.

func (DeviceConfigStateChange_SeverityId) Number 

func (x DeviceConfigStateChange_SeverityId) Number() protoreflect.EnumNumber

func (DeviceConfigStateChange_SeverityId) String 

func (x DeviceConfigStateChange_SeverityId) String() string

func (DeviceConfigStateChange_SeverityId) Type 

func (DeviceConfigStateChange_SeverityId) Type() protoreflect.EnumType

type DeviceConfigStateChange_StatusId 

type DeviceConfigStateChange_StatusId int32
const (
	DeviceConfigStateChange_STATUS_ID_UNKNOWN DeviceConfigStateChange_StatusId = 0 // The status is unknown.
	DeviceConfigStateChange_STATUS_ID_SUCCESS DeviceConfigStateChange_StatusId = 1
	DeviceConfigStateChange_STATUS_ID_FAILURE DeviceConfigStateChange_StatusId = 2
	DeviceConfigStateChange_STATUS_ID_OTHER   DeviceConfigStateChange_StatusId = 99 // The event status is not mapped. See the
)

func (DeviceConfigStateChange_StatusId) Descriptor 

func (DeviceConfigStateChange_StatusId) Descriptor() protoreflect.EnumDescriptor

func (DeviceConfigStateChange_StatusId) Enum 

func (x DeviceConfigStateChange_StatusId) Enum() *DeviceConfigStateChange_StatusId

func (DeviceConfigStateChange_StatusId) EnumDescriptor deprecated 

func (DeviceConfigStateChange_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DeviceConfigStateChange_StatusId.Descriptor instead.

func (DeviceConfigStateChange_StatusId) Number 

func (x DeviceConfigStateChange_StatusId) Number() protoreflect.EnumNumber

func (DeviceConfigStateChange_StatusId) String 

func (x DeviceConfigStateChange_StatusId) String() string

func (DeviceConfigStateChange_StatusId) Type 

func (DeviceConfigStateChange_StatusId) Type() protoreflect.EnumType

type DeviceHwInfo 

type DeviceHwInfo struct {
	BiosDate         *string       `protobuf:"bytes,1,opt,name=bios_date,json=biosDate,proto3,oneof" json:"bios_date,omitempty"`
	BiosManufacturer *string       `protobuf:"bytes,2,opt,name=bios_manufacturer,json=biosManufacturer,proto3,oneof" json:"bios_manufacturer,omitempty"`
	BiosVer          *string       `protobuf:"bytes,3,opt,name=bios_ver,json=biosVer,proto3,oneof" json:"bios_ver,omitempty"`
	Chassis          *string       `protobuf:"bytes,4,opt,name=chassis,proto3,oneof" json:"chassis,omitempty"`
	CpuBits          *int32        `protobuf:"varint,5,opt,name=cpu_bits,json=cpuBits,proto3,oneof" json:"cpu_bits,omitempty"`
	CpuCores         *int32        `protobuf:"varint,6,opt,name=cpu_cores,json=cpuCores,proto3,oneof" json:"cpu_cores,omitempty"`
	CpuCount         *int32        `protobuf:"varint,7,opt,name=cpu_count,json=cpuCount,proto3,oneof" json:"cpu_count,omitempty"`
	CpuSpeed         *int32        `protobuf:"varint,8,opt,name=cpu_speed,json=cpuSpeed,proto3,oneof" json:"cpu_speed,omitempty"`
	CpuType          *string       `protobuf:"bytes,9,opt,name=cpu_type,json=cpuType,proto3,oneof" json:"cpu_type,omitempty"`
	DesktopDisplay   *Display      `protobuf:"bytes,10,opt,name=desktop_display,json=desktopDisplay,proto3" json:"desktop_display,omitempty"`
	KeyboardInfo     *KeyboardInfo `protobuf:"bytes,11,opt,name=keyboard_info,json=keyboardInfo,proto3" json:"keyboard_info,omitempty"`
	RamSize          *int32        `protobuf:"varint,12,opt,name=ram_size,json=ramSize,proto3,oneof" json:"ram_size,omitempty"`
	SerialNumber     *string       `protobuf:"bytes,13,opt,name=serial_number,json=serialNumber,proto3,oneof" json:"serial_number,omitempty"`
	// contains filtered or unexported fields
}

DeviceHwInfo is an OSF object defined in ocsf objects/device_hw_info.json

The Device Hardware Information object contains details and specifications of the physical components that make up a device. This information provides an overview of the hardware capabilities, configuration, and characteristics of the device.

func (*DeviceHwInfo) Descriptor deprecated 

func (*DeviceHwInfo) Descriptor() ([]byte, []int)

Deprecated: Use DeviceHwInfo.ProtoReflect.Descriptor instead.

func (*DeviceHwInfo) GetBiosDate 

func (x *DeviceHwInfo) GetBiosDate() string

func (*DeviceHwInfo) GetBiosManufacturer 

func (x *DeviceHwInfo) GetBiosManufacturer() string

func (*DeviceHwInfo) GetBiosVer 

func (x *DeviceHwInfo) GetBiosVer() string

func (*DeviceHwInfo) GetChassis 

func (x *DeviceHwInfo) GetChassis() string

func (*DeviceHwInfo) GetCpuBits 

func (x *DeviceHwInfo) GetCpuBits() int32

func (*DeviceHwInfo) GetCpuCores 

func (x *DeviceHwInfo) GetCpuCores() int32

func (*DeviceHwInfo) GetCpuCount 

func (x *DeviceHwInfo) GetCpuCount() int32

func (*DeviceHwInfo) GetCpuSpeed 

func (x *DeviceHwInfo) GetCpuSpeed() int32

func (*DeviceHwInfo) GetCpuType 

func (x *DeviceHwInfo) GetCpuType() string

func (*DeviceHwInfo) GetDesktopDisplay 

func (x *DeviceHwInfo) GetDesktopDisplay() *Display

func (*DeviceHwInfo) GetKeyboardInfo 

func (x *DeviceHwInfo) GetKeyboardInfo() *KeyboardInfo

func (*DeviceHwInfo) GetRamSize 

func (x *DeviceHwInfo) GetRamSize() int32

func (*DeviceHwInfo) GetSerialNumber 

func (x *DeviceHwInfo) GetSerialNumber() string

func (*DeviceHwInfo) ProtoMessage 

func (*DeviceHwInfo) ProtoMessage()

func (*DeviceHwInfo) ProtoReflect 

func (x *DeviceHwInfo) ProtoReflect() protoreflect.Message

func (*DeviceHwInfo) Reset 

func (x *DeviceHwInfo) Reset()

func (*DeviceHwInfo) String 

func (x *DeviceHwInfo) String() string

type Device_RiskLevelId 

type Device_RiskLevelId int32
const (
	Device_RISK_LEVEL_ID_INFO     Device_RiskLevelId = 0
	Device_RISK_LEVEL_ID_LOW      Device_RiskLevelId = 1
	Device_RISK_LEVEL_ID_MEDIUM   Device_RiskLevelId = 2
	Device_RISK_LEVEL_ID_HIGH     Device_RiskLevelId = 3
	Device_RISK_LEVEL_ID_CRITICAL Device_RiskLevelId = 4
)

func (Device_RiskLevelId) Descriptor 

func (Device_RiskLevelId) Descriptor() protoreflect.EnumDescriptor

func (Device_RiskLevelId) Enum 

func (x Device_RiskLevelId) Enum() *Device_RiskLevelId

func (Device_RiskLevelId) EnumDescriptor deprecated 

func (Device_RiskLevelId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Device_RiskLevelId.Descriptor instead.

func (Device_RiskLevelId) Number 

func (x Device_RiskLevelId) Number() protoreflect.EnumNumber

func (Device_RiskLevelId) String 

func (x Device_RiskLevelId) String() string

func (Device_RiskLevelId) Type 

func (Device_RiskLevelId) Type() protoreflect.EnumType

type Device_TypeId 

type Device_TypeId int32
const (
	Device_TYPE_ID_UNKNOWN Device_TypeId = 0 // The type is unknown.
	Device_TYPE_ID_SERVER  Device_TypeId = 1 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Server/'>server</a>.
	Device_TYPE_ID_DESKTOP Device_TypeId = 2 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:DesktopComputer/'>desktop
	// computer</a>.
	Device_TYPE_ID_LAPTOP Device_TypeId = 3 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:LaptopComputer/'>laptop
	// computer</a>.
	Device_TYPE_ID_TABLET Device_TypeId = 4 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:TabletComputer/'>tablet
	// computer</a>.
	Device_TYPE_ID_MOBILE Device_TypeId = 5 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:MobilePhone/'>mobile
	// phone</a>.
	Device_TYPE_ID_VIRTUAL Device_TypeId = 6 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:VirtualizationSoftware/'>virtual
	// machine</a>.
	Device_TYPE_ID_IOT Device_TypeId = 7 // A <a target='_blank'
	// href='https://www.techtarget.com/iotagenda/definition/IoT-
	// device'>IOT (Internet of Things) device</a>.
	Device_TYPE_ID_BROWSER Device_TypeId = 8 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Browser/'>web
	// browser</a>.
	Device_TYPE_ID_FIREWALL Device_TypeId = 9 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Firewall/'>networking
	// firewall</a>.
	Device_TYPE_ID_SWITCH Device_TypeId = 10 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Switch/'>networking
	// switch</a>.
	Device_TYPE_ID_HUB Device_TypeId = 11 // A <a target='_blank'
	// href='https://en.wikipedia.org/wiki/Ethernet_hub'>networking
	// hub</a>.
	Device_TYPE_ID_OTHER Device_TypeId = 99 // The type is not mapped. See the <code>type</code>
)

func (Device_TypeId) Descriptor 

func (Device_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Device_TypeId) Enum 

func (x Device_TypeId) Enum() *Device_TypeId

func (Device_TypeId) EnumDescriptor deprecated 

func (Device_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Device_TypeId.Descriptor instead.

func (Device_TypeId) Number 

func (x Device_TypeId) Number() protoreflect.EnumNumber

func (Device_TypeId) String 

func (x Device_TypeId) String() string

func (Device_TypeId) Type 

func (Device_TypeId) Type() protoreflect.EnumType

type DhcpActivity 

type DhcpActivity struct {
	Action              *string                     `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            DhcpActivity_ActionId       `` /* 128-byte string literal not displayed */
	ActivityId          DhcpActivity_ActivityId     `` /* 136-byte string literal not displayed */
	ActivityName        *string                     `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                      `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                        `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                     `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                   `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization            `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                     `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         DhcpActivity_CategoryUid    `` /* 141-byte string literal not displayed */
	ClassName           *string                     `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            DhcpActivity_ClassUid       `` /* 129-byte string literal not displayed */
	Cloud               *Cloud                      `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo      `protobuf:"bytes,15,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                      `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                     `protobuf:"bytes,17,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                     `protobuf:"bytes,18,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *DhcpActivity_DispositionId `` /* 155-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint            `protobuf:"bytes,20,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                      `protobuf:"varint,21,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                      `protobuf:"varint,22,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp      `protobuf:"bytes,23,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment               `protobuf:"bytes,24,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule        *FirewallRule               `protobuf:"bytes,25,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	IsRenewal           *bool                       `protobuf:"varint,26,opt,name=is_renewal,json=isRenewal,proto3,oneof" json:"is_renewal,omitempty"`
	LeaseDur            *int32                      `protobuf:"varint,27,opt,name=lease_dur,json=leaseDur,proto3,oneof" json:"lease_dur,omitempty"`
	LoadBalancer        *LoadBalancer               `protobuf:"bytes,28,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                  `protobuf:"bytes,29,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                     `protobuf:"bytes,30,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                   `protobuf:"bytes,31,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable               `protobuf:"bytes,32,rep,name=observables,proto3" json:"observables,omitempty"`
	Proxy               *NetworkProxy               `protobuf:"bytes,33,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo      `protobuf:"bytes,34,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy               `protobuf:"bytes,35,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest                `protobuf:"bytes,36,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse               `protobuf:"bytes,37,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                        `protobuf:"bytes,38,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic             `protobuf:"bytes,39,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                     `protobuf:"bytes,40,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Relay               *NetworkInterface           `protobuf:"bytes,41,opt,name=relay,proto3" json:"relay,omitempty"`
	Severity            *string                     `protobuf:"bytes,42,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          DhcpActivity_SeverityId     `` /* 137-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint            `protobuf:"bytes,44,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                      `protobuf:"varint,45,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp      `protobuf:"bytes,46,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                     `protobuf:"bytes,47,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                     `protobuf:"bytes,48,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                     `protobuf:"bytes,49,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *DhcpActivity_StatusId      `` /* 135-byte string literal not displayed */
	Time                int64                       `protobuf:"varint,51,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp      `protobuf:"bytes,52,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                      `protobuf:"varint,53,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                        `protobuf:"bytes,54,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic             `protobuf:"bytes,55,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TransactionUid      *string                     `protobuf:"bytes,56,opt,name=transaction_uid,json=transactionUid,proto3,oneof" json:"transaction_uid,omitempty"`
	TypeName            *string                     `protobuf:"bytes,57,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                       `protobuf:"varint,58,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct            `protobuf:"bytes,59,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

DhcpActivity is an OSF event in category "Network Activity" called DHCP Activity defined in ocsf events/network/dhcp.json

DHCP Activity events report MAC to IP assignment via DHCP from a client or server.

func (*DhcpActivity) Descriptor deprecated 

func (*DhcpActivity) Descriptor() ([]byte, []int)

Deprecated: Use DhcpActivity.ProtoReflect.Descriptor instead.

func (*DhcpActivity) GetAction 

func (x *DhcpActivity) GetAction() string

func (*DhcpActivity) GetActionId 

func (x *DhcpActivity) GetActionId() DhcpActivity_ActionId

func (*DhcpActivity) GetActivityId 

func (x *DhcpActivity) GetActivityId() DhcpActivity_ActivityId

func (*DhcpActivity) GetActivityName 

func (x *DhcpActivity) GetActivityName() string

func (*DhcpActivity) GetActor 

func (x *DhcpActivity) GetActor() *Actor

func (*DhcpActivity) GetApi 

func (x *DhcpActivity) GetApi() *Api

func (*DhcpActivity) GetAppName 

func (x *DhcpActivity) GetAppName() string

func (*DhcpActivity) GetAttacks 

func (x *DhcpActivity) GetAttacks() []*Attack

func (*DhcpActivity) GetAuthorizations 

func (x *DhcpActivity) GetAuthorizations() []*Authorization

func (*DhcpActivity) GetCategoryName 

func (x *DhcpActivity) GetCategoryName() string

func (*DhcpActivity) GetCategoryUid 

func (x *DhcpActivity) GetCategoryUid() DhcpActivity_CategoryUid

func (*DhcpActivity) GetClassName 

func (x *DhcpActivity) GetClassName() string

func (*DhcpActivity) GetClassUid 

func (x *DhcpActivity) GetClassUid() DhcpActivity_ClassUid

func (*DhcpActivity) GetCloud 

func (x *DhcpActivity) GetCloud() *Cloud

func (*DhcpActivity) GetConnectionInfo 

func (x *DhcpActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*DhcpActivity) GetCount 

func (x *DhcpActivity) GetCount() int32

func (*DhcpActivity) GetDevice 

func (x *DhcpActivity) GetDevice() *Device

func (*DhcpActivity) GetDisposition 

func (x *DhcpActivity) GetDisposition() string

func (*DhcpActivity) GetDispositionId 

func (x *DhcpActivity) GetDispositionId() DhcpActivity_DispositionId

func (*DhcpActivity) GetDstEndpoint 

func (x *DhcpActivity) GetDstEndpoint() *NetworkEndpoint

func (*DhcpActivity) GetDuration 

func (x *DhcpActivity) GetDuration() int32

func (*DhcpActivity) GetEndTime 

func (x *DhcpActivity) GetEndTime() int64

func (*DhcpActivity) GetEndTimeDt 

func (x *DhcpActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*DhcpActivity) GetEnrichments 

func (x *DhcpActivity) GetEnrichments() []*Enrichment

func (*DhcpActivity) GetFirewallRule 

func (x *DhcpActivity) GetFirewallRule() *FirewallRule

func (*DhcpActivity) GetIsRenewal 

func (x *DhcpActivity) GetIsRenewal() bool

func (*DhcpActivity) GetLeaseDur 

func (x *DhcpActivity) GetLeaseDur() int32

func (*DhcpActivity) GetLoadBalancer 

func (x *DhcpActivity) GetLoadBalancer() *LoadBalancer

func (*DhcpActivity) GetMalware 

func (x *DhcpActivity) GetMalware() []*Malware

func (*DhcpActivity) GetMessage 

func (x *DhcpActivity) GetMessage() string

func (*DhcpActivity) GetMetadata 

func (x *DhcpActivity) GetMetadata() *Metadata

func (*DhcpActivity) GetObservables 

func (x *DhcpActivity) GetObservables() []*Observable

func (*DhcpActivity) GetProxy 

func (x *DhcpActivity) GetProxy() *NetworkProxy

func (*DhcpActivity) GetProxyConnectionInfo 

func (x *DhcpActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*DhcpActivity) GetProxyEndpoint 

func (x *DhcpActivity) GetProxyEndpoint() *NetworkProxy

func (*DhcpActivity) GetProxyHttpRequest 

func (x *DhcpActivity) GetProxyHttpRequest() *HttpRequest

func (*DhcpActivity) GetProxyHttpResponse 

func (x *DhcpActivity) GetProxyHttpResponse() *HttpResponse

func (*DhcpActivity) GetProxyTls 

func (x *DhcpActivity) GetProxyTls() *Tls

func (*DhcpActivity) GetProxyTraffic 

func (x *DhcpActivity) GetProxyTraffic() *NetworkTraffic

func (*DhcpActivity) GetRawData 

func (x *DhcpActivity) GetRawData() string

func (*DhcpActivity) GetRelay 

func (x *DhcpActivity) GetRelay() *NetworkInterface

func (*DhcpActivity) GetSeverity 

func (x *DhcpActivity) GetSeverity() string

func (*DhcpActivity) GetSeverityId 

func (x *DhcpActivity) GetSeverityId() DhcpActivity_SeverityId

func (*DhcpActivity) GetSrcEndpoint 

func (x *DhcpActivity) GetSrcEndpoint() *NetworkEndpoint

func (*DhcpActivity) GetStartTime 

func (x *DhcpActivity) GetStartTime() int64

func (*DhcpActivity) GetStartTimeDt 

func (x *DhcpActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*DhcpActivity) GetStatus 

func (x *DhcpActivity) GetStatus() string

func (*DhcpActivity) GetStatusCode 

func (x *DhcpActivity) GetStatusCode() string

func (*DhcpActivity) GetStatusDetail 

func (x *DhcpActivity) GetStatusDetail() string

func (*DhcpActivity) GetStatusId 

func (x *DhcpActivity) GetStatusId() DhcpActivity_StatusId

func (*DhcpActivity) GetTime 

func (x *DhcpActivity) GetTime() int64

func (*DhcpActivity) GetTimeDt 

func (x *DhcpActivity) GetTimeDt() *timestamppb.Timestamp

func (*DhcpActivity) GetTimezoneOffset 

func (x *DhcpActivity) GetTimezoneOffset() int32

func (*DhcpActivity) GetTls 

func (x *DhcpActivity) GetTls() *Tls

func (*DhcpActivity) GetTraffic 

func (x *DhcpActivity) GetTraffic() *NetworkTraffic

func (*DhcpActivity) GetTransactionUid 

func (x *DhcpActivity) GetTransactionUid() string

func (*DhcpActivity) GetTypeName 

func (x *DhcpActivity) GetTypeName() string

func (*DhcpActivity) GetTypeUid 

func (x *DhcpActivity) GetTypeUid() int64

func (*DhcpActivity) GetUnmapped 

func (x *DhcpActivity) GetUnmapped() *structpb.Struct

func (*DhcpActivity) ProtoMessage 

func (*DhcpActivity) ProtoMessage()

func (*DhcpActivity) ProtoReflect 

func (x *DhcpActivity) ProtoReflect() protoreflect.Message

func (*DhcpActivity) Reset 

func (x *DhcpActivity) Reset()

func (*DhcpActivity) String 

func (x *DhcpActivity) String() string

type DhcpActivity_ActionId 

type DhcpActivity_ActionId int32
const (
	DhcpActivity_ACTION_ID_UNKNOWN DhcpActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	DhcpActivity_ACTION_ID_ALLOWED DhcpActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	DhcpActivity_ACTION_ID_DENIED DhcpActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	DhcpActivity_ACTION_ID_OTHER DhcpActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (DhcpActivity_ActionId) Descriptor 

func (DhcpActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (DhcpActivity_ActionId) Enum 

func (x DhcpActivity_ActionId) Enum() *DhcpActivity_ActionId

func (DhcpActivity_ActionId) EnumDescriptor deprecated 

func (DhcpActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DhcpActivity_ActionId.Descriptor instead.

func (DhcpActivity_ActionId) Number 

func (x DhcpActivity_ActionId) Number() protoreflect.EnumNumber

func (DhcpActivity_ActionId) String 

func (x DhcpActivity_ActionId) String() string

func (DhcpActivity_ActionId) Type 

func (DhcpActivity_ActionId) Type() protoreflect.EnumType

type DhcpActivity_ActivityId 

type DhcpActivity_ActivityId int32
const (
	DhcpActivity_ACTIVITY_ID_UNKNOWN  DhcpActivity_ActivityId = 0
	DhcpActivity_ACTIVITY_ID_DISCOVER DhcpActivity_ActivityId = 1 // DHCPDISCOVER
	DhcpActivity_ACTIVITY_ID_OFFER    DhcpActivity_ActivityId = 2 // DHCPOFFER
	DhcpActivity_ACTIVITY_ID_REQUEST  DhcpActivity_ActivityId = 3 // DHCPREQUEST
	DhcpActivity_ACTIVITY_ID_DECLINE  DhcpActivity_ActivityId = 4 // DHCPDECLINE
	DhcpActivity_ACTIVITY_ID_ACK      DhcpActivity_ActivityId = 5 // DHCPACK: The server accepts the request by sending
	// the client a DHCP Acknowledgment message.
	DhcpActivity_ACTIVITY_ID_NAK     DhcpActivity_ActivityId = 6 // DHCPNAK
	DhcpActivity_ACTIVITY_ID_RELEASE DhcpActivity_ActivityId = 7 // DHCPRELEASE: A DHCP client sends a DHCPRELEASE
	// packet to the server to release the IP address and
	// cancel any remaining lease.
	DhcpActivity_ACTIVITY_ID_INFORM DhcpActivity_ActivityId = 8 // DHCPINFORM
	DhcpActivity_ACTIVITY_ID_EXPIRE DhcpActivity_ActivityId = 9 // DHCPEXPIRE: A DHCP lease expired.
	DhcpActivity_ACTIVITY_ID_OTHER  DhcpActivity_ActivityId = 99
)

func (DhcpActivity_ActivityId) Descriptor 

func (DhcpActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (DhcpActivity_ActivityId) Enum 

func (x DhcpActivity_ActivityId) Enum() *DhcpActivity_ActivityId

func (DhcpActivity_ActivityId) EnumDescriptor deprecated 

func (DhcpActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DhcpActivity_ActivityId.Descriptor instead.

func (DhcpActivity_ActivityId) Number 

func (x DhcpActivity_ActivityId) Number() protoreflect.EnumNumber

func (DhcpActivity_ActivityId) String 

func (x DhcpActivity_ActivityId) String() string

func (DhcpActivity_ActivityId) Type 

func (DhcpActivity_ActivityId) Type() protoreflect.EnumType

type DhcpActivity_CategoryUid 

type DhcpActivity_CategoryUid int32
const (
	DhcpActivity_CATEGORY_UID_UNKNOWN          DhcpActivity_CategoryUid = 0
	DhcpActivity_CATEGORY_UID_NETWORK_ACTIVITY DhcpActivity_CategoryUid = 4
)

func (DhcpActivity_CategoryUid) Descriptor 

func (DhcpActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (DhcpActivity_CategoryUid) Enum 

func (x DhcpActivity_CategoryUid) Enum() *DhcpActivity_CategoryUid

func (DhcpActivity_CategoryUid) EnumDescriptor deprecated 

func (DhcpActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DhcpActivity_CategoryUid.Descriptor instead.

func (DhcpActivity_CategoryUid) Number 

func (x DhcpActivity_CategoryUid) Number() protoreflect.EnumNumber

func (DhcpActivity_CategoryUid) String 

func (x DhcpActivity_CategoryUid) String() string

func (DhcpActivity_CategoryUid) Type 

func (DhcpActivity_CategoryUid) Type() protoreflect.EnumType

type DhcpActivity_ClassUid 

type DhcpActivity_ClassUid int32
const (
	DhcpActivity_CLASS_UID_UNKNOWN       DhcpActivity_ClassUid = 0
	DhcpActivity_CLASS_UID_DHCP_ACTIVITY DhcpActivity_ClassUid = 4004
)

func (DhcpActivity_ClassUid) Descriptor 

func (DhcpActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (DhcpActivity_ClassUid) Enum 

func (x DhcpActivity_ClassUid) Enum() *DhcpActivity_ClassUid

func (DhcpActivity_ClassUid) EnumDescriptor deprecated 

func (DhcpActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DhcpActivity_ClassUid.Descriptor instead.

func (DhcpActivity_ClassUid) Number 

func (x DhcpActivity_ClassUid) Number() protoreflect.EnumNumber

func (DhcpActivity_ClassUid) String 

func (x DhcpActivity_ClassUid) String() string

func (DhcpActivity_ClassUid) Type 

func (DhcpActivity_ClassUid) Type() protoreflect.EnumType

type DhcpActivity_DispositionId 

type DhcpActivity_DispositionId int32
const (
	DhcpActivity_DISPOSITION_ID_UNKNOWN DhcpActivity_DispositionId = 0 // The disposition was not known.
	DhcpActivity_DISPOSITION_ID_ALLOWED DhcpActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	DhcpActivity_DISPOSITION_ID_BLOCKED DhcpActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	DhcpActivity_DISPOSITION_ID_QUARANTINED DhcpActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	DhcpActivity_DISPOSITION_ID_ISOLATED DhcpActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	DhcpActivity_DISPOSITION_ID_DELETED DhcpActivity_DispositionId = 5 // A file or other content was deleted.
	DhcpActivity_DISPOSITION_ID_DROPPED DhcpActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	DhcpActivity_DISPOSITION_ID_CUSTOM_ACTION DhcpActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	DhcpActivity_DISPOSITION_ID_APPROVED DhcpActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	DhcpActivity_DISPOSITION_ID_RESTORED DhcpActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	DhcpActivity_DISPOSITION_ID_EXONERATED DhcpActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	DhcpActivity_DISPOSITION_ID_CORRECTED DhcpActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	DhcpActivity_DISPOSITION_ID_PARTIALLY_CORRECTED DhcpActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	DhcpActivity_DISPOSITION_ID_UNCORRECTED DhcpActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	DhcpActivity_DISPOSITION_ID_DELAYED DhcpActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	DhcpActivity_DISPOSITION_ID_DETECTED DhcpActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	DhcpActivity_DISPOSITION_ID_NO_ACTION DhcpActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	DhcpActivity_DISPOSITION_ID_LOGGED DhcpActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	DhcpActivity_DISPOSITION_ID_TAGGED DhcpActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	DhcpActivity_DISPOSITION_ID_ALERT DhcpActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	DhcpActivity_DISPOSITION_ID_COUNT DhcpActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	DhcpActivity_DISPOSITION_ID_RESET DhcpActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	DhcpActivity_DISPOSITION_ID_CAPTCHA DhcpActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	DhcpActivity_DISPOSITION_ID_CHALLENGE DhcpActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	DhcpActivity_DISPOSITION_ID_ACCESS_REVOKED DhcpActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	DhcpActivity_DISPOSITION_ID_REJECTED DhcpActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	DhcpActivity_DISPOSITION_ID_UNAUTHORIZED DhcpActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	DhcpActivity_DISPOSITION_ID_ERROR DhcpActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	DhcpActivity_DISPOSITION_ID_OTHER DhcpActivity_DispositionId = 99 // The disposition is not listed. The
)

func (DhcpActivity_DispositionId) Descriptor 

func (DhcpActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (DhcpActivity_DispositionId) Enum 

func (x DhcpActivity_DispositionId) Enum() *DhcpActivity_DispositionId

func (DhcpActivity_DispositionId) EnumDescriptor deprecated 

func (DhcpActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DhcpActivity_DispositionId.Descriptor instead.

func (DhcpActivity_DispositionId) Number 

func (x DhcpActivity_DispositionId) Number() protoreflect.EnumNumber

func (DhcpActivity_DispositionId) String 

func (x DhcpActivity_DispositionId) String() string

func (DhcpActivity_DispositionId) Type 

func (DhcpActivity_DispositionId) Type() protoreflect.EnumType

type DhcpActivity_SeverityId 

type DhcpActivity_SeverityId int32
const (
	DhcpActivity_SEVERITY_ID_UNKNOWN       DhcpActivity_SeverityId = 0 // The event/finding severity is unknown.
	DhcpActivity_SEVERITY_ID_INFORMATIONAL DhcpActivity_SeverityId = 1 // Informational message. No action required.
	DhcpActivity_SEVERITY_ID_LOW           DhcpActivity_SeverityId = 2 // The user decides if action is needed.
	DhcpActivity_SEVERITY_ID_MEDIUM        DhcpActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	DhcpActivity_SEVERITY_ID_HIGH     DhcpActivity_SeverityId = 4 // Action is required immediately.
	DhcpActivity_SEVERITY_ID_CRITICAL DhcpActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	DhcpActivity_SEVERITY_ID_FATAL DhcpActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	DhcpActivity_SEVERITY_ID_OTHER DhcpActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (DhcpActivity_SeverityId) Descriptor 

func (DhcpActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (DhcpActivity_SeverityId) Enum 

func (x DhcpActivity_SeverityId) Enum() *DhcpActivity_SeverityId

func (DhcpActivity_SeverityId) EnumDescriptor deprecated 

func (DhcpActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DhcpActivity_SeverityId.Descriptor instead.

func (DhcpActivity_SeverityId) Number 

func (x DhcpActivity_SeverityId) Number() protoreflect.EnumNumber

func (DhcpActivity_SeverityId) String 

func (x DhcpActivity_SeverityId) String() string

func (DhcpActivity_SeverityId) Type 

func (DhcpActivity_SeverityId) Type() protoreflect.EnumType

type DhcpActivity_StatusId 

type DhcpActivity_StatusId int32
const (
	DhcpActivity_STATUS_ID_UNKNOWN DhcpActivity_StatusId = 0 // The status is unknown.
	DhcpActivity_STATUS_ID_SUCCESS DhcpActivity_StatusId = 1
	DhcpActivity_STATUS_ID_FAILURE DhcpActivity_StatusId = 2
	DhcpActivity_STATUS_ID_OTHER   DhcpActivity_StatusId = 99 // The event status is not mapped. See the
)

func (DhcpActivity_StatusId) Descriptor 

func (DhcpActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (DhcpActivity_StatusId) Enum 

func (x DhcpActivity_StatusId) Enum() *DhcpActivity_StatusId

func (DhcpActivity_StatusId) EnumDescriptor deprecated 

func (DhcpActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DhcpActivity_StatusId.Descriptor instead.

func (DhcpActivity_StatusId) Number 

func (x DhcpActivity_StatusId) Number() protoreflect.EnumNumber

func (DhcpActivity_StatusId) String 

func (x DhcpActivity_StatusId) String() string

func (DhcpActivity_StatusId) Type 

func (DhcpActivity_StatusId) Type() protoreflect.EnumType

type DigitalSignature 

type DigitalSignature struct {
	Algorithm     *string                      `protobuf:"bytes,1,opt,name=algorithm,proto3,oneof" json:"algorithm,omitempty"`
	AlgorithmId   DigitalSignature_AlgorithmId `` /* 144-byte string literal not displayed */
	Certificate   *Certificate                 `protobuf:"bytes,3,opt,name=certificate,proto3" json:"certificate,omitempty"`
	CreatedTime   *int64                       `protobuf:"varint,4,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt *timestamppb.Timestamp       `protobuf:"bytes,5,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	DeveloperUid  *string                      `protobuf:"bytes,6,opt,name=developer_uid,json=developerUid,proto3,oneof" json:"developer_uid,omitempty"`
	Digest        *Fingerprint                 `protobuf:"bytes,7,opt,name=digest,proto3" json:"digest,omitempty"`
	// contains filtered or unexported fields
}

DigitalSignature is an OSF object defined in ocsf objects/digital_signature.json

The Digital Signature object contains information about the cryptographic mechanism used to verify the authenticity, integrity, and origin of the file or application.

func (*DigitalSignature) Descriptor deprecated 

func (*DigitalSignature) Descriptor() ([]byte, []int)

Deprecated: Use DigitalSignature.ProtoReflect.Descriptor instead.

func (*DigitalSignature) GetAlgorithm 

func (x *DigitalSignature) GetAlgorithm() string

func (*DigitalSignature) GetAlgorithmId 

func (x *DigitalSignature) GetAlgorithmId() DigitalSignature_AlgorithmId

func (*DigitalSignature) GetCertificate 

func (x *DigitalSignature) GetCertificate() *Certificate

func (*DigitalSignature) GetCreatedTime 

func (x *DigitalSignature) GetCreatedTime() int64

func (*DigitalSignature) GetCreatedTimeDt 

func (x *DigitalSignature) GetCreatedTimeDt() *timestamppb.Timestamp

func (*DigitalSignature) GetDeveloperUid 

func (x *DigitalSignature) GetDeveloperUid() string

func (*DigitalSignature) GetDigest 

func (x *DigitalSignature) GetDigest() *Fingerprint

func (*DigitalSignature) ProtoMessage 

func (*DigitalSignature) ProtoMessage()

func (*DigitalSignature) ProtoReflect 

func (x *DigitalSignature) ProtoReflect() protoreflect.Message

func (*DigitalSignature) Reset 

func (x *DigitalSignature) Reset()

func (*DigitalSignature) String 

func (x *DigitalSignature) String() string

type DigitalSignature_AlgorithmId 

type DigitalSignature_AlgorithmId int32
const (
	DigitalSignature_ALGORITHM_ID_UNKNOWN      DigitalSignature_AlgorithmId = 0
	DigitalSignature_ALGORITHM_ID_DSA          DigitalSignature_AlgorithmId = 1 // Digital Signature Algorithm (DSA).
	DigitalSignature_ALGORITHM_ID_RSA          DigitalSignature_AlgorithmId = 2 // Rivest-Shamir-Adleman (RSA) Algorithm.
	DigitalSignature_ALGORITHM_ID_ECDSA        DigitalSignature_AlgorithmId = 3 // Elliptic Curve Digital Signature Algorithm.
	DigitalSignature_ALGORITHM_ID_AUTHENTICODE DigitalSignature_AlgorithmId = 4 // Microsoft Authenticode Digital Signature
	// Algorithm.
	DigitalSignature_ALGORITHM_ID_OTHER DigitalSignature_AlgorithmId = 99
)

func (DigitalSignature_AlgorithmId) Descriptor 

func (DigitalSignature_AlgorithmId) Descriptor() protoreflect.EnumDescriptor

func (DigitalSignature_AlgorithmId) Enum 

func (x DigitalSignature_AlgorithmId) Enum() *DigitalSignature_AlgorithmId

func (DigitalSignature_AlgorithmId) EnumDescriptor deprecated 

func (DigitalSignature_AlgorithmId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DigitalSignature_AlgorithmId.Descriptor instead.

func (DigitalSignature_AlgorithmId) Number 

func (x DigitalSignature_AlgorithmId) Number() protoreflect.EnumNumber

func (DigitalSignature_AlgorithmId) String 

func (x DigitalSignature_AlgorithmId) String() string

func (DigitalSignature_AlgorithmId) Type 

func (DigitalSignature_AlgorithmId) Type() protoreflect.EnumType

type Display 

type Display struct {
	ColorDepth          *int32 `protobuf:"varint,1,opt,name=color_depth,json=colorDepth,proto3,oneof" json:"color_depth,omitempty"`
	PhysicalHeight      *int32 `protobuf:"varint,2,opt,name=physical_height,json=physicalHeight,proto3,oneof" json:"physical_height,omitempty"`
	PhysicalOrientation *int32 `protobuf:"varint,3,opt,name=physical_orientation,json=physicalOrientation,proto3,oneof" json:"physical_orientation,omitempty"`
	PhysicalWidth       *int32 `protobuf:"varint,4,opt,name=physical_width,json=physicalWidth,proto3,oneof" json:"physical_width,omitempty"`
	ScaleFactor         *int32 `protobuf:"varint,5,opt,name=scale_factor,json=scaleFactor,proto3,oneof" json:"scale_factor,omitempty"`
	// contains filtered or unexported fields
}

Display is an OSF object defined in ocsf objects/display.json

The Display object contains information about the physical or virtual display connected to a computer system.

func (*Display) Descriptor deprecated 

func (*Display) Descriptor() ([]byte, []int)

Deprecated: Use Display.ProtoReflect.Descriptor instead.

func (*Display) GetColorDepth 

func (x *Display) GetColorDepth() int32

func (*Display) GetPhysicalHeight 

func (x *Display) GetPhysicalHeight() int32

func (*Display) GetPhysicalOrientation 

func (x *Display) GetPhysicalOrientation() int32

func (*Display) GetPhysicalWidth 

func (x *Display) GetPhysicalWidth() int32

func (*Display) GetScaleFactor 

func (x *Display) GetScaleFactor() int32

func (*Display) ProtoMessage 

func (*Display) ProtoMessage()

func (*Display) ProtoReflect 

func (x *Display) ProtoReflect() protoreflect.Message

func (*Display) Reset 

func (x *Display) Reset()

func (*Display) String 

func (x *Display) String() string

type DnsActivity 

type DnsActivity struct {
	Action              *string                    `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            DnsActivity_ActionId       `` /* 127-byte string literal not displayed */
	ActivityId          DnsActivity_ActivityId     `` /* 135-byte string literal not displayed */
	ActivityName        *string                    `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                     `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Answers             []*DnsAnswer               `protobuf:"bytes,6,rep,name=answers,proto3" json:"answers,omitempty"`
	Api                 *Api                       `protobuf:"bytes,7,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                    `protobuf:"bytes,8,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                  `protobuf:"bytes,9,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization           `protobuf:"bytes,10,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                    `protobuf:"bytes,11,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         DnsActivity_CategoryUid    `` /* 140-byte string literal not displayed */
	ClassName           *string                    `protobuf:"bytes,13,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            DnsActivity_ClassUid       `` /* 128-byte string literal not displayed */
	Cloud               *Cloud                     `protobuf:"bytes,15,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo     `protobuf:"bytes,16,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                     `protobuf:"varint,17,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                    `protobuf:"bytes,18,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                    `protobuf:"bytes,19,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *DnsActivity_DispositionId `` /* 154-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint           `protobuf:"bytes,21,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                     `protobuf:"varint,22,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                     `protobuf:"varint,23,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp     `protobuf:"bytes,24,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment              `protobuf:"bytes,25,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule        *FirewallRule              `protobuf:"bytes,26,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	LoadBalancer        *LoadBalancer              `protobuf:"bytes,27,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                 `protobuf:"bytes,28,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                    `protobuf:"bytes,29,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                  `protobuf:"bytes,30,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable              `protobuf:"bytes,31,rep,name=observables,proto3" json:"observables,omitempty"`
	Proxy               *NetworkProxy              `protobuf:"bytes,32,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo     `protobuf:"bytes,33,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy              `protobuf:"bytes,34,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest               `protobuf:"bytes,35,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse              `protobuf:"bytes,36,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                       `protobuf:"bytes,37,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic            `protobuf:"bytes,38,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	Query               *DnsQuery                  `protobuf:"bytes,39,opt,name=query,proto3" json:"query,omitempty"`
	QueryTime           *int64                     `protobuf:"varint,40,opt,name=query_time,json=queryTime,proto3,oneof" json:"query_time,omitempty"`
	QueryTimeDt         *timestamppb.Timestamp     `protobuf:"bytes,41,opt,name=query_time_dt,json=queryTimeDt,proto3,oneof" json:"query_time_dt,omitempty"`
	RawData             *string                    `protobuf:"bytes,42,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Rcode               *string                    `protobuf:"bytes,43,opt,name=rcode,proto3,oneof" json:"rcode,omitempty"`
	RcodeId             *DnsActivity_RcodeId       `` /* 130-byte string literal not displayed */
	ResponseTime        *int64                     `protobuf:"varint,45,opt,name=response_time,json=responseTime,proto3,oneof" json:"response_time,omitempty"`
	ResponseTimeDt      *timestamppb.Timestamp     `protobuf:"bytes,46,opt,name=response_time_dt,json=responseTimeDt,proto3,oneof" json:"response_time_dt,omitempty"`
	Severity            *string                    `protobuf:"bytes,47,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          DnsActivity_SeverityId     `` /* 136-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint           `protobuf:"bytes,49,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                     `protobuf:"varint,50,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp     `protobuf:"bytes,51,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                    `protobuf:"bytes,52,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                    `protobuf:"bytes,53,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                    `protobuf:"bytes,54,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *DnsActivity_StatusId      `` /* 134-byte string literal not displayed */
	Time                int64                      `protobuf:"varint,56,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp     `protobuf:"bytes,57,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                     `protobuf:"varint,58,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                       `protobuf:"bytes,59,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic            `protobuf:"bytes,60,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TypeName            *string                    `protobuf:"bytes,61,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                      `protobuf:"varint,62,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct           `protobuf:"bytes,63,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

DnsActivity is an OSF event in category "Network Activity" called DNS Activity defined in ocsf events/network/dns.json

DNS Activity events report DNS queries and answers as seen on the network.

func (*DnsActivity) Descriptor deprecated 

func (*DnsActivity) Descriptor() ([]byte, []int)

Deprecated: Use DnsActivity.ProtoReflect.Descriptor instead.

func (*DnsActivity) GetAction 

func (x *DnsActivity) GetAction() string

func (*DnsActivity) GetActionId 

func (x *DnsActivity) GetActionId() DnsActivity_ActionId

func (*DnsActivity) GetActivityId 

func (x *DnsActivity) GetActivityId() DnsActivity_ActivityId

func (*DnsActivity) GetActivityName 

func (x *DnsActivity) GetActivityName() string

func (*DnsActivity) GetActor 

func (x *DnsActivity) GetActor() *Actor

func (*DnsActivity) GetAnswers 

func (x *DnsActivity) GetAnswers() []*DnsAnswer

func (*DnsActivity) GetApi 

func (x *DnsActivity) GetApi() *Api

func (*DnsActivity) GetAppName 

func (x *DnsActivity) GetAppName() string

func (*DnsActivity) GetAttacks 

func (x *DnsActivity) GetAttacks() []*Attack

func (*DnsActivity) GetAuthorizations 

func (x *DnsActivity) GetAuthorizations() []*Authorization

func (*DnsActivity) GetCategoryName 

func (x *DnsActivity) GetCategoryName() string

func (*DnsActivity) GetCategoryUid 

func (x *DnsActivity) GetCategoryUid() DnsActivity_CategoryUid

func (*DnsActivity) GetClassName 

func (x *DnsActivity) GetClassName() string

func (*DnsActivity) GetClassUid 

func (x *DnsActivity) GetClassUid() DnsActivity_ClassUid

func (*DnsActivity) GetCloud 

func (x *DnsActivity) GetCloud() *Cloud

func (*DnsActivity) GetConnectionInfo 

func (x *DnsActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*DnsActivity) GetCount 

func (x *DnsActivity) GetCount() int32

func (*DnsActivity) GetDevice 

func (x *DnsActivity) GetDevice() *Device

func (*DnsActivity) GetDisposition 

func (x *DnsActivity) GetDisposition() string

func (*DnsActivity) GetDispositionId 

func (x *DnsActivity) GetDispositionId() DnsActivity_DispositionId

func (*DnsActivity) GetDstEndpoint 

func (x *DnsActivity) GetDstEndpoint() *NetworkEndpoint

func (*DnsActivity) GetDuration 

func (x *DnsActivity) GetDuration() int32

func (*DnsActivity) GetEndTime 

func (x *DnsActivity) GetEndTime() int64

func (*DnsActivity) GetEndTimeDt 

func (x *DnsActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*DnsActivity) GetEnrichments 

func (x *DnsActivity) GetEnrichments() []*Enrichment

func (*DnsActivity) GetFirewallRule 

func (x *DnsActivity) GetFirewallRule() *FirewallRule

func (*DnsActivity) GetLoadBalancer 

func (x *DnsActivity) GetLoadBalancer() *LoadBalancer

func (*DnsActivity) GetMalware 

func (x *DnsActivity) GetMalware() []*Malware

func (*DnsActivity) GetMessage 

func (x *DnsActivity) GetMessage() string

func (*DnsActivity) GetMetadata 

func (x *DnsActivity) GetMetadata() *Metadata

func (*DnsActivity) GetObservables 

func (x *DnsActivity) GetObservables() []*Observable

func (*DnsActivity) GetProxy 

func (x *DnsActivity) GetProxy() *NetworkProxy

func (*DnsActivity) GetProxyConnectionInfo 

func (x *DnsActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*DnsActivity) GetProxyEndpoint 

func (x *DnsActivity) GetProxyEndpoint() *NetworkProxy

func (*DnsActivity) GetProxyHttpRequest 

func (x *DnsActivity) GetProxyHttpRequest() *HttpRequest

func (*DnsActivity) GetProxyHttpResponse 

func (x *DnsActivity) GetProxyHttpResponse() *HttpResponse

func (*DnsActivity) GetProxyTls 

func (x *DnsActivity) GetProxyTls() *Tls

func (*DnsActivity) GetProxyTraffic 

func (x *DnsActivity) GetProxyTraffic() *NetworkTraffic

func (*DnsActivity) GetQuery 

func (x *DnsActivity) GetQuery() *DnsQuery

func (*DnsActivity) GetQueryTime 

func (x *DnsActivity) GetQueryTime() int64

func (*DnsActivity) GetQueryTimeDt 

func (x *DnsActivity) GetQueryTimeDt() *timestamppb.Timestamp

func (*DnsActivity) GetRawData 

func (x *DnsActivity) GetRawData() string

func (*DnsActivity) GetRcode 

func (x *DnsActivity) GetRcode() string

func (*DnsActivity) GetRcodeId 

func (x *DnsActivity) GetRcodeId() DnsActivity_RcodeId

func (*DnsActivity) GetResponseTime 

func (x *DnsActivity) GetResponseTime() int64

func (*DnsActivity) GetResponseTimeDt 

func (x *DnsActivity) GetResponseTimeDt() *timestamppb.Timestamp

func (*DnsActivity) GetSeverity 

func (x *DnsActivity) GetSeverity() string

func (*DnsActivity) GetSeverityId 

func (x *DnsActivity) GetSeverityId() DnsActivity_SeverityId

func (*DnsActivity) GetSrcEndpoint 

func (x *DnsActivity) GetSrcEndpoint() *NetworkEndpoint

func (*DnsActivity) GetStartTime 

func (x *DnsActivity) GetStartTime() int64

func (*DnsActivity) GetStartTimeDt 

func (x *DnsActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*DnsActivity) GetStatus 

func (x *DnsActivity) GetStatus() string

func (*DnsActivity) GetStatusCode 

func (x *DnsActivity) GetStatusCode() string

func (*DnsActivity) GetStatusDetail 

func (x *DnsActivity) GetStatusDetail() string

func (*DnsActivity) GetStatusId 

func (x *DnsActivity) GetStatusId() DnsActivity_StatusId

func (*DnsActivity) GetTime 

func (x *DnsActivity) GetTime() int64

func (*DnsActivity) GetTimeDt 

func (x *DnsActivity) GetTimeDt() *timestamppb.Timestamp

func (*DnsActivity) GetTimezoneOffset 

func (x *DnsActivity) GetTimezoneOffset() int32

func (*DnsActivity) GetTls 

func (x *DnsActivity) GetTls() *Tls

func (*DnsActivity) GetTraffic 

func (x *DnsActivity) GetTraffic() *NetworkTraffic

func (*DnsActivity) GetTypeName 

func (x *DnsActivity) GetTypeName() string

func (*DnsActivity) GetTypeUid 

func (x *DnsActivity) GetTypeUid() int64

func (*DnsActivity) GetUnmapped 

func (x *DnsActivity) GetUnmapped() *structpb.Struct

func (*DnsActivity) ProtoMessage 

func (*DnsActivity) ProtoMessage()

func (*DnsActivity) ProtoReflect 

func (x *DnsActivity) ProtoReflect() protoreflect.Message

func (*DnsActivity) Reset 

func (x *DnsActivity) Reset()

func (*DnsActivity) String 

func (x *DnsActivity) String() string

type DnsActivity_ActionId 

type DnsActivity_ActionId int32
const (
	DnsActivity_ACTION_ID_UNKNOWN DnsActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	DnsActivity_ACTION_ID_ALLOWED DnsActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	DnsActivity_ACTION_ID_DENIED DnsActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	DnsActivity_ACTION_ID_OTHER DnsActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (DnsActivity_ActionId) Descriptor 

func (DnsActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (DnsActivity_ActionId) Enum 

func (x DnsActivity_ActionId) Enum() *DnsActivity_ActionId

func (DnsActivity_ActionId) EnumDescriptor deprecated 

func (DnsActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsActivity_ActionId.Descriptor instead.

func (DnsActivity_ActionId) Number 

func (x DnsActivity_ActionId) Number() protoreflect.EnumNumber

func (DnsActivity_ActionId) String 

func (x DnsActivity_ActionId) String() string

func (DnsActivity_ActionId) Type 

func (DnsActivity_ActionId) Type() protoreflect.EnumType

type DnsActivity_ActivityId 

type DnsActivity_ActivityId int32
const (
	DnsActivity_ACTIVITY_ID_UNKNOWN  DnsActivity_ActivityId = 0
	DnsActivity_ACTIVITY_ID_QUERY    DnsActivity_ActivityId = 1 // The DNS query request.
	DnsActivity_ACTIVITY_ID_RESPONSE DnsActivity_ActivityId = 2 // The DNS query response.
	DnsActivity_ACTIVITY_ID_TRAFFIC  DnsActivity_ActivityId = 6 // Bidirectional DNS request and response traffic.
	DnsActivity_ACTIVITY_ID_OTHER    DnsActivity_ActivityId = 99
)

func (DnsActivity_ActivityId) Descriptor 

func (DnsActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (DnsActivity_ActivityId) Enum 

func (x DnsActivity_ActivityId) Enum() *DnsActivity_ActivityId

func (DnsActivity_ActivityId) EnumDescriptor deprecated 

func (DnsActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsActivity_ActivityId.Descriptor instead.

func (DnsActivity_ActivityId) Number 

func (x DnsActivity_ActivityId) Number() protoreflect.EnumNumber

func (DnsActivity_ActivityId) String 

func (x DnsActivity_ActivityId) String() string

func (DnsActivity_ActivityId) Type 

func (DnsActivity_ActivityId) Type() protoreflect.EnumType

type DnsActivity_CategoryUid 

type DnsActivity_CategoryUid int32
const (
	DnsActivity_CATEGORY_UID_UNKNOWN          DnsActivity_CategoryUid = 0
	DnsActivity_CATEGORY_UID_NETWORK_ACTIVITY DnsActivity_CategoryUid = 4
)

func (DnsActivity_CategoryUid) Descriptor 

func (DnsActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (DnsActivity_CategoryUid) Enum 

func (x DnsActivity_CategoryUid) Enum() *DnsActivity_CategoryUid

func (DnsActivity_CategoryUid) EnumDescriptor deprecated 

func (DnsActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsActivity_CategoryUid.Descriptor instead.

func (DnsActivity_CategoryUid) Number 

func (x DnsActivity_CategoryUid) Number() protoreflect.EnumNumber

func (DnsActivity_CategoryUid) String 

func (x DnsActivity_CategoryUid) String() string

func (DnsActivity_CategoryUid) Type 

func (DnsActivity_CategoryUid) Type() protoreflect.EnumType

type DnsActivity_ClassUid 

type DnsActivity_ClassUid int32
const (
	DnsActivity_CLASS_UID_UNKNOWN      DnsActivity_ClassUid = 0
	DnsActivity_CLASS_UID_DNS_ACTIVITY DnsActivity_ClassUid = 4003
)

func (DnsActivity_ClassUid) Descriptor 

func (DnsActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (DnsActivity_ClassUid) Enum 

func (x DnsActivity_ClassUid) Enum() *DnsActivity_ClassUid

func (DnsActivity_ClassUid) EnumDescriptor deprecated 

func (DnsActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsActivity_ClassUid.Descriptor instead.

func (DnsActivity_ClassUid) Number 

func (x DnsActivity_ClassUid) Number() protoreflect.EnumNumber

func (DnsActivity_ClassUid) String 

func (x DnsActivity_ClassUid) String() string

func (DnsActivity_ClassUid) Type 

func (DnsActivity_ClassUid) Type() protoreflect.EnumType

type DnsActivity_DispositionId 

type DnsActivity_DispositionId int32
const (
	DnsActivity_DISPOSITION_ID_UNKNOWN DnsActivity_DispositionId = 0 // The disposition was not known.
	DnsActivity_DISPOSITION_ID_ALLOWED DnsActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	DnsActivity_DISPOSITION_ID_BLOCKED DnsActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	DnsActivity_DISPOSITION_ID_QUARANTINED DnsActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	DnsActivity_DISPOSITION_ID_ISOLATED DnsActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	DnsActivity_DISPOSITION_ID_DELETED DnsActivity_DispositionId = 5 // A file or other content was deleted.
	DnsActivity_DISPOSITION_ID_DROPPED DnsActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	DnsActivity_DISPOSITION_ID_CUSTOM_ACTION DnsActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	DnsActivity_DISPOSITION_ID_APPROVED DnsActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	DnsActivity_DISPOSITION_ID_RESTORED DnsActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	DnsActivity_DISPOSITION_ID_EXONERATED DnsActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	DnsActivity_DISPOSITION_ID_CORRECTED DnsActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	DnsActivity_DISPOSITION_ID_PARTIALLY_CORRECTED DnsActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	DnsActivity_DISPOSITION_ID_UNCORRECTED DnsActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	DnsActivity_DISPOSITION_ID_DELAYED DnsActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	DnsActivity_DISPOSITION_ID_DETECTED DnsActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	DnsActivity_DISPOSITION_ID_NO_ACTION DnsActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	DnsActivity_DISPOSITION_ID_LOGGED DnsActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	DnsActivity_DISPOSITION_ID_TAGGED DnsActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	DnsActivity_DISPOSITION_ID_ALERT DnsActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	DnsActivity_DISPOSITION_ID_COUNT DnsActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	DnsActivity_DISPOSITION_ID_RESET DnsActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	DnsActivity_DISPOSITION_ID_CAPTCHA DnsActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	DnsActivity_DISPOSITION_ID_CHALLENGE DnsActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	DnsActivity_DISPOSITION_ID_ACCESS_REVOKED DnsActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	DnsActivity_DISPOSITION_ID_REJECTED DnsActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	DnsActivity_DISPOSITION_ID_UNAUTHORIZED DnsActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	DnsActivity_DISPOSITION_ID_ERROR DnsActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	DnsActivity_DISPOSITION_ID_OTHER DnsActivity_DispositionId = 99 // The disposition is not listed. The
)

func (DnsActivity_DispositionId) Descriptor 

func (DnsActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (DnsActivity_DispositionId) Enum 

func (x DnsActivity_DispositionId) Enum() *DnsActivity_DispositionId

func (DnsActivity_DispositionId) EnumDescriptor deprecated 

func (DnsActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsActivity_DispositionId.Descriptor instead.

func (DnsActivity_DispositionId) Number 

func (x DnsActivity_DispositionId) Number() protoreflect.EnumNumber

func (DnsActivity_DispositionId) String 

func (x DnsActivity_DispositionId) String() string

func (DnsActivity_DispositionId) Type 

func (DnsActivity_DispositionId) Type() protoreflect.EnumType

type DnsActivity_RcodeId 

type DnsActivity_RcodeId int32
const (
	DnsActivity_RCODE_ID_NOERROR     DnsActivity_RcodeId = 0  // No Error.
	DnsActivity_RCODE_ID_FORMERROR   DnsActivity_RcodeId = 1  // Format Error.
	DnsActivity_RCODE_ID_SERVERROR   DnsActivity_RcodeId = 2  // Server Failure.
	DnsActivity_RCODE_ID_NXDOMAIN    DnsActivity_RcodeId = 3  // Non-Existent Domain.
	DnsActivity_RCODE_ID_NOTIMP      DnsActivity_RcodeId = 4  // Not Implemented.
	DnsActivity_RCODE_ID_REFUSED     DnsActivity_RcodeId = 5  // Query Refused.
	DnsActivity_RCODE_ID_YXDOMAIN    DnsActivity_RcodeId = 6  // Name Exists when it should not.
	DnsActivity_RCODE_ID_YXRRSET     DnsActivity_RcodeId = 7  // RR Set Exists when it should not.
	DnsActivity_RCODE_ID_NXRRSET     DnsActivity_RcodeId = 8  // RR Set that should exist does not.
	DnsActivity_RCODE_ID_NOTAUTH     DnsActivity_RcodeId = 9  // Not Authorized or Server Not Authoritative for zone.
	DnsActivity_RCODE_ID_NOTZONE     DnsActivity_RcodeId = 10 // Name not contained in zone.
	DnsActivity_RCODE_ID_DSOTYPENI   DnsActivity_RcodeId = 11 // DSO-TYPE Not Implemented.
	DnsActivity_RCODE_ID_BADSIG_VERS DnsActivity_RcodeId = 16 // TSIG Signature Failure or Bad OPT Version.
	DnsActivity_RCODE_ID_BADKEY      DnsActivity_RcodeId = 17 // Key not recognized.
	DnsActivity_RCODE_ID_BADTIME     DnsActivity_RcodeId = 18 // Signature out of time window.
	DnsActivity_RCODE_ID_BADMODE     DnsActivity_RcodeId = 19 // Bad TKEY Mode.
	DnsActivity_RCODE_ID_BADNAME     DnsActivity_RcodeId = 20 // Duplicate key name.
	DnsActivity_RCODE_ID_BADALG      DnsActivity_RcodeId = 21 // Algorithm not supported.
	DnsActivity_RCODE_ID_BADTRUNC    DnsActivity_RcodeId = 22 // Bad Truncation.
	DnsActivity_RCODE_ID_BADCOOKIE   DnsActivity_RcodeId = 23 // Bad/missing Server Cookie.
	DnsActivity_RCODE_ID_UNASSIGNED  DnsActivity_RcodeId = 24 // The codes deemed to be unassigned by the RFC
	// (unassigned codes: 12-15, 24-3840, 4096-65534).
	DnsActivity_RCODE_ID_RESERVED DnsActivity_RcodeId = 25 // The codes deemed to be reserved by the RFC (codes:
	// 3841-4095, 65535).
	DnsActivity_RCODE_ID_OTHER DnsActivity_RcodeId = 99 // The dns response code is not defined by the RFC.
)

func (DnsActivity_RcodeId) Descriptor 

func (DnsActivity_RcodeId) Descriptor() protoreflect.EnumDescriptor

func (DnsActivity_RcodeId) Enum 

func (x DnsActivity_RcodeId) Enum() *DnsActivity_RcodeId

func (DnsActivity_RcodeId) EnumDescriptor deprecated 

func (DnsActivity_RcodeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsActivity_RcodeId.Descriptor instead.

func (DnsActivity_RcodeId) Number 

func (x DnsActivity_RcodeId) Number() protoreflect.EnumNumber

func (DnsActivity_RcodeId) String 

func (x DnsActivity_RcodeId) String() string

func (DnsActivity_RcodeId) Type 

func (DnsActivity_RcodeId) Type() protoreflect.EnumType

type DnsActivity_SeverityId 

type DnsActivity_SeverityId int32
const (
	DnsActivity_SEVERITY_ID_UNKNOWN       DnsActivity_SeverityId = 0 // The event/finding severity is unknown.
	DnsActivity_SEVERITY_ID_INFORMATIONAL DnsActivity_SeverityId = 1 // Informational message. No action required.
	DnsActivity_SEVERITY_ID_LOW           DnsActivity_SeverityId = 2 // The user decides if action is needed.
	DnsActivity_SEVERITY_ID_MEDIUM        DnsActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	DnsActivity_SEVERITY_ID_HIGH     DnsActivity_SeverityId = 4 // Action is required immediately.
	DnsActivity_SEVERITY_ID_CRITICAL DnsActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	DnsActivity_SEVERITY_ID_FATAL DnsActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	DnsActivity_SEVERITY_ID_OTHER DnsActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (DnsActivity_SeverityId) Descriptor 

func (DnsActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (DnsActivity_SeverityId) Enum 

func (x DnsActivity_SeverityId) Enum() *DnsActivity_SeverityId

func (DnsActivity_SeverityId) EnumDescriptor deprecated 

func (DnsActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsActivity_SeverityId.Descriptor instead.

func (DnsActivity_SeverityId) Number 

func (x DnsActivity_SeverityId) Number() protoreflect.EnumNumber

func (DnsActivity_SeverityId) String 

func (x DnsActivity_SeverityId) String() string

func (DnsActivity_SeverityId) Type 

func (DnsActivity_SeverityId) Type() protoreflect.EnumType

type DnsActivity_StatusId 

type DnsActivity_StatusId int32
const (
	DnsActivity_STATUS_ID_UNKNOWN DnsActivity_StatusId = 0 // The status is unknown.
	DnsActivity_STATUS_ID_SUCCESS DnsActivity_StatusId = 1
	DnsActivity_STATUS_ID_FAILURE DnsActivity_StatusId = 2
	DnsActivity_STATUS_ID_OTHER   DnsActivity_StatusId = 99 // The event status is not mapped. See the
)

func (DnsActivity_StatusId) Descriptor 

func (DnsActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (DnsActivity_StatusId) Enum 

func (x DnsActivity_StatusId) Enum() *DnsActivity_StatusId

func (DnsActivity_StatusId) EnumDescriptor deprecated 

func (DnsActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsActivity_StatusId.Descriptor instead.

func (DnsActivity_StatusId) Number 

func (x DnsActivity_StatusId) Number() protoreflect.EnumNumber

func (DnsActivity_StatusId) String 

func (x DnsActivity_StatusId) String() string

func (DnsActivity_StatusId) Type 

func (DnsActivity_StatusId) Type() protoreflect.EnumType

type DnsAnswer 

type DnsAnswer struct {
	Class     *string             `protobuf:"bytes,1,opt,name=class,proto3,oneof" json:"class,omitempty"`
	FlagIds   []DnsAnswer_FlagIds `` /* 128-byte string literal not displayed */
	Flags     []string            `protobuf:"bytes,3,rep,name=flags,proto3" json:"flags,omitempty"`
	PacketUid *int32              `protobuf:"varint,4,opt,name=packet_uid,json=packetUid,proto3,oneof" json:"packet_uid,omitempty"`
	Rdata     string              `protobuf:"bytes,5,opt,name=rdata,proto3" json:"rdata,omitempty"`
	Ttl       *int32              `protobuf:"varint,6,opt,name=ttl,proto3,oneof" json:"ttl,omitempty"`
	Type      *string             `protobuf:"bytes,7,opt,name=type,proto3,oneof" json:"type,omitempty"`
	// contains filtered or unexported fields
}

DnsAnswer is an OSF object defined in ocsf objects/dns_answer.json

The DNS Answer object represents a specific response provided by the Domain Name System (DNS) when querying for information about a domain or performing a DNS operation. It encapsulates the relevant details and data returned by the DNS server in response to a query.

func (*DnsAnswer) Descriptor deprecated 

func (*DnsAnswer) Descriptor() ([]byte, []int)

Deprecated: Use DnsAnswer.ProtoReflect.Descriptor instead.

func (*DnsAnswer) GetClass 

func (x *DnsAnswer) GetClass() string

func (*DnsAnswer) GetFlagIds 

func (x *DnsAnswer) GetFlagIds() []DnsAnswer_FlagIds

func (*DnsAnswer) GetFlags 

func (x *DnsAnswer) GetFlags() []string

func (*DnsAnswer) GetPacketUid 

func (x *DnsAnswer) GetPacketUid() int32

func (*DnsAnswer) GetRdata 

func (x *DnsAnswer) GetRdata() string

func (*DnsAnswer) GetTtl 

func (x *DnsAnswer) GetTtl() int32

func (*DnsAnswer) GetType 

func (x *DnsAnswer) GetType() string

func (*DnsAnswer) ProtoMessage 

func (*DnsAnswer) ProtoMessage()

func (*DnsAnswer) ProtoReflect 

func (x *DnsAnswer) ProtoReflect() protoreflect.Message

func (*DnsAnswer) Reset 

func (x *DnsAnswer) Reset()

func (*DnsAnswer) String 

func (x *DnsAnswer) String() string

type DnsAnswer_FlagIds 

type DnsAnswer_FlagIds int32
const (
	DnsAnswer_FLAG_IDS_UNKNOWN              DnsAnswer_FlagIds = 0
	DnsAnswer_FLAG_IDS_AUTHORITATIVE_ANSWER DnsAnswer_FlagIds = 1
	DnsAnswer_FLAG_IDS_TRUNCATED_RESPONSE   DnsAnswer_FlagIds = 2
	DnsAnswer_FLAG_IDS_RECURSION_DESIRED    DnsAnswer_FlagIds = 3
	DnsAnswer_FLAG_IDS_RECURSION_AVAILABLE  DnsAnswer_FlagIds = 4
	DnsAnswer_FLAG_IDS_AUTHENTIC_DATA       DnsAnswer_FlagIds = 5
	DnsAnswer_FLAG_IDS_CHECKING_DISABLED    DnsAnswer_FlagIds = 6
	DnsAnswer_FLAG_IDS_OTHER                DnsAnswer_FlagIds = 99 // The event DNS header flag is not mapped.
)

func (DnsAnswer_FlagIds) Descriptor 

func (DnsAnswer_FlagIds) Descriptor() protoreflect.EnumDescriptor

func (DnsAnswer_FlagIds) Enum 

func (x DnsAnswer_FlagIds) Enum() *DnsAnswer_FlagIds

func (DnsAnswer_FlagIds) EnumDescriptor deprecated 

func (DnsAnswer_FlagIds) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsAnswer_FlagIds.Descriptor instead.

func (DnsAnswer_FlagIds) Number 

func (x DnsAnswer_FlagIds) Number() protoreflect.EnumNumber

func (DnsAnswer_FlagIds) String 

func (x DnsAnswer_FlagIds) String() string

func (DnsAnswer_FlagIds) Type 

func (DnsAnswer_FlagIds) Type() protoreflect.EnumType

type DnsQuery 

type DnsQuery struct {
	Class     *string            `protobuf:"bytes,1,opt,name=class,proto3,oneof" json:"class,omitempty"`
	Hostname  string             `protobuf:"bytes,2,opt,name=hostname,proto3" json:"hostname,omitempty"`
	Opcode    *string            `protobuf:"bytes,3,opt,name=opcode,proto3,oneof" json:"opcode,omitempty"`
	OpcodeId  *DnsQuery_OpcodeId `` /* 130-byte string literal not displayed */
	PacketUid *int32             `protobuf:"varint,5,opt,name=packet_uid,json=packetUid,proto3,oneof" json:"packet_uid,omitempty"`
	Type      *string            `protobuf:"bytes,6,opt,name=type,proto3,oneof" json:"type,omitempty"`
	// contains filtered or unexported fields
}

DnsQuery is an OSF object defined in ocsf objects/dns_query.json

The DNS query object represents a specific request made to the Domain Name System (DNS) to retrieve information about a domain or perform a DNS operation. This object encapsulates the necessary attributes and methods to construct and send DNS queries, specify the query type (e.g., A, AAAA, MX). Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:DNSLookup/'>d3f:DNSLookup</a>.

func (*DnsQuery) Descriptor deprecated 

func (*DnsQuery) Descriptor() ([]byte, []int)

Deprecated: Use DnsQuery.ProtoReflect.Descriptor instead.

func (*DnsQuery) GetClass 

func (x *DnsQuery) GetClass() string

func (*DnsQuery) GetHostname 

func (x *DnsQuery) GetHostname() string

func (*DnsQuery) GetOpcode 

func (x *DnsQuery) GetOpcode() string

func (*DnsQuery) GetOpcodeId 

func (x *DnsQuery) GetOpcodeId() DnsQuery_OpcodeId

func (*DnsQuery) GetPacketUid 

func (x *DnsQuery) GetPacketUid() int32

func (*DnsQuery) GetType 

func (x *DnsQuery) GetType() string

func (*DnsQuery) ProtoMessage 

func (*DnsQuery) ProtoMessage()

func (*DnsQuery) ProtoReflect 

func (x *DnsQuery) ProtoReflect() protoreflect.Message

func (*DnsQuery) Reset 

func (x *DnsQuery) Reset()

func (*DnsQuery) String 

func (x *DnsQuery) String() string

type DnsQuery_OpcodeId 

type DnsQuery_OpcodeId int32
const (
	DnsQuery_OPCODE_ID_QUERY         DnsQuery_OpcodeId = 0 // Standard query
	DnsQuery_OPCODE_ID_INVERSE_QUERY DnsQuery_OpcodeId = 1 // Inverse query, obsolete
	DnsQuery_OPCODE_ID_STATUS        DnsQuery_OpcodeId = 2 // Server status request
	DnsQuery_OPCODE_ID_RESERVED      DnsQuery_OpcodeId = 3 // Reserved, not used
	DnsQuery_OPCODE_ID_NOTIFY        DnsQuery_OpcodeId = 4 // Zone change notification
	DnsQuery_OPCODE_ID_UPDATE        DnsQuery_OpcodeId = 5 // Dynamic DNS update
	DnsQuery_OPCODE_ID_DSO_MESSAGE   DnsQuery_OpcodeId = 6 // DNS Stateful Operations (DSO)
)

func (DnsQuery_OpcodeId) Descriptor 

func (DnsQuery_OpcodeId) Descriptor() protoreflect.EnumDescriptor

func (DnsQuery_OpcodeId) Enum 

func (x DnsQuery_OpcodeId) Enum() *DnsQuery_OpcodeId

func (DnsQuery_OpcodeId) EnumDescriptor deprecated 

func (DnsQuery_OpcodeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use DnsQuery_OpcodeId.Descriptor instead.

func (DnsQuery_OpcodeId) Number 

func (x DnsQuery_OpcodeId) Number() protoreflect.EnumNumber

func (DnsQuery_OpcodeId) String 

func (x DnsQuery_OpcodeId) String() string

func (DnsQuery_OpcodeId) Type 

func (DnsQuery_OpcodeId) Type() protoreflect.EnumType

type Email 

type Email struct {
	Cc                 []string            `protobuf:"bytes,1,rep,name=cc,proto3" json:"cc,omitempty"`
	DataClassification *DataClassification `protobuf:"bytes,2,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	DeliveredTo        *string             `protobuf:"bytes,3,opt,name=delivered_to,json=deliveredTo,proto3,oneof" json:"delivered_to,omitempty"`
	From               string              `protobuf:"bytes,4,opt,name=from,proto3" json:"from,omitempty"`
	MessageUid         *string             `protobuf:"bytes,5,opt,name=message_uid,json=messageUid,proto3,oneof" json:"message_uid,omitempty"`
	RawHeader          *string             `protobuf:"bytes,6,opt,name=raw_header,json=rawHeader,proto3,oneof" json:"raw_header,omitempty"`
	ReplyTo            *string             `protobuf:"bytes,7,opt,name=reply_to,json=replyTo,proto3,oneof" json:"reply_to,omitempty"`
	Size               *int64              `protobuf:"varint,8,opt,name=size,proto3,oneof" json:"size,omitempty"`
	SmtpFrom           *string             `protobuf:"bytes,9,opt,name=smtp_from,json=smtpFrom,proto3,oneof" json:"smtp_from,omitempty"`
	SmtpTo             []string            `protobuf:"bytes,10,rep,name=smtp_to,json=smtpTo,proto3" json:"smtp_to,omitempty"`
	Subject            *string             `protobuf:"bytes,11,opt,name=subject,proto3,oneof" json:"subject,omitempty"`
	To                 []string            `protobuf:"bytes,12,rep,name=to,proto3" json:"to,omitempty"`
	Uid                *string             `protobuf:"bytes,13,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	XOriginatingIp     []string            `protobuf:"bytes,14,rep,name=x_originating_ip,json=xOriginatingIp,proto3" json:"x_originating_ip,omitempty"`
	// contains filtered or unexported fields
}

Email is an OSF object defined in ocsf objects/email.json

The Email object describes the email metadata such as sender, recipients, and direction. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:Email/'>d3f:Email</a>.

func (*Email) Descriptor deprecated 

func (*Email) Descriptor() ([]byte, []int)

Deprecated: Use Email.ProtoReflect.Descriptor instead.

func (*Email) GetCc 

func (x *Email) GetCc() []string

func (*Email) GetDataClassification 

func (x *Email) GetDataClassification() *DataClassification

func (*Email) GetDeliveredTo 

func (x *Email) GetDeliveredTo() string

func (*Email) GetFrom 

func (x *Email) GetFrom() string

func (*Email) GetMessageUid 

func (x *Email) GetMessageUid() string

func (*Email) GetRawHeader 

func (x *Email) GetRawHeader() string

func (*Email) GetReplyTo 

func (x *Email) GetReplyTo() string

func (*Email) GetSize 

func (x *Email) GetSize() int64

func (*Email) GetSmtpFrom 

func (x *Email) GetSmtpFrom() string

func (*Email) GetSmtpTo 

func (x *Email) GetSmtpTo() []string

func (*Email) GetSubject 

func (x *Email) GetSubject() string

func (*Email) GetTo 

func (x *Email) GetTo() []string

func (*Email) GetUid 

func (x *Email) GetUid() string

func (*Email) GetXOriginatingIp 

func (x *Email) GetXOriginatingIp() []string

func (*Email) ProtoMessage 

func (*Email) ProtoMessage()

func (*Email) ProtoReflect 

func (x *Email) ProtoReflect() protoreflect.Message

func (*Email) Reset 

func (x *Email) Reset()

func (*Email) String 

func (x *Email) String() string

type EmailActivity 

type EmailActivity struct {
	Action         *string                      `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       EmailActivity_ActionId       `` /* 129-byte string literal not displayed */
	ActivityId     *EmailActivity_ActivityId    `` /* 143-byte string literal not displayed */
	ActivityName   *string                      `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                       `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                         `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                    `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Attempt        *int32                       `protobuf:"varint,8,opt,name=attempt,proto3,oneof" json:"attempt,omitempty"`
	Authorizations []*Authorization             `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	Banner         *string                      `protobuf:"bytes,10,opt,name=banner,proto3,oneof" json:"banner,omitempty"`
	CategoryName   *string                      `protobuf:"bytes,11,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    EmailActivity_CategoryUid    `` /* 142-byte string literal not displayed */
	ClassName      *string                      `protobuf:"bytes,13,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       EmailActivity_ClassUid       `` /* 130-byte string literal not displayed */
	Cloud          *Cloud                       `protobuf:"bytes,15,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                       `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                      `protobuf:"bytes,17,opt,name=device,proto3" json:"device,omitempty"`
	Direction      *string                      `protobuf:"bytes,18,opt,name=direction,proto3,oneof" json:"direction,omitempty"`
	DirectionId    EmailActivity_DirectionId    `` /* 142-byte string literal not displayed */
	Disposition    *string                      `protobuf:"bytes,20,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *EmailActivity_DispositionId `` /* 156-byte string literal not displayed */
	DstEndpoint    *NetworkEndpoint             `protobuf:"bytes,22,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration       *int32                       `protobuf:"varint,23,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	Email          *Email                       `protobuf:"bytes,24,opt,name=email,proto3" json:"email,omitempty"`
	EmailAuth      *EmailAuth                   `protobuf:"bytes,25,opt,name=email_auth,json=emailAuth,proto3" json:"email_auth,omitempty"`
	EndTime        *int64                       `protobuf:"varint,26,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp       `protobuf:"bytes,27,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                `protobuf:"bytes,28,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                `protobuf:"bytes,29,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                   `protobuf:"bytes,30,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                      `protobuf:"bytes,31,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                    `protobuf:"bytes,32,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                `protobuf:"bytes,33,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                      `protobuf:"bytes,34,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                      `protobuf:"bytes,35,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     EmailActivity_SeverityId     `` /* 138-byte string literal not displayed */
	SmtpHello      *string                      `protobuf:"bytes,37,opt,name=smtp_hello,json=smtpHello,proto3,oneof" json:"smtp_hello,omitempty"`
	SrcEndpoint    *NetworkEndpoint             `protobuf:"bytes,38,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                       `protobuf:"varint,39,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp       `protobuf:"bytes,40,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                      `protobuf:"bytes,41,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                      `protobuf:"bytes,42,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                      `protobuf:"bytes,43,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *EmailActivity_StatusId      `` /* 136-byte string literal not displayed */
	Time           int64                        `protobuf:"varint,45,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp       `protobuf:"bytes,46,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                       `protobuf:"varint,47,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                      `protobuf:"bytes,48,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                        `protobuf:"varint,49,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct             `protobuf:"bytes,50,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

EmailActivity is an OSF event in category "Network Activity" called Email Activity defined in ocsf events/network/email.json

Email events report activities of emails.

func (*EmailActivity) Descriptor deprecated 

func (*EmailActivity) Descriptor() ([]byte, []int)

Deprecated: Use EmailActivity.ProtoReflect.Descriptor instead.

func (*EmailActivity) GetAction 

func (x *EmailActivity) GetAction() string

func (*EmailActivity) GetActionId 

func (x *EmailActivity) GetActionId() EmailActivity_ActionId

func (*EmailActivity) GetActivityId 

func (x *EmailActivity) GetActivityId() EmailActivity_ActivityId

func (*EmailActivity) GetActivityName 

func (x *EmailActivity) GetActivityName() string

func (*EmailActivity) GetActor 

func (x *EmailActivity) GetActor() *Actor

func (*EmailActivity) GetApi 

func (x *EmailActivity) GetApi() *Api

func (*EmailActivity) GetAttacks 

func (x *EmailActivity) GetAttacks() []*Attack

func (*EmailActivity) GetAttempt 

func (x *EmailActivity) GetAttempt() int32

func (*EmailActivity) GetAuthorizations 

func (x *EmailActivity) GetAuthorizations() []*Authorization

func (*EmailActivity) GetBanner 

func (x *EmailActivity) GetBanner() string

func (*EmailActivity) GetCategoryName 

func (x *EmailActivity) GetCategoryName() string

func (*EmailActivity) GetCategoryUid 

func (x *EmailActivity) GetCategoryUid() EmailActivity_CategoryUid

func (*EmailActivity) GetClassName 

func (x *EmailActivity) GetClassName() string

func (*EmailActivity) GetClassUid 

func (x *EmailActivity) GetClassUid() EmailActivity_ClassUid

func (*EmailActivity) GetCloud 

func (x *EmailActivity) GetCloud() *Cloud

func (*EmailActivity) GetCount 

func (x *EmailActivity) GetCount() int32

func (*EmailActivity) GetDevice 

func (x *EmailActivity) GetDevice() *Device

func (*EmailActivity) GetDirection 

func (x *EmailActivity) GetDirection() string

func (*EmailActivity) GetDirectionId 

func (x *EmailActivity) GetDirectionId() EmailActivity_DirectionId

func (*EmailActivity) GetDisposition 

func (x *EmailActivity) GetDisposition() string

func (*EmailActivity) GetDispositionId 

func (x *EmailActivity) GetDispositionId() EmailActivity_DispositionId

func (*EmailActivity) GetDstEndpoint 

func (x *EmailActivity) GetDstEndpoint() *NetworkEndpoint

func (*EmailActivity) GetDuration 

func (x *EmailActivity) GetDuration() int32

func (*EmailActivity) GetEmail 

func (x *EmailActivity) GetEmail() *Email

func (*EmailActivity) GetEmailAuth 

func (x *EmailActivity) GetEmailAuth() *EmailAuth

func (*EmailActivity) GetEndTime 

func (x *EmailActivity) GetEndTime() int64

func (*EmailActivity) GetEndTimeDt 

func (x *EmailActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*EmailActivity) GetEnrichments 

func (x *EmailActivity) GetEnrichments() []*Enrichment

func (*EmailActivity) GetFirewallRule 

func (x *EmailActivity) GetFirewallRule() *FirewallRule

func (*EmailActivity) GetMalware 

func (x *EmailActivity) GetMalware() []*Malware

func (*EmailActivity) GetMessage 

func (x *EmailActivity) GetMessage() string

func (*EmailActivity) GetMetadata 

func (x *EmailActivity) GetMetadata() *Metadata

func (*EmailActivity) GetObservables 

func (x *EmailActivity) GetObservables() []*Observable

func (*EmailActivity) GetRawData 

func (x *EmailActivity) GetRawData() string

func (*EmailActivity) GetSeverity 

func (x *EmailActivity) GetSeverity() string

func (*EmailActivity) GetSeverityId 

func (x *EmailActivity) GetSeverityId() EmailActivity_SeverityId

func (*EmailActivity) GetSmtpHello 

func (x *EmailActivity) GetSmtpHello() string

func (*EmailActivity) GetSrcEndpoint 

func (x *EmailActivity) GetSrcEndpoint() *NetworkEndpoint

func (*EmailActivity) GetStartTime 

func (x *EmailActivity) GetStartTime() int64

func (*EmailActivity) GetStartTimeDt 

func (x *EmailActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*EmailActivity) GetStatus 

func (x *EmailActivity) GetStatus() string

func (*EmailActivity) GetStatusCode 

func (x *EmailActivity) GetStatusCode() string

func (*EmailActivity) GetStatusDetail 

func (x *EmailActivity) GetStatusDetail() string

func (*EmailActivity) GetStatusId 

func (x *EmailActivity) GetStatusId() EmailActivity_StatusId

func (*EmailActivity) GetTime 

func (x *EmailActivity) GetTime() int64

func (*EmailActivity) GetTimeDt 

func (x *EmailActivity) GetTimeDt() *timestamppb.Timestamp

func (*EmailActivity) GetTimezoneOffset 

func (x *EmailActivity) GetTimezoneOffset() int32

func (*EmailActivity) GetTypeName 

func (x *EmailActivity) GetTypeName() string

func (*EmailActivity) GetTypeUid 

func (x *EmailActivity) GetTypeUid() int64

func (*EmailActivity) GetUnmapped 

func (x *EmailActivity) GetUnmapped() *structpb.Struct

func (*EmailActivity) ProtoMessage 

func (*EmailActivity) ProtoMessage()

func (*EmailActivity) ProtoReflect 

func (x *EmailActivity) ProtoReflect() protoreflect.Message

func (*EmailActivity) Reset 

func (x *EmailActivity) Reset()

func (*EmailActivity) String 

func (x *EmailActivity) String() string

type EmailActivity_ActionId 

type EmailActivity_ActionId int32
const (
	EmailActivity_ACTION_ID_UNKNOWN EmailActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	EmailActivity_ACTION_ID_ALLOWED EmailActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	EmailActivity_ACTION_ID_DENIED EmailActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	EmailActivity_ACTION_ID_OTHER EmailActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (EmailActivity_ActionId) Descriptor 

func (EmailActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (EmailActivity_ActionId) Enum 

func (x EmailActivity_ActionId) Enum() *EmailActivity_ActionId

func (EmailActivity_ActionId) EnumDescriptor deprecated 

func (EmailActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailActivity_ActionId.Descriptor instead.

func (EmailActivity_ActionId) Number 

func (x EmailActivity_ActionId) Number() protoreflect.EnumNumber

func (EmailActivity_ActionId) String 

func (x EmailActivity_ActionId) String() string

func (EmailActivity_ActionId) Type 

func (EmailActivity_ActionId) Type() protoreflect.EnumType

type EmailActivity_ActivityId 

type EmailActivity_ActivityId int32
const (
	EmailActivity_ACTIVITY_ID_UNKNOWN EmailActivity_ActivityId = 0
	EmailActivity_ACTIVITY_ID_SEND    EmailActivity_ActivityId = 1
	EmailActivity_ACTIVITY_ID_RECEIVE EmailActivity_ActivityId = 2
	EmailActivity_ACTIVITY_ID_SCAN    EmailActivity_ActivityId = 3 // Email being scanned (example: security scanning)
	EmailActivity_ACTIVITY_ID_OTHER   EmailActivity_ActivityId = 99
)

func (EmailActivity_ActivityId) Descriptor 

func (EmailActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (EmailActivity_ActivityId) Enum 

func (x EmailActivity_ActivityId) Enum() *EmailActivity_ActivityId

func (EmailActivity_ActivityId) EnumDescriptor deprecated 

func (EmailActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailActivity_ActivityId.Descriptor instead.

func (EmailActivity_ActivityId) Number 

func (x EmailActivity_ActivityId) Number() protoreflect.EnumNumber

func (EmailActivity_ActivityId) String 

func (x EmailActivity_ActivityId) String() string

func (EmailActivity_ActivityId) Type 

func (EmailActivity_ActivityId) Type() protoreflect.EnumType

type EmailActivity_CategoryUid 

type EmailActivity_CategoryUid int32
const (
	EmailActivity_CATEGORY_UID_UNKNOWN          EmailActivity_CategoryUid = 0
	EmailActivity_CATEGORY_UID_NETWORK_ACTIVITY EmailActivity_CategoryUid = 4
)

func (EmailActivity_CategoryUid) Descriptor 

func (EmailActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (EmailActivity_CategoryUid) Enum 

func (x EmailActivity_CategoryUid) Enum() *EmailActivity_CategoryUid

func (EmailActivity_CategoryUid) EnumDescriptor deprecated 

func (EmailActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailActivity_CategoryUid.Descriptor instead.

func (EmailActivity_CategoryUid) Number 

func (x EmailActivity_CategoryUid) Number() protoreflect.EnumNumber

func (EmailActivity_CategoryUid) String 

func (x EmailActivity_CategoryUid) String() string

func (EmailActivity_CategoryUid) Type 

func (EmailActivity_CategoryUid) Type() protoreflect.EnumType

type EmailActivity_ClassUid 

type EmailActivity_ClassUid int32
const (
	EmailActivity_CLASS_UID_UNKNOWN        EmailActivity_ClassUid = 0
	EmailActivity_CLASS_UID_EMAIL_ACTIVITY EmailActivity_ClassUid = 4009
)

func (EmailActivity_ClassUid) Descriptor 

func (EmailActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (EmailActivity_ClassUid) Enum 

func (x EmailActivity_ClassUid) Enum() *EmailActivity_ClassUid

func (EmailActivity_ClassUid) EnumDescriptor deprecated 

func (EmailActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailActivity_ClassUid.Descriptor instead.

func (EmailActivity_ClassUid) Number 

func (x EmailActivity_ClassUid) Number() protoreflect.EnumNumber

func (EmailActivity_ClassUid) String 

func (x EmailActivity_ClassUid) String() string

func (EmailActivity_ClassUid) Type 

func (EmailActivity_ClassUid) Type() protoreflect.EnumType

type EmailActivity_DirectionId 

type EmailActivity_DirectionId int32
const (
	EmailActivity_DIRECTION_ID_UNKNOWN EmailActivity_DirectionId = 0 // The email direction is unknown.
	EmailActivity_DIRECTION_ID_INBOUND EmailActivity_DirectionId = 1 // Email Inbound, from the Internet or outside network
	// destined for an entity inside network.
	EmailActivity_DIRECTION_ID_OUTBOUND EmailActivity_DirectionId = 2 // Email Outbound, from inside the network destined
	// for an entity outside network.
	EmailActivity_DIRECTION_ID_INTERNAL EmailActivity_DirectionId = 3 // Email Internal, from inside the network destined
	// for an entity inside network.
	EmailActivity_DIRECTION_ID_OTHER EmailActivity_DirectionId = 99
)

func (EmailActivity_DirectionId) Descriptor 

func (EmailActivity_DirectionId) Descriptor() protoreflect.EnumDescriptor

func (EmailActivity_DirectionId) Enum 

func (x EmailActivity_DirectionId) Enum() *EmailActivity_DirectionId

func (EmailActivity_DirectionId) EnumDescriptor deprecated 

func (EmailActivity_DirectionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailActivity_DirectionId.Descriptor instead.

func (EmailActivity_DirectionId) Number 

func (x EmailActivity_DirectionId) Number() protoreflect.EnumNumber

func (EmailActivity_DirectionId) String 

func (x EmailActivity_DirectionId) String() string

func (EmailActivity_DirectionId) Type 

func (EmailActivity_DirectionId) Type() protoreflect.EnumType

type EmailActivity_DispositionId 

type EmailActivity_DispositionId int32
const (
	EmailActivity_DISPOSITION_ID_UNKNOWN EmailActivity_DispositionId = 0 // The disposition was not known.
	EmailActivity_DISPOSITION_ID_ALLOWED EmailActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	EmailActivity_DISPOSITION_ID_BLOCKED EmailActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	EmailActivity_DISPOSITION_ID_QUARANTINED EmailActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	EmailActivity_DISPOSITION_ID_ISOLATED EmailActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	EmailActivity_DISPOSITION_ID_DELETED EmailActivity_DispositionId = 5 // A file or other content was deleted.
	EmailActivity_DISPOSITION_ID_DROPPED EmailActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	EmailActivity_DISPOSITION_ID_CUSTOM_ACTION EmailActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	EmailActivity_DISPOSITION_ID_APPROVED EmailActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	EmailActivity_DISPOSITION_ID_RESTORED EmailActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	EmailActivity_DISPOSITION_ID_EXONERATED EmailActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	EmailActivity_DISPOSITION_ID_CORRECTED EmailActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	EmailActivity_DISPOSITION_ID_PARTIALLY_CORRECTED EmailActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	EmailActivity_DISPOSITION_ID_UNCORRECTED EmailActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	EmailActivity_DISPOSITION_ID_DELAYED EmailActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	EmailActivity_DISPOSITION_ID_DETECTED EmailActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	EmailActivity_DISPOSITION_ID_NO_ACTION EmailActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	EmailActivity_DISPOSITION_ID_LOGGED EmailActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	EmailActivity_DISPOSITION_ID_TAGGED EmailActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	EmailActivity_DISPOSITION_ID_ALERT EmailActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	EmailActivity_DISPOSITION_ID_COUNT EmailActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	EmailActivity_DISPOSITION_ID_RESET EmailActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	EmailActivity_DISPOSITION_ID_CAPTCHA EmailActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	EmailActivity_DISPOSITION_ID_CHALLENGE EmailActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	EmailActivity_DISPOSITION_ID_ACCESS_REVOKED EmailActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	EmailActivity_DISPOSITION_ID_REJECTED EmailActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	EmailActivity_DISPOSITION_ID_UNAUTHORIZED EmailActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	EmailActivity_DISPOSITION_ID_ERROR EmailActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	EmailActivity_DISPOSITION_ID_OTHER EmailActivity_DispositionId = 99 // The disposition is not listed. The
)

func (EmailActivity_DispositionId) Descriptor 

func (EmailActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (EmailActivity_DispositionId) Enum 

func (x EmailActivity_DispositionId) Enum() *EmailActivity_DispositionId

func (EmailActivity_DispositionId) EnumDescriptor deprecated 

func (EmailActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailActivity_DispositionId.Descriptor instead.

func (EmailActivity_DispositionId) Number 

func (x EmailActivity_DispositionId) Number() protoreflect.EnumNumber

func (EmailActivity_DispositionId) String 

func (x EmailActivity_DispositionId) String() string

func (EmailActivity_DispositionId) Type 

func (EmailActivity_DispositionId) Type() protoreflect.EnumType

type EmailActivity_SeverityId 

type EmailActivity_SeverityId int32
const (
	EmailActivity_SEVERITY_ID_UNKNOWN       EmailActivity_SeverityId = 0 // The event/finding severity is unknown.
	EmailActivity_SEVERITY_ID_INFORMATIONAL EmailActivity_SeverityId = 1 // Informational message. No action required.
	EmailActivity_SEVERITY_ID_LOW           EmailActivity_SeverityId = 2 // The user decides if action is needed.
	EmailActivity_SEVERITY_ID_MEDIUM        EmailActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	EmailActivity_SEVERITY_ID_HIGH     EmailActivity_SeverityId = 4 // Action is required immediately.
	EmailActivity_SEVERITY_ID_CRITICAL EmailActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	EmailActivity_SEVERITY_ID_FATAL EmailActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	EmailActivity_SEVERITY_ID_OTHER EmailActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (EmailActivity_SeverityId) Descriptor 

func (EmailActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (EmailActivity_SeverityId) Enum 

func (x EmailActivity_SeverityId) Enum() *EmailActivity_SeverityId

func (EmailActivity_SeverityId) EnumDescriptor deprecated 

func (EmailActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailActivity_SeverityId.Descriptor instead.

func (EmailActivity_SeverityId) Number 

func (x EmailActivity_SeverityId) Number() protoreflect.EnumNumber

func (EmailActivity_SeverityId) String 

func (x EmailActivity_SeverityId) String() string

func (EmailActivity_SeverityId) Type 

func (EmailActivity_SeverityId) Type() protoreflect.EnumType

type EmailActivity_StatusId 

type EmailActivity_StatusId int32
const (
	EmailActivity_STATUS_ID_UNKNOWN EmailActivity_StatusId = 0 // The status is unknown.
	EmailActivity_STATUS_ID_SUCCESS EmailActivity_StatusId = 1
	EmailActivity_STATUS_ID_FAILURE EmailActivity_StatusId = 2
	EmailActivity_STATUS_ID_OTHER   EmailActivity_StatusId = 99 // The event status is not mapped. See the
)

func (EmailActivity_StatusId) Descriptor 

func (EmailActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (EmailActivity_StatusId) Enum 

func (x EmailActivity_StatusId) Enum() *EmailActivity_StatusId

func (EmailActivity_StatusId) EnumDescriptor deprecated 

func (EmailActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailActivity_StatusId.Descriptor instead.

func (EmailActivity_StatusId) Number 

func (x EmailActivity_StatusId) Number() protoreflect.EnumNumber

func (EmailActivity_StatusId) String 

func (x EmailActivity_StatusId) String() string

func (EmailActivity_StatusId) Type 

func (EmailActivity_StatusId) Type() protoreflect.EnumType

type EmailAuth 

type EmailAuth struct {
	Dkim          *string `protobuf:"bytes,1,opt,name=dkim,proto3,oneof" json:"dkim,omitempty"`
	DkimDomain    *string `protobuf:"bytes,2,opt,name=dkim_domain,json=dkimDomain,proto3,oneof" json:"dkim_domain,omitempty"`
	DkimSignature *string `protobuf:"bytes,3,opt,name=dkim_signature,json=dkimSignature,proto3,oneof" json:"dkim_signature,omitempty"`
	Dmarc         *string `protobuf:"bytes,4,opt,name=dmarc,proto3,oneof" json:"dmarc,omitempty"`
	DmarcOverride *string `protobuf:"bytes,5,opt,name=dmarc_override,json=dmarcOverride,proto3,oneof" json:"dmarc_override,omitempty"`
	DmarcPolicy   *string `protobuf:"bytes,6,opt,name=dmarc_policy,json=dmarcPolicy,proto3,oneof" json:"dmarc_policy,omitempty"`
	Spf           *string `protobuf:"bytes,7,opt,name=spf,proto3,oneof" json:"spf,omitempty"`
	// contains filtered or unexported fields
}

EmailAuth is an OSF object defined in ocsf objects/email_auth.json

The Email Authentication object describes the Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC) attributes of an email.

func (*EmailAuth) Descriptor deprecated 

func (*EmailAuth) Descriptor() ([]byte, []int)

Deprecated: Use EmailAuth.ProtoReflect.Descriptor instead.

func (*EmailAuth) GetDkim 

func (x *EmailAuth) GetDkim() string

func (*EmailAuth) GetDkimDomain 

func (x *EmailAuth) GetDkimDomain() string

func (*EmailAuth) GetDkimSignature 

func (x *EmailAuth) GetDkimSignature() string

func (*EmailAuth) GetDmarc 

func (x *EmailAuth) GetDmarc() string

func (*EmailAuth) GetDmarcOverride 

func (x *EmailAuth) GetDmarcOverride() string

func (*EmailAuth) GetDmarcPolicy 

func (x *EmailAuth) GetDmarcPolicy() string

func (*EmailAuth) GetSpf 

func (x *EmailAuth) GetSpf() string

func (*EmailAuth) ProtoMessage 

func (*EmailAuth) ProtoMessage()

func (*EmailAuth) ProtoReflect 

func (x *EmailAuth) ProtoReflect() protoreflect.Message

func (*EmailAuth) Reset 

func (x *EmailAuth) Reset()

func (*EmailAuth) String 

func (x *EmailAuth) String() string

type EmailFileActivity 

type EmailFileActivity struct {
	Action         *string                          `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       EmailFileActivity_ActionId       `` /* 133-byte string literal not displayed */
	ActivityId     *EmailFileActivity_ActivityId    `` /* 147-byte string literal not displayed */
	ActivityName   *string                          `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                           `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                             `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                        `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization                 `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                          `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    EmailFileActivity_CategoryUid    `` /* 146-byte string literal not displayed */
	ClassName      *string                          `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       EmailFileActivity_ClassUid       `` /* 134-byte string literal not displayed */
	Cloud          *Cloud                           `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                           `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                          `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                          `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *EmailFileActivity_DispositionId `` /* 160-byte string literal not displayed */
	Duration       *int32                           `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EmailUid       string                           `protobuf:"bytes,19,opt,name=email_uid,json=emailUid,proto3" json:"email_uid,omitempty"`
	EndTime        *int64                           `protobuf:"varint,20,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp           `protobuf:"bytes,21,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                    `protobuf:"bytes,22,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File           *File                            `protobuf:"bytes,23,opt,name=file,proto3" json:"file,omitempty"`
	FirewallRule   *FirewallRule                    `protobuf:"bytes,24,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                       `protobuf:"bytes,25,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                          `protobuf:"bytes,26,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                        `protobuf:"bytes,27,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                    `protobuf:"bytes,28,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                          `protobuf:"bytes,29,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                          `protobuf:"bytes,30,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     EmailFileActivity_SeverityId     `` /* 142-byte string literal not displayed */
	StartTime      *int64                           `protobuf:"varint,32,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp           `protobuf:"bytes,33,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                          `protobuf:"bytes,34,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                          `protobuf:"bytes,35,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                          `protobuf:"bytes,36,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *EmailFileActivity_StatusId      `` /* 140-byte string literal not displayed */
	Time           int64                            `protobuf:"varint,38,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp           `protobuf:"bytes,39,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                           `protobuf:"varint,40,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                          `protobuf:"bytes,41,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                            `protobuf:"varint,42,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                 `protobuf:"bytes,43,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

EmailFileActivity is an OSF event in category "Network Activity" called Email File Activity defined in ocsf events/network/email_file.json

Email File Activity events report files within emails.

func (*EmailFileActivity) Descriptor deprecated 

func (*EmailFileActivity) Descriptor() ([]byte, []int)

Deprecated: Use EmailFileActivity.ProtoReflect.Descriptor instead.

func (*EmailFileActivity) GetAction 

func (x *EmailFileActivity) GetAction() string

func (*EmailFileActivity) GetActionId 

func (x *EmailFileActivity) GetActionId() EmailFileActivity_ActionId

func (*EmailFileActivity) GetActivityId 

func (x *EmailFileActivity) GetActivityId() EmailFileActivity_ActivityId

func (*EmailFileActivity) GetActivityName 

func (x *EmailFileActivity) GetActivityName() string

func (*EmailFileActivity) GetActor 

func (x *EmailFileActivity) GetActor() *Actor

func (*EmailFileActivity) GetApi 

func (x *EmailFileActivity) GetApi() *Api

func (*EmailFileActivity) GetAttacks 

func (x *EmailFileActivity) GetAttacks() []*Attack

func (*EmailFileActivity) GetAuthorizations 

func (x *EmailFileActivity) GetAuthorizations() []*Authorization

func (*EmailFileActivity) GetCategoryName 

func (x *EmailFileActivity) GetCategoryName() string

func (*EmailFileActivity) GetCategoryUid 

func (x *EmailFileActivity) GetCategoryUid() EmailFileActivity_CategoryUid

func (*EmailFileActivity) GetClassName 

func (x *EmailFileActivity) GetClassName() string

func (*EmailFileActivity) GetClassUid 

func (x *EmailFileActivity) GetClassUid() EmailFileActivity_ClassUid

func (*EmailFileActivity) GetCloud 

func (x *EmailFileActivity) GetCloud() *Cloud

func (*EmailFileActivity) GetCount 

func (x *EmailFileActivity) GetCount() int32

func (*EmailFileActivity) GetDevice 

func (x *EmailFileActivity) GetDevice() *Device

func (*EmailFileActivity) GetDisposition 

func (x *EmailFileActivity) GetDisposition() string

func (*EmailFileActivity) GetDispositionId 

func (x *EmailFileActivity) GetDispositionId() EmailFileActivity_DispositionId

func (*EmailFileActivity) GetDuration 

func (x *EmailFileActivity) GetDuration() int32

func (*EmailFileActivity) GetEmailUid 

func (x *EmailFileActivity) GetEmailUid() string

func (*EmailFileActivity) GetEndTime 

func (x *EmailFileActivity) GetEndTime() int64

func (*EmailFileActivity) GetEndTimeDt 

func (x *EmailFileActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*EmailFileActivity) GetEnrichments 

func (x *EmailFileActivity) GetEnrichments() []*Enrichment

func (*EmailFileActivity) GetFile 

func (x *EmailFileActivity) GetFile() *File

func (*EmailFileActivity) GetFirewallRule 

func (x *EmailFileActivity) GetFirewallRule() *FirewallRule

func (*EmailFileActivity) GetMalware 

func (x *EmailFileActivity) GetMalware() []*Malware

func (*EmailFileActivity) GetMessage 

func (x *EmailFileActivity) GetMessage() string

func (*EmailFileActivity) GetMetadata 

func (x *EmailFileActivity) GetMetadata() *Metadata

func (*EmailFileActivity) GetObservables 

func (x *EmailFileActivity) GetObservables() []*Observable

func (*EmailFileActivity) GetRawData 

func (x *EmailFileActivity) GetRawData() string

func (*EmailFileActivity) GetSeverity 

func (x *EmailFileActivity) GetSeverity() string

func (*EmailFileActivity) GetSeverityId 

func (x *EmailFileActivity) GetSeverityId() EmailFileActivity_SeverityId

func (*EmailFileActivity) GetStartTime 

func (x *EmailFileActivity) GetStartTime() int64

func (*EmailFileActivity) GetStartTimeDt 

func (x *EmailFileActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*EmailFileActivity) GetStatus 

func (x *EmailFileActivity) GetStatus() string

func (*EmailFileActivity) GetStatusCode 

func (x *EmailFileActivity) GetStatusCode() string

func (*EmailFileActivity) GetStatusDetail 

func (x *EmailFileActivity) GetStatusDetail() string

func (*EmailFileActivity) GetStatusId 

func (x *EmailFileActivity) GetStatusId() EmailFileActivity_StatusId

func (*EmailFileActivity) GetTime 

func (x *EmailFileActivity) GetTime() int64

func (*EmailFileActivity) GetTimeDt 

func (x *EmailFileActivity) GetTimeDt() *timestamppb.Timestamp

func (*EmailFileActivity) GetTimezoneOffset 

func (x *EmailFileActivity) GetTimezoneOffset() int32

func (*EmailFileActivity) GetTypeName 

func (x *EmailFileActivity) GetTypeName() string

func (*EmailFileActivity) GetTypeUid 

func (x *EmailFileActivity) GetTypeUid() int64

func (*EmailFileActivity) GetUnmapped 

func (x *EmailFileActivity) GetUnmapped() *structpb.Struct

func (*EmailFileActivity) ProtoMessage 

func (*EmailFileActivity) ProtoMessage()

func (*EmailFileActivity) ProtoReflect 

func (x *EmailFileActivity) ProtoReflect() protoreflect.Message

func (*EmailFileActivity) Reset 

func (x *EmailFileActivity) Reset()

func (*EmailFileActivity) String 

func (x *EmailFileActivity) String() string

type EmailFileActivity_ActionId 

type EmailFileActivity_ActionId int32
const (
	EmailFileActivity_ACTION_ID_UNKNOWN EmailFileActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	EmailFileActivity_ACTION_ID_ALLOWED EmailFileActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	EmailFileActivity_ACTION_ID_DENIED EmailFileActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	EmailFileActivity_ACTION_ID_OTHER EmailFileActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (EmailFileActivity_ActionId) Descriptor 

func (EmailFileActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (EmailFileActivity_ActionId) Enum 

func (x EmailFileActivity_ActionId) Enum() *EmailFileActivity_ActionId

func (EmailFileActivity_ActionId) EnumDescriptor deprecated 

func (EmailFileActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailFileActivity_ActionId.Descriptor instead.

func (EmailFileActivity_ActionId) Number 

func (x EmailFileActivity_ActionId) Number() protoreflect.EnumNumber

func (EmailFileActivity_ActionId) String 

func (x EmailFileActivity_ActionId) String() string

func (EmailFileActivity_ActionId) Type 

func (EmailFileActivity_ActionId) Type() protoreflect.EnumType

type EmailFileActivity_ActivityId 

type EmailFileActivity_ActivityId int32
const (
	EmailFileActivity_ACTIVITY_ID_UNKNOWN EmailFileActivity_ActivityId = 0
	EmailFileActivity_ACTIVITY_ID_SEND    EmailFileActivity_ActivityId = 1
	EmailFileActivity_ACTIVITY_ID_RECEIVE EmailFileActivity_ActivityId = 2
	EmailFileActivity_ACTIVITY_ID_SCAN    EmailFileActivity_ActivityId = 3 // Email file being scanned (example: security
	// scanning).
	EmailFileActivity_ACTIVITY_ID_OTHER EmailFileActivity_ActivityId = 99
)

func (EmailFileActivity_ActivityId) Descriptor 

func (EmailFileActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (EmailFileActivity_ActivityId) Enum 

func (x EmailFileActivity_ActivityId) Enum() *EmailFileActivity_ActivityId

func (EmailFileActivity_ActivityId) EnumDescriptor deprecated 

func (EmailFileActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailFileActivity_ActivityId.Descriptor instead.

func (EmailFileActivity_ActivityId) Number 

func (x EmailFileActivity_ActivityId) Number() protoreflect.EnumNumber

func (EmailFileActivity_ActivityId) String 

func (x EmailFileActivity_ActivityId) String() string

func (EmailFileActivity_ActivityId) Type 

func (EmailFileActivity_ActivityId) Type() protoreflect.EnumType

type EmailFileActivity_CategoryUid 

type EmailFileActivity_CategoryUid int32
const (
	EmailFileActivity_CATEGORY_UID_UNKNOWN          EmailFileActivity_CategoryUid = 0
	EmailFileActivity_CATEGORY_UID_NETWORK_ACTIVITY EmailFileActivity_CategoryUid = 4
)

func (EmailFileActivity_CategoryUid) Descriptor 

func (EmailFileActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (EmailFileActivity_CategoryUid) Enum 

func (x EmailFileActivity_CategoryUid) Enum() *EmailFileActivity_CategoryUid

func (EmailFileActivity_CategoryUid) EnumDescriptor deprecated 

func (EmailFileActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailFileActivity_CategoryUid.Descriptor instead.

func (EmailFileActivity_CategoryUid) Number 

func (x EmailFileActivity_CategoryUid) Number() protoreflect.EnumNumber

func (EmailFileActivity_CategoryUid) String 

func (x EmailFileActivity_CategoryUid) String() string

func (EmailFileActivity_CategoryUid) Type 

func (EmailFileActivity_CategoryUid) Type() protoreflect.EnumType

type EmailFileActivity_ClassUid 

type EmailFileActivity_ClassUid int32
const (
	EmailFileActivity_CLASS_UID_UNKNOWN             EmailFileActivity_ClassUid = 0
	EmailFileActivity_CLASS_UID_EMAIL_FILE_ACTIVITY EmailFileActivity_ClassUid = 4011
)

func (EmailFileActivity_ClassUid) Descriptor 

func (EmailFileActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (EmailFileActivity_ClassUid) Enum 

func (x EmailFileActivity_ClassUid) Enum() *EmailFileActivity_ClassUid

func (EmailFileActivity_ClassUid) EnumDescriptor deprecated 

func (EmailFileActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailFileActivity_ClassUid.Descriptor instead.

func (EmailFileActivity_ClassUid) Number 

func (x EmailFileActivity_ClassUid) Number() protoreflect.EnumNumber

func (EmailFileActivity_ClassUid) String 

func (x EmailFileActivity_ClassUid) String() string

func (EmailFileActivity_ClassUid) Type 

func (EmailFileActivity_ClassUid) Type() protoreflect.EnumType

type EmailFileActivity_DispositionId 

type EmailFileActivity_DispositionId int32
const (
	EmailFileActivity_DISPOSITION_ID_UNKNOWN EmailFileActivity_DispositionId = 0 // The disposition was not known.
	EmailFileActivity_DISPOSITION_ID_ALLOWED EmailFileActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	EmailFileActivity_DISPOSITION_ID_BLOCKED EmailFileActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	EmailFileActivity_DISPOSITION_ID_QUARANTINED EmailFileActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	EmailFileActivity_DISPOSITION_ID_ISOLATED EmailFileActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	EmailFileActivity_DISPOSITION_ID_DELETED EmailFileActivity_DispositionId = 5 // A file or other content was deleted.
	EmailFileActivity_DISPOSITION_ID_DROPPED EmailFileActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	EmailFileActivity_DISPOSITION_ID_CUSTOM_ACTION EmailFileActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	EmailFileActivity_DISPOSITION_ID_APPROVED EmailFileActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	EmailFileActivity_DISPOSITION_ID_RESTORED EmailFileActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	EmailFileActivity_DISPOSITION_ID_EXONERATED EmailFileActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	EmailFileActivity_DISPOSITION_ID_CORRECTED EmailFileActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	EmailFileActivity_DISPOSITION_ID_PARTIALLY_CORRECTED EmailFileActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	EmailFileActivity_DISPOSITION_ID_UNCORRECTED EmailFileActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	EmailFileActivity_DISPOSITION_ID_DELAYED EmailFileActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	EmailFileActivity_DISPOSITION_ID_DETECTED EmailFileActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	EmailFileActivity_DISPOSITION_ID_NO_ACTION EmailFileActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	EmailFileActivity_DISPOSITION_ID_LOGGED EmailFileActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	EmailFileActivity_DISPOSITION_ID_TAGGED EmailFileActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	EmailFileActivity_DISPOSITION_ID_ALERT EmailFileActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	EmailFileActivity_DISPOSITION_ID_COUNT EmailFileActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	EmailFileActivity_DISPOSITION_ID_RESET EmailFileActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	EmailFileActivity_DISPOSITION_ID_CAPTCHA EmailFileActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	EmailFileActivity_DISPOSITION_ID_CHALLENGE EmailFileActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	EmailFileActivity_DISPOSITION_ID_ACCESS_REVOKED EmailFileActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	EmailFileActivity_DISPOSITION_ID_REJECTED EmailFileActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	EmailFileActivity_DISPOSITION_ID_UNAUTHORIZED EmailFileActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	EmailFileActivity_DISPOSITION_ID_ERROR EmailFileActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	EmailFileActivity_DISPOSITION_ID_OTHER EmailFileActivity_DispositionId = 99 // The disposition is not listed. The
)

func (EmailFileActivity_DispositionId) Descriptor 

func (EmailFileActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (EmailFileActivity_DispositionId) Enum 

func (x EmailFileActivity_DispositionId) Enum() *EmailFileActivity_DispositionId

func (EmailFileActivity_DispositionId) EnumDescriptor deprecated 

func (EmailFileActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailFileActivity_DispositionId.Descriptor instead.

func (EmailFileActivity_DispositionId) Number 

func (x EmailFileActivity_DispositionId) Number() protoreflect.EnumNumber

func (EmailFileActivity_DispositionId) String 

func (x EmailFileActivity_DispositionId) String() string

func (EmailFileActivity_DispositionId) Type 

func (EmailFileActivity_DispositionId) Type() protoreflect.EnumType

type EmailFileActivity_SeverityId 

type EmailFileActivity_SeverityId int32
const (
	EmailFileActivity_SEVERITY_ID_UNKNOWN       EmailFileActivity_SeverityId = 0 // The event/finding severity is unknown.
	EmailFileActivity_SEVERITY_ID_INFORMATIONAL EmailFileActivity_SeverityId = 1 // Informational message. No action required.
	EmailFileActivity_SEVERITY_ID_LOW           EmailFileActivity_SeverityId = 2 // The user decides if action is needed.
	EmailFileActivity_SEVERITY_ID_MEDIUM        EmailFileActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	EmailFileActivity_SEVERITY_ID_HIGH     EmailFileActivity_SeverityId = 4 // Action is required immediately.
	EmailFileActivity_SEVERITY_ID_CRITICAL EmailFileActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	EmailFileActivity_SEVERITY_ID_FATAL EmailFileActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	EmailFileActivity_SEVERITY_ID_OTHER EmailFileActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (EmailFileActivity_SeverityId) Descriptor 

func (EmailFileActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (EmailFileActivity_SeverityId) Enum 

func (x EmailFileActivity_SeverityId) Enum() *EmailFileActivity_SeverityId

func (EmailFileActivity_SeverityId) EnumDescriptor deprecated 

func (EmailFileActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailFileActivity_SeverityId.Descriptor instead.

func (EmailFileActivity_SeverityId) Number 

func (x EmailFileActivity_SeverityId) Number() protoreflect.EnumNumber

func (EmailFileActivity_SeverityId) String 

func (x EmailFileActivity_SeverityId) String() string

func (EmailFileActivity_SeverityId) Type 

func (EmailFileActivity_SeverityId) Type() protoreflect.EnumType

type EmailFileActivity_StatusId 

type EmailFileActivity_StatusId int32
const (
	EmailFileActivity_STATUS_ID_UNKNOWN EmailFileActivity_StatusId = 0 // The status is unknown.
	EmailFileActivity_STATUS_ID_SUCCESS EmailFileActivity_StatusId = 1
	EmailFileActivity_STATUS_ID_FAILURE EmailFileActivity_StatusId = 2
	EmailFileActivity_STATUS_ID_OTHER   EmailFileActivity_StatusId = 99 // The event status is not mapped. See the
)

func (EmailFileActivity_StatusId) Descriptor 

func (EmailFileActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (EmailFileActivity_StatusId) Enum 

func (x EmailFileActivity_StatusId) Enum() *EmailFileActivity_StatusId

func (EmailFileActivity_StatusId) EnumDescriptor deprecated 

func (EmailFileActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailFileActivity_StatusId.Descriptor instead.

func (EmailFileActivity_StatusId) Number 

func (x EmailFileActivity_StatusId) Number() protoreflect.EnumNumber

func (EmailFileActivity_StatusId) String 

func (x EmailFileActivity_StatusId) String() string

func (EmailFileActivity_StatusId) Type 

func (EmailFileActivity_StatusId) Type() protoreflect.EnumType

type EmailUrlActivity 

type EmailUrlActivity struct {
	Action         *string                         `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       EmailUrlActivity_ActionId       `` /* 132-byte string literal not displayed */
	ActivityId     *EmailUrlActivity_ActivityId    `` /* 146-byte string literal not displayed */
	ActivityName   *string                         `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                          `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                            `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                       `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization                `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                         `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    EmailUrlActivity_CategoryUid    `` /* 145-byte string literal not displayed */
	ClassName      *string                         `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       EmailUrlActivity_ClassUid       `` /* 133-byte string literal not displayed */
	Cloud          *Cloud                          `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                          `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                         `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                         `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *EmailUrlActivity_DispositionId `` /* 159-byte string literal not displayed */
	Duration       *int32                          `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EmailUid       string                          `protobuf:"bytes,19,opt,name=email_uid,json=emailUid,proto3" json:"email_uid,omitempty"`
	EndTime        *int64                          `protobuf:"varint,20,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp          `protobuf:"bytes,21,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                   `protobuf:"bytes,22,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                   `protobuf:"bytes,23,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                      `protobuf:"bytes,24,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                         `protobuf:"bytes,25,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                       `protobuf:"bytes,26,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                   `protobuf:"bytes,27,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                         `protobuf:"bytes,28,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                         `protobuf:"bytes,29,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     EmailUrlActivity_SeverityId     `` /* 141-byte string literal not displayed */
	StartTime      *int64                          `protobuf:"varint,31,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp          `protobuf:"bytes,32,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                         `protobuf:"bytes,33,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                         `protobuf:"bytes,34,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                         `protobuf:"bytes,35,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *EmailUrlActivity_StatusId      `` /* 139-byte string literal not displayed */
	Time           int64                           `protobuf:"varint,37,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp          `protobuf:"bytes,38,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                          `protobuf:"varint,39,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                         `protobuf:"bytes,40,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                           `protobuf:"varint,41,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                `protobuf:"bytes,42,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	Url            *Url                            `protobuf:"bytes,43,opt,name=url,proto3" json:"url,omitempty"`
	// contains filtered or unexported fields
}

EmailUrlActivity is an OSF event in category "Network Activity" called Email URL Activity defined in ocsf events/network/email_url.json

Email URL Activity events report URLs within an email.

func (*EmailUrlActivity) Descriptor deprecated 

func (*EmailUrlActivity) Descriptor() ([]byte, []int)

Deprecated: Use EmailUrlActivity.ProtoReflect.Descriptor instead.

func (*EmailUrlActivity) GetAction 

func (x *EmailUrlActivity) GetAction() string

func (*EmailUrlActivity) GetActionId 

func (x *EmailUrlActivity) GetActionId() EmailUrlActivity_ActionId

func (*EmailUrlActivity) GetActivityId 

func (x *EmailUrlActivity) GetActivityId() EmailUrlActivity_ActivityId

func (*EmailUrlActivity) GetActivityName 

func (x *EmailUrlActivity) GetActivityName() string

func (*EmailUrlActivity) GetActor 

func (x *EmailUrlActivity) GetActor() *Actor

func (*EmailUrlActivity) GetApi 

func (x *EmailUrlActivity) GetApi() *Api

func (*EmailUrlActivity) GetAttacks 

func (x *EmailUrlActivity) GetAttacks() []*Attack

func (*EmailUrlActivity) GetAuthorizations 

func (x *EmailUrlActivity) GetAuthorizations() []*Authorization

func (*EmailUrlActivity) GetCategoryName 

func (x *EmailUrlActivity) GetCategoryName() string

func (*EmailUrlActivity) GetCategoryUid 

func (x *EmailUrlActivity) GetCategoryUid() EmailUrlActivity_CategoryUid

func (*EmailUrlActivity) GetClassName 

func (x *EmailUrlActivity) GetClassName() string

func (*EmailUrlActivity) GetClassUid 

func (x *EmailUrlActivity) GetClassUid() EmailUrlActivity_ClassUid

func (*EmailUrlActivity) GetCloud 

func (x *EmailUrlActivity) GetCloud() *Cloud

func (*EmailUrlActivity) GetCount 

func (x *EmailUrlActivity) GetCount() int32

func (*EmailUrlActivity) GetDevice 

func (x *EmailUrlActivity) GetDevice() *Device

func (*EmailUrlActivity) GetDisposition 

func (x *EmailUrlActivity) GetDisposition() string

func (*EmailUrlActivity) GetDispositionId 

func (x *EmailUrlActivity) GetDispositionId() EmailUrlActivity_DispositionId

func (*EmailUrlActivity) GetDuration 

func (x *EmailUrlActivity) GetDuration() int32

func (*EmailUrlActivity) GetEmailUid 

func (x *EmailUrlActivity) GetEmailUid() string

func (*EmailUrlActivity) GetEndTime 

func (x *EmailUrlActivity) GetEndTime() int64

func (*EmailUrlActivity) GetEndTimeDt 

func (x *EmailUrlActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*EmailUrlActivity) GetEnrichments 

func (x *EmailUrlActivity) GetEnrichments() []*Enrichment

func (*EmailUrlActivity) GetFirewallRule 

func (x *EmailUrlActivity) GetFirewallRule() *FirewallRule

func (*EmailUrlActivity) GetMalware 

func (x *EmailUrlActivity) GetMalware() []*Malware

func (*EmailUrlActivity) GetMessage 

func (x *EmailUrlActivity) GetMessage() string

func (*EmailUrlActivity) GetMetadata 

func (x *EmailUrlActivity) GetMetadata() *Metadata

func (*EmailUrlActivity) GetObservables 

func (x *EmailUrlActivity) GetObservables() []*Observable

func (*EmailUrlActivity) GetRawData 

func (x *EmailUrlActivity) GetRawData() string

func (*EmailUrlActivity) GetSeverity 

func (x *EmailUrlActivity) GetSeverity() string

func (*EmailUrlActivity) GetSeverityId 

func (x *EmailUrlActivity) GetSeverityId() EmailUrlActivity_SeverityId

func (*EmailUrlActivity) GetStartTime 

func (x *EmailUrlActivity) GetStartTime() int64

func (*EmailUrlActivity) GetStartTimeDt 

func (x *EmailUrlActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*EmailUrlActivity) GetStatus 

func (x *EmailUrlActivity) GetStatus() string

func (*EmailUrlActivity) GetStatusCode 

func (x *EmailUrlActivity) GetStatusCode() string

func (*EmailUrlActivity) GetStatusDetail 

func (x *EmailUrlActivity) GetStatusDetail() string

func (*EmailUrlActivity) GetStatusId 

func (x *EmailUrlActivity) GetStatusId() EmailUrlActivity_StatusId

func (*EmailUrlActivity) GetTime 

func (x *EmailUrlActivity) GetTime() int64

func (*EmailUrlActivity) GetTimeDt 

func (x *EmailUrlActivity) GetTimeDt() *timestamppb.Timestamp

func (*EmailUrlActivity) GetTimezoneOffset 

func (x *EmailUrlActivity) GetTimezoneOffset() int32

func (*EmailUrlActivity) GetTypeName 

func (x *EmailUrlActivity) GetTypeName() string

func (*EmailUrlActivity) GetTypeUid 

func (x *EmailUrlActivity) GetTypeUid() int64

func (*EmailUrlActivity) GetUnmapped 

func (x *EmailUrlActivity) GetUnmapped() *structpb.Struct

func (*EmailUrlActivity) GetUrl 

func (x *EmailUrlActivity) GetUrl() *Url

func (*EmailUrlActivity) ProtoMessage 

func (*EmailUrlActivity) ProtoMessage()

func (*EmailUrlActivity) ProtoReflect 

func (x *EmailUrlActivity) ProtoReflect() protoreflect.Message

func (*EmailUrlActivity) Reset 

func (x *EmailUrlActivity) Reset()

func (*EmailUrlActivity) String 

func (x *EmailUrlActivity) String() string

type EmailUrlActivity_ActionId 

type EmailUrlActivity_ActionId int32
const (
	EmailUrlActivity_ACTION_ID_UNKNOWN EmailUrlActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	EmailUrlActivity_ACTION_ID_ALLOWED EmailUrlActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	EmailUrlActivity_ACTION_ID_DENIED EmailUrlActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	EmailUrlActivity_ACTION_ID_OTHER EmailUrlActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (EmailUrlActivity_ActionId) Descriptor 

func (EmailUrlActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (EmailUrlActivity_ActionId) Enum 

func (x EmailUrlActivity_ActionId) Enum() *EmailUrlActivity_ActionId

func (EmailUrlActivity_ActionId) EnumDescriptor deprecated 

func (EmailUrlActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailUrlActivity_ActionId.Descriptor instead.

func (EmailUrlActivity_ActionId) Number 

func (x EmailUrlActivity_ActionId) Number() protoreflect.EnumNumber

func (EmailUrlActivity_ActionId) String 

func (x EmailUrlActivity_ActionId) String() string

func (EmailUrlActivity_ActionId) Type 

func (EmailUrlActivity_ActionId) Type() protoreflect.EnumType

type EmailUrlActivity_ActivityId 

type EmailUrlActivity_ActivityId int32
const (
	EmailUrlActivity_ACTIVITY_ID_UNKNOWN EmailUrlActivity_ActivityId = 0
	EmailUrlActivity_ACTIVITY_ID_SEND    EmailUrlActivity_ActivityId = 1
	EmailUrlActivity_ACTIVITY_ID_RECEIVE EmailUrlActivity_ActivityId = 2
	EmailUrlActivity_ACTIVITY_ID_SCAN    EmailUrlActivity_ActivityId = 3 // Email URL being scanned (example: security scanning).
	EmailUrlActivity_ACTIVITY_ID_OTHER   EmailUrlActivity_ActivityId = 99
)

func (EmailUrlActivity_ActivityId) Descriptor 

func (EmailUrlActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (EmailUrlActivity_ActivityId) Enum 

func (x EmailUrlActivity_ActivityId) Enum() *EmailUrlActivity_ActivityId

func (EmailUrlActivity_ActivityId) EnumDescriptor deprecated 

func (EmailUrlActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailUrlActivity_ActivityId.Descriptor instead.

func (EmailUrlActivity_ActivityId) Number 

func (x EmailUrlActivity_ActivityId) Number() protoreflect.EnumNumber

func (EmailUrlActivity_ActivityId) String 

func (x EmailUrlActivity_ActivityId) String() string

func (EmailUrlActivity_ActivityId) Type 

func (EmailUrlActivity_ActivityId) Type() protoreflect.EnumType

type EmailUrlActivity_CategoryUid 

type EmailUrlActivity_CategoryUid int32
const (
	EmailUrlActivity_CATEGORY_UID_UNKNOWN          EmailUrlActivity_CategoryUid = 0
	EmailUrlActivity_CATEGORY_UID_NETWORK_ACTIVITY EmailUrlActivity_CategoryUid = 4
)

func (EmailUrlActivity_CategoryUid) Descriptor 

func (EmailUrlActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (EmailUrlActivity_CategoryUid) Enum 

func (x EmailUrlActivity_CategoryUid) Enum() *EmailUrlActivity_CategoryUid

func (EmailUrlActivity_CategoryUid) EnumDescriptor deprecated 

func (EmailUrlActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailUrlActivity_CategoryUid.Descriptor instead.

func (EmailUrlActivity_CategoryUid) Number 

func (x EmailUrlActivity_CategoryUid) Number() protoreflect.EnumNumber

func (EmailUrlActivity_CategoryUid) String 

func (x EmailUrlActivity_CategoryUid) String() string

func (EmailUrlActivity_CategoryUid) Type 

func (EmailUrlActivity_CategoryUid) Type() protoreflect.EnumType

type EmailUrlActivity_ClassUid 

type EmailUrlActivity_ClassUid int32
const (
	EmailUrlActivity_CLASS_UID_UNKNOWN            EmailUrlActivity_ClassUid = 0
	EmailUrlActivity_CLASS_UID_EMAIL_URL_ACTIVITY EmailUrlActivity_ClassUid = 4012
)

func (EmailUrlActivity_ClassUid) Descriptor 

func (EmailUrlActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (EmailUrlActivity_ClassUid) Enum 

func (x EmailUrlActivity_ClassUid) Enum() *EmailUrlActivity_ClassUid

func (EmailUrlActivity_ClassUid) EnumDescriptor deprecated 

func (EmailUrlActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailUrlActivity_ClassUid.Descriptor instead.

func (EmailUrlActivity_ClassUid) Number 

func (x EmailUrlActivity_ClassUid) Number() protoreflect.EnumNumber

func (EmailUrlActivity_ClassUid) String 

func (x EmailUrlActivity_ClassUid) String() string

func (EmailUrlActivity_ClassUid) Type 

func (EmailUrlActivity_ClassUid) Type() protoreflect.EnumType

type EmailUrlActivity_DispositionId 

type EmailUrlActivity_DispositionId int32
const (
	EmailUrlActivity_DISPOSITION_ID_UNKNOWN EmailUrlActivity_DispositionId = 0 // The disposition was not known.
	EmailUrlActivity_DISPOSITION_ID_ALLOWED EmailUrlActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	EmailUrlActivity_DISPOSITION_ID_BLOCKED EmailUrlActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	EmailUrlActivity_DISPOSITION_ID_QUARANTINED EmailUrlActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	EmailUrlActivity_DISPOSITION_ID_ISOLATED EmailUrlActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	EmailUrlActivity_DISPOSITION_ID_DELETED EmailUrlActivity_DispositionId = 5 // A file or other content was deleted.
	EmailUrlActivity_DISPOSITION_ID_DROPPED EmailUrlActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	EmailUrlActivity_DISPOSITION_ID_CUSTOM_ACTION EmailUrlActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	EmailUrlActivity_DISPOSITION_ID_APPROVED EmailUrlActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	EmailUrlActivity_DISPOSITION_ID_RESTORED EmailUrlActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	EmailUrlActivity_DISPOSITION_ID_EXONERATED EmailUrlActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	EmailUrlActivity_DISPOSITION_ID_CORRECTED EmailUrlActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	EmailUrlActivity_DISPOSITION_ID_PARTIALLY_CORRECTED EmailUrlActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	EmailUrlActivity_DISPOSITION_ID_UNCORRECTED EmailUrlActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	EmailUrlActivity_DISPOSITION_ID_DELAYED EmailUrlActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	EmailUrlActivity_DISPOSITION_ID_DETECTED EmailUrlActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	EmailUrlActivity_DISPOSITION_ID_NO_ACTION EmailUrlActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	EmailUrlActivity_DISPOSITION_ID_LOGGED EmailUrlActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	EmailUrlActivity_DISPOSITION_ID_TAGGED EmailUrlActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	EmailUrlActivity_DISPOSITION_ID_ALERT EmailUrlActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	EmailUrlActivity_DISPOSITION_ID_COUNT EmailUrlActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	EmailUrlActivity_DISPOSITION_ID_RESET EmailUrlActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	EmailUrlActivity_DISPOSITION_ID_CAPTCHA EmailUrlActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	EmailUrlActivity_DISPOSITION_ID_CHALLENGE EmailUrlActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	EmailUrlActivity_DISPOSITION_ID_ACCESS_REVOKED EmailUrlActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	EmailUrlActivity_DISPOSITION_ID_REJECTED EmailUrlActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	EmailUrlActivity_DISPOSITION_ID_UNAUTHORIZED EmailUrlActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	EmailUrlActivity_DISPOSITION_ID_ERROR EmailUrlActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	EmailUrlActivity_DISPOSITION_ID_OTHER EmailUrlActivity_DispositionId = 99 // The disposition is not listed. The
)

func (EmailUrlActivity_DispositionId) Descriptor 

func (EmailUrlActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (EmailUrlActivity_DispositionId) Enum 

func (x EmailUrlActivity_DispositionId) Enum() *EmailUrlActivity_DispositionId

func (EmailUrlActivity_DispositionId) EnumDescriptor deprecated 

func (EmailUrlActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailUrlActivity_DispositionId.Descriptor instead.

func (EmailUrlActivity_DispositionId) Number 

func (x EmailUrlActivity_DispositionId) Number() protoreflect.EnumNumber

func (EmailUrlActivity_DispositionId) String 

func (x EmailUrlActivity_DispositionId) String() string

func (EmailUrlActivity_DispositionId) Type 

func (EmailUrlActivity_DispositionId) Type() protoreflect.EnumType

type EmailUrlActivity_SeverityId 

type EmailUrlActivity_SeverityId int32
const (
	EmailUrlActivity_SEVERITY_ID_UNKNOWN       EmailUrlActivity_SeverityId = 0 // The event/finding severity is unknown.
	EmailUrlActivity_SEVERITY_ID_INFORMATIONAL EmailUrlActivity_SeverityId = 1 // Informational message. No action required.
	EmailUrlActivity_SEVERITY_ID_LOW           EmailUrlActivity_SeverityId = 2 // The user decides if action is needed.
	EmailUrlActivity_SEVERITY_ID_MEDIUM        EmailUrlActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	EmailUrlActivity_SEVERITY_ID_HIGH     EmailUrlActivity_SeverityId = 4 // Action is required immediately.
	EmailUrlActivity_SEVERITY_ID_CRITICAL EmailUrlActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	EmailUrlActivity_SEVERITY_ID_FATAL EmailUrlActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	EmailUrlActivity_SEVERITY_ID_OTHER EmailUrlActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (EmailUrlActivity_SeverityId) Descriptor 

func (EmailUrlActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (EmailUrlActivity_SeverityId) Enum 

func (x EmailUrlActivity_SeverityId) Enum() *EmailUrlActivity_SeverityId

func (EmailUrlActivity_SeverityId) EnumDescriptor deprecated 

func (EmailUrlActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailUrlActivity_SeverityId.Descriptor instead.

func (EmailUrlActivity_SeverityId) Number 

func (x EmailUrlActivity_SeverityId) Number() protoreflect.EnumNumber

func (EmailUrlActivity_SeverityId) String 

func (x EmailUrlActivity_SeverityId) String() string

func (EmailUrlActivity_SeverityId) Type 

func (EmailUrlActivity_SeverityId) Type() protoreflect.EnumType

type EmailUrlActivity_StatusId 

type EmailUrlActivity_StatusId int32
const (
	EmailUrlActivity_STATUS_ID_UNKNOWN EmailUrlActivity_StatusId = 0 // The status is unknown.
	EmailUrlActivity_STATUS_ID_SUCCESS EmailUrlActivity_StatusId = 1
	EmailUrlActivity_STATUS_ID_FAILURE EmailUrlActivity_StatusId = 2
	EmailUrlActivity_STATUS_ID_OTHER   EmailUrlActivity_StatusId = 99 // The event status is not mapped. See the
)

func (EmailUrlActivity_StatusId) Descriptor 

func (EmailUrlActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (EmailUrlActivity_StatusId) Enum 

func (x EmailUrlActivity_StatusId) Enum() *EmailUrlActivity_StatusId

func (EmailUrlActivity_StatusId) EnumDescriptor deprecated 

func (EmailUrlActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EmailUrlActivity_StatusId.Descriptor instead.

func (EmailUrlActivity_StatusId) Number 

func (x EmailUrlActivity_StatusId) Number() protoreflect.EnumNumber

func (EmailUrlActivity_StatusId) String 

func (x EmailUrlActivity_StatusId) String() string

func (EmailUrlActivity_StatusId) Type 

func (EmailUrlActivity_StatusId) Type() protoreflect.EnumType

type EndpointConnection 

type EndpointConnection struct {
	Code            *int32           `protobuf:"varint,1,opt,name=code,proto3,oneof" json:"code,omitempty"`
	NetworkEndpoint *NetworkEndpoint `protobuf:"bytes,2,opt,name=network_endpoint,json=networkEndpoint,proto3" json:"network_endpoint,omitempty"`
	// contains filtered or unexported fields
}

EndpointConnection is an OSF object defined in ocsf objects/endpoint_connection.json

The Endpoint Connection object contains information detailing a connection attempt to an endpoint.

func (*EndpointConnection) Descriptor deprecated 

func (*EndpointConnection) Descriptor() ([]byte, []int)

Deprecated: Use EndpointConnection.ProtoReflect.Descriptor instead.

func (*EndpointConnection) GetCode 

func (x *EndpointConnection) GetCode() int32

func (*EndpointConnection) GetNetworkEndpoint 

func (x *EndpointConnection) GetNetworkEndpoint() *NetworkEndpoint

func (*EndpointConnection) ProtoMessage 

func (*EndpointConnection) ProtoMessage()

func (*EndpointConnection) ProtoReflect 

func (x *EndpointConnection) ProtoReflect() protoreflect.Message

func (*EndpointConnection) Reset 

func (x *EndpointConnection) Reset()

func (*EndpointConnection) String 

func (x *EndpointConnection) String() string

type Enrichment 

type Enrichment struct {
	Data     *structpb.Value `protobuf:"bytes,1,opt,name=data,proto3" json:"data,omitempty"`
	Name     string          `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	Provider *string         `protobuf:"bytes,3,opt,name=provider,proto3,oneof" json:"provider,omitempty"`
	Type     *string         `protobuf:"bytes,4,opt,name=type,proto3,oneof" json:"type,omitempty"`
	Value    string          `protobuf:"bytes,5,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

Enrichment is an OSF object defined in ocsf objects/enrichment.json

The Enrichment object provides inline enrichment data for specific attributes of interest within an event. It serves as a mechanism to enhance or supplement the information associated with the event by adding additional relevant details or context.

func (*Enrichment) Descriptor deprecated 

func (*Enrichment) Descriptor() ([]byte, []int)

Deprecated: Use Enrichment.ProtoReflect.Descriptor instead.

func (*Enrichment) GetData 

func (x *Enrichment) GetData() *structpb.Value

func (*Enrichment) GetName 

func (x *Enrichment) GetName() string

func (*Enrichment) GetProvider 

func (x *Enrichment) GetProvider() string

func (*Enrichment) GetType 

func (x *Enrichment) GetType() string

func (*Enrichment) GetValue 

func (x *Enrichment) GetValue() string

func (*Enrichment) ProtoMessage 

func (*Enrichment) ProtoMessage()

func (*Enrichment) ProtoReflect 

func (x *Enrichment) ProtoReflect() protoreflect.Message

func (*Enrichment) Reset 

func (x *Enrichment) Reset()

func (*Enrichment) String 

func (x *Enrichment) String() string

type EntityManagement 

type EntityManagement struct {
	ActivityId     EntityManagement_ActivityId  `` /* 140-byte string literal not displayed */
	ActivityName   *string                      `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                       `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                         `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                      `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    EntityManagement_CategoryUid `` /* 144-byte string literal not displayed */
	ClassName      *string                      `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       EntityManagement_ClassUid    `` /* 132-byte string literal not displayed */
	Cloud          *Cloud                       `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Comment        *string                      `protobuf:"bytes,10,opt,name=comment,proto3,oneof" json:"comment,omitempty"`
	Count          *int32                       `protobuf:"varint,11,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                      `protobuf:"bytes,12,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                       `protobuf:"varint,13,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                       `protobuf:"varint,14,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp       `protobuf:"bytes,15,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                `protobuf:"bytes,16,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Entity         *ManagedEntity               `protobuf:"bytes,17,opt,name=entity,proto3" json:"entity,omitempty"`
	EntityResult   *ManagedEntity               `protobuf:"bytes,18,opt,name=entity_result,json=entityResult,proto3" json:"entity_result,omitempty"`
	HttpRequest    *HttpRequest                 `protobuf:"bytes,19,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	Message        *string                      `protobuf:"bytes,20,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                    `protobuf:"bytes,21,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                `protobuf:"bytes,22,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                      `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                      `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     EntityManagement_SeverityId  `` /* 141-byte string literal not displayed */
	SrcEndpoint    *NetworkEndpoint             `protobuf:"bytes,26,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                       `protobuf:"varint,27,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp       `protobuf:"bytes,28,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                      `protobuf:"bytes,29,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                      `protobuf:"bytes,30,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                      `protobuf:"bytes,31,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *EntityManagement_StatusId   `` /* 139-byte string literal not displayed */
	Time           int64                        `protobuf:"varint,33,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp       `protobuf:"bytes,34,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                       `protobuf:"varint,35,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                      `protobuf:"bytes,36,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                        `protobuf:"varint,37,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct             `protobuf:"bytes,38,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

EntityManagement is an OSF event in category "Identity & Access Management" called Entity Management defined in ocsf events/iam/entity_management.json

Entity Management events report activity by a managed client, a micro service, or a user at a management console. The activity can be a create, read, update, and delete operation on a managed entity.

func (*EntityManagement) Descriptor deprecated 

func (*EntityManagement) Descriptor() ([]byte, []int)

Deprecated: Use EntityManagement.ProtoReflect.Descriptor instead.

func (*EntityManagement) GetActivityId 

func (x *EntityManagement) GetActivityId() EntityManagement_ActivityId

func (*EntityManagement) GetActivityName 

func (x *EntityManagement) GetActivityName() string

func (*EntityManagement) GetActor 

func (x *EntityManagement) GetActor() *Actor

func (*EntityManagement) GetApi 

func (x *EntityManagement) GetApi() *Api

func (*EntityManagement) GetCategoryName 

func (x *EntityManagement) GetCategoryName() string

func (*EntityManagement) GetCategoryUid 

func (x *EntityManagement) GetCategoryUid() EntityManagement_CategoryUid

func (*EntityManagement) GetClassName 

func (x *EntityManagement) GetClassName() string

func (*EntityManagement) GetClassUid 

func (x *EntityManagement) GetClassUid() EntityManagement_ClassUid

func (*EntityManagement) GetCloud 

func (x *EntityManagement) GetCloud() *Cloud

func (*EntityManagement) GetComment 

func (x *EntityManagement) GetComment() string

func (*EntityManagement) GetCount 

func (x *EntityManagement) GetCount() int32

func (*EntityManagement) GetDevice 

func (x *EntityManagement) GetDevice() *Device

func (*EntityManagement) GetDuration 

func (x *EntityManagement) GetDuration() int32

func (*EntityManagement) GetEndTime 

func (x *EntityManagement) GetEndTime() int64

func (*EntityManagement) GetEndTimeDt 

func (x *EntityManagement) GetEndTimeDt() *timestamppb.Timestamp

func (*EntityManagement) GetEnrichments 

func (x *EntityManagement) GetEnrichments() []*Enrichment

func (*EntityManagement) GetEntity 

func (x *EntityManagement) GetEntity() *ManagedEntity

func (*EntityManagement) GetEntityResult 

func (x *EntityManagement) GetEntityResult() *ManagedEntity

func (*EntityManagement) GetHttpRequest 

func (x *EntityManagement) GetHttpRequest() *HttpRequest

func (*EntityManagement) GetMessage 

func (x *EntityManagement) GetMessage() string

func (*EntityManagement) GetMetadata 

func (x *EntityManagement) GetMetadata() *Metadata

func (*EntityManagement) GetObservables 

func (x *EntityManagement) GetObservables() []*Observable

func (*EntityManagement) GetRawData 

func (x *EntityManagement) GetRawData() string

func (*EntityManagement) GetSeverity 

func (x *EntityManagement) GetSeverity() string

func (*EntityManagement) GetSeverityId 

func (x *EntityManagement) GetSeverityId() EntityManagement_SeverityId

func (*EntityManagement) GetSrcEndpoint 

func (x *EntityManagement) GetSrcEndpoint() *NetworkEndpoint

func (*EntityManagement) GetStartTime 

func (x *EntityManagement) GetStartTime() int64

func (*EntityManagement) GetStartTimeDt 

func (x *EntityManagement) GetStartTimeDt() *timestamppb.Timestamp

func (*EntityManagement) GetStatus 

func (x *EntityManagement) GetStatus() string

func (*EntityManagement) GetStatusCode 

func (x *EntityManagement) GetStatusCode() string

func (*EntityManagement) GetStatusDetail 

func (x *EntityManagement) GetStatusDetail() string

func (*EntityManagement) GetStatusId 

func (x *EntityManagement) GetStatusId() EntityManagement_StatusId

func (*EntityManagement) GetTime 

func (x *EntityManagement) GetTime() int64

func (*EntityManagement) GetTimeDt 

func (x *EntityManagement) GetTimeDt() *timestamppb.Timestamp

func (*EntityManagement) GetTimezoneOffset 

func (x *EntityManagement) GetTimezoneOffset() int32

func (*EntityManagement) GetTypeName 

func (x *EntityManagement) GetTypeName() string

func (*EntityManagement) GetTypeUid 

func (x *EntityManagement) GetTypeUid() int64

func (*EntityManagement) GetUnmapped 

func (x *EntityManagement) GetUnmapped() *structpb.Struct

func (*EntityManagement) ProtoMessage 

func (*EntityManagement) ProtoMessage()

func (*EntityManagement) ProtoReflect 

func (x *EntityManagement) ProtoReflect() protoreflect.Message

func (*EntityManagement) Reset 

func (x *EntityManagement) Reset()

func (*EntityManagement) String 

func (x *EntityManagement) String() string

type EntityManagement_ActivityId 

type EntityManagement_ActivityId int32
const (
	EntityManagement_ACTIVITY_ID_UNKNOWN EntityManagement_ActivityId = 0
	EntityManagement_ACTIVITY_ID_CREATE  EntityManagement_ActivityId = 1
	EntityManagement_ACTIVITY_ID_READ    EntityManagement_ActivityId = 2
	EntityManagement_ACTIVITY_ID_UPDATE  EntityManagement_ActivityId = 3
	EntityManagement_ACTIVITY_ID_DELETE  EntityManagement_ActivityId = 4
	EntityManagement_ACTIVITY_ID_OTHER   EntityManagement_ActivityId = 99
)

func (EntityManagement_ActivityId) Descriptor 

func (EntityManagement_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (EntityManagement_ActivityId) Enum 

func (x EntityManagement_ActivityId) Enum() *EntityManagement_ActivityId

func (EntityManagement_ActivityId) EnumDescriptor deprecated 

func (EntityManagement_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EntityManagement_ActivityId.Descriptor instead.

func (EntityManagement_ActivityId) Number 

func (x EntityManagement_ActivityId) Number() protoreflect.EnumNumber

func (EntityManagement_ActivityId) String 

func (x EntityManagement_ActivityId) String() string

func (EntityManagement_ActivityId) Type 

func (EntityManagement_ActivityId) Type() protoreflect.EnumType

type EntityManagement_CategoryUid 

type EntityManagement_CategoryUid int32
const (
	EntityManagement_CATEGORY_UID_UNKNOWN                    EntityManagement_CategoryUid = 0
	EntityManagement_CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT EntityManagement_CategoryUid = 3
)

func (EntityManagement_CategoryUid) Descriptor 

func (EntityManagement_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (EntityManagement_CategoryUid) Enum 

func (x EntityManagement_CategoryUid) Enum() *EntityManagement_CategoryUid

func (EntityManagement_CategoryUid) EnumDescriptor deprecated 

func (EntityManagement_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use EntityManagement_CategoryUid.Descriptor instead.

func (EntityManagement_CategoryUid) Number 

func (x EntityManagement_CategoryUid) Number() protoreflect.EnumNumber

func (EntityManagement_CategoryUid) String 

func (x EntityManagement_CategoryUid) String() string

func (EntityManagement_CategoryUid) Type 

func (EntityManagement_CategoryUid) Type() protoreflect.EnumType

type EntityManagement_ClassUid 

type EntityManagement_ClassUid int32
const (
	EntityManagement_CLASS_UID_UNKNOWN           EntityManagement_ClassUid = 0
	EntityManagement_CLASS_UID_ENTITY_MANAGEMENT EntityManagement_ClassUid = 3004
)

func (EntityManagement_ClassUid) Descriptor 

func (EntityManagement_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (EntityManagement_ClassUid) Enum 

func (x EntityManagement_ClassUid) Enum() *EntityManagement_ClassUid

func (EntityManagement_ClassUid) EnumDescriptor deprecated 

func (EntityManagement_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use EntityManagement_ClassUid.Descriptor instead.

func (EntityManagement_ClassUid) Number 

func (x EntityManagement_ClassUid) Number() protoreflect.EnumNumber

func (EntityManagement_ClassUid) String 

func (x EntityManagement_ClassUid) String() string

func (EntityManagement_ClassUid) Type 

func (EntityManagement_ClassUid) Type() protoreflect.EnumType

type EntityManagement_SeverityId 

type EntityManagement_SeverityId int32
const (
	EntityManagement_SEVERITY_ID_UNKNOWN       EntityManagement_SeverityId = 0 // The event/finding severity is unknown.
	EntityManagement_SEVERITY_ID_INFORMATIONAL EntityManagement_SeverityId = 1 // Informational message. No action required.
	EntityManagement_SEVERITY_ID_LOW           EntityManagement_SeverityId = 2 // The user decides if action is needed.
	EntityManagement_SEVERITY_ID_MEDIUM        EntityManagement_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	EntityManagement_SEVERITY_ID_HIGH     EntityManagement_SeverityId = 4 // Action is required immediately.
	EntityManagement_SEVERITY_ID_CRITICAL EntityManagement_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	EntityManagement_SEVERITY_ID_FATAL EntityManagement_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	EntityManagement_SEVERITY_ID_OTHER EntityManagement_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (EntityManagement_SeverityId) Descriptor 

func (EntityManagement_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (EntityManagement_SeverityId) Enum 

func (x EntityManagement_SeverityId) Enum() *EntityManagement_SeverityId

func (EntityManagement_SeverityId) EnumDescriptor deprecated 

func (EntityManagement_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EntityManagement_SeverityId.Descriptor instead.

func (EntityManagement_SeverityId) Number 

func (x EntityManagement_SeverityId) Number() protoreflect.EnumNumber

func (EntityManagement_SeverityId) String 

func (x EntityManagement_SeverityId) String() string

func (EntityManagement_SeverityId) Type 

func (EntityManagement_SeverityId) Type() protoreflect.EnumType

type EntityManagement_StatusId 

type EntityManagement_StatusId int32
const (
	EntityManagement_STATUS_ID_UNKNOWN EntityManagement_StatusId = 0 // The status is unknown.
	EntityManagement_STATUS_ID_SUCCESS EntityManagement_StatusId = 1
	EntityManagement_STATUS_ID_FAILURE EntityManagement_StatusId = 2
	EntityManagement_STATUS_ID_OTHER   EntityManagement_StatusId = 99 // The event status is not mapped. See the
)

func (EntityManagement_StatusId) Descriptor 

func (EntityManagement_StatusId) Descriptor() protoreflect.EnumDescriptor

func (EntityManagement_StatusId) Enum 

func (x EntityManagement_StatusId) Enum() *EntityManagement_StatusId

func (EntityManagement_StatusId) EnumDescriptor deprecated 

func (EntityManagement_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use EntityManagement_StatusId.Descriptor instead.

func (EntityManagement_StatusId) Number 

func (x EntityManagement_StatusId) Number() protoreflect.EnumNumber

func (EntityManagement_StatusId) String 

func (x EntityManagement_StatusId) String() string

func (EntityManagement_StatusId) Type 

func (EntityManagement_StatusId) Type() protoreflect.EnumType

type Epss 

type Epss struct {
	CreatedTime   *int64                 `protobuf:"varint,1,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	Percentile    *float64               `protobuf:"fixed64,3,opt,name=percentile,proto3,oneof" json:"percentile,omitempty"`
	Score         string                 `protobuf:"bytes,4,opt,name=score,proto3" json:"score,omitempty"`
	Version       *string                `protobuf:"bytes,5,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Epss is an OSF object defined in ocsf objects/epss.json

The Exploit Prediction Scoring System (EPSS) object describes the estimated probability a vulnerability will be exploited. EPSS is a community-driven effort to combine descriptive information about vulnerabilities (CVEs) with evidence of actual exploitation in-the-wild. (<a target='_blank' href='https://www.first.org/epss/'>EPSS</a>).

func (*Epss) Descriptor deprecated 

func (*Epss) Descriptor() ([]byte, []int)

Deprecated: Use Epss.ProtoReflect.Descriptor instead.

func (*Epss) GetCreatedTime 

func (x *Epss) GetCreatedTime() int64

func (*Epss) GetCreatedTimeDt 

func (x *Epss) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Epss) GetPercentile 

func (x *Epss) GetPercentile() float64

func (*Epss) GetScore 

func (x *Epss) GetScore() string

func (*Epss) GetVersion 

func (x *Epss) GetVersion() string

func (*Epss) ProtoMessage 

func (*Epss) ProtoMessage()

func (*Epss) ProtoReflect 

func (x *Epss) ProtoReflect() protoreflect.Message

func (*Epss) Reset 

func (x *Epss) Reset()

func (*Epss) String 

func (x *Epss) String() string

type Evidences 

type Evidences struct {
	Actor          *Actor                 `protobuf:"bytes,1,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                   `protobuf:"bytes,2,opt,name=api,proto3" json:"api,omitempty"`
	ConnectionInfo *NetworkConnectionInfo `protobuf:"bytes,3,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Container      *Container             `protobuf:"bytes,4,opt,name=container,proto3" json:"container,omitempty"`
	Data           *structpb.Value        `protobuf:"bytes,5,opt,name=data,proto3,oneof" json:"data,omitempty"`
	Database       *Database              `protobuf:"bytes,6,opt,name=database,proto3" json:"database,omitempty"`
	Databucket     *Databucket            `protobuf:"bytes,7,opt,name=databucket,proto3" json:"databucket,omitempty"`
	DstEndpoint    *NetworkEndpoint       `protobuf:"bytes,8,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	File           *File                  `protobuf:"bytes,9,opt,name=file,proto3" json:"file,omitempty"`
	Process        *Process               `protobuf:"bytes,10,opt,name=process,proto3" json:"process,omitempty"`
	Query          *DnsQuery              `protobuf:"bytes,11,opt,name=query,proto3" json:"query,omitempty"`
	SrcEndpoint    *NetworkEndpoint       `protobuf:"bytes,12,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	// contains filtered or unexported fields
}

Evidences is an OSF object defined in ocsf objects/evidences.json

A collection of evidence artifacts associated to the activity/activities that triggered a security detection.

func (*Evidences) Descriptor deprecated 

func (*Evidences) Descriptor() ([]byte, []int)

Deprecated: Use Evidences.ProtoReflect.Descriptor instead.

func (*Evidences) GetActor 

func (x *Evidences) GetActor() *Actor

func (*Evidences) GetApi 

func (x *Evidences) GetApi() *Api

func (*Evidences) GetConnectionInfo 

func (x *Evidences) GetConnectionInfo() *NetworkConnectionInfo

func (*Evidences) GetContainer 

func (x *Evidences) GetContainer() *Container

func (*Evidences) GetData 

func (x *Evidences) GetData() *structpb.Value

func (*Evidences) GetDatabase 

func (x *Evidences) GetDatabase() *Database

func (*Evidences) GetDatabucket 

func (x *Evidences) GetDatabucket() *Databucket

func (*Evidences) GetDstEndpoint 

func (x *Evidences) GetDstEndpoint() *NetworkEndpoint

func (*Evidences) GetFile 

func (x *Evidences) GetFile() *File

func (*Evidences) GetProcess 

func (x *Evidences) GetProcess() *Process

func (*Evidences) GetQuery 

func (x *Evidences) GetQuery() *DnsQuery

func (*Evidences) GetSrcEndpoint 

func (x *Evidences) GetSrcEndpoint() *NetworkEndpoint

func (*Evidences) ProtoMessage 

func (*Evidences) ProtoMessage()

func (*Evidences) ProtoReflect 

func (x *Evidences) ProtoReflect() protoreflect.Message

func (*Evidences) Reset 

func (x *Evidences) Reset()

func (*Evidences) String 

func (x *Evidences) String() string

type Extension 

type Extension struct {
	Name    string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	Uid     string `protobuf:"bytes,2,opt,name=uid,proto3" json:"uid,omitempty"`
	Version string `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Extension is an OSF object defined in ocsf objects/extension.json

The OCSF Schema Extension object provides detailed information about the schema extension used to construct the event. The schema extensions are registered in the <a target='_blank' href='https://github.com/ocsf/ocsf- schema/blob/main/extensions.md'>extensions.md</a> file.

func (*Extension) Descriptor deprecated 

func (*Extension) Descriptor() ([]byte, []int)

Deprecated: Use Extension.ProtoReflect.Descriptor instead.

func (*Extension) GetName 

func (x *Extension) GetName() string

func (*Extension) GetUid 

func (x *Extension) GetUid() string

func (*Extension) GetVersion 

func (x *Extension) GetVersion() string

func (*Extension) ProtoMessage 

func (*Extension) ProtoMessage()

func (*Extension) ProtoReflect 

func (x *Extension) ProtoReflect() protoreflect.Message

func (*Extension) Reset 

func (x *Extension) Reset()

func (*Extension) String 

func (x *Extension) String() string

type Feature 

type Feature struct {
	Name    *string `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Uid     *string `protobuf:"bytes,2,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version *string `protobuf:"bytes,3,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Feature is an OSF object defined in ocsf objects/feature.json

The Feature object provides information about the software product feature that generated a specific event. It encompasses details related to the capabilities, components, user interface (UI) design, and performance upgrades associated with the feature.

func (*Feature) Descriptor deprecated 

func (*Feature) Descriptor() ([]byte, []int)

Deprecated: Use Feature.ProtoReflect.Descriptor instead.

func (*Feature) GetName 

func (x *Feature) GetName() string

func (*Feature) GetUid 

func (x *Feature) GetUid() string

func (*Feature) GetVersion 

func (x *Feature) GetVersion() string

func (*Feature) ProtoMessage 

func (*Feature) ProtoMessage()

func (*Feature) ProtoReflect 

func (x *Feature) ProtoReflect() protoreflect.Message

func (*Feature) Reset 

func (x *Feature) Reset()

func (*Feature) String 

func (x *Feature) String() string

type File 

type File struct {
	AccessedTime       *int64                  `protobuf:"varint,1,opt,name=accessed_time,json=accessedTime,proto3,oneof" json:"accessed_time,omitempty"`
	AccessedTimeDt     *timestamppb.Timestamp  `protobuf:"bytes,2,opt,name=accessed_time_dt,json=accessedTimeDt,proto3,oneof" json:"accessed_time_dt,omitempty"`
	Accessor           *User                   `protobuf:"bytes,3,opt,name=accessor,proto3" json:"accessor,omitempty"`
	Attributes         *int32                  `protobuf:"varint,4,opt,name=attributes,proto3,oneof" json:"attributes,omitempty"`
	CompanyName        *string                 `protobuf:"bytes,5,opt,name=company_name,json=companyName,proto3,oneof" json:"company_name,omitempty"`
	Confidentiality    *string                 `protobuf:"bytes,6,opt,name=confidentiality,proto3,oneof" json:"confidentiality,omitempty"`
	ConfidentialityId  *File_ConfidentialityId `` /* 162-byte string literal not displayed */
	CreatedTime        *int64                  `protobuf:"varint,8,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt      *timestamppb.Timestamp  `protobuf:"bytes,9,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	Creator            *User                   `protobuf:"bytes,10,opt,name=creator,proto3" json:"creator,omitempty"`
	DataClassification *DataClassification     `protobuf:"bytes,11,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	Desc               *string                 `protobuf:"bytes,12,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Hashes             []*Fingerprint          `protobuf:"bytes,13,rep,name=hashes,proto3" json:"hashes,omitempty"`
	IsSystem           *bool                   `protobuf:"varint,14,opt,name=is_system,json=isSystem,proto3,oneof" json:"is_system,omitempty"`
	MimeType           *string                 `protobuf:"bytes,15,opt,name=mime_type,json=mimeType,proto3,oneof" json:"mime_type,omitempty"`
	ModifiedTime       *int64                  `protobuf:"varint,16,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt     *timestamppb.Timestamp  `protobuf:"bytes,17,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	Modifier           *User                   `protobuf:"bytes,18,opt,name=modifier,proto3" json:"modifier,omitempty"`
	Name               string                  `protobuf:"bytes,19,opt,name=name,proto3" json:"name,omitempty"`
	Owner              *User                   `protobuf:"bytes,20,opt,name=owner,proto3" json:"owner,omitempty"`
	ParentFolder       *string                 `protobuf:"bytes,21,opt,name=parent_folder,json=parentFolder,proto3,oneof" json:"parent_folder,omitempty"`
	Path               *string                 `protobuf:"bytes,22,opt,name=path,proto3,oneof" json:"path,omitempty"`
	Product            *Product                `protobuf:"bytes,23,opt,name=product,proto3" json:"product,omitempty"`
	SecurityDescriptor *string                 `protobuf:"bytes,24,opt,name=security_descriptor,json=securityDescriptor,proto3,oneof" json:"security_descriptor,omitempty"`
	Signature          *DigitalSignature       `protobuf:"bytes,25,opt,name=signature,proto3" json:"signature,omitempty"`
	Size               *int64                  `protobuf:"varint,26,opt,name=size,proto3,oneof" json:"size,omitempty"`
	Type               *string                 `protobuf:"bytes,27,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId             File_TypeId             `protobuf:"varint,28,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.File_TypeId" json:"type_id,omitempty"`
	Uid                *string                 `protobuf:"bytes,29,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version            *string                 `protobuf:"bytes,30,opt,name=version,proto3,oneof" json:"version,omitempty"`
	Xattributes        *structpb.Struct        `protobuf:"bytes,31,opt,name=xattributes,proto3" json:"xattributes,omitempty"`
	// contains filtered or unexported fields
}

File is an OSF object defined in ocsf objects/file.json

The File object represents the metadata associated with a file stored in a computer system. It encompasses information about the file itself, including its attributes, properties, and organizational details. Defined by D3FEND <a target='_blank' href='https://next.d3fend.mitre.org/dao/artifact/d3f:File/'>d3f:File</a>.

func (*File) Descriptor deprecated 

func (*File) Descriptor() ([]byte, []int)

Deprecated: Use File.ProtoReflect.Descriptor instead.

func (*File) GetAccessedTime 

func (x *File) GetAccessedTime() int64

func (*File) GetAccessedTimeDt 

func (x *File) GetAccessedTimeDt() *timestamppb.Timestamp

func (*File) GetAccessor 

func (x *File) GetAccessor() *User

func (*File) GetAttributes 

func (x *File) GetAttributes() int32

func (*File) GetCompanyName 

func (x *File) GetCompanyName() string

func (*File) GetConfidentiality 

func (x *File) GetConfidentiality() string

func (*File) GetConfidentialityId 

func (x *File) GetConfidentialityId() File_ConfidentialityId

func (*File) GetCreatedTime 

func (x *File) GetCreatedTime() int64

func (*File) GetCreatedTimeDt 

func (x *File) GetCreatedTimeDt() *timestamppb.Timestamp

func (*File) GetCreator 

func (x *File) GetCreator() *User

func (*File) GetDataClassification 

func (x *File) GetDataClassification() *DataClassification

func (*File) GetDesc 

func (x *File) GetDesc() string

func (*File) GetHashes 

func (x *File) GetHashes() []*Fingerprint

func (*File) GetIsSystem 

func (x *File) GetIsSystem() bool

func (*File) GetMimeType 

func (x *File) GetMimeType() string

func (*File) GetModifiedTime 

func (x *File) GetModifiedTime() int64

func (*File) GetModifiedTimeDt 

func (x *File) GetModifiedTimeDt() *timestamppb.Timestamp

func (*File) GetModifier 

func (x *File) GetModifier() *User

func (*File) GetName 

func (x *File) GetName() string

func (*File) GetOwner 

func (x *File) GetOwner() *User

func (*File) GetParentFolder 

func (x *File) GetParentFolder() string

func (*File) GetPath 

func (x *File) GetPath() string

func (*File) GetProduct 

func (x *File) GetProduct() *Product

func (*File) GetSecurityDescriptor 

func (x *File) GetSecurityDescriptor() string

func (*File) GetSignature 

func (x *File) GetSignature() *DigitalSignature

func (*File) GetSize 

func (x *File) GetSize() int64

func (*File) GetType 

func (x *File) GetType() string

func (*File) GetTypeId 

func (x *File) GetTypeId() File_TypeId

func (*File) GetUid 

func (x *File) GetUid() string

func (*File) GetVersion 

func (x *File) GetVersion() string

func (*File) GetXattributes 

func (x *File) GetXattributes() *structpb.Struct

func (*File) ProtoMessage 

func (*File) ProtoMessage()

func (*File) ProtoReflect 

func (x *File) ProtoReflect() protoreflect.Message

func (*File) Reset 

func (x *File) Reset()

func (*File) String 

func (x *File) String() string

type FileActivity 

type FileActivity struct {
	AccessMask     *int32                      `protobuf:"varint,1,opt,name=access_mask,json=accessMask,proto3,oneof" json:"access_mask,omitempty"`
	Action         *string                     `protobuf:"bytes,2,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       FileActivity_ActionId       `` /* 128-byte string literal not displayed */
	ActivityId     FileActivity_ActivityId     `` /* 136-byte string literal not displayed */
	ActivityName   *string                     `protobuf:"bytes,5,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                      `protobuf:"bytes,6,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                        `protobuf:"bytes,7,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                   `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization            `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                     `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    FileActivity_CategoryUid    `` /* 141-byte string literal not displayed */
	ClassName      *string                     `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       FileActivity_ClassUid       `` /* 129-byte string literal not displayed */
	Cloud          *Cloud                      `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Component      *string                     `protobuf:"bytes,15,opt,name=component,proto3,oneof" json:"component,omitempty"`
	ConnectionUid  *string                     `protobuf:"bytes,16,opt,name=connection_uid,json=connectionUid,proto3,oneof" json:"connection_uid,omitempty"`
	Count          *int32                      `protobuf:"varint,17,opt,name=count,proto3,oneof" json:"count,omitempty"`
	CreateMask     *string                     `protobuf:"bytes,18,opt,name=create_mask,json=createMask,proto3,oneof" json:"create_mask,omitempty"`
	Device         *Device                     `protobuf:"bytes,19,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                     `protobuf:"bytes,20,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *FileActivity_DispositionId `` /* 155-byte string literal not displayed */
	Duration       *int32                      `protobuf:"varint,22,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                      `protobuf:"varint,23,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp      `protobuf:"bytes,24,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment               `protobuf:"bytes,25,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File           *File                       `protobuf:"bytes,26,opt,name=file,proto3" json:"file,omitempty"`
	FileDiff       *string                     `protobuf:"bytes,27,opt,name=file_diff,json=fileDiff,proto3,oneof" json:"file_diff,omitempty"`
	FileResult     *File                       `protobuf:"bytes,28,opt,name=file_result,json=fileResult,proto3" json:"file_result,omitempty"`
	FirewallRule   *FirewallRule               `protobuf:"bytes,29,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                  `protobuf:"bytes,30,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                     `protobuf:"bytes,31,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                   `protobuf:"bytes,32,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable               `protobuf:"bytes,33,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                     `protobuf:"bytes,34,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                     `protobuf:"bytes,35,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     FileActivity_SeverityId     `` /* 137-byte string literal not displayed */
	StartTime      *int64                      `protobuf:"varint,37,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp      `protobuf:"bytes,38,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                     `protobuf:"bytes,39,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                     `protobuf:"bytes,40,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                     `protobuf:"bytes,41,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *FileActivity_StatusId      `` /* 135-byte string literal not displayed */
	Time           int64                       `protobuf:"varint,43,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp      `protobuf:"bytes,44,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                      `protobuf:"varint,45,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                     `protobuf:"bytes,46,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                       `protobuf:"varint,47,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct            `protobuf:"bytes,48,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

FileActivity is an OSF event in category "System Activity" called File System Activity defined in ocsf events/system/filesystem.json

File System Activity events report when a process performs an action on a file or folder.

func (*FileActivity) Descriptor deprecated 

func (*FileActivity) Descriptor() ([]byte, []int)

Deprecated: Use FileActivity.ProtoReflect.Descriptor instead.

func (*FileActivity) GetAccessMask 

func (x *FileActivity) GetAccessMask() int32

func (*FileActivity) GetAction 

func (x *FileActivity) GetAction() string

func (*FileActivity) GetActionId 

func (x *FileActivity) GetActionId() FileActivity_ActionId

func (*FileActivity) GetActivityId 

func (x *FileActivity) GetActivityId() FileActivity_ActivityId

func (*FileActivity) GetActivityName 

func (x *FileActivity) GetActivityName() string

func (*FileActivity) GetActor 

func (x *FileActivity) GetActor() *Actor

func (*FileActivity) GetApi 

func (x *FileActivity) GetApi() *Api

func (*FileActivity) GetAttacks 

func (x *FileActivity) GetAttacks() []*Attack

func (*FileActivity) GetAuthorizations 

func (x *FileActivity) GetAuthorizations() []*Authorization

func (*FileActivity) GetCategoryName 

func (x *FileActivity) GetCategoryName() string

func (*FileActivity) GetCategoryUid 

func (x *FileActivity) GetCategoryUid() FileActivity_CategoryUid

func (*FileActivity) GetClassName 

func (x *FileActivity) GetClassName() string

func (*FileActivity) GetClassUid 

func (x *FileActivity) GetClassUid() FileActivity_ClassUid

func (*FileActivity) GetCloud 

func (x *FileActivity) GetCloud() *Cloud

func (*FileActivity) GetComponent 

func (x *FileActivity) GetComponent() string

func (*FileActivity) GetConnectionUid 

func (x *FileActivity) GetConnectionUid() string

func (*FileActivity) GetCount 

func (x *FileActivity) GetCount() int32

func (*FileActivity) GetCreateMask 

func (x *FileActivity) GetCreateMask() string

func (*FileActivity) GetDevice 

func (x *FileActivity) GetDevice() *Device

func (*FileActivity) GetDisposition 

func (x *FileActivity) GetDisposition() string

func (*FileActivity) GetDispositionId 

func (x *FileActivity) GetDispositionId() FileActivity_DispositionId

func (*FileActivity) GetDuration 

func (x *FileActivity) GetDuration() int32

func (*FileActivity) GetEndTime 

func (x *FileActivity) GetEndTime() int64

func (*FileActivity) GetEndTimeDt 

func (x *FileActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*FileActivity) GetEnrichments 

func (x *FileActivity) GetEnrichments() []*Enrichment

func (*FileActivity) GetFile 

func (x *FileActivity) GetFile() *File

func (*FileActivity) GetFileDiff 

func (x *FileActivity) GetFileDiff() string

func (*FileActivity) GetFileResult 

func (x *FileActivity) GetFileResult() *File

func (*FileActivity) GetFirewallRule 

func (x *FileActivity) GetFirewallRule() *FirewallRule

func (*FileActivity) GetMalware 

func (x *FileActivity) GetMalware() []*Malware

func (*FileActivity) GetMessage 

func (x *FileActivity) GetMessage() string

func (*FileActivity) GetMetadata 

func (x *FileActivity) GetMetadata() *Metadata

func (*FileActivity) GetObservables 

func (x *FileActivity) GetObservables() []*Observable

func (*FileActivity) GetRawData 

func (x *FileActivity) GetRawData() string

func (*FileActivity) GetSeverity 

func (x *FileActivity) GetSeverity() string

func (*FileActivity) GetSeverityId 

func (x *FileActivity) GetSeverityId() FileActivity_SeverityId

func (*FileActivity) GetStartTime 

func (x *FileActivity) GetStartTime() int64

func (*FileActivity) GetStartTimeDt 

func (x *FileActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*FileActivity) GetStatus 

func (x *FileActivity) GetStatus() string

func (*FileActivity) GetStatusCode 

func (x *FileActivity) GetStatusCode() string

func (*FileActivity) GetStatusDetail 

func (x *FileActivity) GetStatusDetail() string

func (*FileActivity) GetStatusId 

func (x *FileActivity) GetStatusId() FileActivity_StatusId

func (*FileActivity) GetTime 

func (x *FileActivity) GetTime() int64

func (*FileActivity) GetTimeDt 

func (x *FileActivity) GetTimeDt() *timestamppb.Timestamp

func (*FileActivity) GetTimezoneOffset 

func (x *FileActivity) GetTimezoneOffset() int32

func (*FileActivity) GetTypeName 

func (x *FileActivity) GetTypeName() string

func (*FileActivity) GetTypeUid 

func (x *FileActivity) GetTypeUid() int64

func (*FileActivity) GetUnmapped 

func (x *FileActivity) GetUnmapped() *structpb.Struct

func (*FileActivity) ProtoMessage 

func (*FileActivity) ProtoMessage()

func (*FileActivity) ProtoReflect 

func (x *FileActivity) ProtoReflect() protoreflect.Message

func (*FileActivity) Reset 

func (x *FileActivity) Reset()

func (*FileActivity) String 

func (x *FileActivity) String() string

type FileActivity_ActionId 

type FileActivity_ActionId int32
const (
	FileActivity_ACTION_ID_UNKNOWN FileActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	FileActivity_ACTION_ID_ALLOWED FileActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	FileActivity_ACTION_ID_DENIED FileActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	FileActivity_ACTION_ID_OTHER FileActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (FileActivity_ActionId) Descriptor 

func (FileActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (FileActivity_ActionId) Enum 

func (x FileActivity_ActionId) Enum() *FileActivity_ActionId

func (FileActivity_ActionId) EnumDescriptor deprecated 

func (FileActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileActivity_ActionId.Descriptor instead.

func (FileActivity_ActionId) Number 

func (x FileActivity_ActionId) Number() protoreflect.EnumNumber

func (FileActivity_ActionId) String 

func (x FileActivity_ActionId) String() string

func (FileActivity_ActionId) Type 

func (FileActivity_ActionId) Type() protoreflect.EnumType

type FileActivity_ActivityId 

type FileActivity_ActivityId int32
const (
	FileActivity_ACTIVITY_ID_UNKNOWN FileActivity_ActivityId = 0
	FileActivity_ACTIVITY_ID_CREATE  FileActivity_ActivityId = 1 // A request to create a new file on a file
	// system.
	FileActivity_ACTIVITY_ID_READ FileActivity_ActivityId = 2 // A request to read data from a file on a file
	// system.
	FileActivity_ACTIVITY_ID_UPDATE FileActivity_ActivityId = 3 // A request to write data to a file on a file
	// system.
	FileActivity_ACTIVITY_ID_DELETE         FileActivity_ActivityId = 4 // A request to delete a file on a file system.
	FileActivity_ACTIVITY_ID_RENAME         FileActivity_ActivityId = 5 // A request to rename a file on a file system.
	FileActivity_ACTIVITY_ID_SET_ATTRIBUTES FileActivity_ActivityId = 6 // A request to set attributes for a file on a
	// file system.
	FileActivity_ACTIVITY_ID_SET_SECURITY FileActivity_ActivityId = 7 // A request to set security for a file on a file
	// system.
	FileActivity_ACTIVITY_ID_GET_ATTRIBUTES FileActivity_ActivityId = 8 // A request to get attributes for a file on a
	// file system.
	FileActivity_ACTIVITY_ID_GET_SECURITY FileActivity_ActivityId = 9 // A request to get security for a file on a file
	// system.
	FileActivity_ACTIVITY_ID_ENCRYPT FileActivity_ActivityId = 10 // A request to encrypt a file on a file system.
	FileActivity_ACTIVITY_ID_DECRYPT FileActivity_ActivityId = 11 // A request to decrypt a file on a file system.
	FileActivity_ACTIVITY_ID_MOUNT   FileActivity_ActivityId = 12 // A request to mount a file on a file system.
	FileActivity_ACTIVITY_ID_UNMOUNT FileActivity_ActivityId = 13 // A request to unmount a file from a file
	// system.
	FileActivity_ACTIVITY_ID_OPEN  FileActivity_ActivityId = 14 // A request to create a file handle.
	FileActivity_ACTIVITY_ID_OTHER FileActivity_ActivityId = 99
)

func (FileActivity_ActivityId) Descriptor 

func (FileActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (FileActivity_ActivityId) Enum 

func (x FileActivity_ActivityId) Enum() *FileActivity_ActivityId

func (FileActivity_ActivityId) EnumDescriptor deprecated 

func (FileActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileActivity_ActivityId.Descriptor instead.

func (FileActivity_ActivityId) Number 

func (x FileActivity_ActivityId) Number() protoreflect.EnumNumber

func (FileActivity_ActivityId) String 

func (x FileActivity_ActivityId) String() string

func (FileActivity_ActivityId) Type 

func (FileActivity_ActivityId) Type() protoreflect.EnumType

type FileActivity_CategoryUid 

type FileActivity_CategoryUid int32
const (
	FileActivity_CATEGORY_UID_UNKNOWN         FileActivity_CategoryUid = 0
	FileActivity_CATEGORY_UID_SYSTEM_ACTIVITY FileActivity_CategoryUid = 1
)

func (FileActivity_CategoryUid) Descriptor 

func (FileActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (FileActivity_CategoryUid) Enum 

func (x FileActivity_CategoryUid) Enum() *FileActivity_CategoryUid

func (FileActivity_CategoryUid) EnumDescriptor deprecated 

func (FileActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileActivity_CategoryUid.Descriptor instead.

func (FileActivity_CategoryUid) Number 

func (x FileActivity_CategoryUid) Number() protoreflect.EnumNumber

func (FileActivity_CategoryUid) String 

func (x FileActivity_CategoryUid) String() string

func (FileActivity_CategoryUid) Type 

func (FileActivity_CategoryUid) Type() protoreflect.EnumType

type FileActivity_ClassUid 

type FileActivity_ClassUid int32
const (
	FileActivity_CLASS_UID_UNKNOWN              FileActivity_ClassUid = 0
	FileActivity_CLASS_UID_FILE_SYSTEM_ACTIVITY FileActivity_ClassUid = 1001
)

func (FileActivity_ClassUid) Descriptor 

func (FileActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (FileActivity_ClassUid) Enum 

func (x FileActivity_ClassUid) Enum() *FileActivity_ClassUid

func (FileActivity_ClassUid) EnumDescriptor deprecated 

func (FileActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileActivity_ClassUid.Descriptor instead.

func (FileActivity_ClassUid) Number 

func (x FileActivity_ClassUid) Number() protoreflect.EnumNumber

func (FileActivity_ClassUid) String 

func (x FileActivity_ClassUid) String() string

func (FileActivity_ClassUid) Type 

func (FileActivity_ClassUid) Type() protoreflect.EnumType

type FileActivity_DispositionId 

type FileActivity_DispositionId int32
const (
	FileActivity_DISPOSITION_ID_UNKNOWN FileActivity_DispositionId = 0 // The disposition was not known.
	FileActivity_DISPOSITION_ID_ALLOWED FileActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	FileActivity_DISPOSITION_ID_BLOCKED FileActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	FileActivity_DISPOSITION_ID_QUARANTINED FileActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	FileActivity_DISPOSITION_ID_ISOLATED FileActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	FileActivity_DISPOSITION_ID_DELETED FileActivity_DispositionId = 5 // A file or other content was deleted.
	FileActivity_DISPOSITION_ID_DROPPED FileActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	FileActivity_DISPOSITION_ID_CUSTOM_ACTION FileActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	FileActivity_DISPOSITION_ID_APPROVED FileActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	FileActivity_DISPOSITION_ID_RESTORED FileActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	FileActivity_DISPOSITION_ID_EXONERATED FileActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	FileActivity_DISPOSITION_ID_CORRECTED FileActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	FileActivity_DISPOSITION_ID_PARTIALLY_CORRECTED FileActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	FileActivity_DISPOSITION_ID_UNCORRECTED FileActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	FileActivity_DISPOSITION_ID_DELAYED FileActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	FileActivity_DISPOSITION_ID_DETECTED FileActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	FileActivity_DISPOSITION_ID_NO_ACTION FileActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	FileActivity_DISPOSITION_ID_LOGGED FileActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	FileActivity_DISPOSITION_ID_TAGGED FileActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	FileActivity_DISPOSITION_ID_ALERT FileActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	FileActivity_DISPOSITION_ID_COUNT FileActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	FileActivity_DISPOSITION_ID_RESET FileActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	FileActivity_DISPOSITION_ID_CAPTCHA FileActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	FileActivity_DISPOSITION_ID_CHALLENGE FileActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	FileActivity_DISPOSITION_ID_ACCESS_REVOKED FileActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	FileActivity_DISPOSITION_ID_REJECTED FileActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	FileActivity_DISPOSITION_ID_UNAUTHORIZED FileActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	FileActivity_DISPOSITION_ID_ERROR FileActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	FileActivity_DISPOSITION_ID_OTHER FileActivity_DispositionId = 99 // The disposition is not listed. The
)

func (FileActivity_DispositionId) Descriptor 

func (FileActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (FileActivity_DispositionId) Enum 

func (x FileActivity_DispositionId) Enum() *FileActivity_DispositionId

func (FileActivity_DispositionId) EnumDescriptor deprecated 

func (FileActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileActivity_DispositionId.Descriptor instead.

func (FileActivity_DispositionId) Number 

func (x FileActivity_DispositionId) Number() protoreflect.EnumNumber

func (FileActivity_DispositionId) String 

func (x FileActivity_DispositionId) String() string

func (FileActivity_DispositionId) Type 

func (FileActivity_DispositionId) Type() protoreflect.EnumType

type FileActivity_SeverityId 

type FileActivity_SeverityId int32
const (
	FileActivity_SEVERITY_ID_UNKNOWN       FileActivity_SeverityId = 0 // The event/finding severity is unknown.
	FileActivity_SEVERITY_ID_INFORMATIONAL FileActivity_SeverityId = 1 // Informational message. No action required.
	FileActivity_SEVERITY_ID_LOW           FileActivity_SeverityId = 2 // The user decides if action is needed.
	FileActivity_SEVERITY_ID_MEDIUM        FileActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	FileActivity_SEVERITY_ID_HIGH     FileActivity_SeverityId = 4 // Action is required immediately.
	FileActivity_SEVERITY_ID_CRITICAL FileActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	FileActivity_SEVERITY_ID_FATAL FileActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	FileActivity_SEVERITY_ID_OTHER FileActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (FileActivity_SeverityId) Descriptor 

func (FileActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (FileActivity_SeverityId) Enum 

func (x FileActivity_SeverityId) Enum() *FileActivity_SeverityId

func (FileActivity_SeverityId) EnumDescriptor deprecated 

func (FileActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileActivity_SeverityId.Descriptor instead.

func (FileActivity_SeverityId) Number 

func (x FileActivity_SeverityId) Number() protoreflect.EnumNumber

func (FileActivity_SeverityId) String 

func (x FileActivity_SeverityId) String() string

func (FileActivity_SeverityId) Type 

func (FileActivity_SeverityId) Type() protoreflect.EnumType

type FileActivity_StatusId 

type FileActivity_StatusId int32
const (
	FileActivity_STATUS_ID_UNKNOWN FileActivity_StatusId = 0 // The status is unknown.
	FileActivity_STATUS_ID_SUCCESS FileActivity_StatusId = 1
	FileActivity_STATUS_ID_FAILURE FileActivity_StatusId = 2
	FileActivity_STATUS_ID_OTHER   FileActivity_StatusId = 99 // The event status is not mapped. See the
)

func (FileActivity_StatusId) Descriptor 

func (FileActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (FileActivity_StatusId) Enum 

func (x FileActivity_StatusId) Enum() *FileActivity_StatusId

func (FileActivity_StatusId) EnumDescriptor deprecated 

func (FileActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileActivity_StatusId.Descriptor instead.

func (FileActivity_StatusId) Number 

func (x FileActivity_StatusId) Number() protoreflect.EnumNumber

func (FileActivity_StatusId) String 

func (x FileActivity_StatusId) String() string

func (FileActivity_StatusId) Type 

func (FileActivity_StatusId) Type() protoreflect.EnumType

type FileHosting 

type FileHosting struct {
	ActivityId       FileHosting_ActivityId  `` /* 135-byte string literal not displayed */
	ActivityName     *string                 `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor            *Actor                  `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api              *Api                    `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName     *string                 `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid      FileHosting_CategoryUid `` /* 139-byte string literal not displayed */
	ClassName        *string                 `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid         FileHosting_ClassUid    `` /* 127-byte string literal not displayed */
	Cloud            *Cloud                  `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo   *NetworkConnectionInfo  `protobuf:"bytes,10,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count            *int32                  `protobuf:"varint,11,opt,name=count,proto3,oneof" json:"count,omitempty"`
	DstEndpoint      *NetworkEndpoint        `protobuf:"bytes,12,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration         *int32                  `protobuf:"varint,13,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime          *int64                  `protobuf:"varint,14,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt        *timestamppb.Timestamp  `protobuf:"bytes,15,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments      []*Enrichment           `protobuf:"bytes,16,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	ExpirationTime   *int64                  `protobuf:"varint,17,opt,name=expiration_time,json=expirationTime,proto3,oneof" json:"expiration_time,omitempty"`
	ExpirationTimeDt *timestamppb.Timestamp  `protobuf:"bytes,18,opt,name=expiration_time_dt,json=expirationTimeDt,proto3,oneof" json:"expiration_time_dt,omitempty"`
	File             *File                   `protobuf:"bytes,19,opt,name=file,proto3" json:"file,omitempty"`
	Message          *string                 `protobuf:"bytes,20,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata         *Metadata               `protobuf:"bytes,21,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables      []*Observable           `protobuf:"bytes,22,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData          *string                 `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity         *string                 `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId       FileHosting_SeverityId  `` /* 136-byte string literal not displayed */
	SrcEndpoint      *NetworkEndpoint        `protobuf:"bytes,26,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime        *int64                  `protobuf:"varint,27,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt      *timestamppb.Timestamp  `protobuf:"bytes,28,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status           *string                 `protobuf:"bytes,29,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode       *string                 `protobuf:"bytes,30,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail     *string                 `protobuf:"bytes,31,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId         *FileHosting_StatusId   `` /* 134-byte string literal not displayed */
	Time             int64                   `protobuf:"varint,33,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt           *timestamppb.Timestamp  `protobuf:"bytes,34,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset   *int32                  `protobuf:"varint,35,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName         *string                 `protobuf:"bytes,36,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid          int64                   `protobuf:"varint,37,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped         *structpb.Struct        `protobuf:"bytes,38,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

FileHosting is an OSF event in category "Application Activity" called File Hosting Activity defined in ocsf events/application/file_hosting.json

File Hosting Activity events report the actions taken by file management applications, including file sharing servers like Sharepoint and services such as Box, MS OneDrive, or Google Drive.

func (*FileHosting) Descriptor deprecated 

func (*FileHosting) Descriptor() ([]byte, []int)

Deprecated: Use FileHosting.ProtoReflect.Descriptor instead.

func (*FileHosting) GetActivityId 

func (x *FileHosting) GetActivityId() FileHosting_ActivityId

func (*FileHosting) GetActivityName 

func (x *FileHosting) GetActivityName() string

func (*FileHosting) GetActor 

func (x *FileHosting) GetActor() *Actor

func (*FileHosting) GetApi 

func (x *FileHosting) GetApi() *Api

func (*FileHosting) GetCategoryName 

func (x *FileHosting) GetCategoryName() string

func (*FileHosting) GetCategoryUid 

func (x *FileHosting) GetCategoryUid() FileHosting_CategoryUid

func (*FileHosting) GetClassName 

func (x *FileHosting) GetClassName() string

func (*FileHosting) GetClassUid 

func (x *FileHosting) GetClassUid() FileHosting_ClassUid

func (*FileHosting) GetCloud 

func (x *FileHosting) GetCloud() *Cloud

func (*FileHosting) GetConnectionInfo 

func (x *FileHosting) GetConnectionInfo() *NetworkConnectionInfo

func (*FileHosting) GetCount 

func (x *FileHosting) GetCount() int32

func (*FileHosting) GetDstEndpoint 

func (x *FileHosting) GetDstEndpoint() *NetworkEndpoint

func (*FileHosting) GetDuration 

func (x *FileHosting) GetDuration() int32

func (*FileHosting) GetEndTime 

func (x *FileHosting) GetEndTime() int64

func (*FileHosting) GetEndTimeDt 

func (x *FileHosting) GetEndTimeDt() *timestamppb.Timestamp

func (*FileHosting) GetEnrichments 

func (x *FileHosting) GetEnrichments() []*Enrichment

func (*FileHosting) GetExpirationTime 

func (x *FileHosting) GetExpirationTime() int64

func (*FileHosting) GetExpirationTimeDt 

func (x *FileHosting) GetExpirationTimeDt() *timestamppb.Timestamp

func (*FileHosting) GetFile 

func (x *FileHosting) GetFile() *File

func (*FileHosting) GetMessage 

func (x *FileHosting) GetMessage() string

func (*FileHosting) GetMetadata 

func (x *FileHosting) GetMetadata() *Metadata

func (*FileHosting) GetObservables 

func (x *FileHosting) GetObservables() []*Observable

func (*FileHosting) GetRawData 

func (x *FileHosting) GetRawData() string

func (*FileHosting) GetSeverity 

func (x *FileHosting) GetSeverity() string

func (*FileHosting) GetSeverityId 

func (x *FileHosting) GetSeverityId() FileHosting_SeverityId

func (*FileHosting) GetSrcEndpoint 

func (x *FileHosting) GetSrcEndpoint() *NetworkEndpoint

func (*FileHosting) GetStartTime 

func (x *FileHosting) GetStartTime() int64

func (*FileHosting) GetStartTimeDt 

func (x *FileHosting) GetStartTimeDt() *timestamppb.Timestamp

func (*FileHosting) GetStatus 

func (x *FileHosting) GetStatus() string

func (*FileHosting) GetStatusCode 

func (x *FileHosting) GetStatusCode() string

func (*FileHosting) GetStatusDetail 

func (x *FileHosting) GetStatusDetail() string

func (*FileHosting) GetStatusId 

func (x *FileHosting) GetStatusId() FileHosting_StatusId

func (*FileHosting) GetTime 

func (x *FileHosting) GetTime() int64

func (*FileHosting) GetTimeDt 

func (x *FileHosting) GetTimeDt() *timestamppb.Timestamp

func (*FileHosting) GetTimezoneOffset 

func (x *FileHosting) GetTimezoneOffset() int32

func (*FileHosting) GetTypeName 

func (x *FileHosting) GetTypeName() string

func (*FileHosting) GetTypeUid 

func (x *FileHosting) GetTypeUid() int64

func (*FileHosting) GetUnmapped 

func (x *FileHosting) GetUnmapped() *structpb.Struct

func (*FileHosting) ProtoMessage 

func (*FileHosting) ProtoMessage()

func (*FileHosting) ProtoReflect 

func (x *FileHosting) ProtoReflect() protoreflect.Message

func (*FileHosting) Reset 

func (x *FileHosting) Reset()

func (*FileHosting) String 

func (x *FileHosting) String() string

type FileHosting_ActivityId 

type FileHosting_ActivityId int32
const (
	FileHosting_ACTIVITY_ID_UNKNOWN  FileHosting_ActivityId = 0
	FileHosting_ACTIVITY_ID_UPLOAD   FileHosting_ActivityId = 1  // Upload a file.
	FileHosting_ACTIVITY_ID_DOWNLOAD FileHosting_ActivityId = 2  // Download a file.
	FileHosting_ACTIVITY_ID_UPDATE   FileHosting_ActivityId = 3  // Update a file.
	FileHosting_ACTIVITY_ID_DELETE   FileHosting_ActivityId = 4  // Delete a file.
	FileHosting_ACTIVITY_ID_RENAME   FileHosting_ActivityId = 5  // Rename a file.
	FileHosting_ACTIVITY_ID_COPY     FileHosting_ActivityId = 6  // Copy a file.
	FileHosting_ACTIVITY_ID_MOVE     FileHosting_ActivityId = 7  // Move a file.
	FileHosting_ACTIVITY_ID_RESTORE  FileHosting_ActivityId = 8  // Restore a file.
	FileHosting_ACTIVITY_ID_PREVIEW  FileHosting_ActivityId = 9  // Preview a file.
	FileHosting_ACTIVITY_ID_LOCK     FileHosting_ActivityId = 10 // Lock a file.
	FileHosting_ACTIVITY_ID_UNLOCK   FileHosting_ActivityId = 11 // Unlock a file.
	FileHosting_ACTIVITY_ID_SHARE    FileHosting_ActivityId = 12 // Share a file.
	FileHosting_ACTIVITY_ID_UNSHARE  FileHosting_ActivityId = 13 // Unshare a file.
	FileHosting_ACTIVITY_ID_OPEN     FileHosting_ActivityId = 14 // Open a file.
	FileHosting_ACTIVITY_ID_SYNC     FileHosting_ActivityId = 15 // Mark a file or folder to sync with a computer.
	FileHosting_ACTIVITY_ID_UNSYNC   FileHosting_ActivityId = 16 // Mark a file or folder to not sync with a computer.
	FileHosting_ACTIVITY_ID_OTHER    FileHosting_ActivityId = 99
)

func (FileHosting_ActivityId) Descriptor 

func (FileHosting_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (FileHosting_ActivityId) Enum 

func (x FileHosting_ActivityId) Enum() *FileHosting_ActivityId

func (FileHosting_ActivityId) EnumDescriptor deprecated 

func (FileHosting_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileHosting_ActivityId.Descriptor instead.

func (FileHosting_ActivityId) Number 

func (x FileHosting_ActivityId) Number() protoreflect.EnumNumber

func (FileHosting_ActivityId) String 

func (x FileHosting_ActivityId) String() string

func (FileHosting_ActivityId) Type 

func (FileHosting_ActivityId) Type() protoreflect.EnumType

type FileHosting_CategoryUid 

type FileHosting_CategoryUid int32
const (
	FileHosting_CATEGORY_UID_UNKNOWN              FileHosting_CategoryUid = 0
	FileHosting_CATEGORY_UID_APPLICATION_ACTIVITY FileHosting_CategoryUid = 6
)

func (FileHosting_CategoryUid) Descriptor 

func (FileHosting_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (FileHosting_CategoryUid) Enum 

func (x FileHosting_CategoryUid) Enum() *FileHosting_CategoryUid

func (FileHosting_CategoryUid) EnumDescriptor deprecated 

func (FileHosting_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileHosting_CategoryUid.Descriptor instead.

func (FileHosting_CategoryUid) Number 

func (x FileHosting_CategoryUid) Number() protoreflect.EnumNumber

func (FileHosting_CategoryUid) String 

func (x FileHosting_CategoryUid) String() string

func (FileHosting_CategoryUid) Type 

func (FileHosting_CategoryUid) Type() protoreflect.EnumType

type FileHosting_ClassUid 

type FileHosting_ClassUid int32
const (
	FileHosting_CLASS_UID_UNKNOWN               FileHosting_ClassUid = 0
	FileHosting_CLASS_UID_FILE_HOSTING_ACTIVITY FileHosting_ClassUid = 6006
)

func (FileHosting_ClassUid) Descriptor 

func (FileHosting_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (FileHosting_ClassUid) Enum 

func (x FileHosting_ClassUid) Enum() *FileHosting_ClassUid

func (FileHosting_ClassUid) EnumDescriptor deprecated 

func (FileHosting_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileHosting_ClassUid.Descriptor instead.

func (FileHosting_ClassUid) Number 

func (x FileHosting_ClassUid) Number() protoreflect.EnumNumber

func (FileHosting_ClassUid) String 

func (x FileHosting_ClassUid) String() string

func (FileHosting_ClassUid) Type 

func (FileHosting_ClassUid) Type() protoreflect.EnumType

type FileHosting_SeverityId 

type FileHosting_SeverityId int32
const (
	FileHosting_SEVERITY_ID_UNKNOWN       FileHosting_SeverityId = 0 // The event/finding severity is unknown.
	FileHosting_SEVERITY_ID_INFORMATIONAL FileHosting_SeverityId = 1 // Informational message. No action required.
	FileHosting_SEVERITY_ID_LOW           FileHosting_SeverityId = 2 // The user decides if action is needed.
	FileHosting_SEVERITY_ID_MEDIUM        FileHosting_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	FileHosting_SEVERITY_ID_HIGH     FileHosting_SeverityId = 4 // Action is required immediately.
	FileHosting_SEVERITY_ID_CRITICAL FileHosting_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	FileHosting_SEVERITY_ID_FATAL FileHosting_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	FileHosting_SEVERITY_ID_OTHER FileHosting_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (FileHosting_SeverityId) Descriptor 

func (FileHosting_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (FileHosting_SeverityId) Enum 

func (x FileHosting_SeverityId) Enum() *FileHosting_SeverityId

func (FileHosting_SeverityId) EnumDescriptor deprecated 

func (FileHosting_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileHosting_SeverityId.Descriptor instead.

func (FileHosting_SeverityId) Number 

func (x FileHosting_SeverityId) Number() protoreflect.EnumNumber

func (FileHosting_SeverityId) String 

func (x FileHosting_SeverityId) String() string

func (FileHosting_SeverityId) Type 

func (FileHosting_SeverityId) Type() protoreflect.EnumType

type FileHosting_StatusId 

type FileHosting_StatusId int32
const (
	FileHosting_STATUS_ID_UNKNOWN FileHosting_StatusId = 0 // The status is unknown.
	FileHosting_STATUS_ID_SUCCESS FileHosting_StatusId = 1
	FileHosting_STATUS_ID_FAILURE FileHosting_StatusId = 2
	FileHosting_STATUS_ID_OTHER   FileHosting_StatusId = 99 // The event status is not mapped. See the
)

func (FileHosting_StatusId) Descriptor 

func (FileHosting_StatusId) Descriptor() protoreflect.EnumDescriptor

func (FileHosting_StatusId) Enum 

func (x FileHosting_StatusId) Enum() *FileHosting_StatusId

func (FileHosting_StatusId) EnumDescriptor deprecated 

func (FileHosting_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileHosting_StatusId.Descriptor instead.

func (FileHosting_StatusId) Number 

func (x FileHosting_StatusId) Number() protoreflect.EnumNumber

func (FileHosting_StatusId) String 

func (x FileHosting_StatusId) String() string

func (FileHosting_StatusId) Type 

func (FileHosting_StatusId) Type() protoreflect.EnumType

type FileQuery 

type FileQuery struct {
	ActivityId     FileQuery_ActivityId    `` /* 133-byte string literal not displayed */
	ActivityName   *string                 `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                  `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                    `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                 `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    FileQuery_CategoryUid   `` /* 137-byte string literal not displayed */
	ClassName      *string                 `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       FileQuery_ClassUid      `protobuf:"varint,8,opt,name=class_uid,json=classUid,proto3,enum=ocsf_schema.v1.FileQuery_ClassUid" json:"class_uid,omitempty"`
	Cloud          *Cloud                  `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                  `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                 `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                  `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                  `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp  `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment           `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File           *File                   `protobuf:"bytes,16,opt,name=file,proto3" json:"file,omitempty"`
	Message        *string                 `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata               `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable           `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo              `protobuf:"bytes,20,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                 `protobuf:"bytes,21,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  FileQuery_QueryResultId `` /* 148-byte string literal not displayed */
	RawData        *string                 `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                 `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     FileQuery_SeverityId    `` /* 134-byte string literal not displayed */
	StartTime      *int64                  `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp  `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                 `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                 `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                 `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *FileQuery_StatusId     `` /* 132-byte string literal not displayed */
	Time           int64                   `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp  `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                  `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                 `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                   `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct        `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

FileQuery is an OSF event in category "Discovery" called File Query defined in ocsf events/discovery/file_query.json

File Query events report information about files that are present on the system.

func (*FileQuery) Descriptor deprecated 

func (*FileQuery) Descriptor() ([]byte, []int)

Deprecated: Use FileQuery.ProtoReflect.Descriptor instead.

func (*FileQuery) GetActivityId 

func (x *FileQuery) GetActivityId() FileQuery_ActivityId

func (*FileQuery) GetActivityName 

func (x *FileQuery) GetActivityName() string

func (*FileQuery) GetActor 

func (x *FileQuery) GetActor() *Actor

func (*FileQuery) GetApi 

func (x *FileQuery) GetApi() *Api

func (*FileQuery) GetCategoryName 

func (x *FileQuery) GetCategoryName() string

func (*FileQuery) GetCategoryUid 

func (x *FileQuery) GetCategoryUid() FileQuery_CategoryUid

func (*FileQuery) GetClassName 

func (x *FileQuery) GetClassName() string

func (*FileQuery) GetClassUid 

func (x *FileQuery) GetClassUid() FileQuery_ClassUid

func (*FileQuery) GetCloud 

func (x *FileQuery) GetCloud() *Cloud

func (*FileQuery) GetCount 

func (x *FileQuery) GetCount() int32

func (*FileQuery) GetDevice 

func (x *FileQuery) GetDevice() *Device

func (*FileQuery) GetDuration 

func (x *FileQuery) GetDuration() int32

func (*FileQuery) GetEndTime 

func (x *FileQuery) GetEndTime() int64

func (*FileQuery) GetEndTimeDt 

func (x *FileQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*FileQuery) GetEnrichments 

func (x *FileQuery) GetEnrichments() []*Enrichment

func (*FileQuery) GetFile 

func (x *FileQuery) GetFile() *File

func (*FileQuery) GetMessage 

func (x *FileQuery) GetMessage() string

func (*FileQuery) GetMetadata 

func (x *FileQuery) GetMetadata() *Metadata

func (*FileQuery) GetObservables 

func (x *FileQuery) GetObservables() []*Observable

func (*FileQuery) GetQueryInfo 

func (x *FileQuery) GetQueryInfo() *QueryInfo

func (*FileQuery) GetQueryResult 

func (x *FileQuery) GetQueryResult() string

func (*FileQuery) GetQueryResultId 

func (x *FileQuery) GetQueryResultId() FileQuery_QueryResultId

func (*FileQuery) GetRawData 

func (x *FileQuery) GetRawData() string

func (*FileQuery) GetSeverity 

func (x *FileQuery) GetSeverity() string

func (*FileQuery) GetSeverityId 

func (x *FileQuery) GetSeverityId() FileQuery_SeverityId

func (*FileQuery) GetStartTime 

func (x *FileQuery) GetStartTime() int64

func (*FileQuery) GetStartTimeDt 

func (x *FileQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*FileQuery) GetStatus 

func (x *FileQuery) GetStatus() string

func (*FileQuery) GetStatusCode 

func (x *FileQuery) GetStatusCode() string

func (*FileQuery) GetStatusDetail 

func (x *FileQuery) GetStatusDetail() string

func (*FileQuery) GetStatusId 

func (x *FileQuery) GetStatusId() FileQuery_StatusId

func (*FileQuery) GetTime 

func (x *FileQuery) GetTime() int64

func (*FileQuery) GetTimeDt 

func (x *FileQuery) GetTimeDt() *timestamppb.Timestamp

func (*FileQuery) GetTimezoneOffset 

func (x *FileQuery) GetTimezoneOffset() int32

func (*FileQuery) GetTypeName 

func (x *FileQuery) GetTypeName() string

func (*FileQuery) GetTypeUid 

func (x *FileQuery) GetTypeUid() int64

func (*FileQuery) GetUnmapped 

func (x *FileQuery) GetUnmapped() *structpb.Struct

func (*FileQuery) ProtoMessage 

func (*FileQuery) ProtoMessage()

func (*FileQuery) ProtoReflect 

func (x *FileQuery) ProtoReflect() protoreflect.Message

func (*FileQuery) Reset 

func (x *FileQuery) Reset()

func (*FileQuery) String 

func (x *FileQuery) String() string

type FileQuery_ActivityId 

type FileQuery_ActivityId int32
const (
	FileQuery_ACTIVITY_ID_UNKNOWN FileQuery_ActivityId = 0
	FileQuery_ACTIVITY_ID_QUERY   FileQuery_ActivityId = 1 // The discovered results are via a query request.
	FileQuery_ACTIVITY_ID_OTHER   FileQuery_ActivityId = 99
)

func (FileQuery_ActivityId) Descriptor 

func (FileQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (FileQuery_ActivityId) Enum 

func (x FileQuery_ActivityId) Enum() *FileQuery_ActivityId

func (FileQuery_ActivityId) EnumDescriptor deprecated 

func (FileQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileQuery_ActivityId.Descriptor instead.

func (FileQuery_ActivityId) Number 

func (x FileQuery_ActivityId) Number() protoreflect.EnumNumber

func (FileQuery_ActivityId) String 

func (x FileQuery_ActivityId) String() string

func (FileQuery_ActivityId) Type 

func (FileQuery_ActivityId) Type() protoreflect.EnumType

type FileQuery_CategoryUid 

type FileQuery_CategoryUid int32
const (
	FileQuery_CATEGORY_UID_UNKNOWN   FileQuery_CategoryUid = 0
	FileQuery_CATEGORY_UID_DISCOVERY FileQuery_CategoryUid = 5
)

func (FileQuery_CategoryUid) Descriptor 

func (FileQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (FileQuery_CategoryUid) Enum 

func (x FileQuery_CategoryUid) Enum() *FileQuery_CategoryUid

func (FileQuery_CategoryUid) EnumDescriptor deprecated 

func (FileQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileQuery_CategoryUid.Descriptor instead.

func (FileQuery_CategoryUid) Number 

func (x FileQuery_CategoryUid) Number() protoreflect.EnumNumber

func (FileQuery_CategoryUid) String 

func (x FileQuery_CategoryUid) String() string

func (FileQuery_CategoryUid) Type 

func (FileQuery_CategoryUid) Type() protoreflect.EnumType

type FileQuery_ClassUid 

type FileQuery_ClassUid int32
const (
	FileQuery_CLASS_UID_UNKNOWN    FileQuery_ClassUid = 0
	FileQuery_CLASS_UID_FILE_QUERY FileQuery_ClassUid = 5007
)

func (FileQuery_ClassUid) Descriptor 

func (FileQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (FileQuery_ClassUid) Enum 

func (x FileQuery_ClassUid) Enum() *FileQuery_ClassUid

func (FileQuery_ClassUid) EnumDescriptor deprecated 

func (FileQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileQuery_ClassUid.Descriptor instead.

func (FileQuery_ClassUid) Number 

func (x FileQuery_ClassUid) Number() protoreflect.EnumNumber

func (FileQuery_ClassUid) String 

func (x FileQuery_ClassUid) String() string

func (FileQuery_ClassUid) Type 

func (FileQuery_ClassUid) Type() protoreflect.EnumType

type FileQuery_QueryResultId 

type FileQuery_QueryResultId int32
const (
	FileQuery_QUERY_RESULT_ID_UNKNOWN        FileQuery_QueryResultId = 0  // The query result is unknown.
	FileQuery_QUERY_RESULT_ID_EXISTS         FileQuery_QueryResultId = 1  // The target was found.
	FileQuery_QUERY_RESULT_ID_PARTIAL        FileQuery_QueryResultId = 2  // The target was partially found.
	FileQuery_QUERY_RESULT_ID_DOES_NOT_EXIST FileQuery_QueryResultId = 3  // The target was not found.
	FileQuery_QUERY_RESULT_ID_ERROR          FileQuery_QueryResultId = 4  // The discovery attempt failed.
	FileQuery_QUERY_RESULT_ID_UNSUPPORTED    FileQuery_QueryResultId = 5  // Discovery of the target was not supported.
	FileQuery_QUERY_RESULT_ID_OTHER          FileQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (FileQuery_QueryResultId) Descriptor 

func (FileQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (FileQuery_QueryResultId) Enum 

func (x FileQuery_QueryResultId) Enum() *FileQuery_QueryResultId

func (FileQuery_QueryResultId) EnumDescriptor deprecated 

func (FileQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileQuery_QueryResultId.Descriptor instead.

func (FileQuery_QueryResultId) Number 

func (x FileQuery_QueryResultId) Number() protoreflect.EnumNumber

func (FileQuery_QueryResultId) String 

func (x FileQuery_QueryResultId) String() string

func (FileQuery_QueryResultId) Type 

func (FileQuery_QueryResultId) Type() protoreflect.EnumType

type FileQuery_SeverityId 

type FileQuery_SeverityId int32
const (
	FileQuery_SEVERITY_ID_UNKNOWN       FileQuery_SeverityId = 0 // The event/finding severity is unknown.
	FileQuery_SEVERITY_ID_INFORMATIONAL FileQuery_SeverityId = 1 // Informational message. No action required.
	FileQuery_SEVERITY_ID_LOW           FileQuery_SeverityId = 2 // The user decides if action is needed.
	FileQuery_SEVERITY_ID_MEDIUM        FileQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	FileQuery_SEVERITY_ID_HIGH     FileQuery_SeverityId = 4 // Action is required immediately.
	FileQuery_SEVERITY_ID_CRITICAL FileQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	FileQuery_SEVERITY_ID_FATAL FileQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	FileQuery_SEVERITY_ID_OTHER FileQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (FileQuery_SeverityId) Descriptor 

func (FileQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (FileQuery_SeverityId) Enum 

func (x FileQuery_SeverityId) Enum() *FileQuery_SeverityId

func (FileQuery_SeverityId) EnumDescriptor deprecated 

func (FileQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileQuery_SeverityId.Descriptor instead.

func (FileQuery_SeverityId) Number 

func (x FileQuery_SeverityId) Number() protoreflect.EnumNumber

func (FileQuery_SeverityId) String 

func (x FileQuery_SeverityId) String() string

func (FileQuery_SeverityId) Type 

func (FileQuery_SeverityId) Type() protoreflect.EnumType

type FileQuery_StatusId 

type FileQuery_StatusId int32
const (
	FileQuery_STATUS_ID_UNKNOWN FileQuery_StatusId = 0 // The status is unknown.
	FileQuery_STATUS_ID_SUCCESS FileQuery_StatusId = 1
	FileQuery_STATUS_ID_FAILURE FileQuery_StatusId = 2
	FileQuery_STATUS_ID_OTHER   FileQuery_StatusId = 99 // The event status is not mapped. See the
)

func (FileQuery_StatusId) Descriptor 

func (FileQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (FileQuery_StatusId) Enum 

func (x FileQuery_StatusId) Enum() *FileQuery_StatusId

func (FileQuery_StatusId) EnumDescriptor deprecated 

func (FileQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FileQuery_StatusId.Descriptor instead.

func (FileQuery_StatusId) Number 

func (x FileQuery_StatusId) Number() protoreflect.EnumNumber

func (FileQuery_StatusId) String 

func (x FileQuery_StatusId) String() string

func (FileQuery_StatusId) Type 

func (FileQuery_StatusId) Type() protoreflect.EnumType

type File_ConfidentialityId 

type File_ConfidentialityId int32
const (
	File_CONFIDENTIALITY_ID_UNKNOWN          File_ConfidentialityId = 0 // The confidentiality is unknown.
	File_CONFIDENTIALITY_ID_NOT_CONFIDENTIAL File_ConfidentialityId = 1
	File_CONFIDENTIALITY_ID_CONFIDENTIAL     File_ConfidentialityId = 2
	File_CONFIDENTIALITY_ID_SECRET           File_ConfidentialityId = 3
	File_CONFIDENTIALITY_ID_TOP_SECRET       File_ConfidentialityId = 4
	File_CONFIDENTIALITY_ID_PRIVATE          File_ConfidentialityId = 5
	File_CONFIDENTIALITY_ID_RESTRICTED       File_ConfidentialityId = 6
	File_CONFIDENTIALITY_ID_OTHER            File_ConfidentialityId = 99 // The confidentiality is not mapped.
)

func (File_ConfidentialityId) Descriptor 

func (File_ConfidentialityId) Descriptor() protoreflect.EnumDescriptor

func (File_ConfidentialityId) Enum 

func (x File_ConfidentialityId) Enum() *File_ConfidentialityId

func (File_ConfidentialityId) EnumDescriptor deprecated 

func (File_ConfidentialityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use File_ConfidentialityId.Descriptor instead.

func (File_ConfidentialityId) Number 

func (x File_ConfidentialityId) Number() protoreflect.EnumNumber

func (File_ConfidentialityId) String 

func (x File_ConfidentialityId) String() string

func (File_ConfidentialityId) Type 

func (File_ConfidentialityId) Type() protoreflect.EnumType

type File_TypeId 

type File_TypeId int32
const (
	File_TYPE_ID_UNKNOWN          File_TypeId = 0
	File_TYPE_ID_REGULAR_FILE     File_TypeId = 1
	File_TYPE_ID_FOLDER           File_TypeId = 2
	File_TYPE_ID_CHARACTER_DEVICE File_TypeId = 3
	File_TYPE_ID_BLOCK_DEVICE     File_TypeId = 4
	File_TYPE_ID_LOCAL_SOCKET     File_TypeId = 5
	File_TYPE_ID_NAMED_PIPE       File_TypeId = 6
	File_TYPE_ID_SYMBOLIC_LINK    File_TypeId = 7
	File_TYPE_ID_OTHER            File_TypeId = 99
)

func (File_TypeId) Descriptor 

func (File_TypeId) Descriptor() protoreflect.EnumDescriptor

func (File_TypeId) Enum 

func (x File_TypeId) Enum() *File_TypeId

func (File_TypeId) EnumDescriptor deprecated 

func (File_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use File_TypeId.Descriptor instead.

func (File_TypeId) Number 

func (x File_TypeId) Number() protoreflect.EnumNumber

func (File_TypeId) String 

func (x File_TypeId) String() string

func (File_TypeId) Type 

func (File_TypeId) Type() protoreflect.EnumType

type Finding 

type Finding struct {
	CreatedTime     *int64                 `protobuf:"varint,1,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt   *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	Desc            *string                `protobuf:"bytes,3,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	FirstSeenTime   *int64                 `protobuf:"varint,4,opt,name=first_seen_time,json=firstSeenTime,proto3,oneof" json:"first_seen_time,omitempty"`
	FirstSeenTimeDt *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=first_seen_time_dt,json=firstSeenTimeDt,proto3,oneof" json:"first_seen_time_dt,omitempty"`
	LastSeenTime    *int64                 `protobuf:"varint,6,opt,name=last_seen_time,json=lastSeenTime,proto3,oneof" json:"last_seen_time,omitempty"`
	LastSeenTimeDt  *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=last_seen_time_dt,json=lastSeenTimeDt,proto3,oneof" json:"last_seen_time_dt,omitempty"`
	ModifiedTime    *int64                 `protobuf:"varint,8,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt  *timestamppb.Timestamp `protobuf:"bytes,9,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	ProductUid      *string                `protobuf:"bytes,10,opt,name=product_uid,json=productUid,proto3,oneof" json:"product_uid,omitempty"`
	RelatedEvents   []*RelatedEvent        `protobuf:"bytes,11,rep,name=related_events,json=relatedEvents,proto3" json:"related_events,omitempty"`
	Remediation     *Remediation           `protobuf:"bytes,12,opt,name=remediation,proto3" json:"remediation,omitempty"`
	SrcUrl          *string                `protobuf:"bytes,13,opt,name=src_url,json=srcUrl,proto3,oneof" json:"src_url,omitempty"`
	SupportingData  *structpb.Value        `protobuf:"bytes,14,opt,name=supporting_data,json=supportingData,proto3,oneof" json:"supporting_data,omitempty"`
	Title           string                 `protobuf:"bytes,15,opt,name=title,proto3" json:"title,omitempty"`
	Types           []string               `protobuf:"bytes,16,rep,name=types,proto3" json:"types,omitempty"`
	Uid             string                 `protobuf:"bytes,17,opt,name=uid,proto3" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Finding is an OSF object defined in ocsf objects/finding.json

The Finding object describes metadata related to a security finding generated by a security tool or system.

func (*Finding) Descriptor deprecated 

func (*Finding) Descriptor() ([]byte, []int)

Deprecated: Use Finding.ProtoReflect.Descriptor instead.

func (*Finding) GetCreatedTime 

func (x *Finding) GetCreatedTime() int64

func (*Finding) GetCreatedTimeDt 

func (x *Finding) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Finding) GetDesc 

func (x *Finding) GetDesc() string

func (*Finding) GetFirstSeenTime 

func (x *Finding) GetFirstSeenTime() int64

func (*Finding) GetFirstSeenTimeDt 

func (x *Finding) GetFirstSeenTimeDt() *timestamppb.Timestamp

func (*Finding) GetLastSeenTime 

func (x *Finding) GetLastSeenTime() int64

func (*Finding) GetLastSeenTimeDt 

func (x *Finding) GetLastSeenTimeDt() *timestamppb.Timestamp

func (*Finding) GetModifiedTime 

func (x *Finding) GetModifiedTime() int64

func (*Finding) GetModifiedTimeDt 

func (x *Finding) GetModifiedTimeDt() *timestamppb.Timestamp

func (*Finding) GetProductUid 

func (x *Finding) GetProductUid() string

func (*Finding) GetRelatedEvents 

func (x *Finding) GetRelatedEvents() []*RelatedEvent

func (*Finding) GetRemediation 

func (x *Finding) GetRemediation() *Remediation

func (*Finding) GetSrcUrl 

func (x *Finding) GetSrcUrl() string

func (*Finding) GetSupportingData 

func (x *Finding) GetSupportingData() *structpb.Value

func (*Finding) GetTitle 

func (x *Finding) GetTitle() string

func (*Finding) GetTypes 

func (x *Finding) GetTypes() []string

func (*Finding) GetUid 

func (x *Finding) GetUid() string

func (*Finding) ProtoMessage 

func (*Finding) ProtoMessage()

func (*Finding) ProtoReflect 

func (x *Finding) ProtoReflect() protoreflect.Message

func (*Finding) Reset 

func (x *Finding) Reset()

func (*Finding) String 

func (x *Finding) String() string

type FindingInfo 

type FindingInfo struct {
	Analytic         *Analytic              `protobuf:"bytes,1,opt,name=analytic,proto3" json:"analytic,omitempty"`
	Attacks          []*Attack              `protobuf:"bytes,2,rep,name=attacks,proto3" json:"attacks,omitempty"`
	CreatedTime      *int64                 `protobuf:"varint,3,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt    *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	DataSources      []string               `protobuf:"bytes,5,rep,name=data_sources,json=dataSources,proto3" json:"data_sources,omitempty"`
	Desc             *string                `protobuf:"bytes,6,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	FirstSeenTime    *int64                 `protobuf:"varint,7,opt,name=first_seen_time,json=firstSeenTime,proto3,oneof" json:"first_seen_time,omitempty"`
	FirstSeenTimeDt  *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=first_seen_time_dt,json=firstSeenTimeDt,proto3,oneof" json:"first_seen_time_dt,omitempty"`
	KillChain        []*KillChainPhase      `protobuf:"bytes,9,rep,name=kill_chain,json=killChain,proto3" json:"kill_chain,omitempty"`
	LastSeenTime     *int64                 `protobuf:"varint,10,opt,name=last_seen_time,json=lastSeenTime,proto3,oneof" json:"last_seen_time,omitempty"`
	LastSeenTimeDt   *timestamppb.Timestamp `protobuf:"bytes,11,opt,name=last_seen_time_dt,json=lastSeenTimeDt,proto3,oneof" json:"last_seen_time_dt,omitempty"`
	ModifiedTime     *int64                 `protobuf:"varint,12,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt   *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	ProductUid       *string                `protobuf:"bytes,14,opt,name=product_uid,json=productUid,proto3,oneof" json:"product_uid,omitempty"`
	RelatedAnalytics []*Analytic            `protobuf:"bytes,15,rep,name=related_analytics,json=relatedAnalytics,proto3" json:"related_analytics,omitempty"`
	RelatedEvents    []*RelatedEvent        `protobuf:"bytes,16,rep,name=related_events,json=relatedEvents,proto3" json:"related_events,omitempty"`
	SrcUrl           *string                `protobuf:"bytes,17,opt,name=src_url,json=srcUrl,proto3,oneof" json:"src_url,omitempty"`
	Title            string                 `protobuf:"bytes,18,opt,name=title,proto3" json:"title,omitempty"`
	Types            []string               `protobuf:"bytes,19,rep,name=types,proto3" json:"types,omitempty"`
	Uid              string                 `protobuf:"bytes,20,opt,name=uid,proto3" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

FindingInfo is an OSF object defined in ocsf objects/finding_info.json

The Finding Information object describes metadata related to a security finding generated by a security tool or system.

func (*FindingInfo) Descriptor deprecated 

func (*FindingInfo) Descriptor() ([]byte, []int)

Deprecated: Use FindingInfo.ProtoReflect.Descriptor instead.

func (*FindingInfo) GetAnalytic 

func (x *FindingInfo) GetAnalytic() *Analytic

func (*FindingInfo) GetAttacks 

func (x *FindingInfo) GetAttacks() []*Attack

func (*FindingInfo) GetCreatedTime 

func (x *FindingInfo) GetCreatedTime() int64

func (*FindingInfo) GetCreatedTimeDt 

func (x *FindingInfo) GetCreatedTimeDt() *timestamppb.Timestamp

func (*FindingInfo) GetDataSources 

func (x *FindingInfo) GetDataSources() []string

func (*FindingInfo) GetDesc 

func (x *FindingInfo) GetDesc() string

func (*FindingInfo) GetFirstSeenTime 

func (x *FindingInfo) GetFirstSeenTime() int64

func (*FindingInfo) GetFirstSeenTimeDt 

func (x *FindingInfo) GetFirstSeenTimeDt() *timestamppb.Timestamp

func (*FindingInfo) GetKillChain 

func (x *FindingInfo) GetKillChain() []*KillChainPhase

func (*FindingInfo) GetLastSeenTime 

func (x *FindingInfo) GetLastSeenTime() int64

func (*FindingInfo) GetLastSeenTimeDt 

func (x *FindingInfo) GetLastSeenTimeDt() *timestamppb.Timestamp

func (*FindingInfo) GetModifiedTime 

func (x *FindingInfo) GetModifiedTime() int64

func (*FindingInfo) GetModifiedTimeDt 

func (x *FindingInfo) GetModifiedTimeDt() *timestamppb.Timestamp

func (*FindingInfo) GetProductUid 

func (x *FindingInfo) GetProductUid() string

func (*FindingInfo) GetRelatedAnalytics 

func (x *FindingInfo) GetRelatedAnalytics() []*Analytic

func (*FindingInfo) GetRelatedEvents 

func (x *FindingInfo) GetRelatedEvents() []*RelatedEvent

func (*FindingInfo) GetSrcUrl 

func (x *FindingInfo) GetSrcUrl() string

func (*FindingInfo) GetTitle 

func (x *FindingInfo) GetTitle() string

func (*FindingInfo) GetTypes 

func (x *FindingInfo) GetTypes() []string

func (*FindingInfo) GetUid 

func (x *FindingInfo) GetUid() string

func (*FindingInfo) ProtoMessage 

func (*FindingInfo) ProtoMessage()

func (*FindingInfo) ProtoReflect 

func (x *FindingInfo) ProtoReflect() protoreflect.Message

func (*FindingInfo) Reset 

func (x *FindingInfo) Reset()

func (*FindingInfo) String 

func (x *FindingInfo) String() string

type Fingerprint 

type Fingerprint struct {
	Algorithm   *string                 `protobuf:"bytes,1,opt,name=algorithm,proto3,oneof" json:"algorithm,omitempty"`
	AlgorithmId Fingerprint_AlgorithmId `` /* 139-byte string literal not displayed */
	Value       string                  `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

Fingerprint is an OSF object defined in ocsf objects/fingerprint.json

The Fingerprint object provides detailed information about a digital fingerprint, which is a compact representation of data used to identify a longer piece of information, such as a public key or file content. It contains the algorithm and value of the fingerprint, enabling efficient and reliable identification of the associated data.

func (*Fingerprint) Descriptor deprecated 

func (*Fingerprint) Descriptor() ([]byte, []int)

Deprecated: Use Fingerprint.ProtoReflect.Descriptor instead.

func (*Fingerprint) GetAlgorithm 

func (x *Fingerprint) GetAlgorithm() string

func (*Fingerprint) GetAlgorithmId 

func (x *Fingerprint) GetAlgorithmId() Fingerprint_AlgorithmId

func (*Fingerprint) GetValue 

func (x *Fingerprint) GetValue() string

func (*Fingerprint) ProtoMessage 

func (*Fingerprint) ProtoMessage()

func (*Fingerprint) ProtoReflect 

func (x *Fingerprint) ProtoReflect() protoreflect.Message

func (*Fingerprint) Reset 

func (x *Fingerprint) Reset()

func (*Fingerprint) String 

func (x *Fingerprint) String() string

type Fingerprint_AlgorithmId 

type Fingerprint_AlgorithmId int32
const (
	Fingerprint_ALGORITHM_ID_UNKNOWN Fingerprint_AlgorithmId = 0
	Fingerprint_ALGORITHM_ID_MD5     Fingerprint_AlgorithmId = 1 // MD5 message-digest algorithm producing a 128-bit
	// (16-byte) hash value.
	Fingerprint_ALGORITHM_ID_SHA_1 Fingerprint_AlgorithmId = 2 // Secure Hash Algorithm 1 producing a 160-bit (20-
	// byte) hash value.
	Fingerprint_ALGORITHM_ID_SHA_256 Fingerprint_AlgorithmId = 3 // Secure Hash Algorithm 2 producing a 256-bit (32-
	// byte) hash value.
	Fingerprint_ALGORITHM_ID_SHA_512 Fingerprint_AlgorithmId = 4 // Secure Hash Algorithm 2 producing a 512-bit (64-
	// byte) hash value.
	Fingerprint_ALGORITHM_ID_CTPH Fingerprint_AlgorithmId = 5 // The ssdeep generated fuzzy checksum. Also known
	// as Context Triggered Piecewise Hash (CTPH).
	Fingerprint_ALGORITHM_ID_TLSH         Fingerprint_AlgorithmId = 6 // The TLSH fuzzy hashing algorithm.
	Fingerprint_ALGORITHM_ID_QUICKXORHASH Fingerprint_AlgorithmId = 7 // Microsoft simple non-cryptographic hash
	// algorithm that works by XORing the bytes in a
	// circular-shifting fashion.
	Fingerprint_ALGORITHM_ID_OTHER Fingerprint_AlgorithmId = 99
)

func (Fingerprint_AlgorithmId) Descriptor 

func (Fingerprint_AlgorithmId) Descriptor() protoreflect.EnumDescriptor

func (Fingerprint_AlgorithmId) Enum 

func (x Fingerprint_AlgorithmId) Enum() *Fingerprint_AlgorithmId

func (Fingerprint_AlgorithmId) EnumDescriptor deprecated 

func (Fingerprint_AlgorithmId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Fingerprint_AlgorithmId.Descriptor instead.

func (Fingerprint_AlgorithmId) Number 

func (x Fingerprint_AlgorithmId) Number() protoreflect.EnumNumber

func (Fingerprint_AlgorithmId) String 

func (x Fingerprint_AlgorithmId) String() string

func (Fingerprint_AlgorithmId) Type 

func (Fingerprint_AlgorithmId) Type() protoreflect.EnumType

type FirewallRule 

type FirewallRule struct {
	Category      *string  `protobuf:"bytes,1,opt,name=category,proto3,oneof" json:"category,omitempty"`
	Condition     *string  `protobuf:"bytes,2,opt,name=condition,proto3,oneof" json:"condition,omitempty"`
	Desc          *string  `protobuf:"bytes,3,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Duration      *int32   `protobuf:"varint,4,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	MatchDetails  []string `protobuf:"bytes,5,rep,name=match_details,json=matchDetails,proto3" json:"match_details,omitempty"`
	MatchLocation *string  `protobuf:"bytes,6,opt,name=match_location,json=matchLocation,proto3,oneof" json:"match_location,omitempty"`
	Name          *string  `protobuf:"bytes,7,opt,name=name,proto3,oneof" json:"name,omitempty"`
	RateLimit     *int32   `protobuf:"varint,8,opt,name=rate_limit,json=rateLimit,proto3,oneof" json:"rate_limit,omitempty"`
	Sensitivity   *string  `protobuf:"bytes,9,opt,name=sensitivity,proto3,oneof" json:"sensitivity,omitempty"`
	Type          *string  `protobuf:"bytes,10,opt,name=type,proto3,oneof" json:"type,omitempty"`
	Uid           *string  `protobuf:"bytes,11,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version       *string  `protobuf:"bytes,12,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

FirewallRule is an OSF object defined in ocsf objects/firewall_rule.json

The Firewall Rule object represents a specific rule within a firewall policy or event. It contains information about a rule's configuration, properties, and associated actions that define how network traffic is handled by the firewall.

func (*FirewallRule) Descriptor deprecated 

func (*FirewallRule) Descriptor() ([]byte, []int)

Deprecated: Use FirewallRule.ProtoReflect.Descriptor instead.

func (*FirewallRule) GetCategory 

func (x *FirewallRule) GetCategory() string

func (*FirewallRule) GetCondition 

func (x *FirewallRule) GetCondition() string

func (*FirewallRule) GetDesc 

func (x *FirewallRule) GetDesc() string

func (*FirewallRule) GetDuration 

func (x *FirewallRule) GetDuration() int32

func (*FirewallRule) GetMatchDetails 

func (x *FirewallRule) GetMatchDetails() []string

func (*FirewallRule) GetMatchLocation 

func (x *FirewallRule) GetMatchLocation() string

func (*FirewallRule) GetName 

func (x *FirewallRule) GetName() string

func (*FirewallRule) GetRateLimit 

func (x *FirewallRule) GetRateLimit() int32

func (*FirewallRule) GetSensitivity 

func (x *FirewallRule) GetSensitivity() string

func (*FirewallRule) GetType 

func (x *FirewallRule) GetType() string

func (*FirewallRule) GetUid 

func (x *FirewallRule) GetUid() string

func (*FirewallRule) GetVersion 

func (x *FirewallRule) GetVersion() string

func (*FirewallRule) ProtoMessage 

func (*FirewallRule) ProtoMessage()

func (*FirewallRule) ProtoReflect 

func (x *FirewallRule) ProtoReflect() protoreflect.Message

func (*FirewallRule) Reset 

func (x *FirewallRule) Reset()

func (*FirewallRule) String 

func (x *FirewallRule) String() string

type FolderQuery 

type FolderQuery struct {
	ActivityId     FolderQuery_ActivityId    `` /* 135-byte string literal not displayed */
	ActivityName   *string                   `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                    `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                      `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                   `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    FolderQuery_CategoryUid   `` /* 139-byte string literal not displayed */
	ClassName      *string                   `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       FolderQuery_ClassUid      `` /* 127-byte string literal not displayed */
	Cloud          *Cloud                    `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                    `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                   `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                    `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                    `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp    `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment             `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Folder         *File                     `protobuf:"bytes,16,opt,name=folder,proto3" json:"folder,omitempty"`
	Message        *string                   `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                 `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable             `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                `protobuf:"bytes,20,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                   `protobuf:"bytes,21,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  FolderQuery_QueryResultId `` /* 150-byte string literal not displayed */
	RawData        *string                   `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                   `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     FolderQuery_SeverityId    `` /* 136-byte string literal not displayed */
	StartTime      *int64                    `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp    `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                   `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                   `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                   `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *FolderQuery_StatusId     `` /* 134-byte string literal not displayed */
	Time           int64                     `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp    `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                    `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                   `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                     `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct          `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

FolderQuery is an OSF event in category "Discovery" called Folder Query defined in ocsf events/discovery/folder_query.json

Folder Query events report information about folders that are present on the system.

func (*FolderQuery) Descriptor deprecated 

func (*FolderQuery) Descriptor() ([]byte, []int)

Deprecated: Use FolderQuery.ProtoReflect.Descriptor instead.

func (*FolderQuery) GetActivityId 

func (x *FolderQuery) GetActivityId() FolderQuery_ActivityId

func (*FolderQuery) GetActivityName 

func (x *FolderQuery) GetActivityName() string

func (*FolderQuery) GetActor 

func (x *FolderQuery) GetActor() *Actor

func (*FolderQuery) GetApi 

func (x *FolderQuery) GetApi() *Api

func (*FolderQuery) GetCategoryName 

func (x *FolderQuery) GetCategoryName() string

func (*FolderQuery) GetCategoryUid 

func (x *FolderQuery) GetCategoryUid() FolderQuery_CategoryUid

func (*FolderQuery) GetClassName 

func (x *FolderQuery) GetClassName() string

func (*FolderQuery) GetClassUid 

func (x *FolderQuery) GetClassUid() FolderQuery_ClassUid

func (*FolderQuery) GetCloud 

func (x *FolderQuery) GetCloud() *Cloud

func (*FolderQuery) GetCount 

func (x *FolderQuery) GetCount() int32

func (*FolderQuery) GetDevice 

func (x *FolderQuery) GetDevice() *Device

func (*FolderQuery) GetDuration 

func (x *FolderQuery) GetDuration() int32

func (*FolderQuery) GetEndTime 

func (x *FolderQuery) GetEndTime() int64

func (*FolderQuery) GetEndTimeDt 

func (x *FolderQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*FolderQuery) GetEnrichments 

func (x *FolderQuery) GetEnrichments() []*Enrichment

func (*FolderQuery) GetFolder 

func (x *FolderQuery) GetFolder() *File

func (*FolderQuery) GetMessage 

func (x *FolderQuery) GetMessage() string

func (*FolderQuery) GetMetadata 

func (x *FolderQuery) GetMetadata() *Metadata

func (*FolderQuery) GetObservables 

func (x *FolderQuery) GetObservables() []*Observable

func (*FolderQuery) GetQueryInfo 

func (x *FolderQuery) GetQueryInfo() *QueryInfo

func (*FolderQuery) GetQueryResult 

func (x *FolderQuery) GetQueryResult() string

func (*FolderQuery) GetQueryResultId 

func (x *FolderQuery) GetQueryResultId() FolderQuery_QueryResultId

func (*FolderQuery) GetRawData 

func (x *FolderQuery) GetRawData() string

func (*FolderQuery) GetSeverity 

func (x *FolderQuery) GetSeverity() string

func (*FolderQuery) GetSeverityId 

func (x *FolderQuery) GetSeverityId() FolderQuery_SeverityId

func (*FolderQuery) GetStartTime 

func (x *FolderQuery) GetStartTime() int64

func (*FolderQuery) GetStartTimeDt 

func (x *FolderQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*FolderQuery) GetStatus 

func (x *FolderQuery) GetStatus() string

func (*FolderQuery) GetStatusCode 

func (x *FolderQuery) GetStatusCode() string

func (*FolderQuery) GetStatusDetail 

func (x *FolderQuery) GetStatusDetail() string

func (*FolderQuery) GetStatusId 

func (x *FolderQuery) GetStatusId() FolderQuery_StatusId

func (*FolderQuery) GetTime 

func (x *FolderQuery) GetTime() int64

func (*FolderQuery) GetTimeDt 

func (x *FolderQuery) GetTimeDt() *timestamppb.Timestamp

func (*FolderQuery) GetTimezoneOffset 

func (x *FolderQuery) GetTimezoneOffset() int32

func (*FolderQuery) GetTypeName 

func (x *FolderQuery) GetTypeName() string

func (*FolderQuery) GetTypeUid 

func (x *FolderQuery) GetTypeUid() int64

func (*FolderQuery) GetUnmapped 

func (x *FolderQuery) GetUnmapped() *structpb.Struct

func (*FolderQuery) ProtoMessage 

func (*FolderQuery) ProtoMessage()

func (*FolderQuery) ProtoReflect 

func (x *FolderQuery) ProtoReflect() protoreflect.Message

func (*FolderQuery) Reset 

func (x *FolderQuery) Reset()

func (*FolderQuery) String 

func (x *FolderQuery) String() string

type FolderQuery_ActivityId 

type FolderQuery_ActivityId int32
const (
	FolderQuery_ACTIVITY_ID_UNKNOWN FolderQuery_ActivityId = 0
	FolderQuery_ACTIVITY_ID_QUERY   FolderQuery_ActivityId = 1 // The discovered results are via a query request.
	FolderQuery_ACTIVITY_ID_OTHER   FolderQuery_ActivityId = 99
)

func (FolderQuery_ActivityId) Descriptor 

func (FolderQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (FolderQuery_ActivityId) Enum 

func (x FolderQuery_ActivityId) Enum() *FolderQuery_ActivityId

func (FolderQuery_ActivityId) EnumDescriptor deprecated 

func (FolderQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FolderQuery_ActivityId.Descriptor instead.

func (FolderQuery_ActivityId) Number 

func (x FolderQuery_ActivityId) Number() protoreflect.EnumNumber

func (FolderQuery_ActivityId) String 

func (x FolderQuery_ActivityId) String() string

func (FolderQuery_ActivityId) Type 

func (FolderQuery_ActivityId) Type() protoreflect.EnumType

type FolderQuery_CategoryUid 

type FolderQuery_CategoryUid int32
const (
	FolderQuery_CATEGORY_UID_UNKNOWN   FolderQuery_CategoryUid = 0
	FolderQuery_CATEGORY_UID_DISCOVERY FolderQuery_CategoryUid = 5
)

func (FolderQuery_CategoryUid) Descriptor 

func (FolderQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (FolderQuery_CategoryUid) Enum 

func (x FolderQuery_CategoryUid) Enum() *FolderQuery_CategoryUid

func (FolderQuery_CategoryUid) EnumDescriptor deprecated 

func (FolderQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FolderQuery_CategoryUid.Descriptor instead.

func (FolderQuery_CategoryUid) Number 

func (x FolderQuery_CategoryUid) Number() protoreflect.EnumNumber

func (FolderQuery_CategoryUid) String 

func (x FolderQuery_CategoryUid) String() string

func (FolderQuery_CategoryUid) Type 

func (FolderQuery_CategoryUid) Type() protoreflect.EnumType

type FolderQuery_ClassUid 

type FolderQuery_ClassUid int32
const (
	FolderQuery_CLASS_UID_UNKNOWN      FolderQuery_ClassUid = 0
	FolderQuery_CLASS_UID_FOLDER_QUERY FolderQuery_ClassUid = 5008
)

func (FolderQuery_ClassUid) Descriptor 

func (FolderQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (FolderQuery_ClassUid) Enum 

func (x FolderQuery_ClassUid) Enum() *FolderQuery_ClassUid

func (FolderQuery_ClassUid) EnumDescriptor deprecated 

func (FolderQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FolderQuery_ClassUid.Descriptor instead.

func (FolderQuery_ClassUid) Number 

func (x FolderQuery_ClassUid) Number() protoreflect.EnumNumber

func (FolderQuery_ClassUid) String 

func (x FolderQuery_ClassUid) String() string

func (FolderQuery_ClassUid) Type 

func (FolderQuery_ClassUid) Type() protoreflect.EnumType

type FolderQuery_QueryResultId 

type FolderQuery_QueryResultId int32
const (
	FolderQuery_QUERY_RESULT_ID_UNKNOWN        FolderQuery_QueryResultId = 0  // The query result is unknown.
	FolderQuery_QUERY_RESULT_ID_EXISTS         FolderQuery_QueryResultId = 1  // The target was found.
	FolderQuery_QUERY_RESULT_ID_PARTIAL        FolderQuery_QueryResultId = 2  // The target was partially found.
	FolderQuery_QUERY_RESULT_ID_DOES_NOT_EXIST FolderQuery_QueryResultId = 3  // The target was not found.
	FolderQuery_QUERY_RESULT_ID_ERROR          FolderQuery_QueryResultId = 4  // The discovery attempt failed.
	FolderQuery_QUERY_RESULT_ID_UNSUPPORTED    FolderQuery_QueryResultId = 5  // Discovery of the target was not supported.
	FolderQuery_QUERY_RESULT_ID_OTHER          FolderQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (FolderQuery_QueryResultId) Descriptor 

func (FolderQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (FolderQuery_QueryResultId) Enum 

func (x FolderQuery_QueryResultId) Enum() *FolderQuery_QueryResultId

func (FolderQuery_QueryResultId) EnumDescriptor deprecated 

func (FolderQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FolderQuery_QueryResultId.Descriptor instead.

func (FolderQuery_QueryResultId) Number 

func (x FolderQuery_QueryResultId) Number() protoreflect.EnumNumber

func (FolderQuery_QueryResultId) String 

func (x FolderQuery_QueryResultId) String() string

func (FolderQuery_QueryResultId) Type 

func (FolderQuery_QueryResultId) Type() protoreflect.EnumType

type FolderQuery_SeverityId 

type FolderQuery_SeverityId int32
const (
	FolderQuery_SEVERITY_ID_UNKNOWN       FolderQuery_SeverityId = 0 // The event/finding severity is unknown.
	FolderQuery_SEVERITY_ID_INFORMATIONAL FolderQuery_SeverityId = 1 // Informational message. No action required.
	FolderQuery_SEVERITY_ID_LOW           FolderQuery_SeverityId = 2 // The user decides if action is needed.
	FolderQuery_SEVERITY_ID_MEDIUM        FolderQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	FolderQuery_SEVERITY_ID_HIGH     FolderQuery_SeverityId = 4 // Action is required immediately.
	FolderQuery_SEVERITY_ID_CRITICAL FolderQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	FolderQuery_SEVERITY_ID_FATAL FolderQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	FolderQuery_SEVERITY_ID_OTHER FolderQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (FolderQuery_SeverityId) Descriptor 

func (FolderQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (FolderQuery_SeverityId) Enum 

func (x FolderQuery_SeverityId) Enum() *FolderQuery_SeverityId

func (FolderQuery_SeverityId) EnumDescriptor deprecated 

func (FolderQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FolderQuery_SeverityId.Descriptor instead.

func (FolderQuery_SeverityId) Number 

func (x FolderQuery_SeverityId) Number() protoreflect.EnumNumber

func (FolderQuery_SeverityId) String 

func (x FolderQuery_SeverityId) String() string

func (FolderQuery_SeverityId) Type 

func (FolderQuery_SeverityId) Type() protoreflect.EnumType

type FolderQuery_StatusId 

type FolderQuery_StatusId int32
const (
	FolderQuery_STATUS_ID_UNKNOWN FolderQuery_StatusId = 0 // The status is unknown.
	FolderQuery_STATUS_ID_SUCCESS FolderQuery_StatusId = 1
	FolderQuery_STATUS_ID_FAILURE FolderQuery_StatusId = 2
	FolderQuery_STATUS_ID_OTHER   FolderQuery_StatusId = 99 // The event status is not mapped. See the
)

func (FolderQuery_StatusId) Descriptor 

func (FolderQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (FolderQuery_StatusId) Enum 

func (x FolderQuery_StatusId) Enum() *FolderQuery_StatusId

func (FolderQuery_StatusId) EnumDescriptor deprecated 

func (FolderQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FolderQuery_StatusId.Descriptor instead.

func (FolderQuery_StatusId) Number 

func (x FolderQuery_StatusId) Number() protoreflect.EnumNumber

func (FolderQuery_StatusId) String 

func (x FolderQuery_StatusId) String() string

func (FolderQuery_StatusId) Type 

func (FolderQuery_StatusId) Type() protoreflect.EnumType

type FtpActivity 

type FtpActivity struct {
	Action              *string                    `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            FtpActivity_ActionId       `` /* 127-byte string literal not displayed */
	ActivityId          FtpActivity_ActivityId     `` /* 135-byte string literal not displayed */
	ActivityName        *string                    `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                     `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                       `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                    `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                  `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization           `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                    `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         FtpActivity_CategoryUid    `` /* 140-byte string literal not displayed */
	ClassName           *string                    `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            FtpActivity_ClassUid       `` /* 128-byte string literal not displayed */
	Cloud               *Cloud                     `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Codes               []int32                    `protobuf:"varint,15,rep,packed,name=codes,proto3" json:"codes,omitempty"`
	Command             *string                    `protobuf:"bytes,16,opt,name=command,proto3,oneof" json:"command,omitempty"`
	CommandResponses    []string                   `protobuf:"bytes,17,rep,name=command_responses,json=commandResponses,proto3" json:"command_responses,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo     `protobuf:"bytes,18,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                     `protobuf:"varint,19,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                    `protobuf:"bytes,20,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                    `protobuf:"bytes,21,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *FtpActivity_DispositionId `` /* 154-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint           `protobuf:"bytes,23,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                     `protobuf:"varint,24,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                     `protobuf:"varint,25,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp     `protobuf:"bytes,26,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment              `protobuf:"bytes,27,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File                *File                      `protobuf:"bytes,28,opt,name=file,proto3" json:"file,omitempty"`
	FirewallRule        *FirewallRule              `protobuf:"bytes,29,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	LoadBalancer        *LoadBalancer              `protobuf:"bytes,30,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                 `protobuf:"bytes,31,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                    `protobuf:"bytes,32,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                  `protobuf:"bytes,33,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Name                *string                    `protobuf:"bytes,34,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Observables         []*Observable              `protobuf:"bytes,35,rep,name=observables,proto3" json:"observables,omitempty"`
	Port                *int32                     `protobuf:"varint,36,opt,name=port,proto3,oneof" json:"port,omitempty"`
	Proxy               *NetworkProxy              `protobuf:"bytes,37,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo     `protobuf:"bytes,38,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy              `protobuf:"bytes,39,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest               `protobuf:"bytes,40,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse              `protobuf:"bytes,41,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                       `protobuf:"bytes,42,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic            `protobuf:"bytes,43,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                    `protobuf:"bytes,44,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity            *string                    `protobuf:"bytes,45,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          FtpActivity_SeverityId     `` /* 136-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint           `protobuf:"bytes,47,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                     `protobuf:"varint,48,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp     `protobuf:"bytes,49,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                    `protobuf:"bytes,50,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                    `protobuf:"bytes,51,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                    `protobuf:"bytes,52,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *FtpActivity_StatusId      `` /* 134-byte string literal not displayed */
	Time                int64                      `protobuf:"varint,54,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp     `protobuf:"bytes,55,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                     `protobuf:"varint,56,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                       `protobuf:"bytes,57,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic            `protobuf:"bytes,58,opt,name=traffic,proto3" json:"traffic,omitempty"`
	Type                *string                    `protobuf:"bytes,59,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeName            *string                    `protobuf:"bytes,60,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                      `protobuf:"varint,61,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct           `protobuf:"bytes,62,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

FtpActivity is an OSF event in category "Network Activity" called FTP Activity defined in ocsf events/network/ftp.json

File Transfer Protocol (FTP) Activity events report file transfers between a server and a client as seen on the network.

func (*FtpActivity) Descriptor deprecated 

func (*FtpActivity) Descriptor() ([]byte, []int)

Deprecated: Use FtpActivity.ProtoReflect.Descriptor instead.

func (*FtpActivity) GetAction 

func (x *FtpActivity) GetAction() string

func (*FtpActivity) GetActionId 

func (x *FtpActivity) GetActionId() FtpActivity_ActionId

func (*FtpActivity) GetActivityId 

func (x *FtpActivity) GetActivityId() FtpActivity_ActivityId

func (*FtpActivity) GetActivityName 

func (x *FtpActivity) GetActivityName() string

func (*FtpActivity) GetActor 

func (x *FtpActivity) GetActor() *Actor

func (*FtpActivity) GetApi 

func (x *FtpActivity) GetApi() *Api

func (*FtpActivity) GetAppName 

func (x *FtpActivity) GetAppName() string

func (*FtpActivity) GetAttacks 

func (x *FtpActivity) GetAttacks() []*Attack

func (*FtpActivity) GetAuthorizations 

func (x *FtpActivity) GetAuthorizations() []*Authorization

func (*FtpActivity) GetCategoryName 

func (x *FtpActivity) GetCategoryName() string

func (*FtpActivity) GetCategoryUid 

func (x *FtpActivity) GetCategoryUid() FtpActivity_CategoryUid

func (*FtpActivity) GetClassName 

func (x *FtpActivity) GetClassName() string

func (*FtpActivity) GetClassUid 

func (x *FtpActivity) GetClassUid() FtpActivity_ClassUid

func (*FtpActivity) GetCloud 

func (x *FtpActivity) GetCloud() *Cloud

func (*FtpActivity) GetCodes 

func (x *FtpActivity) GetCodes() []int32

func (*FtpActivity) GetCommand 

func (x *FtpActivity) GetCommand() string

func (*FtpActivity) GetCommandResponses 

func (x *FtpActivity) GetCommandResponses() []string

func (*FtpActivity) GetConnectionInfo 

func (x *FtpActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*FtpActivity) GetCount 

func (x *FtpActivity) GetCount() int32

func (*FtpActivity) GetDevice 

func (x *FtpActivity) GetDevice() *Device

func (*FtpActivity) GetDisposition 

func (x *FtpActivity) GetDisposition() string

func (*FtpActivity) GetDispositionId 

func (x *FtpActivity) GetDispositionId() FtpActivity_DispositionId

func (*FtpActivity) GetDstEndpoint 

func (x *FtpActivity) GetDstEndpoint() *NetworkEndpoint

func (*FtpActivity) GetDuration 

func (x *FtpActivity) GetDuration() int32

func (*FtpActivity) GetEndTime 

func (x *FtpActivity) GetEndTime() int64

func (*FtpActivity) GetEndTimeDt 

func (x *FtpActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*FtpActivity) GetEnrichments 

func (x *FtpActivity) GetEnrichments() []*Enrichment

func (*FtpActivity) GetFile 

func (x *FtpActivity) GetFile() *File

func (*FtpActivity) GetFirewallRule 

func (x *FtpActivity) GetFirewallRule() *FirewallRule

func (*FtpActivity) GetLoadBalancer 

func (x *FtpActivity) GetLoadBalancer() *LoadBalancer

func (*FtpActivity) GetMalware 

func (x *FtpActivity) GetMalware() []*Malware

func (*FtpActivity) GetMessage 

func (x *FtpActivity) GetMessage() string

func (*FtpActivity) GetMetadata 

func (x *FtpActivity) GetMetadata() *Metadata

func (*FtpActivity) GetName 

func (x *FtpActivity) GetName() string

func (*FtpActivity) GetObservables 

func (x *FtpActivity) GetObservables() []*Observable

func (*FtpActivity) GetPort 

func (x *FtpActivity) GetPort() int32

func (*FtpActivity) GetProxy 

func (x *FtpActivity) GetProxy() *NetworkProxy

func (*FtpActivity) GetProxyConnectionInfo 

func (x *FtpActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*FtpActivity) GetProxyEndpoint 

func (x *FtpActivity) GetProxyEndpoint() *NetworkProxy

func (*FtpActivity) GetProxyHttpRequest 

func (x *FtpActivity) GetProxyHttpRequest() *HttpRequest

func (*FtpActivity) GetProxyHttpResponse 

func (x *FtpActivity) GetProxyHttpResponse() *HttpResponse

func (*FtpActivity) GetProxyTls 

func (x *FtpActivity) GetProxyTls() *Tls

func (*FtpActivity) GetProxyTraffic 

func (x *FtpActivity) GetProxyTraffic() *NetworkTraffic

func (*FtpActivity) GetRawData 

func (x *FtpActivity) GetRawData() string

func (*FtpActivity) GetSeverity 

func (x *FtpActivity) GetSeverity() string

func (*FtpActivity) GetSeverityId 

func (x *FtpActivity) GetSeverityId() FtpActivity_SeverityId

func (*FtpActivity) GetSrcEndpoint 

func (x *FtpActivity) GetSrcEndpoint() *NetworkEndpoint

func (*FtpActivity) GetStartTime 

func (x *FtpActivity) GetStartTime() int64

func (*FtpActivity) GetStartTimeDt 

func (x *FtpActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*FtpActivity) GetStatus 

func (x *FtpActivity) GetStatus() string

func (*FtpActivity) GetStatusCode 

func (x *FtpActivity) GetStatusCode() string

func (*FtpActivity) GetStatusDetail 

func (x *FtpActivity) GetStatusDetail() string

func (*FtpActivity) GetStatusId 

func (x *FtpActivity) GetStatusId() FtpActivity_StatusId

func (*FtpActivity) GetTime 

func (x *FtpActivity) GetTime() int64

func (*FtpActivity) GetTimeDt 

func (x *FtpActivity) GetTimeDt() *timestamppb.Timestamp

func (*FtpActivity) GetTimezoneOffset 

func (x *FtpActivity) GetTimezoneOffset() int32

func (*FtpActivity) GetTls 

func (x *FtpActivity) GetTls() *Tls

func (*FtpActivity) GetTraffic 

func (x *FtpActivity) GetTraffic() *NetworkTraffic

func (*FtpActivity) GetType 

func (x *FtpActivity) GetType() string

func (*FtpActivity) GetTypeName 

func (x *FtpActivity) GetTypeName() string

func (*FtpActivity) GetTypeUid 

func (x *FtpActivity) GetTypeUid() int64

func (*FtpActivity) GetUnmapped 

func (x *FtpActivity) GetUnmapped() *structpb.Struct

func (*FtpActivity) ProtoMessage 

func (*FtpActivity) ProtoMessage()

func (*FtpActivity) ProtoReflect 

func (x *FtpActivity) ProtoReflect() protoreflect.Message

func (*FtpActivity) Reset 

func (x *FtpActivity) Reset()

func (*FtpActivity) String 

func (x *FtpActivity) String() string

type FtpActivity_ActionId 

type FtpActivity_ActionId int32
const (
	FtpActivity_ACTION_ID_UNKNOWN FtpActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	FtpActivity_ACTION_ID_ALLOWED FtpActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	FtpActivity_ACTION_ID_DENIED FtpActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	FtpActivity_ACTION_ID_OTHER FtpActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (FtpActivity_ActionId) Descriptor 

func (FtpActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (FtpActivity_ActionId) Enum 

func (x FtpActivity_ActionId) Enum() *FtpActivity_ActionId

func (FtpActivity_ActionId) EnumDescriptor deprecated 

func (FtpActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FtpActivity_ActionId.Descriptor instead.

func (FtpActivity_ActionId) Number 

func (x FtpActivity_ActionId) Number() protoreflect.EnumNumber

func (FtpActivity_ActionId) String 

func (x FtpActivity_ActionId) String() string

func (FtpActivity_ActionId) Type 

func (FtpActivity_ActionId) Type() protoreflect.EnumType

type FtpActivity_ActivityId 

type FtpActivity_ActivityId int32
const (
	FtpActivity_ACTIVITY_ID_UNKNOWN FtpActivity_ActivityId = 0
	FtpActivity_ACTIVITY_ID_PUT     FtpActivity_ActivityId = 1 // File upload to the FTP or SFTP site.
	FtpActivity_ACTIVITY_ID_GET     FtpActivity_ActivityId = 2 // File download from the FTP or SFTP site.
	FtpActivity_ACTIVITY_ID_POLL    FtpActivity_ActivityId = 3 // Poll directory for specific file(s) or folder(s) at
	// the FTP or SFTP site location.
	FtpActivity_ACTIVITY_ID_DELETE FtpActivity_ActivityId = 4 // Delete file(s) from the FTP or SFTP site.
	FtpActivity_ACTIVITY_ID_RENAME FtpActivity_ActivityId = 5 // Rename the file(s) in the FTP or SFTP site.
	FtpActivity_ACTIVITY_ID_LIST   FtpActivity_ActivityId = 6 // List files in a specified directory.
	FtpActivity_ACTIVITY_ID_OTHER  FtpActivity_ActivityId = 99
)

func (FtpActivity_ActivityId) Descriptor 

func (FtpActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (FtpActivity_ActivityId) Enum 

func (x FtpActivity_ActivityId) Enum() *FtpActivity_ActivityId

func (FtpActivity_ActivityId) EnumDescriptor deprecated 

func (FtpActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FtpActivity_ActivityId.Descriptor instead.

func (FtpActivity_ActivityId) Number 

func (x FtpActivity_ActivityId) Number() protoreflect.EnumNumber

func (FtpActivity_ActivityId) String 

func (x FtpActivity_ActivityId) String() string

func (FtpActivity_ActivityId) Type 

func (FtpActivity_ActivityId) Type() protoreflect.EnumType

type FtpActivity_CategoryUid 

type FtpActivity_CategoryUid int32
const (
	FtpActivity_CATEGORY_UID_UNKNOWN          FtpActivity_CategoryUid = 0
	FtpActivity_CATEGORY_UID_NETWORK_ACTIVITY FtpActivity_CategoryUid = 4
)

func (FtpActivity_CategoryUid) Descriptor 

func (FtpActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (FtpActivity_CategoryUid) Enum 

func (x FtpActivity_CategoryUid) Enum() *FtpActivity_CategoryUid

func (FtpActivity_CategoryUid) EnumDescriptor deprecated 

func (FtpActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FtpActivity_CategoryUid.Descriptor instead.

func (FtpActivity_CategoryUid) Number 

func (x FtpActivity_CategoryUid) Number() protoreflect.EnumNumber

func (FtpActivity_CategoryUid) String 

func (x FtpActivity_CategoryUid) String() string

func (FtpActivity_CategoryUid) Type 

func (FtpActivity_CategoryUid) Type() protoreflect.EnumType

type FtpActivity_ClassUid 

type FtpActivity_ClassUid int32
const (
	FtpActivity_CLASS_UID_UNKNOWN      FtpActivity_ClassUid = 0
	FtpActivity_CLASS_UID_FTP_ACTIVITY FtpActivity_ClassUid = 4008
)

func (FtpActivity_ClassUid) Descriptor 

func (FtpActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (FtpActivity_ClassUid) Enum 

func (x FtpActivity_ClassUid) Enum() *FtpActivity_ClassUid

func (FtpActivity_ClassUid) EnumDescriptor deprecated 

func (FtpActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use FtpActivity_ClassUid.Descriptor instead.

func (FtpActivity_ClassUid) Number 

func (x FtpActivity_ClassUid) Number() protoreflect.EnumNumber

func (FtpActivity_ClassUid) String 

func (x FtpActivity_ClassUid) String() string

func (FtpActivity_ClassUid) Type 

func (FtpActivity_ClassUid) Type() protoreflect.EnumType

type FtpActivity_DispositionId 

type FtpActivity_DispositionId int32
const (
	FtpActivity_DISPOSITION_ID_UNKNOWN FtpActivity_DispositionId = 0 // The disposition was not known.
	FtpActivity_DISPOSITION_ID_ALLOWED FtpActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	FtpActivity_DISPOSITION_ID_BLOCKED FtpActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	FtpActivity_DISPOSITION_ID_QUARANTINED FtpActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	FtpActivity_DISPOSITION_ID_ISOLATED FtpActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	FtpActivity_DISPOSITION_ID_DELETED FtpActivity_DispositionId = 5 // A file or other content was deleted.
	FtpActivity_DISPOSITION_ID_DROPPED FtpActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	FtpActivity_DISPOSITION_ID_CUSTOM_ACTION FtpActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	FtpActivity_DISPOSITION_ID_APPROVED FtpActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	FtpActivity_DISPOSITION_ID_RESTORED FtpActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	FtpActivity_DISPOSITION_ID_EXONERATED FtpActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	FtpActivity_DISPOSITION_ID_CORRECTED FtpActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	FtpActivity_DISPOSITION_ID_PARTIALLY_CORRECTED FtpActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	FtpActivity_DISPOSITION_ID_UNCORRECTED FtpActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	FtpActivity_DISPOSITION_ID_DELAYED FtpActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	FtpActivity_DISPOSITION_ID_DETECTED FtpActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	FtpActivity_DISPOSITION_ID_NO_ACTION FtpActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	FtpActivity_DISPOSITION_ID_LOGGED FtpActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	FtpActivity_DISPOSITION_ID_TAGGED FtpActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	FtpActivity_DISPOSITION_ID_ALERT FtpActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	FtpActivity_DISPOSITION_ID_COUNT FtpActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	FtpActivity_DISPOSITION_ID_RESET FtpActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	FtpActivity_DISPOSITION_ID_CAPTCHA FtpActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	FtpActivity_DISPOSITION_ID_CHALLENGE FtpActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	FtpActivity_DISPOSITION_ID_ACCESS_REVOKED FtpActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	FtpActivity_DISPOSITION_ID_REJECTED FtpActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	FtpActivity_DISPOSITION_ID_UNAUTHORIZED FtpActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	FtpActivity_DISPOSITION_ID_ERROR FtpActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	FtpActivity_DISPOSITION_ID_OTHER FtpActivity_DispositionId = 99 // The disposition is not listed. The
)

func (FtpActivity_DispositionId) Descriptor 

func (FtpActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (FtpActivity_DispositionId) Enum 

func (x FtpActivity_DispositionId) Enum() *FtpActivity_DispositionId

func (FtpActivity_DispositionId) EnumDescriptor deprecated 

func (FtpActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FtpActivity_DispositionId.Descriptor instead.

func (FtpActivity_DispositionId) Number 

func (x FtpActivity_DispositionId) Number() protoreflect.EnumNumber

func (FtpActivity_DispositionId) String 

func (x FtpActivity_DispositionId) String() string

func (FtpActivity_DispositionId) Type 

func (FtpActivity_DispositionId) Type() protoreflect.EnumType

type FtpActivity_SeverityId 

type FtpActivity_SeverityId int32
const (
	FtpActivity_SEVERITY_ID_UNKNOWN       FtpActivity_SeverityId = 0 // The event/finding severity is unknown.
	FtpActivity_SEVERITY_ID_INFORMATIONAL FtpActivity_SeverityId = 1 // Informational message. No action required.
	FtpActivity_SEVERITY_ID_LOW           FtpActivity_SeverityId = 2 // The user decides if action is needed.
	FtpActivity_SEVERITY_ID_MEDIUM        FtpActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	FtpActivity_SEVERITY_ID_HIGH     FtpActivity_SeverityId = 4 // Action is required immediately.
	FtpActivity_SEVERITY_ID_CRITICAL FtpActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	FtpActivity_SEVERITY_ID_FATAL FtpActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	FtpActivity_SEVERITY_ID_OTHER FtpActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (FtpActivity_SeverityId) Descriptor 

func (FtpActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (FtpActivity_SeverityId) Enum 

func (x FtpActivity_SeverityId) Enum() *FtpActivity_SeverityId

func (FtpActivity_SeverityId) EnumDescriptor deprecated 

func (FtpActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FtpActivity_SeverityId.Descriptor instead.

func (FtpActivity_SeverityId) Number 

func (x FtpActivity_SeverityId) Number() protoreflect.EnumNumber

func (FtpActivity_SeverityId) String 

func (x FtpActivity_SeverityId) String() string

func (FtpActivity_SeverityId) Type 

func (FtpActivity_SeverityId) Type() protoreflect.EnumType

type FtpActivity_StatusId 

type FtpActivity_StatusId int32
const (
	FtpActivity_STATUS_ID_UNKNOWN FtpActivity_StatusId = 0 // The status is unknown.
	FtpActivity_STATUS_ID_SUCCESS FtpActivity_StatusId = 1
	FtpActivity_STATUS_ID_FAILURE FtpActivity_StatusId = 2
	FtpActivity_STATUS_ID_OTHER   FtpActivity_StatusId = 99 // The event status is not mapped. See the
)

func (FtpActivity_StatusId) Descriptor 

func (FtpActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (FtpActivity_StatusId) Enum 

func (x FtpActivity_StatusId) Enum() *FtpActivity_StatusId

func (FtpActivity_StatusId) EnumDescriptor deprecated 

func (FtpActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use FtpActivity_StatusId.Descriptor instead.

func (FtpActivity_StatusId) Number 

func (x FtpActivity_StatusId) Number() protoreflect.EnumNumber

func (FtpActivity_StatusId) String 

func (x FtpActivity_StatusId) String() string

func (FtpActivity_StatusId) Type 

func (FtpActivity_StatusId) Type() protoreflect.EnumType

type Group 

type Group struct {
	Desc       *string  `protobuf:"bytes,1,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Domain     *string  `protobuf:"bytes,2,opt,name=domain,proto3,oneof" json:"domain,omitempty"`
	Name       *string  `protobuf:"bytes,3,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Privileges []string `protobuf:"bytes,4,rep,name=privileges,proto3" json:"privileges,omitempty"`
	Type       *string  `protobuf:"bytes,5,opt,name=type,proto3,oneof" json:"type,omitempty"`
	Uid        *string  `protobuf:"bytes,6,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Group is an OSF object defined in ocsf objects/group.json

The Group object represents a collection or association of entities, such as users, policies, or devices. It serves as a logical grouping mechanism to organize and manage entities with similar characteristics or permissions within a system or organization.

func (*Group) Descriptor deprecated 

func (*Group) Descriptor() ([]byte, []int)

Deprecated: Use Group.ProtoReflect.Descriptor instead.

func (*Group) GetDesc 

func (x *Group) GetDesc() string

func (*Group) GetDomain 

func (x *Group) GetDomain() string

func (*Group) GetName 

func (x *Group) GetName() string

func (*Group) GetPrivileges 

func (x *Group) GetPrivileges() []string

func (*Group) GetType 

func (x *Group) GetType() string

func (*Group) GetUid 

func (x *Group) GetUid() string

func (*Group) ProtoMessage 

func (*Group) ProtoMessage()

func (*Group) ProtoReflect 

func (x *Group) ProtoReflect() protoreflect.Message

func (*Group) Reset 

func (x *Group) Reset()

func (*Group) String 

func (x *Group) String() string

type GroupManagement 

type GroupManagement struct {
	ActivityId     GroupManagement_ActivityId  `` /* 139-byte string literal not displayed */
	ActivityName   *string                     `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                      `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                        `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                     `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    GroupManagement_CategoryUid `` /* 143-byte string literal not displayed */
	ClassName      *string                     `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       GroupManagement_ClassUid    `` /* 131-byte string literal not displayed */
	Cloud          *Cloud                      `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                      `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                     `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                      `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                      `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp      `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment               `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Group          *Group                      `protobuf:"bytes,16,opt,name=group,proto3" json:"group,omitempty"`
	HttpRequest    *HttpRequest                `protobuf:"bytes,17,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	Message        *string                     `protobuf:"bytes,18,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                   `protobuf:"bytes,19,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable               `protobuf:"bytes,20,rep,name=observables,proto3" json:"observables,omitempty"`
	Privileges     []string                    `protobuf:"bytes,21,rep,name=privileges,proto3" json:"privileges,omitempty"`
	RawData        *string                     `protobuf:"bytes,22,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Resource       *ResourceDetails            `protobuf:"bytes,23,opt,name=resource,proto3" json:"resource,omitempty"`
	Severity       *string                     `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     GroupManagement_SeverityId  `` /* 140-byte string literal not displayed */
	SrcEndpoint    *NetworkEndpoint            `protobuf:"bytes,26,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                      `protobuf:"varint,27,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp      `protobuf:"bytes,28,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                     `protobuf:"bytes,29,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                     `protobuf:"bytes,30,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                     `protobuf:"bytes,31,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *GroupManagement_StatusId   `` /* 138-byte string literal not displayed */
	Time           int64                       `protobuf:"varint,33,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp      `protobuf:"bytes,34,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                      `protobuf:"varint,35,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                     `protobuf:"bytes,36,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                       `protobuf:"varint,37,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct            `protobuf:"bytes,38,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	User           *User                       `protobuf:"bytes,39,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

GroupManagement is an OSF event in category "Identity & Access Management" called Group Management defined in ocsf events/iam/group_management.json

Group Management events report management updates to a group, including updates to membership and permissions.

func (*GroupManagement) Descriptor deprecated 

func (*GroupManagement) Descriptor() ([]byte, []int)

Deprecated: Use GroupManagement.ProtoReflect.Descriptor instead.

func (*GroupManagement) GetActivityId 

func (x *GroupManagement) GetActivityId() GroupManagement_ActivityId

func (*GroupManagement) GetActivityName 

func (x *GroupManagement) GetActivityName() string

func (*GroupManagement) GetActor 

func (x *GroupManagement) GetActor() *Actor

func (*GroupManagement) GetApi 

func (x *GroupManagement) GetApi() *Api

func (*GroupManagement) GetCategoryName 

func (x *GroupManagement) GetCategoryName() string

func (*GroupManagement) GetCategoryUid 

func (x *GroupManagement) GetCategoryUid() GroupManagement_CategoryUid

func (*GroupManagement) GetClassName 

func (x *GroupManagement) GetClassName() string

func (*GroupManagement) GetClassUid 

func (x *GroupManagement) GetClassUid() GroupManagement_ClassUid

func (*GroupManagement) GetCloud 

func (x *GroupManagement) GetCloud() *Cloud

func (*GroupManagement) GetCount 

func (x *GroupManagement) GetCount() int32

func (*GroupManagement) GetDevice 

func (x *GroupManagement) GetDevice() *Device

func (*GroupManagement) GetDuration 

func (x *GroupManagement) GetDuration() int32

func (*GroupManagement) GetEndTime 

func (x *GroupManagement) GetEndTime() int64

func (*GroupManagement) GetEndTimeDt 

func (x *GroupManagement) GetEndTimeDt() *timestamppb.Timestamp

func (*GroupManagement) GetEnrichments 

func (x *GroupManagement) GetEnrichments() []*Enrichment

func (*GroupManagement) GetGroup 

func (x *GroupManagement) GetGroup() *Group

func (*GroupManagement) GetHttpRequest 

func (x *GroupManagement) GetHttpRequest() *HttpRequest

func (*GroupManagement) GetMessage 

func (x *GroupManagement) GetMessage() string

func (*GroupManagement) GetMetadata 

func (x *GroupManagement) GetMetadata() *Metadata

func (*GroupManagement) GetObservables 

func (x *GroupManagement) GetObservables() []*Observable

func (*GroupManagement) GetPrivileges 

func (x *GroupManagement) GetPrivileges() []string

func (*GroupManagement) GetRawData 

func (x *GroupManagement) GetRawData() string

func (*GroupManagement) GetResource 

func (x *GroupManagement) GetResource() *ResourceDetails

func (*GroupManagement) GetSeverity 

func (x *GroupManagement) GetSeverity() string

func (*GroupManagement) GetSeverityId 

func (x *GroupManagement) GetSeverityId() GroupManagement_SeverityId

func (*GroupManagement) GetSrcEndpoint 

func (x *GroupManagement) GetSrcEndpoint() *NetworkEndpoint

func (*GroupManagement) GetStartTime 

func (x *GroupManagement) GetStartTime() int64

func (*GroupManagement) GetStartTimeDt 

func (x *GroupManagement) GetStartTimeDt() *timestamppb.Timestamp

func (*GroupManagement) GetStatus 

func (x *GroupManagement) GetStatus() string

func (*GroupManagement) GetStatusCode 

func (x *GroupManagement) GetStatusCode() string

func (*GroupManagement) GetStatusDetail 

func (x *GroupManagement) GetStatusDetail() string

func (*GroupManagement) GetStatusId 

func (x *GroupManagement) GetStatusId() GroupManagement_StatusId

func (*GroupManagement) GetTime 

func (x *GroupManagement) GetTime() int64

func (*GroupManagement) GetTimeDt 

func (x *GroupManagement) GetTimeDt() *timestamppb.Timestamp

func (*GroupManagement) GetTimezoneOffset 

func (x *GroupManagement) GetTimezoneOffset() int32

func (*GroupManagement) GetTypeName 

func (x *GroupManagement) GetTypeName() string

func (*GroupManagement) GetTypeUid 

func (x *GroupManagement) GetTypeUid() int64

func (*GroupManagement) GetUnmapped 

func (x *GroupManagement) GetUnmapped() *structpb.Struct

func (*GroupManagement) GetUser 

func (x *GroupManagement) GetUser() *User

func (*GroupManagement) ProtoMessage 

func (*GroupManagement) ProtoMessage()

func (*GroupManagement) ProtoReflect 

func (x *GroupManagement) ProtoReflect() protoreflect.Message

func (*GroupManagement) Reset 

func (x *GroupManagement) Reset()

func (*GroupManagement) String 

func (x *GroupManagement) String() string

type GroupManagement_ActivityId 

type GroupManagement_ActivityId int32
const (
	GroupManagement_ACTIVITY_ID_UNKNOWN           GroupManagement_ActivityId = 0
	GroupManagement_ACTIVITY_ID_ASSIGN_PRIVILEGES GroupManagement_ActivityId = 1 // Assign privileges to a group.
	GroupManagement_ACTIVITY_ID_REVOKE_PRIVILEGES GroupManagement_ActivityId = 2 // Revoke privileges from a group.
	GroupManagement_ACTIVITY_ID_ADD_USER          GroupManagement_ActivityId = 3 // Add user to a group.
	GroupManagement_ACTIVITY_ID_REMOVE_USER       GroupManagement_ActivityId = 4 // Remove user from a group.
	GroupManagement_ACTIVITY_ID_DELETE            GroupManagement_ActivityId = 5 // A group was deleted.
	GroupManagement_ACTIVITY_ID_CREATE            GroupManagement_ActivityId = 6 // A group was created.
	GroupManagement_ACTIVITY_ID_OTHER             GroupManagement_ActivityId = 99
)

func (GroupManagement_ActivityId) Descriptor 

func (GroupManagement_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (GroupManagement_ActivityId) Enum 

func (x GroupManagement_ActivityId) Enum() *GroupManagement_ActivityId

func (GroupManagement_ActivityId) EnumDescriptor deprecated 

func (GroupManagement_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use GroupManagement_ActivityId.Descriptor instead.

func (GroupManagement_ActivityId) Number 

func (x GroupManagement_ActivityId) Number() protoreflect.EnumNumber

func (GroupManagement_ActivityId) String 

func (x GroupManagement_ActivityId) String() string

func (GroupManagement_ActivityId) Type 

func (GroupManagement_ActivityId) Type() protoreflect.EnumType

type GroupManagement_CategoryUid 

type GroupManagement_CategoryUid int32
const (
	GroupManagement_CATEGORY_UID_UNKNOWN                    GroupManagement_CategoryUid = 0
	GroupManagement_CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT GroupManagement_CategoryUid = 3
)

func (GroupManagement_CategoryUid) Descriptor 

func (GroupManagement_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (GroupManagement_CategoryUid) Enum 

func (x GroupManagement_CategoryUid) Enum() *GroupManagement_CategoryUid

func (GroupManagement_CategoryUid) EnumDescriptor deprecated 

func (GroupManagement_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use GroupManagement_CategoryUid.Descriptor instead.

func (GroupManagement_CategoryUid) Number 

func (x GroupManagement_CategoryUid) Number() protoreflect.EnumNumber

func (GroupManagement_CategoryUid) String 

func (x GroupManagement_CategoryUid) String() string

func (GroupManagement_CategoryUid) Type 

func (GroupManagement_CategoryUid) Type() protoreflect.EnumType

type GroupManagement_ClassUid 

type GroupManagement_ClassUid int32
const (
	GroupManagement_CLASS_UID_UNKNOWN          GroupManagement_ClassUid = 0
	GroupManagement_CLASS_UID_GROUP_MANAGEMENT GroupManagement_ClassUid = 3006
)

func (GroupManagement_ClassUid) Descriptor 

func (GroupManagement_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (GroupManagement_ClassUid) Enum 

func (x GroupManagement_ClassUid) Enum() *GroupManagement_ClassUid

func (GroupManagement_ClassUid) EnumDescriptor deprecated 

func (GroupManagement_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use GroupManagement_ClassUid.Descriptor instead.

func (GroupManagement_ClassUid) Number 

func (x GroupManagement_ClassUid) Number() protoreflect.EnumNumber

func (GroupManagement_ClassUid) String 

func (x GroupManagement_ClassUid) String() string

func (GroupManagement_ClassUid) Type 

func (GroupManagement_ClassUid) Type() protoreflect.EnumType

type GroupManagement_SeverityId 

type GroupManagement_SeverityId int32
const (
	GroupManagement_SEVERITY_ID_UNKNOWN       GroupManagement_SeverityId = 0 // The event/finding severity is unknown.
	GroupManagement_SEVERITY_ID_INFORMATIONAL GroupManagement_SeverityId = 1 // Informational message. No action required.
	GroupManagement_SEVERITY_ID_LOW           GroupManagement_SeverityId = 2 // The user decides if action is needed.
	GroupManagement_SEVERITY_ID_MEDIUM        GroupManagement_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	GroupManagement_SEVERITY_ID_HIGH     GroupManagement_SeverityId = 4 // Action is required immediately.
	GroupManagement_SEVERITY_ID_CRITICAL GroupManagement_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	GroupManagement_SEVERITY_ID_FATAL GroupManagement_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	GroupManagement_SEVERITY_ID_OTHER GroupManagement_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (GroupManagement_SeverityId) Descriptor 

func (GroupManagement_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (GroupManagement_SeverityId) Enum 

func (x GroupManagement_SeverityId) Enum() *GroupManagement_SeverityId

func (GroupManagement_SeverityId) EnumDescriptor deprecated 

func (GroupManagement_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use GroupManagement_SeverityId.Descriptor instead.

func (GroupManagement_SeverityId) Number 

func (x GroupManagement_SeverityId) Number() protoreflect.EnumNumber

func (GroupManagement_SeverityId) String 

func (x GroupManagement_SeverityId) String() string

func (GroupManagement_SeverityId) Type 

func (GroupManagement_SeverityId) Type() protoreflect.EnumType

type GroupManagement_StatusId 

type GroupManagement_StatusId int32
const (
	GroupManagement_STATUS_ID_UNKNOWN GroupManagement_StatusId = 0 // The status is unknown.
	GroupManagement_STATUS_ID_SUCCESS GroupManagement_StatusId = 1
	GroupManagement_STATUS_ID_FAILURE GroupManagement_StatusId = 2
	GroupManagement_STATUS_ID_OTHER   GroupManagement_StatusId = 99 // The event status is not mapped. See the
)

func (GroupManagement_StatusId) Descriptor 

func (GroupManagement_StatusId) Descriptor() protoreflect.EnumDescriptor

func (GroupManagement_StatusId) Enum 

func (x GroupManagement_StatusId) Enum() *GroupManagement_StatusId

func (GroupManagement_StatusId) EnumDescriptor deprecated 

func (GroupManagement_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use GroupManagement_StatusId.Descriptor instead.

func (GroupManagement_StatusId) Number 

func (x GroupManagement_StatusId) Number() protoreflect.EnumNumber

func (GroupManagement_StatusId) String 

func (x GroupManagement_StatusId) String() string

func (GroupManagement_StatusId) Type 

func (GroupManagement_StatusId) Type() protoreflect.EnumType

type Hassh 

type Hassh struct {
	Algorithm   *string      `protobuf:"bytes,1,opt,name=algorithm,proto3,oneof" json:"algorithm,omitempty"`
	Fingerprint *Fingerprint `protobuf:"bytes,2,opt,name=fingerprint,proto3" json:"fingerprint,omitempty"`
	// contains filtered or unexported fields
}

Hassh is an OSF object defined in ocsf objects/hassh.json

The HASSH object contains SSH network fingerprinting values for specific client/server implementations. It provides a standardized way of identifying and categorizing SSH connections based on their unique characteristics and behavior.

func (*Hassh) Descriptor deprecated 

func (*Hassh) Descriptor() ([]byte, []int)

Deprecated: Use Hassh.ProtoReflect.Descriptor instead.

func (*Hassh) GetAlgorithm 

func (x *Hassh) GetAlgorithm() string

func (*Hassh) GetFingerprint 

func (x *Hassh) GetFingerprint() *Fingerprint

func (*Hassh) ProtoMessage 

func (*Hassh) ProtoMessage()

func (*Hassh) ProtoReflect 

func (x *Hassh) ProtoReflect() protoreflect.Message

func (*Hassh) Reset 

func (x *Hassh) Reset()

func (*Hassh) String 

func (x *Hassh) String() string

type HttpActivity 

type HttpActivity struct {
	Action              *string                     `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            HttpActivity_ActionId       `` /* 128-byte string literal not displayed */
	ActivityId          HttpActivity_ActivityId     `` /* 136-byte string literal not displayed */
	ActivityName        *string                     `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                      `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                        `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                     `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                   `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization            `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                     `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         HttpActivity_CategoryUid    `` /* 141-byte string literal not displayed */
	ClassName           *string                     `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            HttpActivity_ClassUid       `` /* 129-byte string literal not displayed */
	Cloud               *Cloud                      `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo      `protobuf:"bytes,15,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                      `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                     `protobuf:"bytes,17,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                     `protobuf:"bytes,18,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *HttpActivity_DispositionId `` /* 155-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint            `protobuf:"bytes,20,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                      `protobuf:"varint,21,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                      `protobuf:"varint,22,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp      `protobuf:"bytes,23,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment               `protobuf:"bytes,24,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File                *File                       `protobuf:"bytes,25,opt,name=file,proto3" json:"file,omitempty"`
	FirewallRule        *FirewallRule               `protobuf:"bytes,26,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	HttpCookies         []*HttpCookie               `protobuf:"bytes,27,rep,name=http_cookies,json=httpCookies,proto3" json:"http_cookies,omitempty"`
	HttpRequest         *HttpRequest                `protobuf:"bytes,28,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	HttpResponse        *HttpResponse               `protobuf:"bytes,29,opt,name=http_response,json=httpResponse,proto3" json:"http_response,omitempty"`
	HttpStatus          *int32                      `protobuf:"varint,30,opt,name=http_status,json=httpStatus,proto3,oneof" json:"http_status,omitempty"`
	LoadBalancer        *LoadBalancer               `protobuf:"bytes,31,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                  `protobuf:"bytes,32,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                     `protobuf:"bytes,33,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                   `protobuf:"bytes,34,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable               `protobuf:"bytes,35,rep,name=observables,proto3" json:"observables,omitempty"`
	Proxy               *NetworkProxy               `protobuf:"bytes,36,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo      `protobuf:"bytes,37,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy               `protobuf:"bytes,38,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest                `protobuf:"bytes,39,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse               `protobuf:"bytes,40,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                        `protobuf:"bytes,41,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic             `protobuf:"bytes,42,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                     `protobuf:"bytes,43,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity            *string                     `protobuf:"bytes,44,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          HttpActivity_SeverityId     `` /* 137-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint            `protobuf:"bytes,46,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                      `protobuf:"varint,47,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp      `protobuf:"bytes,48,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                     `protobuf:"bytes,49,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                     `protobuf:"bytes,50,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                     `protobuf:"bytes,51,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *HttpActivity_StatusId      `` /* 135-byte string literal not displayed */
	Time                int64                       `protobuf:"varint,53,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp      `protobuf:"bytes,54,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                      `protobuf:"varint,55,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                        `protobuf:"bytes,56,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic             `protobuf:"bytes,57,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TypeName            *string                     `protobuf:"bytes,58,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                       `protobuf:"varint,59,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct            `protobuf:"bytes,60,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

HttpActivity is an OSF event in category "Network Activity" called HTTP Activity defined in ocsf events/network/http.json

HTTP Activity events report HTTP connection and traffic information.

func (*HttpActivity) Descriptor deprecated 

func (*HttpActivity) Descriptor() ([]byte, []int)

Deprecated: Use HttpActivity.ProtoReflect.Descriptor instead.

func (*HttpActivity) GetAction 

func (x *HttpActivity) GetAction() string

func (*HttpActivity) GetActionId 

func (x *HttpActivity) GetActionId() HttpActivity_ActionId

func (*HttpActivity) GetActivityId 

func (x *HttpActivity) GetActivityId() HttpActivity_ActivityId

func (*HttpActivity) GetActivityName 

func (x *HttpActivity) GetActivityName() string

func (*HttpActivity) GetActor 

func (x *HttpActivity) GetActor() *Actor

func (*HttpActivity) GetApi 

func (x *HttpActivity) GetApi() *Api

func (*HttpActivity) GetAppName 

func (x *HttpActivity) GetAppName() string

func (*HttpActivity) GetAttacks 

func (x *HttpActivity) GetAttacks() []*Attack

func (*HttpActivity) GetAuthorizations 

func (x *HttpActivity) GetAuthorizations() []*Authorization

func (*HttpActivity) GetCategoryName 

func (x *HttpActivity) GetCategoryName() string

func (*HttpActivity) GetCategoryUid 

func (x *HttpActivity) GetCategoryUid() HttpActivity_CategoryUid

func (*HttpActivity) GetClassName 

func (x *HttpActivity) GetClassName() string

func (*HttpActivity) GetClassUid 

func (x *HttpActivity) GetClassUid() HttpActivity_ClassUid

func (*HttpActivity) GetCloud 

func (x *HttpActivity) GetCloud() *Cloud

func (*HttpActivity) GetConnectionInfo 

func (x *HttpActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*HttpActivity) GetCount 

func (x *HttpActivity) GetCount() int32

func (*HttpActivity) GetDevice 

func (x *HttpActivity) GetDevice() *Device

func (*HttpActivity) GetDisposition 

func (x *HttpActivity) GetDisposition() string

func (*HttpActivity) GetDispositionId 

func (x *HttpActivity) GetDispositionId() HttpActivity_DispositionId

func (*HttpActivity) GetDstEndpoint 

func (x *HttpActivity) GetDstEndpoint() *NetworkEndpoint

func (*HttpActivity) GetDuration 

func (x *HttpActivity) GetDuration() int32

func (*HttpActivity) GetEndTime 

func (x *HttpActivity) GetEndTime() int64

func (*HttpActivity) GetEndTimeDt 

func (x *HttpActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*HttpActivity) GetEnrichments 

func (x *HttpActivity) GetEnrichments() []*Enrichment

func (*HttpActivity) GetFile 

func (x *HttpActivity) GetFile() *File

func (*HttpActivity) GetFirewallRule 

func (x *HttpActivity) GetFirewallRule() *FirewallRule

func (*HttpActivity) GetHttpCookies 

func (x *HttpActivity) GetHttpCookies() []*HttpCookie

func (*HttpActivity) GetHttpRequest 

func (x *HttpActivity) GetHttpRequest() *HttpRequest

func (*HttpActivity) GetHttpResponse 

func (x *HttpActivity) GetHttpResponse() *HttpResponse

func (*HttpActivity) GetHttpStatus 

func (x *HttpActivity) GetHttpStatus() int32

func (*HttpActivity) GetLoadBalancer 

func (x *HttpActivity) GetLoadBalancer() *LoadBalancer

func (*HttpActivity) GetMalware 

func (x *HttpActivity) GetMalware() []*Malware

func (*HttpActivity) GetMessage 

func (x *HttpActivity) GetMessage() string

func (*HttpActivity) GetMetadata 

func (x *HttpActivity) GetMetadata() *Metadata

func (*HttpActivity) GetObservables 

func (x *HttpActivity) GetObservables() []*Observable

func (*HttpActivity) GetProxy 

func (x *HttpActivity) GetProxy() *NetworkProxy

func (*HttpActivity) GetProxyConnectionInfo 

func (x *HttpActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*HttpActivity) GetProxyEndpoint 

func (x *HttpActivity) GetProxyEndpoint() *NetworkProxy

func (*HttpActivity) GetProxyHttpRequest 

func (x *HttpActivity) GetProxyHttpRequest() *HttpRequest

func (*HttpActivity) GetProxyHttpResponse 

func (x *HttpActivity) GetProxyHttpResponse() *HttpResponse

func (*HttpActivity) GetProxyTls 

func (x *HttpActivity) GetProxyTls() *Tls

func (*HttpActivity) GetProxyTraffic 

func (x *HttpActivity) GetProxyTraffic() *NetworkTraffic

func (*HttpActivity) GetRawData 

func (x *HttpActivity) GetRawData() string

func (*HttpActivity) GetSeverity 

func (x *HttpActivity) GetSeverity() string

func (*HttpActivity) GetSeverityId 

func (x *HttpActivity) GetSeverityId() HttpActivity_SeverityId

func (*HttpActivity) GetSrcEndpoint 

func (x *HttpActivity) GetSrcEndpoint() *NetworkEndpoint

func (*HttpActivity) GetStartTime 

func (x *HttpActivity) GetStartTime() int64

func (*HttpActivity) GetStartTimeDt 

func (x *HttpActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*HttpActivity) GetStatus 

func (x *HttpActivity) GetStatus() string

func (*HttpActivity) GetStatusCode 

func (x *HttpActivity) GetStatusCode() string

func (*HttpActivity) GetStatusDetail 

func (x *HttpActivity) GetStatusDetail() string

func (*HttpActivity) GetStatusId 

func (x *HttpActivity) GetStatusId() HttpActivity_StatusId

func (*HttpActivity) GetTime 

func (x *HttpActivity) GetTime() int64

func (*HttpActivity) GetTimeDt 

func (x *HttpActivity) GetTimeDt() *timestamppb.Timestamp

func (*HttpActivity) GetTimezoneOffset 

func (x *HttpActivity) GetTimezoneOffset() int32

func (*HttpActivity) GetTls 

func (x *HttpActivity) GetTls() *Tls

func (*HttpActivity) GetTraffic 

func (x *HttpActivity) GetTraffic() *NetworkTraffic

func (*HttpActivity) GetTypeName 

func (x *HttpActivity) GetTypeName() string

func (*HttpActivity) GetTypeUid 

func (x *HttpActivity) GetTypeUid() int64

func (*HttpActivity) GetUnmapped 

func (x *HttpActivity) GetUnmapped() *structpb.Struct

func (*HttpActivity) ProtoMessage 

func (*HttpActivity) ProtoMessage()

func (*HttpActivity) ProtoReflect 

func (x *HttpActivity) ProtoReflect() protoreflect.Message

func (*HttpActivity) Reset 

func (x *HttpActivity) Reset()

func (*HttpActivity) String 

func (x *HttpActivity) String() string

type HttpActivity_ActionId 

type HttpActivity_ActionId int32
const (
	HttpActivity_ACTION_ID_UNKNOWN HttpActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	HttpActivity_ACTION_ID_ALLOWED HttpActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	HttpActivity_ACTION_ID_DENIED HttpActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	HttpActivity_ACTION_ID_OTHER HttpActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (HttpActivity_ActionId) Descriptor 

func (HttpActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (HttpActivity_ActionId) Enum 

func (x HttpActivity_ActionId) Enum() *HttpActivity_ActionId

func (HttpActivity_ActionId) EnumDescriptor deprecated 

func (HttpActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use HttpActivity_ActionId.Descriptor instead.

func (HttpActivity_ActionId) Number 

func (x HttpActivity_ActionId) Number() protoreflect.EnumNumber

func (HttpActivity_ActionId) String 

func (x HttpActivity_ActionId) String() string

func (HttpActivity_ActionId) Type 

func (HttpActivity_ActionId) Type() protoreflect.EnumType

type HttpActivity_ActivityId 

type HttpActivity_ActivityId int32
const (
	HttpActivity_ACTIVITY_ID_UNKNOWN HttpActivity_ActivityId = 0
	HttpActivity_ACTIVITY_ID_CONNECT HttpActivity_ActivityId = 1 // The CONNECT method establishes a tunnel to the server
	// identified by the target resource.
	HttpActivity_ACTIVITY_ID_DELETE HttpActivity_ActivityId = 2 // The DELETE method deletes the specified resource.
	HttpActivity_ACTIVITY_ID_GET    HttpActivity_ActivityId = 3 // The GET method requests a representation of the
	// specified resource. Requests using GET should only
	// retrieve data.
	HttpActivity_ACTIVITY_ID_HEAD HttpActivity_ActivityId = 4 // The HEAD method asks for a response identical to a
	// GET request, but without the response body.
	HttpActivity_ACTIVITY_ID_OPTIONS HttpActivity_ActivityId = 5 // The OPTIONS method describes the communication
	// options for the target resource.
	HttpActivity_ACTIVITY_ID_POST HttpActivity_ActivityId = 6 // The POST method submits an entity to the specified
	// resource, often causing a change in state or side
	// effects on the server.
	HttpActivity_ACTIVITY_ID_PUT HttpActivity_ActivityId = 7 // The PUT method replaces all current representations
	// of the target resource with the request payload.
	HttpActivity_ACTIVITY_ID_TRACE HttpActivity_ActivityId = 8 // The TRACE method performs a message loop-back test
	// along the path to the target resource.
	HttpActivity_ACTIVITY_ID_OTHER HttpActivity_ActivityId = 99
)

func (HttpActivity_ActivityId) Descriptor 

func (HttpActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (HttpActivity_ActivityId) Enum 

func (x HttpActivity_ActivityId) Enum() *HttpActivity_ActivityId

func (HttpActivity_ActivityId) EnumDescriptor deprecated 

func (HttpActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use HttpActivity_ActivityId.Descriptor instead.

func (HttpActivity_ActivityId) Number 

func (x HttpActivity_ActivityId) Number() protoreflect.EnumNumber

func (HttpActivity_ActivityId) String 

func (x HttpActivity_ActivityId) String() string

func (HttpActivity_ActivityId) Type 

func (HttpActivity_ActivityId) Type() protoreflect.EnumType

type HttpActivity_CategoryUid 

type HttpActivity_CategoryUid int32
const (
	HttpActivity_CATEGORY_UID_UNKNOWN          HttpActivity_CategoryUid = 0
	HttpActivity_CATEGORY_UID_NETWORK_ACTIVITY HttpActivity_CategoryUid = 4
)

func (HttpActivity_CategoryUid) Descriptor 

func (HttpActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (HttpActivity_CategoryUid) Enum 

func (x HttpActivity_CategoryUid) Enum() *HttpActivity_CategoryUid

func (HttpActivity_CategoryUid) EnumDescriptor deprecated 

func (HttpActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use HttpActivity_CategoryUid.Descriptor instead.

func (HttpActivity_CategoryUid) Number 

func (x HttpActivity_CategoryUid) Number() protoreflect.EnumNumber

func (HttpActivity_CategoryUid) String 

func (x HttpActivity_CategoryUid) String() string

func (HttpActivity_CategoryUid) Type 

func (HttpActivity_CategoryUid) Type() protoreflect.EnumType

type HttpActivity_ClassUid 

type HttpActivity_ClassUid int32
const (
	HttpActivity_CLASS_UID_UNKNOWN       HttpActivity_ClassUid = 0
	HttpActivity_CLASS_UID_HTTP_ACTIVITY HttpActivity_ClassUid = 4002
)

func (HttpActivity_ClassUid) Descriptor 

func (HttpActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (HttpActivity_ClassUid) Enum 

func (x HttpActivity_ClassUid) Enum() *HttpActivity_ClassUid

func (HttpActivity_ClassUid) EnumDescriptor deprecated 

func (HttpActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use HttpActivity_ClassUid.Descriptor instead.

func (HttpActivity_ClassUid) Number 

func (x HttpActivity_ClassUid) Number() protoreflect.EnumNumber

func (HttpActivity_ClassUid) String 

func (x HttpActivity_ClassUid) String() string

func (HttpActivity_ClassUid) Type 

func (HttpActivity_ClassUid) Type() protoreflect.EnumType

type HttpActivity_DispositionId 

type HttpActivity_DispositionId int32
const (
	HttpActivity_DISPOSITION_ID_UNKNOWN HttpActivity_DispositionId = 0 // The disposition was not known.
	HttpActivity_DISPOSITION_ID_ALLOWED HttpActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	HttpActivity_DISPOSITION_ID_BLOCKED HttpActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	HttpActivity_DISPOSITION_ID_QUARANTINED HttpActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	HttpActivity_DISPOSITION_ID_ISOLATED HttpActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	HttpActivity_DISPOSITION_ID_DELETED HttpActivity_DispositionId = 5 // A file or other content was deleted.
	HttpActivity_DISPOSITION_ID_DROPPED HttpActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	HttpActivity_DISPOSITION_ID_CUSTOM_ACTION HttpActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	HttpActivity_DISPOSITION_ID_APPROVED HttpActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	HttpActivity_DISPOSITION_ID_RESTORED HttpActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	HttpActivity_DISPOSITION_ID_EXONERATED HttpActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	HttpActivity_DISPOSITION_ID_CORRECTED HttpActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	HttpActivity_DISPOSITION_ID_PARTIALLY_CORRECTED HttpActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	HttpActivity_DISPOSITION_ID_UNCORRECTED HttpActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	HttpActivity_DISPOSITION_ID_DELAYED HttpActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	HttpActivity_DISPOSITION_ID_DETECTED HttpActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	HttpActivity_DISPOSITION_ID_NO_ACTION HttpActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	HttpActivity_DISPOSITION_ID_LOGGED HttpActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	HttpActivity_DISPOSITION_ID_TAGGED HttpActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	HttpActivity_DISPOSITION_ID_ALERT HttpActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	HttpActivity_DISPOSITION_ID_COUNT HttpActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	HttpActivity_DISPOSITION_ID_RESET HttpActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	HttpActivity_DISPOSITION_ID_CAPTCHA HttpActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	HttpActivity_DISPOSITION_ID_CHALLENGE HttpActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	HttpActivity_DISPOSITION_ID_ACCESS_REVOKED HttpActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	HttpActivity_DISPOSITION_ID_REJECTED HttpActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	HttpActivity_DISPOSITION_ID_UNAUTHORIZED HttpActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	HttpActivity_DISPOSITION_ID_ERROR HttpActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	HttpActivity_DISPOSITION_ID_OTHER HttpActivity_DispositionId = 99 // The disposition is not listed. The
)

func (HttpActivity_DispositionId) Descriptor 

func (HttpActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (HttpActivity_DispositionId) Enum 

func (x HttpActivity_DispositionId) Enum() *HttpActivity_DispositionId

func (HttpActivity_DispositionId) EnumDescriptor deprecated 

func (HttpActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use HttpActivity_DispositionId.Descriptor instead.

func (HttpActivity_DispositionId) Number 

func (x HttpActivity_DispositionId) Number() protoreflect.EnumNumber

func (HttpActivity_DispositionId) String 

func (x HttpActivity_DispositionId) String() string

func (HttpActivity_DispositionId) Type 

func (HttpActivity_DispositionId) Type() protoreflect.EnumType

type HttpActivity_SeverityId 

type HttpActivity_SeverityId int32
const (
	HttpActivity_SEVERITY_ID_UNKNOWN       HttpActivity_SeverityId = 0 // The event/finding severity is unknown.
	HttpActivity_SEVERITY_ID_INFORMATIONAL HttpActivity_SeverityId = 1 // Informational message. No action required.
	HttpActivity_SEVERITY_ID_LOW           HttpActivity_SeverityId = 2 // The user decides if action is needed.
	HttpActivity_SEVERITY_ID_MEDIUM        HttpActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	HttpActivity_SEVERITY_ID_HIGH     HttpActivity_SeverityId = 4 // Action is required immediately.
	HttpActivity_SEVERITY_ID_CRITICAL HttpActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	HttpActivity_SEVERITY_ID_FATAL HttpActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	HttpActivity_SEVERITY_ID_OTHER HttpActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (HttpActivity_SeverityId) Descriptor 

func (HttpActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (HttpActivity_SeverityId) Enum 

func (x HttpActivity_SeverityId) Enum() *HttpActivity_SeverityId

func (HttpActivity_SeverityId) EnumDescriptor deprecated 

func (HttpActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use HttpActivity_SeverityId.Descriptor instead.

func (HttpActivity_SeverityId) Number 

func (x HttpActivity_SeverityId) Number() protoreflect.EnumNumber

func (HttpActivity_SeverityId) String 

func (x HttpActivity_SeverityId) String() string

func (HttpActivity_SeverityId) Type 

func (HttpActivity_SeverityId) Type() protoreflect.EnumType

type HttpActivity_StatusId 

type HttpActivity_StatusId int32
const (
	HttpActivity_STATUS_ID_UNKNOWN HttpActivity_StatusId = 0 // The status is unknown.
	HttpActivity_STATUS_ID_SUCCESS HttpActivity_StatusId = 1
	HttpActivity_STATUS_ID_FAILURE HttpActivity_StatusId = 2
	HttpActivity_STATUS_ID_OTHER   HttpActivity_StatusId = 99 // The event status is not mapped. See the
)

func (HttpActivity_StatusId) Descriptor 

func (HttpActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (HttpActivity_StatusId) Enum 

func (x HttpActivity_StatusId) Enum() *HttpActivity_StatusId

func (HttpActivity_StatusId) EnumDescriptor deprecated 

func (HttpActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use HttpActivity_StatusId.Descriptor instead.

func (HttpActivity_StatusId) Number 

func (x HttpActivity_StatusId) Number() protoreflect.EnumNumber

func (HttpActivity_StatusId) String 

func (x HttpActivity_StatusId) String() string

func (HttpActivity_StatusId) Type 

func (HttpActivity_StatusId) Type() protoreflect.EnumType

type HttpCookie 

type HttpCookie struct {
	Domain           *string                `protobuf:"bytes,1,opt,name=domain,proto3,oneof" json:"domain,omitempty"`
	ExpirationTime   *int64                 `protobuf:"varint,2,opt,name=expiration_time,json=expirationTime,proto3,oneof" json:"expiration_time,omitempty"`
	ExpirationTimeDt *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=expiration_time_dt,json=expirationTimeDt,proto3,oneof" json:"expiration_time_dt,omitempty"`
	HttpOnly         *bool                  `protobuf:"varint,4,opt,name=http_only,json=httpOnly,proto3,oneof" json:"http_only,omitempty"`
	IsHttpOnly       *bool                  `protobuf:"varint,5,opt,name=is_http_only,json=isHttpOnly,proto3,oneof" json:"is_http_only,omitempty"`
	IsSecure         *bool                  `protobuf:"varint,6,opt,name=is_secure,json=isSecure,proto3,oneof" json:"is_secure,omitempty"`
	Name             string                 `protobuf:"bytes,7,opt,name=name,proto3" json:"name,omitempty"`
	Path             *string                `protobuf:"bytes,8,opt,name=path,proto3,oneof" json:"path,omitempty"`
	Samesite         *string                `protobuf:"bytes,9,opt,name=samesite,proto3,oneof" json:"samesite,omitempty"`
	Secure           *bool                  `protobuf:"varint,10,opt,name=secure,proto3,oneof" json:"secure,omitempty"`
	Value            string                 `protobuf:"bytes,11,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

HttpCookie is an OSF object defined in ocsf objects/http_cookie.json

The HTTP Cookie object, also known as a web cookie or browser cookie, contains details and values pertaining to a small piece of data that a server sends to a user's web browser. This data is then stored by the browser and sent back to the server with subsequent requests, allowing the server to remember and track certain information about the user's browsing session or preferences.

func (*HttpCookie) Descriptor deprecated 

func (*HttpCookie) Descriptor() ([]byte, []int)

Deprecated: Use HttpCookie.ProtoReflect.Descriptor instead.

func (*HttpCookie) GetDomain 

func (x *HttpCookie) GetDomain() string

func (*HttpCookie) GetExpirationTime 

func (x *HttpCookie) GetExpirationTime() int64

func (*HttpCookie) GetExpirationTimeDt 

func (x *HttpCookie) GetExpirationTimeDt() *timestamppb.Timestamp

func (*HttpCookie) GetHttpOnly 

func (x *HttpCookie) GetHttpOnly() bool

func (*HttpCookie) GetIsHttpOnly 

func (x *HttpCookie) GetIsHttpOnly() bool

func (*HttpCookie) GetIsSecure 

func (x *HttpCookie) GetIsSecure() bool

func (*HttpCookie) GetName 

func (x *HttpCookie) GetName() string

func (*HttpCookie) GetPath 

func (x *HttpCookie) GetPath() string

func (*HttpCookie) GetSamesite 

func (x *HttpCookie) GetSamesite() string

func (*HttpCookie) GetSecure 

func (x *HttpCookie) GetSecure() bool

func (*HttpCookie) GetValue 

func (x *HttpCookie) GetValue() string

func (*HttpCookie) ProtoMessage 

func (*HttpCookie) ProtoMessage()

func (*HttpCookie) ProtoReflect 

func (x *HttpCookie) ProtoReflect() protoreflect.Message

func (*HttpCookie) Reset 

func (x *HttpCookie) Reset()

func (*HttpCookie) String 

func (x *HttpCookie) String() string

type HttpHeader 

type HttpHeader struct {
	Name  string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

HttpHeader is an OSF object defined in ocsf objects/http_header.json

TThe HTTP Header object represents the headers sent in an HTTP request or response. HTTP headers are key-value pairs that convey additional information about the HTTP message, including details about the content, caching, authentication, encoding, and other aspects of the communication.

func (*HttpHeader) Descriptor deprecated 

func (*HttpHeader) Descriptor() ([]byte, []int)

Deprecated: Use HttpHeader.ProtoReflect.Descriptor instead.

func (*HttpHeader) GetName 

func (x *HttpHeader) GetName() string

func (*HttpHeader) GetValue 

func (x *HttpHeader) GetValue() string

func (*HttpHeader) ProtoMessage 

func (*HttpHeader) ProtoMessage()

func (*HttpHeader) ProtoReflect 

func (x *HttpHeader) ProtoReflect() protoreflect.Message

func (*HttpHeader) Reset 

func (x *HttpHeader) Reset()

func (*HttpHeader) String 

func (x *HttpHeader) String() string

type HttpRequest 

type HttpRequest struct {
	Args          *string       `protobuf:"bytes,1,opt,name=args,proto3,oneof" json:"args,omitempty"`
	HttpHeaders   []*HttpHeader `protobuf:"bytes,2,rep,name=http_headers,json=httpHeaders,proto3" json:"http_headers,omitempty"`
	HttpMethod    *string       `protobuf:"bytes,3,opt,name=http_method,json=httpMethod,proto3,oneof" json:"http_method,omitempty"`
	Length        *int32        `protobuf:"varint,4,opt,name=length,proto3,oneof" json:"length,omitempty"`
	Referrer      *string       `protobuf:"bytes,5,opt,name=referrer,proto3,oneof" json:"referrer,omitempty"`
	Uid           *string       `protobuf:"bytes,6,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Url           *Url          `protobuf:"bytes,7,opt,name=url,proto3" json:"url,omitempty"`
	UserAgent     *string       `protobuf:"bytes,8,opt,name=user_agent,json=userAgent,proto3,oneof" json:"user_agent,omitempty"`
	Version       *string       `protobuf:"bytes,9,opt,name=version,proto3,oneof" json:"version,omitempty"`
	XForwardedFor []string      `protobuf:"bytes,10,rep,name=x_forwarded_for,json=xForwardedFor,proto3" json:"x_forwarded_for,omitempty"`
	// contains filtered or unexported fields
}

HttpRequest is an OSF object defined in ocsf objects/http_request.json

The HTTP Request object represents the attributes of a request made to a web server. It encapsulates the details and metadata associated with an HTTP request, including the request method, headers, URL, query parameters, body content, and other relevant information.

func (*HttpRequest) Descriptor deprecated 

func (*HttpRequest) Descriptor() ([]byte, []int)

Deprecated: Use HttpRequest.ProtoReflect.Descriptor instead.

func (*HttpRequest) GetArgs 

func (x *HttpRequest) GetArgs() string

func (*HttpRequest) GetHttpHeaders 

func (x *HttpRequest) GetHttpHeaders() []*HttpHeader

func (*HttpRequest) GetHttpMethod 

func (x *HttpRequest) GetHttpMethod() string

func (*HttpRequest) GetLength 

func (x *HttpRequest) GetLength() int32

func (*HttpRequest) GetReferrer 

func (x *HttpRequest) GetReferrer() string

func (*HttpRequest) GetUid 

func (x *HttpRequest) GetUid() string

func (*HttpRequest) GetUrl 

func (x *HttpRequest) GetUrl() *Url

func (*HttpRequest) GetUserAgent 

func (x *HttpRequest) GetUserAgent() string

func (*HttpRequest) GetVersion 

func (x *HttpRequest) GetVersion() string

func (*HttpRequest) GetXForwardedFor 

func (x *HttpRequest) GetXForwardedFor() []string

func (*HttpRequest) ProtoMessage 

func (*HttpRequest) ProtoMessage()

func (*HttpRequest) ProtoReflect 

func (x *HttpRequest) ProtoReflect() protoreflect.Message

func (*HttpRequest) Reset 

func (x *HttpRequest) Reset()

func (*HttpRequest) String 

func (x *HttpRequest) String() string

type HttpResponse 

type HttpResponse struct {
	Code        int32         `protobuf:"varint,1,opt,name=code,proto3" json:"code,omitempty"`
	ContentType *string       `protobuf:"bytes,2,opt,name=content_type,json=contentType,proto3,oneof" json:"content_type,omitempty"`
	HttpHeaders []*HttpHeader `protobuf:"bytes,3,rep,name=http_headers,json=httpHeaders,proto3" json:"http_headers,omitempty"`
	Latency     *int32        `protobuf:"varint,4,opt,name=latency,proto3,oneof" json:"latency,omitempty"`
	Length      *int32        `protobuf:"varint,5,opt,name=length,proto3,oneof" json:"length,omitempty"`
	Message     *string       `protobuf:"bytes,6,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Status      *string       `protobuf:"bytes,7,opt,name=status,proto3,oneof" json:"status,omitempty"`
	// contains filtered or unexported fields
}

HttpResponse is an OSF object defined in ocsf objects/http_response.json

The HTTP Response object contains detailed information about the response sent from a web server to the requester. It encompasses attributes and metadata that describe the response status, headers, body content, and other relevant information.

func (*HttpResponse) Descriptor deprecated 

func (*HttpResponse) Descriptor() ([]byte, []int)

Deprecated: Use HttpResponse.ProtoReflect.Descriptor instead.

func (*HttpResponse) GetCode 

func (x *HttpResponse) GetCode() int32

func (*HttpResponse) GetContentType 

func (x *HttpResponse) GetContentType() string

func (*HttpResponse) GetHttpHeaders 

func (x *HttpResponse) GetHttpHeaders() []*HttpHeader

func (*HttpResponse) GetLatency 

func (x *HttpResponse) GetLatency() int32

func (*HttpResponse) GetLength 

func (x *HttpResponse) GetLength() int32

func (*HttpResponse) GetMessage 

func (x *HttpResponse) GetMessage() string

func (*HttpResponse) GetStatus 

func (x *HttpResponse) GetStatus() string

func (*HttpResponse) ProtoMessage 

func (*HttpResponse) ProtoMessage()

func (*HttpResponse) ProtoReflect 

func (x *HttpResponse) ProtoReflect() protoreflect.Message

func (*HttpResponse) Reset 

func (x *HttpResponse) Reset()

func (*HttpResponse) String 

func (x *HttpResponse) String() string

type Idp 

type Idp struct {
	Name *string `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Uid  *string `protobuf:"bytes,2,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Idp is an OSF object defined in ocsf objects/idp.json

The Identity Provider object contains detailed information about a provider responsible for creating, maintaining, and managing identity information while offering authentication services to applications. An Identity Provider (IdP) serves as a trusted authority that verifies the identity of users and issues authentication tokens or assertions to enable secure access to applications or services.

func (*Idp) Descriptor deprecated 

func (*Idp) Descriptor() ([]byte, []int)

Deprecated: Use Idp.ProtoReflect.Descriptor instead.

func (*Idp) GetName 

func (x *Idp) GetName() string

func (*Idp) GetUid 

func (x *Idp) GetUid() string

func (*Idp) ProtoMessage 

func (*Idp) ProtoMessage()

func (*Idp) ProtoReflect 

func (x *Idp) ProtoReflect() protoreflect.Message

func (*Idp) Reset 

func (x *Idp) Reset()

func (*Idp) String 

func (x *Idp) String() string

type Image 

type Image struct {
	Labels []string `protobuf:"bytes,1,rep,name=labels,proto3" json:"labels,omitempty"`
	Name   *string  `protobuf:"bytes,2,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Path   *string  `protobuf:"bytes,3,opt,name=path,proto3,oneof" json:"path,omitempty"`
	Tag    *string  `protobuf:"bytes,4,opt,name=tag,proto3,oneof" json:"tag,omitempty"`
	Uid    string   `protobuf:"bytes,5,opt,name=uid,proto3" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Image is an OSF object defined in ocsf objects/image.json

The Image object provides a description of a specific Virtual Machine (VM) or Container image. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:ContainerImage/'>d3f:ContainerImage</a>.

func (*Image) Descriptor deprecated 

func (*Image) Descriptor() ([]byte, []int)

Deprecated: Use Image.ProtoReflect.Descriptor instead.

func (*Image) GetLabels 

func (x *Image) GetLabels() []string

func (*Image) GetName 

func (x *Image) GetName() string

func (*Image) GetPath 

func (x *Image) GetPath() string

func (*Image) GetTag 

func (x *Image) GetTag() string

func (*Image) GetUid 

func (x *Image) GetUid() string

func (*Image) ProtoMessage 

func (*Image) ProtoMessage()

func (*Image) ProtoReflect 

func (x *Image) ProtoReflect() protoreflect.Message

func (*Image) Reset 

func (x *Image) Reset()

func (*Image) String 

func (x *Image) String() string

type IncidentFinding 

type IncidentFinding struct {
	ActivityId        IncidentFinding_ActivityId    `` /* 139-byte string literal not displayed */
	ActivityName      *string                       `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Api               *Api                          `protobuf:"bytes,3,opt,name=api,proto3" json:"api,omitempty"`
	Assignee          *User                         `protobuf:"bytes,4,opt,name=assignee,proto3" json:"assignee,omitempty"`
	AssigneeGroup     *Group                        `protobuf:"bytes,5,opt,name=assignee_group,json=assigneeGroup,proto3" json:"assignee_group,omitempty"`
	Attacks           []*Attack                     `protobuf:"bytes,6,rep,name=attacks,proto3" json:"attacks,omitempty"`
	CategoryName      *string                       `protobuf:"bytes,7,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid       IncidentFinding_CategoryUid   `` /* 143-byte string literal not displayed */
	ClassName         *string                       `protobuf:"bytes,9,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid          IncidentFinding_ClassUid      `` /* 132-byte string literal not displayed */
	Cloud             *Cloud                        `protobuf:"bytes,11,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Comment           *string                       `protobuf:"bytes,12,opt,name=comment,proto3,oneof" json:"comment,omitempty"`
	Confidence        *string                       `protobuf:"bytes,13,opt,name=confidence,proto3,oneof" json:"confidence,omitempty"`
	ConfidenceId      *IncidentFinding_ConfidenceId `` /* 154-byte string literal not displayed */
	ConfidenceScore   *int32                        `protobuf:"varint,15,opt,name=confidence_score,json=confidenceScore,proto3,oneof" json:"confidence_score,omitempty"`
	Count             *int32                        `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Desc              *string                       `protobuf:"bytes,17,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Duration          *int32                        `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime           *int64                        `protobuf:"varint,19,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt         *timestamppb.Timestamp        `protobuf:"bytes,20,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments       []*Enrichment                 `protobuf:"bytes,21,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FindingInfoList   []*FindingInfo                `protobuf:"bytes,22,rep,name=finding_info_list,json=findingInfoList,proto3" json:"finding_info_list,omitempty"`
	Impact            *string                       `protobuf:"bytes,23,opt,name=impact,proto3,oneof" json:"impact,omitempty"`
	ImpactId          *IncidentFinding_ImpactId     `` /* 138-byte string literal not displayed */
	ImpactScore       *int32                        `protobuf:"varint,25,opt,name=impact_score,json=impactScore,proto3,oneof" json:"impact_score,omitempty"`
	IsSuspectedBreach *bool                         `protobuf:"varint,26,opt,name=is_suspected_breach,json=isSuspectedBreach,proto3,oneof" json:"is_suspected_breach,omitempty"`
	Message           *string                       `protobuf:"bytes,27,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata          *Metadata                     `protobuf:"bytes,28,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables       []*Observable                 `protobuf:"bytes,29,rep,name=observables,proto3" json:"observables,omitempty"`
	Priority          *string                       `protobuf:"bytes,30,opt,name=priority,proto3,oneof" json:"priority,omitempty"`
	PriorityId        *IncidentFinding_PriorityId   `` /* 146-byte string literal not displayed */
	RawData           *string                       `protobuf:"bytes,32,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity          *string                       `protobuf:"bytes,33,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId        IncidentFinding_SeverityId    `` /* 140-byte string literal not displayed */
	SrcUrl            *string                       `protobuf:"bytes,35,opt,name=src_url,json=srcUrl,proto3,oneof" json:"src_url,omitempty"`
	StartTime         *int64                        `protobuf:"varint,36,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt       *timestamppb.Timestamp        `protobuf:"bytes,37,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status            *string                       `protobuf:"bytes,38,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode        *string                       `protobuf:"bytes,39,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail      *string                       `protobuf:"bytes,40,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId          IncidentFinding_StatusId      `` /* 132-byte string literal not displayed */
	Time              int64                         `protobuf:"varint,42,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt            *timestamppb.Timestamp        `protobuf:"bytes,43,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset    *int32                        `protobuf:"varint,44,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName          *string                       `protobuf:"bytes,45,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid           int64                         `protobuf:"varint,46,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped          *structpb.Struct              `protobuf:"bytes,47,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	Verdict           *string                       `protobuf:"bytes,48,opt,name=verdict,proto3,oneof" json:"verdict,omitempty"`
	VerdictId         *IncidentFinding_VerdictId    `` /* 142-byte string literal not displayed */
	// contains filtered or unexported fields
}

IncidentFinding is an OSF event in category "Findings" called Incident Finding defined in ocsf events/findings/incident_finding.json

An Incident Finding reports the creation, update, or closure of security incidents as a result of detections and/or analytics.

func (*IncidentFinding) Descriptor deprecated 

func (*IncidentFinding) Descriptor() ([]byte, []int)

Deprecated: Use IncidentFinding.ProtoReflect.Descriptor instead.

func (*IncidentFinding) GetActivityId 

func (x *IncidentFinding) GetActivityId() IncidentFinding_ActivityId

func (*IncidentFinding) GetActivityName 

func (x *IncidentFinding) GetActivityName() string

func (*IncidentFinding) GetApi 

func (x *IncidentFinding) GetApi() *Api

func (*IncidentFinding) GetAssignee 

func (x *IncidentFinding) GetAssignee() *User

func (*IncidentFinding) GetAssigneeGroup 

func (x *IncidentFinding) GetAssigneeGroup() *Group

func (*IncidentFinding) GetAttacks 

func (x *IncidentFinding) GetAttacks() []*Attack

func (*IncidentFinding) GetCategoryName 

func (x *IncidentFinding) GetCategoryName() string

func (*IncidentFinding) GetCategoryUid 

func (x *IncidentFinding) GetCategoryUid() IncidentFinding_CategoryUid

func (*IncidentFinding) GetClassName 

func (x *IncidentFinding) GetClassName() string

func (*IncidentFinding) GetClassUid 

func (x *IncidentFinding) GetClassUid() IncidentFinding_ClassUid

func (*IncidentFinding) GetCloud 

func (x *IncidentFinding) GetCloud() *Cloud

func (*IncidentFinding) GetComment 

func (x *IncidentFinding) GetComment() string

func (*IncidentFinding) GetConfidence 

func (x *IncidentFinding) GetConfidence() string

func (*IncidentFinding) GetConfidenceId 

func (x *IncidentFinding) GetConfidenceId() IncidentFinding_ConfidenceId

func (*IncidentFinding) GetConfidenceScore 

func (x *IncidentFinding) GetConfidenceScore() int32

func (*IncidentFinding) GetCount 

func (x *IncidentFinding) GetCount() int32

func (*IncidentFinding) GetDesc 

func (x *IncidentFinding) GetDesc() string

func (*IncidentFinding) GetDuration 

func (x *IncidentFinding) GetDuration() int32

func (*IncidentFinding) GetEndTime 

func (x *IncidentFinding) GetEndTime() int64

func (*IncidentFinding) GetEndTimeDt 

func (x *IncidentFinding) GetEndTimeDt() *timestamppb.Timestamp

func (*IncidentFinding) GetEnrichments 

func (x *IncidentFinding) GetEnrichments() []*Enrichment

func (*IncidentFinding) GetFindingInfoList 

func (x *IncidentFinding) GetFindingInfoList() []*FindingInfo

func (*IncidentFinding) GetImpact 

func (x *IncidentFinding) GetImpact() string

func (*IncidentFinding) GetImpactId 

func (x *IncidentFinding) GetImpactId() IncidentFinding_ImpactId

func (*IncidentFinding) GetImpactScore 

func (x *IncidentFinding) GetImpactScore() int32

func (*IncidentFinding) GetIsSuspectedBreach 

func (x *IncidentFinding) GetIsSuspectedBreach() bool

func (*IncidentFinding) GetMessage 

func (x *IncidentFinding) GetMessage() string

func (*IncidentFinding) GetMetadata 

func (x *IncidentFinding) GetMetadata() *Metadata

func (*IncidentFinding) GetObservables 

func (x *IncidentFinding) GetObservables() []*Observable

func (*IncidentFinding) GetPriority 

func (x *IncidentFinding) GetPriority() string

func (*IncidentFinding) GetPriorityId 

func (x *IncidentFinding) GetPriorityId() IncidentFinding_PriorityId

func (*IncidentFinding) GetRawData 

func (x *IncidentFinding) GetRawData() string

func (*IncidentFinding) GetSeverity 

func (x *IncidentFinding) GetSeverity() string

func (*IncidentFinding) GetSeverityId 

func (x *IncidentFinding) GetSeverityId() IncidentFinding_SeverityId

func (*IncidentFinding) GetSrcUrl 

func (x *IncidentFinding) GetSrcUrl() string

func (*IncidentFinding) GetStartTime 

func (x *IncidentFinding) GetStartTime() int64

func (*IncidentFinding) GetStartTimeDt 

func (x *IncidentFinding) GetStartTimeDt() *timestamppb.Timestamp

func (*IncidentFinding) GetStatus 

func (x *IncidentFinding) GetStatus() string

func (*IncidentFinding) GetStatusCode 

func (x *IncidentFinding) GetStatusCode() string

func (*IncidentFinding) GetStatusDetail 

func (x *IncidentFinding) GetStatusDetail() string

func (*IncidentFinding) GetStatusId 

func (x *IncidentFinding) GetStatusId() IncidentFinding_StatusId

func (*IncidentFinding) GetTime 

func (x *IncidentFinding) GetTime() int64

func (*IncidentFinding) GetTimeDt 

func (x *IncidentFinding) GetTimeDt() *timestamppb.Timestamp

func (*IncidentFinding) GetTimezoneOffset 

func (x *IncidentFinding) GetTimezoneOffset() int32

func (*IncidentFinding) GetTypeName 

func (x *IncidentFinding) GetTypeName() string

func (*IncidentFinding) GetTypeUid 

func (x *IncidentFinding) GetTypeUid() int64

func (*IncidentFinding) GetUnmapped 

func (x *IncidentFinding) GetUnmapped() *structpb.Struct

func (*IncidentFinding) GetVerdict 

func (x *IncidentFinding) GetVerdict() string

func (*IncidentFinding) GetVerdictId 

func (x *IncidentFinding) GetVerdictId() IncidentFinding_VerdictId

func (*IncidentFinding) ProtoMessage 

func (*IncidentFinding) ProtoMessage()

func (*IncidentFinding) ProtoReflect 

func (x *IncidentFinding) ProtoReflect() protoreflect.Message

func (*IncidentFinding) Reset 

func (x *IncidentFinding) Reset()

func (*IncidentFinding) String 

func (x *IncidentFinding) String() string

type IncidentFinding_ActivityId 

type IncidentFinding_ActivityId int32
const (
	IncidentFinding_ACTIVITY_ID_UNKNOWN IncidentFinding_ActivityId = 0
	IncidentFinding_ACTIVITY_ID_CREATE  IncidentFinding_ActivityId = 1 // Reports the creation of an Incident.
	IncidentFinding_ACTIVITY_ID_UPDATE  IncidentFinding_ActivityId = 2 // Reports updates to an Incident.
	IncidentFinding_ACTIVITY_ID_CLOSE   IncidentFinding_ActivityId = 3 // Reports closure of an Incident .
	IncidentFinding_ACTIVITY_ID_OTHER   IncidentFinding_ActivityId = 99
)

func (IncidentFinding_ActivityId) Descriptor 

func (IncidentFinding_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_ActivityId) Enum 

func (x IncidentFinding_ActivityId) Enum() *IncidentFinding_ActivityId

func (IncidentFinding_ActivityId) EnumDescriptor deprecated 

func (IncidentFinding_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_ActivityId.Descriptor instead.

func (IncidentFinding_ActivityId) Number 

func (x IncidentFinding_ActivityId) Number() protoreflect.EnumNumber

func (IncidentFinding_ActivityId) String 

func (x IncidentFinding_ActivityId) String() string

func (IncidentFinding_ActivityId) Type 

func (IncidentFinding_ActivityId) Type() protoreflect.EnumType

type IncidentFinding_CategoryUid 

type IncidentFinding_CategoryUid int32
const (
	IncidentFinding_CATEGORY_UID_UNKNOWN  IncidentFinding_CategoryUid = 0
	IncidentFinding_CATEGORY_UID_FINDINGS IncidentFinding_CategoryUid = 2
)

func (IncidentFinding_CategoryUid) Descriptor 

func (IncidentFinding_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_CategoryUid) Enum 

func (x IncidentFinding_CategoryUid) Enum() *IncidentFinding_CategoryUid

func (IncidentFinding_CategoryUid) EnumDescriptor deprecated 

func (IncidentFinding_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_CategoryUid.Descriptor instead.

func (IncidentFinding_CategoryUid) Number 

func (x IncidentFinding_CategoryUid) Number() protoreflect.EnumNumber

func (IncidentFinding_CategoryUid) String 

func (x IncidentFinding_CategoryUid) String() string

func (IncidentFinding_CategoryUid) Type 

func (IncidentFinding_CategoryUid) Type() protoreflect.EnumType

type IncidentFinding_ClassUid 

type IncidentFinding_ClassUid int32
const (
	IncidentFinding_CLASS_UID_UNKNOWN          IncidentFinding_ClassUid = 0
	IncidentFinding_CLASS_UID_INCIDENT_FINDING IncidentFinding_ClassUid = 2005
)

func (IncidentFinding_ClassUid) Descriptor 

func (IncidentFinding_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_ClassUid) Enum 

func (x IncidentFinding_ClassUid) Enum() *IncidentFinding_ClassUid

func (IncidentFinding_ClassUid) EnumDescriptor deprecated 

func (IncidentFinding_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_ClassUid.Descriptor instead.

func (IncidentFinding_ClassUid) Number 

func (x IncidentFinding_ClassUid) Number() protoreflect.EnumNumber

func (IncidentFinding_ClassUid) String 

func (x IncidentFinding_ClassUid) String() string

func (IncidentFinding_ClassUid) Type 

func (IncidentFinding_ClassUid) Type() protoreflect.EnumType

type IncidentFinding_ConfidenceId 

type IncidentFinding_ConfidenceId int32
const (
	IncidentFinding_CONFIDENCE_ID_UNKNOWN IncidentFinding_ConfidenceId = 0 // The normalized confidence is unknown.
	IncidentFinding_CONFIDENCE_ID_LOW     IncidentFinding_ConfidenceId = 1
	IncidentFinding_CONFIDENCE_ID_MEDIUM  IncidentFinding_ConfidenceId = 2
	IncidentFinding_CONFIDENCE_ID_HIGH    IncidentFinding_ConfidenceId = 3
	IncidentFinding_CONFIDENCE_ID_OTHER   IncidentFinding_ConfidenceId = 99 // The confidence is not mapped to the defined enum
)

func (IncidentFinding_ConfidenceId) Descriptor 

func (IncidentFinding_ConfidenceId) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_ConfidenceId) Enum 

func (x IncidentFinding_ConfidenceId) Enum() *IncidentFinding_ConfidenceId

func (IncidentFinding_ConfidenceId) EnumDescriptor deprecated 

func (IncidentFinding_ConfidenceId) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_ConfidenceId.Descriptor instead.

func (IncidentFinding_ConfidenceId) Number 

func (x IncidentFinding_ConfidenceId) Number() protoreflect.EnumNumber

func (IncidentFinding_ConfidenceId) String 

func (x IncidentFinding_ConfidenceId) String() string

func (IncidentFinding_ConfidenceId) Type 

func (IncidentFinding_ConfidenceId) Type() protoreflect.EnumType

type IncidentFinding_ImpactId 

type IncidentFinding_ImpactId int32
const (
	IncidentFinding_IMPACT_ID_UNKNOWN  IncidentFinding_ImpactId = 0 // The normalized impact is unknown.
	IncidentFinding_IMPACT_ID_LOW      IncidentFinding_ImpactId = 1
	IncidentFinding_IMPACT_ID_MEDIUM   IncidentFinding_ImpactId = 2
	IncidentFinding_IMPACT_ID_HIGH     IncidentFinding_ImpactId = 3
	IncidentFinding_IMPACT_ID_CRITICAL IncidentFinding_ImpactId = 4
	IncidentFinding_IMPACT_ID_OTHER    IncidentFinding_ImpactId = 99 // The impact is not mapped. See the <code>impact</code>
)

func (IncidentFinding_ImpactId) Descriptor 

func (IncidentFinding_ImpactId) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_ImpactId) Enum 

func (x IncidentFinding_ImpactId) Enum() *IncidentFinding_ImpactId

func (IncidentFinding_ImpactId) EnumDescriptor deprecated 

func (IncidentFinding_ImpactId) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_ImpactId.Descriptor instead.

func (IncidentFinding_ImpactId) Number 

func (x IncidentFinding_ImpactId) Number() protoreflect.EnumNumber

func (IncidentFinding_ImpactId) String 

func (x IncidentFinding_ImpactId) String() string

func (IncidentFinding_ImpactId) Type 

func (IncidentFinding_ImpactId) Type() protoreflect.EnumType

type IncidentFinding_PriorityId 

type IncidentFinding_PriorityId int32
const (
	IncidentFinding_PRIORITY_ID_UNKNOWN IncidentFinding_PriorityId = 0 // No priority is assigned.
	IncidentFinding_PRIORITY_ID_LOW     IncidentFinding_PriorityId = 1 // Application or personal procedure is unusable, where
	// a workaround is available or a repair is possible.
	IncidentFinding_PRIORITY_ID_MEDIUM IncidentFinding_PriorityId = 2 // Non-critical function or procedure is unusable or
	// hard to use causing operational disruptions with no
	// direct impact on a service's availability. A
	// workaround is available.
	IncidentFinding_PRIORITY_ID_HIGH IncidentFinding_PriorityId = 3 // Critical functionality or network access is
	// interrupted, degraded or unusable, having a severe
	// impact on services availability. No acceptable
	// alternative is possible.
	IncidentFinding_PRIORITY_ID_CRITICAL IncidentFinding_PriorityId = 4 // Interruption making a critical functionality
	// inaccessible or a complete network interruption
	// causing a severe impact on services availability.
	// There is no possible alternative.
	IncidentFinding_PRIORITY_ID_OTHER IncidentFinding_PriorityId = 99 // The priority is not normalized.
)

func (IncidentFinding_PriorityId) Descriptor 

func (IncidentFinding_PriorityId) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_PriorityId) Enum 

func (x IncidentFinding_PriorityId) Enum() *IncidentFinding_PriorityId

func (IncidentFinding_PriorityId) EnumDescriptor deprecated 

func (IncidentFinding_PriorityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_PriorityId.Descriptor instead.

func (IncidentFinding_PriorityId) Number 

func (x IncidentFinding_PriorityId) Number() protoreflect.EnumNumber

func (IncidentFinding_PriorityId) String 

func (x IncidentFinding_PriorityId) String() string

func (IncidentFinding_PriorityId) Type 

func (IncidentFinding_PriorityId) Type() protoreflect.EnumType

type IncidentFinding_SeverityId 

type IncidentFinding_SeverityId int32
const (
	IncidentFinding_SEVERITY_ID_UNKNOWN       IncidentFinding_SeverityId = 0 // The event/finding severity is unknown.
	IncidentFinding_SEVERITY_ID_INFORMATIONAL IncidentFinding_SeverityId = 1 // Informational message. No action required.
	IncidentFinding_SEVERITY_ID_LOW           IncidentFinding_SeverityId = 2 // The user decides if action is needed.
	IncidentFinding_SEVERITY_ID_MEDIUM        IncidentFinding_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	IncidentFinding_SEVERITY_ID_HIGH     IncidentFinding_SeverityId = 4 // Action is required immediately.
	IncidentFinding_SEVERITY_ID_CRITICAL IncidentFinding_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	IncidentFinding_SEVERITY_ID_FATAL IncidentFinding_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	IncidentFinding_SEVERITY_ID_OTHER IncidentFinding_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (IncidentFinding_SeverityId) Descriptor 

func (IncidentFinding_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_SeverityId) Enum 

func (x IncidentFinding_SeverityId) Enum() *IncidentFinding_SeverityId

func (IncidentFinding_SeverityId) EnumDescriptor deprecated 

func (IncidentFinding_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_SeverityId.Descriptor instead.

func (IncidentFinding_SeverityId) Number 

func (x IncidentFinding_SeverityId) Number() protoreflect.EnumNumber

func (IncidentFinding_SeverityId) String 

func (x IncidentFinding_SeverityId) String() string

func (IncidentFinding_SeverityId) Type 

func (IncidentFinding_SeverityId) Type() protoreflect.EnumType

type IncidentFinding_StatusId 

type IncidentFinding_StatusId int32
const (
	IncidentFinding_STATUS_ID_UNKNOWN IncidentFinding_StatusId = 0 // The status is unknown.
	IncidentFinding_STATUS_ID_NEW     IncidentFinding_StatusId = 1 // The service desk has received the incident but has
	// not assigned it to an agent.
	IncidentFinding_STATUS_ID_IN_PROGRESS IncidentFinding_StatusId = 2 // The incident has been assigned to an agent but has
	// not been resolved. The agent is actively working
	// with the user to diagnose and resolve the incident.
	IncidentFinding_STATUS_ID_ON_HOLD IncidentFinding_StatusId = 3 // The incident requires some information or response
	// from the user or from a third party.
	IncidentFinding_STATUS_ID_RESOLVED IncidentFinding_StatusId = 4 // The service desk has confirmed that the incident is
	// resolved.
	IncidentFinding_STATUS_ID_CLOSED IncidentFinding_StatusId = 5 // The incident is resolved and no further action is
	// necessary.
	IncidentFinding_STATUS_ID_OTHER IncidentFinding_StatusId = 99 // The event status is not mapped. See the
)

func (IncidentFinding_StatusId) Descriptor 

func (IncidentFinding_StatusId) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_StatusId) Enum 

func (x IncidentFinding_StatusId) Enum() *IncidentFinding_StatusId

func (IncidentFinding_StatusId) EnumDescriptor deprecated 

func (IncidentFinding_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_StatusId.Descriptor instead.

func (IncidentFinding_StatusId) Number 

func (x IncidentFinding_StatusId) Number() protoreflect.EnumNumber

func (IncidentFinding_StatusId) String 

func (x IncidentFinding_StatusId) String() string

func (IncidentFinding_StatusId) Type 

func (IncidentFinding_StatusId) Type() protoreflect.EnumType

type IncidentFinding_VerdictId 

type IncidentFinding_VerdictId int32
const (
	IncidentFinding_VERDICT_ID_UNKNOWN        IncidentFinding_VerdictId = 0 // The type is unknown.
	IncidentFinding_VERDICT_ID_FALSE_POSITIVE IncidentFinding_VerdictId = 1 // The incident is a false positive.
	IncidentFinding_VERDICT_ID_TRUE_POSITIVE  IncidentFinding_VerdictId = 2 // The incident is a true positive.
	IncidentFinding_VERDICT_ID_DISREGARD      IncidentFinding_VerdictId = 3 // The incident can be disregarded as it is
	// unimportant, an error or accident.
	IncidentFinding_VERDICT_ID_SUSPICIOUS        IncidentFinding_VerdictId = 4 // The incident is suspicious.
	IncidentFinding_VERDICT_ID_BENIGN            IncidentFinding_VerdictId = 5 // The incident is benign.
	IncidentFinding_VERDICT_ID_TEST              IncidentFinding_VerdictId = 6 // The incident is a test.
	IncidentFinding_VERDICT_ID_INSUFFICIENT_DATA IncidentFinding_VerdictId = 7 // The incident has insufficient data to make
	// a verdict.
	IncidentFinding_VERDICT_ID_SECURITY_RISK      IncidentFinding_VerdictId = 8 // The incident is a security risk.
	IncidentFinding_VERDICT_ID_MANAGED_EXTERNALLY IncidentFinding_VerdictId = 9 // The incident remediation or required
	// actions are managed externally.
	IncidentFinding_VERDICT_ID_DUPLICATE IncidentFinding_VerdictId = 10 // The incident is a duplicate.
	IncidentFinding_VERDICT_ID_OTHER     IncidentFinding_VerdictId = 99 // The type is not mapped. See the
)

func (IncidentFinding_VerdictId) Descriptor 

func (IncidentFinding_VerdictId) Descriptor() protoreflect.EnumDescriptor

func (IncidentFinding_VerdictId) Enum 

func (x IncidentFinding_VerdictId) Enum() *IncidentFinding_VerdictId

func (IncidentFinding_VerdictId) EnumDescriptor deprecated 

func (IncidentFinding_VerdictId) EnumDescriptor() ([]byte, []int)

Deprecated: Use IncidentFinding_VerdictId.Descriptor instead.

func (IncidentFinding_VerdictId) Number 

func (x IncidentFinding_VerdictId) Number() protoreflect.EnumNumber

func (IncidentFinding_VerdictId) String 

func (x IncidentFinding_VerdictId) String() string

func (IncidentFinding_VerdictId) Type 

func (IncidentFinding_VerdictId) Type() protoreflect.EnumType

type InventoryInfo 

type InventoryInfo struct {
	ActivityId     InventoryInfo_ActivityId  `` /* 137-byte string literal not displayed */
	ActivityName   *string                   `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                    `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                      `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                   `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    InventoryInfo_CategoryUid `` /* 141-byte string literal not displayed */
	ClassName      *string                   `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       InventoryInfo_ClassUid    `` /* 129-byte string literal not displayed */
	Cloud          *Cloud                    `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                    `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                   `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                    `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                    `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp    `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment             `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                   `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                 `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable             `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                   `protobuf:"bytes,19,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                   `protobuf:"bytes,20,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     InventoryInfo_SeverityId  `` /* 138-byte string literal not displayed */
	StartTime      *int64                    `protobuf:"varint,22,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp    `protobuf:"bytes,23,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                   `protobuf:"bytes,24,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                   `protobuf:"bytes,25,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                   `protobuf:"bytes,26,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *InventoryInfo_StatusId   `` /* 136-byte string literal not displayed */
	Time           int64                     `protobuf:"varint,28,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp    `protobuf:"bytes,29,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                    `protobuf:"varint,30,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                   `protobuf:"bytes,31,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                     `protobuf:"varint,32,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct          `protobuf:"bytes,33,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

InventoryInfo is an OSF event in category "Discovery" called Device Inventory Info defined in ocsf events/discovery/inventory_info.json

Device Inventory Info events report device inventory data that is either logged or proactively collected. For example, when collecting device information from a CMDB or running a network sweep of connected devices.

func (*InventoryInfo) Descriptor deprecated 

func (*InventoryInfo) Descriptor() ([]byte, []int)

Deprecated: Use InventoryInfo.ProtoReflect.Descriptor instead.

func (*InventoryInfo) GetActivityId 

func (x *InventoryInfo) GetActivityId() InventoryInfo_ActivityId

func (*InventoryInfo) GetActivityName 

func (x *InventoryInfo) GetActivityName() string

func (*InventoryInfo) GetActor 

func (x *InventoryInfo) GetActor() *Actor

func (*InventoryInfo) GetApi 

func (x *InventoryInfo) GetApi() *Api

func (*InventoryInfo) GetCategoryName 

func (x *InventoryInfo) GetCategoryName() string

func (*InventoryInfo) GetCategoryUid 

func (x *InventoryInfo) GetCategoryUid() InventoryInfo_CategoryUid

func (*InventoryInfo) GetClassName 

func (x *InventoryInfo) GetClassName() string

func (*InventoryInfo) GetClassUid 

func (x *InventoryInfo) GetClassUid() InventoryInfo_ClassUid

func (*InventoryInfo) GetCloud 

func (x *InventoryInfo) GetCloud() *Cloud

func (*InventoryInfo) GetCount 

func (x *InventoryInfo) GetCount() int32

func (*InventoryInfo) GetDevice 

func (x *InventoryInfo) GetDevice() *Device

func (*InventoryInfo) GetDuration 

func (x *InventoryInfo) GetDuration() int32

func (*InventoryInfo) GetEndTime 

func (x *InventoryInfo) GetEndTime() int64

func (*InventoryInfo) GetEndTimeDt 

func (x *InventoryInfo) GetEndTimeDt() *timestamppb.Timestamp

func (*InventoryInfo) GetEnrichments 

func (x *InventoryInfo) GetEnrichments() []*Enrichment

func (*InventoryInfo) GetMessage 

func (x *InventoryInfo) GetMessage() string

func (*InventoryInfo) GetMetadata 

func (x *InventoryInfo) GetMetadata() *Metadata

func (*InventoryInfo) GetObservables 

func (x *InventoryInfo) GetObservables() []*Observable

func (*InventoryInfo) GetRawData 

func (x *InventoryInfo) GetRawData() string

func (*InventoryInfo) GetSeverity 

func (x *InventoryInfo) GetSeverity() string

func (*InventoryInfo) GetSeverityId 

func (x *InventoryInfo) GetSeverityId() InventoryInfo_SeverityId

func (*InventoryInfo) GetStartTime 

func (x *InventoryInfo) GetStartTime() int64

func (*InventoryInfo) GetStartTimeDt 

func (x *InventoryInfo) GetStartTimeDt() *timestamppb.Timestamp

func (*InventoryInfo) GetStatus 

func (x *InventoryInfo) GetStatus() string

func (*InventoryInfo) GetStatusCode 

func (x *InventoryInfo) GetStatusCode() string

func (*InventoryInfo) GetStatusDetail 

func (x *InventoryInfo) GetStatusDetail() string

func (*InventoryInfo) GetStatusId 

func (x *InventoryInfo) GetStatusId() InventoryInfo_StatusId

func (*InventoryInfo) GetTime 

func (x *InventoryInfo) GetTime() int64

func (*InventoryInfo) GetTimeDt 

func (x *InventoryInfo) GetTimeDt() *timestamppb.Timestamp

func (*InventoryInfo) GetTimezoneOffset 

func (x *InventoryInfo) GetTimezoneOffset() int32

func (*InventoryInfo) GetTypeName 

func (x *InventoryInfo) GetTypeName() string

func (*InventoryInfo) GetTypeUid 

func (x *InventoryInfo) GetTypeUid() int64

func (*InventoryInfo) GetUnmapped 

func (x *InventoryInfo) GetUnmapped() *structpb.Struct

func (*InventoryInfo) ProtoMessage 

func (*InventoryInfo) ProtoMessage()

func (*InventoryInfo) ProtoReflect 

func (x *InventoryInfo) ProtoReflect() protoreflect.Message

func (*InventoryInfo) Reset 

func (x *InventoryInfo) Reset()

func (*InventoryInfo) String 

func (x *InventoryInfo) String() string

type InventoryInfo_ActivityId 

type InventoryInfo_ActivityId int32
const (
	InventoryInfo_ACTIVITY_ID_UNKNOWN InventoryInfo_ActivityId = 0
	InventoryInfo_ACTIVITY_ID_LOG     InventoryInfo_ActivityId = 1 // The discovered information is via a log.
	InventoryInfo_ACTIVITY_ID_COLLECT InventoryInfo_ActivityId = 2 // The discovered information is via a collection
	// process.
	InventoryInfo_ACTIVITY_ID_OTHER InventoryInfo_ActivityId = 99
)

func (InventoryInfo_ActivityId) Descriptor 

func (InventoryInfo_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (InventoryInfo_ActivityId) Enum 

func (x InventoryInfo_ActivityId) Enum() *InventoryInfo_ActivityId

func (InventoryInfo_ActivityId) EnumDescriptor deprecated 

func (InventoryInfo_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use InventoryInfo_ActivityId.Descriptor instead.

func (InventoryInfo_ActivityId) Number 

func (x InventoryInfo_ActivityId) Number() protoreflect.EnumNumber

func (InventoryInfo_ActivityId) String 

func (x InventoryInfo_ActivityId) String() string

func (InventoryInfo_ActivityId) Type 

func (InventoryInfo_ActivityId) Type() protoreflect.EnumType

type InventoryInfo_CategoryUid 

type InventoryInfo_CategoryUid int32
const (
	InventoryInfo_CATEGORY_UID_UNKNOWN   InventoryInfo_CategoryUid = 0
	InventoryInfo_CATEGORY_UID_DISCOVERY InventoryInfo_CategoryUid = 5
)

func (InventoryInfo_CategoryUid) Descriptor 

func (InventoryInfo_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (InventoryInfo_CategoryUid) Enum 

func (x InventoryInfo_CategoryUid) Enum() *InventoryInfo_CategoryUid

func (InventoryInfo_CategoryUid) EnumDescriptor deprecated 

func (InventoryInfo_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use InventoryInfo_CategoryUid.Descriptor instead.

func (InventoryInfo_CategoryUid) Number 

func (x InventoryInfo_CategoryUid) Number() protoreflect.EnumNumber

func (InventoryInfo_CategoryUid) String 

func (x InventoryInfo_CategoryUid) String() string

func (InventoryInfo_CategoryUid) Type 

func (InventoryInfo_CategoryUid) Type() protoreflect.EnumType

type InventoryInfo_ClassUid 

type InventoryInfo_ClassUid int32
const (
	InventoryInfo_CLASS_UID_UNKNOWN               InventoryInfo_ClassUid = 0
	InventoryInfo_CLASS_UID_DEVICE_INVENTORY_INFO InventoryInfo_ClassUid = 5001
)

func (InventoryInfo_ClassUid) Descriptor 

func (InventoryInfo_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (InventoryInfo_ClassUid) Enum 

func (x InventoryInfo_ClassUid) Enum() *InventoryInfo_ClassUid

func (InventoryInfo_ClassUid) EnumDescriptor deprecated 

func (InventoryInfo_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use InventoryInfo_ClassUid.Descriptor instead.

func (InventoryInfo_ClassUid) Number 

func (x InventoryInfo_ClassUid) Number() protoreflect.EnumNumber

func (InventoryInfo_ClassUid) String 

func (x InventoryInfo_ClassUid) String() string

func (InventoryInfo_ClassUid) Type 

func (InventoryInfo_ClassUid) Type() protoreflect.EnumType

type InventoryInfo_SeverityId 

type InventoryInfo_SeverityId int32
const (
	InventoryInfo_SEVERITY_ID_UNKNOWN       InventoryInfo_SeverityId = 0 // The event/finding severity is unknown.
	InventoryInfo_SEVERITY_ID_INFORMATIONAL InventoryInfo_SeverityId = 1 // Informational message. No action required.
	InventoryInfo_SEVERITY_ID_LOW           InventoryInfo_SeverityId = 2 // The user decides if action is needed.
	InventoryInfo_SEVERITY_ID_MEDIUM        InventoryInfo_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	InventoryInfo_SEVERITY_ID_HIGH     InventoryInfo_SeverityId = 4 // Action is required immediately.
	InventoryInfo_SEVERITY_ID_CRITICAL InventoryInfo_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	InventoryInfo_SEVERITY_ID_FATAL InventoryInfo_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	InventoryInfo_SEVERITY_ID_OTHER InventoryInfo_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (InventoryInfo_SeverityId) Descriptor 

func (InventoryInfo_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (InventoryInfo_SeverityId) Enum 

func (x InventoryInfo_SeverityId) Enum() *InventoryInfo_SeverityId

func (InventoryInfo_SeverityId) EnumDescriptor deprecated 

func (InventoryInfo_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use InventoryInfo_SeverityId.Descriptor instead.

func (InventoryInfo_SeverityId) Number 

func (x InventoryInfo_SeverityId) Number() protoreflect.EnumNumber

func (InventoryInfo_SeverityId) String 

func (x InventoryInfo_SeverityId) String() string

func (InventoryInfo_SeverityId) Type 

func (InventoryInfo_SeverityId) Type() protoreflect.EnumType

type InventoryInfo_StatusId 

type InventoryInfo_StatusId int32
const (
	InventoryInfo_STATUS_ID_UNKNOWN InventoryInfo_StatusId = 0 // The status is unknown.
	InventoryInfo_STATUS_ID_SUCCESS InventoryInfo_StatusId = 1
	InventoryInfo_STATUS_ID_FAILURE InventoryInfo_StatusId = 2
	InventoryInfo_STATUS_ID_OTHER   InventoryInfo_StatusId = 99 // The event status is not mapped. See the
)

func (InventoryInfo_StatusId) Descriptor 

func (InventoryInfo_StatusId) Descriptor() protoreflect.EnumDescriptor

func (InventoryInfo_StatusId) Enum 

func (x InventoryInfo_StatusId) Enum() *InventoryInfo_StatusId

func (InventoryInfo_StatusId) EnumDescriptor deprecated 

func (InventoryInfo_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use InventoryInfo_StatusId.Descriptor instead.

func (InventoryInfo_StatusId) Number 

func (x InventoryInfo_StatusId) Number() protoreflect.EnumNumber

func (InventoryInfo_StatusId) String 

func (x InventoryInfo_StatusId) String() string

func (InventoryInfo_StatusId) Type 

func (InventoryInfo_StatusId) Type() protoreflect.EnumType

type Job 

type Job struct {
	CmdLine       *string                `protobuf:"bytes,1,opt,name=cmd_line,json=cmdLine,proto3,oneof" json:"cmd_line,omitempty"`
	CreatedTime   *int64                 `protobuf:"varint,2,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	Desc          *string                `protobuf:"bytes,4,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	File          *File                  `protobuf:"bytes,5,opt,name=file,proto3" json:"file,omitempty"`
	LastRunTime   *int64                 `protobuf:"varint,6,opt,name=last_run_time,json=lastRunTime,proto3,oneof" json:"last_run_time,omitempty"`
	LastRunTimeDt *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=last_run_time_dt,json=lastRunTimeDt,proto3,oneof" json:"last_run_time_dt,omitempty"`
	Name          string                 `protobuf:"bytes,8,opt,name=name,proto3" json:"name,omitempty"`
	NextRunTime   *int64                 `protobuf:"varint,9,opt,name=next_run_time,json=nextRunTime,proto3,oneof" json:"next_run_time,omitempty"`
	NextRunTimeDt *timestamppb.Timestamp `protobuf:"bytes,10,opt,name=next_run_time_dt,json=nextRunTimeDt,proto3,oneof" json:"next_run_time_dt,omitempty"`
	RunState      *string                `protobuf:"bytes,11,opt,name=run_state,json=runState,proto3,oneof" json:"run_state,omitempty"`
	RunStateId    *Job_RunStateId        `` /* 136-byte string literal not displayed */
	User          *User                  `protobuf:"bytes,13,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

Job is an OSF object defined in ocsf objects/job.json

The Job object provides information about a scheduled job or task, including its name, command line, and state. It encompasses attributes that describe the properties and status of the scheduled job.

func (*Job) Descriptor deprecated 

func (*Job) Descriptor() ([]byte, []int)

Deprecated: Use Job.ProtoReflect.Descriptor instead.

func (*Job) GetCmdLine 

func (x *Job) GetCmdLine() string

func (*Job) GetCreatedTime 

func (x *Job) GetCreatedTime() int64

func (*Job) GetCreatedTimeDt 

func (x *Job) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Job) GetDesc 

func (x *Job) GetDesc() string

func (*Job) GetFile 

func (x *Job) GetFile() *File

func (*Job) GetLastRunTime 

func (x *Job) GetLastRunTime() int64

func (*Job) GetLastRunTimeDt 

func (x *Job) GetLastRunTimeDt() *timestamppb.Timestamp

func (*Job) GetName 

func (x *Job) GetName() string

func (*Job) GetNextRunTime 

func (x *Job) GetNextRunTime() int64

func (*Job) GetNextRunTimeDt 

func (x *Job) GetNextRunTimeDt() *timestamppb.Timestamp

func (*Job) GetRunState 

func (x *Job) GetRunState() string

func (*Job) GetRunStateId 

func (x *Job) GetRunStateId() Job_RunStateId

func (*Job) GetUser 

func (x *Job) GetUser() *User

func (*Job) ProtoMessage 

func (*Job) ProtoMessage()

func (*Job) ProtoReflect 

func (x *Job) ProtoReflect() protoreflect.Message

func (*Job) Reset 

func (x *Job) Reset()

func (*Job) String 

func (x *Job) String() string

type JobQuery 

type JobQuery struct {
	ActivityId     JobQuery_ActivityId    `` /* 132-byte string literal not displayed */
	ActivityName   *string                `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                 `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                   `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    JobQuery_CategoryUid   `` /* 136-byte string literal not displayed */
	ClassName      *string                `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       JobQuery_ClassUid      `protobuf:"varint,8,opt,name=class_uid,json=classUid,proto3,enum=ocsf_schema.v1.JobQuery_ClassUid" json:"class_uid,omitempty"`
	Cloud          *Cloud                 `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                 `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                 `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                 `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment          `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Job            *Job                   `protobuf:"bytes,16,opt,name=job,proto3" json:"job,omitempty"`
	Message        *string                `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata              `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable          `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo             `protobuf:"bytes,20,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                `protobuf:"bytes,21,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  JobQuery_QueryResultId `` /* 147-byte string literal not displayed */
	RawData        *string                `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     JobQuery_SeverityId    `` /* 133-byte string literal not displayed */
	StartTime      *int64                 `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *JobQuery_StatusId     `` /* 131-byte string literal not displayed */
	Time           int64                  `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                 `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                  `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct       `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

JobQuery is an OSF event in category "Discovery" called Job Query defined in ocsf events/discovery/job_query.json

Job Query events report information about scheduled jobs.

func (*JobQuery) Descriptor deprecated 

func (*JobQuery) Descriptor() ([]byte, []int)

Deprecated: Use JobQuery.ProtoReflect.Descriptor instead.

func (*JobQuery) GetActivityId 

func (x *JobQuery) GetActivityId() JobQuery_ActivityId

func (*JobQuery) GetActivityName 

func (x *JobQuery) GetActivityName() string

func (*JobQuery) GetActor 

func (x *JobQuery) GetActor() *Actor

func (*JobQuery) GetApi 

func (x *JobQuery) GetApi() *Api

func (*JobQuery) GetCategoryName 

func (x *JobQuery) GetCategoryName() string

func (*JobQuery) GetCategoryUid 

func (x *JobQuery) GetCategoryUid() JobQuery_CategoryUid

func (*JobQuery) GetClassName 

func (x *JobQuery) GetClassName() string

func (*JobQuery) GetClassUid 

func (x *JobQuery) GetClassUid() JobQuery_ClassUid

func (*JobQuery) GetCloud 

func (x *JobQuery) GetCloud() *Cloud

func (*JobQuery) GetCount 

func (x *JobQuery) GetCount() int32

func (*JobQuery) GetDevice 

func (x *JobQuery) GetDevice() *Device

func (*JobQuery) GetDuration 

func (x *JobQuery) GetDuration() int32

func (*JobQuery) GetEndTime 

func (x *JobQuery) GetEndTime() int64

func (*JobQuery) GetEndTimeDt 

func (x *JobQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*JobQuery) GetEnrichments 

func (x *JobQuery) GetEnrichments() []*Enrichment

func (*JobQuery) GetJob 

func (x *JobQuery) GetJob() *Job

func (*JobQuery) GetMessage 

func (x *JobQuery) GetMessage() string

func (*JobQuery) GetMetadata 

func (x *JobQuery) GetMetadata() *Metadata

func (*JobQuery) GetObservables 

func (x *JobQuery) GetObservables() []*Observable

func (*JobQuery) GetQueryInfo 

func (x *JobQuery) GetQueryInfo() *QueryInfo

func (*JobQuery) GetQueryResult 

func (x *JobQuery) GetQueryResult() string

func (*JobQuery) GetQueryResultId 

func (x *JobQuery) GetQueryResultId() JobQuery_QueryResultId

func (*JobQuery) GetRawData 

func (x *JobQuery) GetRawData() string

func (*JobQuery) GetSeverity 

func (x *JobQuery) GetSeverity() string

func (*JobQuery) GetSeverityId 

func (x *JobQuery) GetSeverityId() JobQuery_SeverityId

func (*JobQuery) GetStartTime 

func (x *JobQuery) GetStartTime() int64

func (*JobQuery) GetStartTimeDt 

func (x *JobQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*JobQuery) GetStatus 

func (x *JobQuery) GetStatus() string

func (*JobQuery) GetStatusCode 

func (x *JobQuery) GetStatusCode() string

func (*JobQuery) GetStatusDetail 

func (x *JobQuery) GetStatusDetail() string

func (*JobQuery) GetStatusId 

func (x *JobQuery) GetStatusId() JobQuery_StatusId

func (*JobQuery) GetTime 

func (x *JobQuery) GetTime() int64

func (*JobQuery) GetTimeDt 

func (x *JobQuery) GetTimeDt() *timestamppb.Timestamp

func (*JobQuery) GetTimezoneOffset 

func (x *JobQuery) GetTimezoneOffset() int32

func (*JobQuery) GetTypeName 

func (x *JobQuery) GetTypeName() string

func (*JobQuery) GetTypeUid 

func (x *JobQuery) GetTypeUid() int64

func (*JobQuery) GetUnmapped 

func (x *JobQuery) GetUnmapped() *structpb.Struct

func (*JobQuery) ProtoMessage 

func (*JobQuery) ProtoMessage()

func (*JobQuery) ProtoReflect 

func (x *JobQuery) ProtoReflect() protoreflect.Message

func (*JobQuery) Reset 

func (x *JobQuery) Reset()

func (*JobQuery) String 

func (x *JobQuery) String() string

type JobQuery_ActivityId 

type JobQuery_ActivityId int32
const (
	JobQuery_ACTIVITY_ID_UNKNOWN JobQuery_ActivityId = 0
	JobQuery_ACTIVITY_ID_QUERY   JobQuery_ActivityId = 1 // The discovered results are via a query request.
	JobQuery_ACTIVITY_ID_OTHER   JobQuery_ActivityId = 99
)

func (JobQuery_ActivityId) Descriptor 

func (JobQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (JobQuery_ActivityId) Enum 

func (x JobQuery_ActivityId) Enum() *JobQuery_ActivityId

func (JobQuery_ActivityId) EnumDescriptor deprecated 

func (JobQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use JobQuery_ActivityId.Descriptor instead.

func (JobQuery_ActivityId) Number 

func (x JobQuery_ActivityId) Number() protoreflect.EnumNumber

func (JobQuery_ActivityId) String 

func (x JobQuery_ActivityId) String() string

func (JobQuery_ActivityId) Type 

func (JobQuery_ActivityId) Type() protoreflect.EnumType

type JobQuery_CategoryUid 

type JobQuery_CategoryUid int32
const (
	JobQuery_CATEGORY_UID_UNKNOWN   JobQuery_CategoryUid = 0
	JobQuery_CATEGORY_UID_DISCOVERY JobQuery_CategoryUid = 5
)

func (JobQuery_CategoryUid) Descriptor 

func (JobQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (JobQuery_CategoryUid) Enum 

func (x JobQuery_CategoryUid) Enum() *JobQuery_CategoryUid

func (JobQuery_CategoryUid) EnumDescriptor deprecated 

func (JobQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use JobQuery_CategoryUid.Descriptor instead.

func (JobQuery_CategoryUid) Number 

func (x JobQuery_CategoryUid) Number() protoreflect.EnumNumber

func (JobQuery_CategoryUid) String 

func (x JobQuery_CategoryUid) String() string

func (JobQuery_CategoryUid) Type 

func (JobQuery_CategoryUid) Type() protoreflect.EnumType

type JobQuery_ClassUid 

type JobQuery_ClassUid int32
const (
	JobQuery_CLASS_UID_UNKNOWN   JobQuery_ClassUid = 0
	JobQuery_CLASS_UID_JOB_QUERY JobQuery_ClassUid = 5010
)

func (JobQuery_ClassUid) Descriptor 

func (JobQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (JobQuery_ClassUid) Enum 

func (x JobQuery_ClassUid) Enum() *JobQuery_ClassUid

func (JobQuery_ClassUid) EnumDescriptor deprecated 

func (JobQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use JobQuery_ClassUid.Descriptor instead.

func (JobQuery_ClassUid) Number 

func (x JobQuery_ClassUid) Number() protoreflect.EnumNumber

func (JobQuery_ClassUid) String 

func (x JobQuery_ClassUid) String() string

func (JobQuery_ClassUid) Type 

func (JobQuery_ClassUid) Type() protoreflect.EnumType

type JobQuery_QueryResultId 

type JobQuery_QueryResultId int32
const (
	JobQuery_QUERY_RESULT_ID_UNKNOWN        JobQuery_QueryResultId = 0  // The query result is unknown.
	JobQuery_QUERY_RESULT_ID_EXISTS         JobQuery_QueryResultId = 1  // The target was found.
	JobQuery_QUERY_RESULT_ID_PARTIAL        JobQuery_QueryResultId = 2  // The target was partially found.
	JobQuery_QUERY_RESULT_ID_DOES_NOT_EXIST JobQuery_QueryResultId = 3  // The target was not found.
	JobQuery_QUERY_RESULT_ID_ERROR          JobQuery_QueryResultId = 4  // The discovery attempt failed.
	JobQuery_QUERY_RESULT_ID_UNSUPPORTED    JobQuery_QueryResultId = 5  // Discovery of the target was not supported.
	JobQuery_QUERY_RESULT_ID_OTHER          JobQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (JobQuery_QueryResultId) Descriptor 

func (JobQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (JobQuery_QueryResultId) Enum 

func (x JobQuery_QueryResultId) Enum() *JobQuery_QueryResultId

func (JobQuery_QueryResultId) EnumDescriptor deprecated 

func (JobQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use JobQuery_QueryResultId.Descriptor instead.

func (JobQuery_QueryResultId) Number 

func (x JobQuery_QueryResultId) Number() protoreflect.EnumNumber

func (JobQuery_QueryResultId) String 

func (x JobQuery_QueryResultId) String() string

func (JobQuery_QueryResultId) Type 

func (JobQuery_QueryResultId) Type() protoreflect.EnumType

type JobQuery_SeverityId 

type JobQuery_SeverityId int32
const (
	JobQuery_SEVERITY_ID_UNKNOWN       JobQuery_SeverityId = 0 // The event/finding severity is unknown.
	JobQuery_SEVERITY_ID_INFORMATIONAL JobQuery_SeverityId = 1 // Informational message. No action required.
	JobQuery_SEVERITY_ID_LOW           JobQuery_SeverityId = 2 // The user decides if action is needed.
	JobQuery_SEVERITY_ID_MEDIUM        JobQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	JobQuery_SEVERITY_ID_HIGH     JobQuery_SeverityId = 4 // Action is required immediately.
	JobQuery_SEVERITY_ID_CRITICAL JobQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	JobQuery_SEVERITY_ID_FATAL JobQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	JobQuery_SEVERITY_ID_OTHER JobQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (JobQuery_SeverityId) Descriptor 

func (JobQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (JobQuery_SeverityId) Enum 

func (x JobQuery_SeverityId) Enum() *JobQuery_SeverityId

func (JobQuery_SeverityId) EnumDescriptor deprecated 

func (JobQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use JobQuery_SeverityId.Descriptor instead.

func (JobQuery_SeverityId) Number 

func (x JobQuery_SeverityId) Number() protoreflect.EnumNumber

func (JobQuery_SeverityId) String 

func (x JobQuery_SeverityId) String() string

func (JobQuery_SeverityId) Type 

func (JobQuery_SeverityId) Type() protoreflect.EnumType

type JobQuery_StatusId 

type JobQuery_StatusId int32
const (
	JobQuery_STATUS_ID_UNKNOWN JobQuery_StatusId = 0 // The status is unknown.
	JobQuery_STATUS_ID_SUCCESS JobQuery_StatusId = 1
	JobQuery_STATUS_ID_FAILURE JobQuery_StatusId = 2
	JobQuery_STATUS_ID_OTHER   JobQuery_StatusId = 99 // The event status is not mapped. See the
)

func (JobQuery_StatusId) Descriptor 

func (JobQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (JobQuery_StatusId) Enum 

func (x JobQuery_StatusId) Enum() *JobQuery_StatusId

func (JobQuery_StatusId) EnumDescriptor deprecated 

func (JobQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use JobQuery_StatusId.Descriptor instead.

func (JobQuery_StatusId) Number 

func (x JobQuery_StatusId) Number() protoreflect.EnumNumber

func (JobQuery_StatusId) String 

func (x JobQuery_StatusId) String() string

func (JobQuery_StatusId) Type 

func (JobQuery_StatusId) Type() protoreflect.EnumType

type Job_RunStateId 

type Job_RunStateId int32
const (
	Job_RUN_STATE_ID_UNKNOWN Job_RunStateId = 0
	Job_RUN_STATE_ID_READY   Job_RunStateId = 1
	Job_RUN_STATE_ID_QUEUED  Job_RunStateId = 2
	Job_RUN_STATE_ID_RUNNING Job_RunStateId = 3
	Job_RUN_STATE_ID_STOPPED Job_RunStateId = 4
	Job_RUN_STATE_ID_OTHER   Job_RunStateId = 99
)

func (Job_RunStateId) Descriptor 

func (Job_RunStateId) Descriptor() protoreflect.EnumDescriptor

func (Job_RunStateId) Enum 

func (x Job_RunStateId) Enum() *Job_RunStateId

func (Job_RunStateId) EnumDescriptor deprecated 

func (Job_RunStateId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Job_RunStateId.Descriptor instead.

func (Job_RunStateId) Number 

func (x Job_RunStateId) Number() protoreflect.EnumNumber

func (Job_RunStateId) String 

func (x Job_RunStateId) String() string

func (Job_RunStateId) Type 

func (Job_RunStateId) Type() protoreflect.EnumType

type KbArticle 

type KbArticle struct {
	Bulletin       *string                `protobuf:"bytes,1,opt,name=bulletin,proto3,oneof" json:"bulletin,omitempty"`
	Classification *string                `protobuf:"bytes,2,opt,name=classification,proto3,oneof" json:"classification,omitempty"`
	CreatedTime    *int64                 `protobuf:"varint,3,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt  *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	IsSuperseded   *bool                  `protobuf:"varint,5,opt,name=is_superseded,json=isSuperseded,proto3,oneof" json:"is_superseded,omitempty"`
	Os             *Os                    `protobuf:"bytes,6,opt,name=os,proto3" json:"os,omitempty"`
	Product        *Product               `protobuf:"bytes,7,opt,name=product,proto3" json:"product,omitempty"`
	Severity       *string                `protobuf:"bytes,8,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	Size           *int64                 `protobuf:"varint,9,opt,name=size,proto3,oneof" json:"size,omitempty"`
	SrcUrl         *string                `protobuf:"bytes,10,opt,name=src_url,json=srcUrl,proto3,oneof" json:"src_url,omitempty"`
	Title          *string                `protobuf:"bytes,11,opt,name=title,proto3,oneof" json:"title,omitempty"`
	Uid            string                 `protobuf:"bytes,12,opt,name=uid,proto3" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

KbArticle is an OSF object defined in ocsf objects/kb_article.json

The KB Article object contains metadata that describes the patch or update.

func (*KbArticle) Descriptor deprecated 

func (*KbArticle) Descriptor() ([]byte, []int)

Deprecated: Use KbArticle.ProtoReflect.Descriptor instead.

func (*KbArticle) GetBulletin 

func (x *KbArticle) GetBulletin() string

func (*KbArticle) GetClassification 

func (x *KbArticle) GetClassification() string

func (*KbArticle) GetCreatedTime 

func (x *KbArticle) GetCreatedTime() int64

func (*KbArticle) GetCreatedTimeDt 

func (x *KbArticle) GetCreatedTimeDt() *timestamppb.Timestamp

func (*KbArticle) GetIsSuperseded 

func (x *KbArticle) GetIsSuperseded() bool

func (*KbArticle) GetOs 

func (x *KbArticle) GetOs() *Os

func (*KbArticle) GetProduct 

func (x *KbArticle) GetProduct() *Product

func (*KbArticle) GetSeverity 

func (x *KbArticle) GetSeverity() string

func (*KbArticle) GetSize 

func (x *KbArticle) GetSize() int64

func (*KbArticle) GetSrcUrl 

func (x *KbArticle) GetSrcUrl() string

func (*KbArticle) GetTitle 

func (x *KbArticle) GetTitle() string

func (*KbArticle) GetUid 

func (x *KbArticle) GetUid() string

func (*KbArticle) ProtoMessage 

func (*KbArticle) ProtoMessage()

func (*KbArticle) ProtoReflect 

func (x *KbArticle) ProtoReflect() protoreflect.Message

func (*KbArticle) Reset 

func (x *KbArticle) Reset()

func (*KbArticle) String 

func (x *KbArticle) String() string

type Kernel 

type Kernel struct {
	IsSystem   *bool         `protobuf:"varint,1,opt,name=is_system,json=isSystem,proto3,oneof" json:"is_system,omitempty"`
	Name       string        `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
	Path       *string       `protobuf:"bytes,3,opt,name=path,proto3,oneof" json:"path,omitempty"`
	SystemCall *string       `protobuf:"bytes,4,opt,name=system_call,json=systemCall,proto3,oneof" json:"system_call,omitempty"`
	Type       *string       `protobuf:"bytes,5,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId     Kernel_TypeId `protobuf:"varint,6,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Kernel_TypeId" json:"type_id,omitempty"`
	// contains filtered or unexported fields
}

Kernel is an OSF object defined in ocsf objects/kernel.json

The Kernel Resource object provides information about a specific kernel resource, including its name and type. It describes essential attributes associated with a resource managed by the kernel of an operating system. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:Kernel/'>d3f:Kernel</a>.

func (*Kernel) Descriptor deprecated 

func (*Kernel) Descriptor() ([]byte, []int)

Deprecated: Use Kernel.ProtoReflect.Descriptor instead.

func (*Kernel) GetIsSystem 

func (x *Kernel) GetIsSystem() bool

func (*Kernel) GetName 

func (x *Kernel) GetName() string

func (*Kernel) GetPath 

func (x *Kernel) GetPath() string

func (*Kernel) GetSystemCall 

func (x *Kernel) GetSystemCall() string

func (*Kernel) GetType 

func (x *Kernel) GetType() string

func (*Kernel) GetTypeId 

func (x *Kernel) GetTypeId() Kernel_TypeId

func (*Kernel) ProtoMessage 

func (*Kernel) ProtoMessage()

func (*Kernel) ProtoReflect 

func (x *Kernel) ProtoReflect() protoreflect.Message

func (*Kernel) Reset 

func (x *Kernel) Reset()

func (*Kernel) String 

func (x *Kernel) String() string

type KernelActivity 

type KernelActivity struct {
	Action         *string                       `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       KernelActivity_ActionId       `` /* 130-byte string literal not displayed */
	ActivityId     KernelActivity_ActivityId     `` /* 138-byte string literal not displayed */
	ActivityName   *string                       `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                        `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                          `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                     `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization              `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                       `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    KernelActivity_CategoryUid    `` /* 143-byte string literal not displayed */
	ClassName      *string                       `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       KernelActivity_ClassUid       `` /* 131-byte string literal not displayed */
	Cloud          *Cloud                        `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                        `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                       `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                       `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *KernelActivity_DispositionId `` /* 157-byte string literal not displayed */
	Duration       *int32                        `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                        `protobuf:"varint,19,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp        `protobuf:"bytes,20,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                 `protobuf:"bytes,21,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                 `protobuf:"bytes,22,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Kernel         *Kernel                       `protobuf:"bytes,23,opt,name=kernel,proto3" json:"kernel,omitempty"`
	Malware        []*Malware                    `protobuf:"bytes,24,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                       `protobuf:"bytes,25,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                     `protobuf:"bytes,26,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                 `protobuf:"bytes,27,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                       `protobuf:"bytes,28,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                       `protobuf:"bytes,29,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     KernelActivity_SeverityId     `` /* 139-byte string literal not displayed */
	StartTime      *int64                        `protobuf:"varint,31,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp        `protobuf:"bytes,32,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                       `protobuf:"bytes,33,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                       `protobuf:"bytes,34,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                       `protobuf:"bytes,35,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *KernelActivity_StatusId      `` /* 137-byte string literal not displayed */
	Time           int64                         `protobuf:"varint,37,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp        `protobuf:"bytes,38,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                        `protobuf:"varint,39,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                       `protobuf:"bytes,40,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                         `protobuf:"varint,41,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct              `protobuf:"bytes,42,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

KernelActivity is an OSF event in category "System Activity" called Kernel Activity defined in ocsf events/system/kernel.json

Kernel Activity events report when an process creates, reads, or deletes a kernel resource.

func (*KernelActivity) Descriptor deprecated 

func (*KernelActivity) Descriptor() ([]byte, []int)

Deprecated: Use KernelActivity.ProtoReflect.Descriptor instead.

func (*KernelActivity) GetAction 

func (x *KernelActivity) GetAction() string

func (*KernelActivity) GetActionId 

func (x *KernelActivity) GetActionId() KernelActivity_ActionId

func (*KernelActivity) GetActivityId 

func (x *KernelActivity) GetActivityId() KernelActivity_ActivityId

func (*KernelActivity) GetActivityName 

func (x *KernelActivity) GetActivityName() string

func (*KernelActivity) GetActor 

func (x *KernelActivity) GetActor() *Actor

func (*KernelActivity) GetApi 

func (x *KernelActivity) GetApi() *Api

func (*KernelActivity) GetAttacks 

func (x *KernelActivity) GetAttacks() []*Attack

func (*KernelActivity) GetAuthorizations 

func (x *KernelActivity) GetAuthorizations() []*Authorization

func (*KernelActivity) GetCategoryName 

func (x *KernelActivity) GetCategoryName() string

func (*KernelActivity) GetCategoryUid 

func (x *KernelActivity) GetCategoryUid() KernelActivity_CategoryUid

func (*KernelActivity) GetClassName 

func (x *KernelActivity) GetClassName() string

func (*KernelActivity) GetClassUid 

func (x *KernelActivity) GetClassUid() KernelActivity_ClassUid

func (*KernelActivity) GetCloud 

func (x *KernelActivity) GetCloud() *Cloud

func (*KernelActivity) GetCount 

func (x *KernelActivity) GetCount() int32

func (*KernelActivity) GetDevice 

func (x *KernelActivity) GetDevice() *Device

func (*KernelActivity) GetDisposition 

func (x *KernelActivity) GetDisposition() string

func (*KernelActivity) GetDispositionId 

func (x *KernelActivity) GetDispositionId() KernelActivity_DispositionId

func (*KernelActivity) GetDuration 

func (x *KernelActivity) GetDuration() int32

func (*KernelActivity) GetEndTime 

func (x *KernelActivity) GetEndTime() int64

func (*KernelActivity) GetEndTimeDt 

func (x *KernelActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*KernelActivity) GetEnrichments 

func (x *KernelActivity) GetEnrichments() []*Enrichment

func (*KernelActivity) GetFirewallRule 

func (x *KernelActivity) GetFirewallRule() *FirewallRule

func (*KernelActivity) GetKernel 

func (x *KernelActivity) GetKernel() *Kernel

func (*KernelActivity) GetMalware 

func (x *KernelActivity) GetMalware() []*Malware

func (*KernelActivity) GetMessage 

func (x *KernelActivity) GetMessage() string

func (*KernelActivity) GetMetadata 

func (x *KernelActivity) GetMetadata() *Metadata

func (*KernelActivity) GetObservables 

func (x *KernelActivity) GetObservables() []*Observable

func (*KernelActivity) GetRawData 

func (x *KernelActivity) GetRawData() string

func (*KernelActivity) GetSeverity 

func (x *KernelActivity) GetSeverity() string

func (*KernelActivity) GetSeverityId 

func (x *KernelActivity) GetSeverityId() KernelActivity_SeverityId

func (*KernelActivity) GetStartTime 

func (x *KernelActivity) GetStartTime() int64

func (*KernelActivity) GetStartTimeDt 

func (x *KernelActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*KernelActivity) GetStatus 

func (x *KernelActivity) GetStatus() string

func (*KernelActivity) GetStatusCode 

func (x *KernelActivity) GetStatusCode() string

func (*KernelActivity) GetStatusDetail 

func (x *KernelActivity) GetStatusDetail() string

func (*KernelActivity) GetStatusId 

func (x *KernelActivity) GetStatusId() KernelActivity_StatusId

func (*KernelActivity) GetTime 

func (x *KernelActivity) GetTime() int64

func (*KernelActivity) GetTimeDt 

func (x *KernelActivity) GetTimeDt() *timestamppb.Timestamp

func (*KernelActivity) GetTimezoneOffset 

func (x *KernelActivity) GetTimezoneOffset() int32

func (*KernelActivity) GetTypeName 

func (x *KernelActivity) GetTypeName() string

func (*KernelActivity) GetTypeUid 

func (x *KernelActivity) GetTypeUid() int64

func (*KernelActivity) GetUnmapped 

func (x *KernelActivity) GetUnmapped() *structpb.Struct

func (*KernelActivity) ProtoMessage 

func (*KernelActivity) ProtoMessage()

func (*KernelActivity) ProtoReflect 

func (x *KernelActivity) ProtoReflect() protoreflect.Message

func (*KernelActivity) Reset 

func (x *KernelActivity) Reset()

func (*KernelActivity) String 

func (x *KernelActivity) String() string

type KernelActivity_ActionId 

type KernelActivity_ActionId int32
const (
	KernelActivity_ACTION_ID_UNKNOWN KernelActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	KernelActivity_ACTION_ID_ALLOWED KernelActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	KernelActivity_ACTION_ID_DENIED KernelActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	KernelActivity_ACTION_ID_OTHER KernelActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (KernelActivity_ActionId) Descriptor 

func (KernelActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (KernelActivity_ActionId) Enum 

func (x KernelActivity_ActionId) Enum() *KernelActivity_ActionId

func (KernelActivity_ActionId) EnumDescriptor deprecated 

func (KernelActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelActivity_ActionId.Descriptor instead.

func (KernelActivity_ActionId) Number 

func (x KernelActivity_ActionId) Number() protoreflect.EnumNumber

func (KernelActivity_ActionId) String 

func (x KernelActivity_ActionId) String() string

func (KernelActivity_ActionId) Type 

func (KernelActivity_ActionId) Type() protoreflect.EnumType

type KernelActivity_ActivityId 

type KernelActivity_ActivityId int32
const (
	KernelActivity_ACTIVITY_ID_UNKNOWN KernelActivity_ActivityId = 0
	KernelActivity_ACTIVITY_ID_CREATE  KernelActivity_ActivityId = 1
	KernelActivity_ACTIVITY_ID_READ    KernelActivity_ActivityId = 2
	KernelActivity_ACTIVITY_ID_DELETE  KernelActivity_ActivityId = 3
	KernelActivity_ACTIVITY_ID_INVOKE  KernelActivity_ActivityId = 4
	KernelActivity_ACTIVITY_ID_OTHER   KernelActivity_ActivityId = 99
)

func (KernelActivity_ActivityId) Descriptor 

func (KernelActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (KernelActivity_ActivityId) Enum 

func (x KernelActivity_ActivityId) Enum() *KernelActivity_ActivityId

func (KernelActivity_ActivityId) EnumDescriptor deprecated 

func (KernelActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelActivity_ActivityId.Descriptor instead.

func (KernelActivity_ActivityId) Number 

func (x KernelActivity_ActivityId) Number() protoreflect.EnumNumber

func (KernelActivity_ActivityId) String 

func (x KernelActivity_ActivityId) String() string

func (KernelActivity_ActivityId) Type 

func (KernelActivity_ActivityId) Type() protoreflect.EnumType

type KernelActivity_CategoryUid 

type KernelActivity_CategoryUid int32
const (
	KernelActivity_CATEGORY_UID_UNKNOWN         KernelActivity_CategoryUid = 0
	KernelActivity_CATEGORY_UID_SYSTEM_ACTIVITY KernelActivity_CategoryUid = 1
)

func (KernelActivity_CategoryUid) Descriptor 

func (KernelActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (KernelActivity_CategoryUid) Enum 

func (x KernelActivity_CategoryUid) Enum() *KernelActivity_CategoryUid

func (KernelActivity_CategoryUid) EnumDescriptor deprecated 

func (KernelActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelActivity_CategoryUid.Descriptor instead.

func (KernelActivity_CategoryUid) Number 

func (x KernelActivity_CategoryUid) Number() protoreflect.EnumNumber

func (KernelActivity_CategoryUid) String 

func (x KernelActivity_CategoryUid) String() string

func (KernelActivity_CategoryUid) Type 

func (KernelActivity_CategoryUid) Type() protoreflect.EnumType

type KernelActivity_ClassUid 

type KernelActivity_ClassUid int32
const (
	KernelActivity_CLASS_UID_UNKNOWN         KernelActivity_ClassUid = 0
	KernelActivity_CLASS_UID_KERNEL_ACTIVITY KernelActivity_ClassUid = 1003
)

func (KernelActivity_ClassUid) Descriptor 

func (KernelActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (KernelActivity_ClassUid) Enum 

func (x KernelActivity_ClassUid) Enum() *KernelActivity_ClassUid

func (KernelActivity_ClassUid) EnumDescriptor deprecated 

func (KernelActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelActivity_ClassUid.Descriptor instead.

func (KernelActivity_ClassUid) Number 

func (x KernelActivity_ClassUid) Number() protoreflect.EnumNumber

func (KernelActivity_ClassUid) String 

func (x KernelActivity_ClassUid) String() string

func (KernelActivity_ClassUid) Type 

func (KernelActivity_ClassUid) Type() protoreflect.EnumType

type KernelActivity_DispositionId 

type KernelActivity_DispositionId int32
const (
	KernelActivity_DISPOSITION_ID_UNKNOWN KernelActivity_DispositionId = 0 // The disposition was not known.
	KernelActivity_DISPOSITION_ID_ALLOWED KernelActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	KernelActivity_DISPOSITION_ID_BLOCKED KernelActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	KernelActivity_DISPOSITION_ID_QUARANTINED KernelActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	KernelActivity_DISPOSITION_ID_ISOLATED KernelActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	KernelActivity_DISPOSITION_ID_DELETED KernelActivity_DispositionId = 5 // A file or other content was deleted.
	KernelActivity_DISPOSITION_ID_DROPPED KernelActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	KernelActivity_DISPOSITION_ID_CUSTOM_ACTION KernelActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	KernelActivity_DISPOSITION_ID_APPROVED KernelActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	KernelActivity_DISPOSITION_ID_RESTORED KernelActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	KernelActivity_DISPOSITION_ID_EXONERATED KernelActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	KernelActivity_DISPOSITION_ID_CORRECTED KernelActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	KernelActivity_DISPOSITION_ID_PARTIALLY_CORRECTED KernelActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	KernelActivity_DISPOSITION_ID_UNCORRECTED KernelActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	KernelActivity_DISPOSITION_ID_DELAYED KernelActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	KernelActivity_DISPOSITION_ID_DETECTED KernelActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	KernelActivity_DISPOSITION_ID_NO_ACTION KernelActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	KernelActivity_DISPOSITION_ID_LOGGED KernelActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	KernelActivity_DISPOSITION_ID_TAGGED KernelActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	KernelActivity_DISPOSITION_ID_ALERT KernelActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	KernelActivity_DISPOSITION_ID_COUNT KernelActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	KernelActivity_DISPOSITION_ID_RESET KernelActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	KernelActivity_DISPOSITION_ID_CAPTCHA KernelActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	KernelActivity_DISPOSITION_ID_CHALLENGE KernelActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	KernelActivity_DISPOSITION_ID_ACCESS_REVOKED KernelActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	KernelActivity_DISPOSITION_ID_REJECTED KernelActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	KernelActivity_DISPOSITION_ID_UNAUTHORIZED KernelActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	KernelActivity_DISPOSITION_ID_ERROR KernelActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	KernelActivity_DISPOSITION_ID_OTHER KernelActivity_DispositionId = 99 // The disposition is not listed. The
)

func (KernelActivity_DispositionId) Descriptor 

func (KernelActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (KernelActivity_DispositionId) Enum 

func (x KernelActivity_DispositionId) Enum() *KernelActivity_DispositionId

func (KernelActivity_DispositionId) EnumDescriptor deprecated 

func (KernelActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelActivity_DispositionId.Descriptor instead.

func (KernelActivity_DispositionId) Number 

func (x KernelActivity_DispositionId) Number() protoreflect.EnumNumber

func (KernelActivity_DispositionId) String 

func (x KernelActivity_DispositionId) String() string

func (KernelActivity_DispositionId) Type 

func (KernelActivity_DispositionId) Type() protoreflect.EnumType

type KernelActivity_SeverityId 

type KernelActivity_SeverityId int32
const (
	KernelActivity_SEVERITY_ID_UNKNOWN       KernelActivity_SeverityId = 0 // The event/finding severity is unknown.
	KernelActivity_SEVERITY_ID_INFORMATIONAL KernelActivity_SeverityId = 1 // Informational message. No action required.
	KernelActivity_SEVERITY_ID_LOW           KernelActivity_SeverityId = 2 // The user decides if action is needed.
	KernelActivity_SEVERITY_ID_MEDIUM        KernelActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	KernelActivity_SEVERITY_ID_HIGH     KernelActivity_SeverityId = 4 // Action is required immediately.
	KernelActivity_SEVERITY_ID_CRITICAL KernelActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	KernelActivity_SEVERITY_ID_FATAL KernelActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	KernelActivity_SEVERITY_ID_OTHER KernelActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (KernelActivity_SeverityId) Descriptor 

func (KernelActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (KernelActivity_SeverityId) Enum 

func (x KernelActivity_SeverityId) Enum() *KernelActivity_SeverityId

func (KernelActivity_SeverityId) EnumDescriptor deprecated 

func (KernelActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelActivity_SeverityId.Descriptor instead.

func (KernelActivity_SeverityId) Number 

func (x KernelActivity_SeverityId) Number() protoreflect.EnumNumber

func (KernelActivity_SeverityId) String 

func (x KernelActivity_SeverityId) String() string

func (KernelActivity_SeverityId) Type 

func (KernelActivity_SeverityId) Type() protoreflect.EnumType

type KernelActivity_StatusId 

type KernelActivity_StatusId int32
const (
	KernelActivity_STATUS_ID_UNKNOWN KernelActivity_StatusId = 0 // The status is unknown.
	KernelActivity_STATUS_ID_SUCCESS KernelActivity_StatusId = 1
	KernelActivity_STATUS_ID_FAILURE KernelActivity_StatusId = 2
	KernelActivity_STATUS_ID_OTHER   KernelActivity_StatusId = 99 // The event status is not mapped. See the
)

func (KernelActivity_StatusId) Descriptor 

func (KernelActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (KernelActivity_StatusId) Enum 

func (x KernelActivity_StatusId) Enum() *KernelActivity_StatusId

func (KernelActivity_StatusId) EnumDescriptor deprecated 

func (KernelActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelActivity_StatusId.Descriptor instead.

func (KernelActivity_StatusId) Number 

func (x KernelActivity_StatusId) Number() protoreflect.EnumNumber

func (KernelActivity_StatusId) String 

func (x KernelActivity_StatusId) String() string

func (KernelActivity_StatusId) Type 

func (KernelActivity_StatusId) Type() protoreflect.EnumType

type KernelDriver 

type KernelDriver struct {
	File *File `protobuf:"bytes,1,opt,name=file,proto3" json:"file,omitempty"`
	// contains filtered or unexported fields
}

KernelDriver is an OSF object defined in ocsf objects/kernel_driver.json

The Kernel Extension object describes a kernel driver that has been loaded or unloaded into the operating system (OS) kernel. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:KernelModule/'>d3f:KernelModule</a>.

func (*KernelDriver) Descriptor deprecated 

func (*KernelDriver) Descriptor() ([]byte, []int)

Deprecated: Use KernelDriver.ProtoReflect.Descriptor instead.

func (*KernelDriver) GetFile 

func (x *KernelDriver) GetFile() *File

func (*KernelDriver) ProtoMessage 

func (*KernelDriver) ProtoMessage()

func (*KernelDriver) ProtoReflect 

func (x *KernelDriver) ProtoReflect() protoreflect.Message

func (*KernelDriver) Reset 

func (x *KernelDriver) Reset()

func (*KernelDriver) String 

func (x *KernelDriver) String() string

type KernelExtension 

type KernelExtension struct {
	Action         *string                        `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       KernelExtension_ActionId       `` /* 131-byte string literal not displayed */
	ActivityId     KernelExtension_ActivityId     `` /* 139-byte string literal not displayed */
	ActivityName   *string                        `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                         `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                           `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                      `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization               `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                        `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    KernelExtension_CategoryUid    `` /* 144-byte string literal not displayed */
	ClassName      *string                        `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       KernelExtension_ClassUid       `` /* 132-byte string literal not displayed */
	Cloud          *Cloud                         `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                         `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                        `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                        `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *KernelExtension_DispositionId `` /* 158-byte string literal not displayed */
	Driver         *KernelDriver                  `protobuf:"bytes,18,opt,name=driver,proto3" json:"driver,omitempty"`
	Duration       *int32                         `protobuf:"varint,19,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                         `protobuf:"varint,20,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp         `protobuf:"bytes,21,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                  `protobuf:"bytes,22,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                  `protobuf:"bytes,23,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                     `protobuf:"bytes,24,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                        `protobuf:"bytes,25,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                      `protobuf:"bytes,26,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                  `protobuf:"bytes,27,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                        `protobuf:"bytes,28,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                        `protobuf:"bytes,29,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     KernelExtension_SeverityId     `` /* 140-byte string literal not displayed */
	StartTime      *int64                         `protobuf:"varint,31,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp         `protobuf:"bytes,32,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                        `protobuf:"bytes,33,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                        `protobuf:"bytes,34,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                        `protobuf:"bytes,35,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *KernelExtension_StatusId      `` /* 138-byte string literal not displayed */
	Time           int64                          `protobuf:"varint,37,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp         `protobuf:"bytes,38,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                         `protobuf:"varint,39,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                        `protobuf:"bytes,40,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                          `protobuf:"varint,41,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct               `protobuf:"bytes,42,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

KernelExtension is an OSF event in category "System Activity" called Kernel Extension Activity defined in ocsf events/system/kernel_extension.json

Kernel Extension events report when a driver/extension is loaded or unloaded into the kernel

func (*KernelExtension) Descriptor deprecated 

func (*KernelExtension) Descriptor() ([]byte, []int)

Deprecated: Use KernelExtension.ProtoReflect.Descriptor instead.

func (*KernelExtension) GetAction 

func (x *KernelExtension) GetAction() string

func (*KernelExtension) GetActionId 

func (x *KernelExtension) GetActionId() KernelExtension_ActionId

func (*KernelExtension) GetActivityId 

func (x *KernelExtension) GetActivityId() KernelExtension_ActivityId

func (*KernelExtension) GetActivityName 

func (x *KernelExtension) GetActivityName() string

func (*KernelExtension) GetActor 

func (x *KernelExtension) GetActor() *Actor

func (*KernelExtension) GetApi 

func (x *KernelExtension) GetApi() *Api

func (*KernelExtension) GetAttacks 

func (x *KernelExtension) GetAttacks() []*Attack

func (*KernelExtension) GetAuthorizations 

func (x *KernelExtension) GetAuthorizations() []*Authorization

func (*KernelExtension) GetCategoryName 

func (x *KernelExtension) GetCategoryName() string

func (*KernelExtension) GetCategoryUid 

func (x *KernelExtension) GetCategoryUid() KernelExtension_CategoryUid

func (*KernelExtension) GetClassName 

func (x *KernelExtension) GetClassName() string

func (*KernelExtension) GetClassUid 

func (x *KernelExtension) GetClassUid() KernelExtension_ClassUid

func (*KernelExtension) GetCloud 

func (x *KernelExtension) GetCloud() *Cloud

func (*KernelExtension) GetCount 

func (x *KernelExtension) GetCount() int32

func (*KernelExtension) GetDevice 

func (x *KernelExtension) GetDevice() *Device

func (*KernelExtension) GetDisposition 

func (x *KernelExtension) GetDisposition() string

func (*KernelExtension) GetDispositionId 

func (x *KernelExtension) GetDispositionId() KernelExtension_DispositionId

func (*KernelExtension) GetDriver 

func (x *KernelExtension) GetDriver() *KernelDriver

func (*KernelExtension) GetDuration 

func (x *KernelExtension) GetDuration() int32

func (*KernelExtension) GetEndTime 

func (x *KernelExtension) GetEndTime() int64

func (*KernelExtension) GetEndTimeDt 

func (x *KernelExtension) GetEndTimeDt() *timestamppb.Timestamp

func (*KernelExtension) GetEnrichments 

func (x *KernelExtension) GetEnrichments() []*Enrichment

func (*KernelExtension) GetFirewallRule 

func (x *KernelExtension) GetFirewallRule() *FirewallRule

func (*KernelExtension) GetMalware 

func (x *KernelExtension) GetMalware() []*Malware

func (*KernelExtension) GetMessage 

func (x *KernelExtension) GetMessage() string

func (*KernelExtension) GetMetadata 

func (x *KernelExtension) GetMetadata() *Metadata

func (*KernelExtension) GetObservables 

func (x *KernelExtension) GetObservables() []*Observable

func (*KernelExtension) GetRawData 

func (x *KernelExtension) GetRawData() string

func (*KernelExtension) GetSeverity 

func (x *KernelExtension) GetSeverity() string

func (*KernelExtension) GetSeverityId 

func (x *KernelExtension) GetSeverityId() KernelExtension_SeverityId

func (*KernelExtension) GetStartTime 

func (x *KernelExtension) GetStartTime() int64

func (*KernelExtension) GetStartTimeDt 

func (x *KernelExtension) GetStartTimeDt() *timestamppb.Timestamp

func (*KernelExtension) GetStatus 

func (x *KernelExtension) GetStatus() string

func (*KernelExtension) GetStatusCode 

func (x *KernelExtension) GetStatusCode() string

func (*KernelExtension) GetStatusDetail 

func (x *KernelExtension) GetStatusDetail() string

func (*KernelExtension) GetStatusId 

func (x *KernelExtension) GetStatusId() KernelExtension_StatusId

func (*KernelExtension) GetTime 

func (x *KernelExtension) GetTime() int64

func (*KernelExtension) GetTimeDt 

func (x *KernelExtension) GetTimeDt() *timestamppb.Timestamp

func (*KernelExtension) GetTimezoneOffset 

func (x *KernelExtension) GetTimezoneOffset() int32

func (*KernelExtension) GetTypeName 

func (x *KernelExtension) GetTypeName() string

func (*KernelExtension) GetTypeUid 

func (x *KernelExtension) GetTypeUid() int64

func (*KernelExtension) GetUnmapped 

func (x *KernelExtension) GetUnmapped() *structpb.Struct

func (*KernelExtension) ProtoMessage 

func (*KernelExtension) ProtoMessage()

func (*KernelExtension) ProtoReflect 

func (x *KernelExtension) ProtoReflect() protoreflect.Message

func (*KernelExtension) Reset 

func (x *KernelExtension) Reset()

func (*KernelExtension) String 

func (x *KernelExtension) String() string

type KernelExtension_ActionId 

type KernelExtension_ActionId int32
const (
	KernelExtension_ACTION_ID_UNKNOWN KernelExtension_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	KernelExtension_ACTION_ID_ALLOWED KernelExtension_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	KernelExtension_ACTION_ID_DENIED KernelExtension_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	KernelExtension_ACTION_ID_OTHER KernelExtension_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (KernelExtension_ActionId) Descriptor 

func (KernelExtension_ActionId) Descriptor() protoreflect.EnumDescriptor

func (KernelExtension_ActionId) Enum 

func (x KernelExtension_ActionId) Enum() *KernelExtension_ActionId

func (KernelExtension_ActionId) EnumDescriptor deprecated 

func (KernelExtension_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelExtension_ActionId.Descriptor instead.

func (KernelExtension_ActionId) Number 

func (x KernelExtension_ActionId) Number() protoreflect.EnumNumber

func (KernelExtension_ActionId) String 

func (x KernelExtension_ActionId) String() string

func (KernelExtension_ActionId) Type 

func (KernelExtension_ActionId) Type() protoreflect.EnumType

type KernelExtension_ActivityId 

type KernelExtension_ActivityId int32
const (
	KernelExtension_ACTIVITY_ID_UNKNOWN KernelExtension_ActivityId = 0
	KernelExtension_ACTIVITY_ID_LOAD    KernelExtension_ActivityId = 1 // A driver/extension was loaded into the kernel
	KernelExtension_ACTIVITY_ID_UNLOAD  KernelExtension_ActivityId = 2 // A driver/extension was unloaded (removed) from the
	// kernel
	KernelExtension_ACTIVITY_ID_OTHER KernelExtension_ActivityId = 99
)

func (KernelExtension_ActivityId) Descriptor 

func (KernelExtension_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (KernelExtension_ActivityId) Enum 

func (x KernelExtension_ActivityId) Enum() *KernelExtension_ActivityId

func (KernelExtension_ActivityId) EnumDescriptor deprecated 

func (KernelExtension_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelExtension_ActivityId.Descriptor instead.

func (KernelExtension_ActivityId) Number 

func (x KernelExtension_ActivityId) Number() protoreflect.EnumNumber

func (KernelExtension_ActivityId) String 

func (x KernelExtension_ActivityId) String() string

func (KernelExtension_ActivityId) Type 

func (KernelExtension_ActivityId) Type() protoreflect.EnumType

type KernelExtension_CategoryUid 

type KernelExtension_CategoryUid int32
const (
	KernelExtension_CATEGORY_UID_UNKNOWN         KernelExtension_CategoryUid = 0
	KernelExtension_CATEGORY_UID_SYSTEM_ACTIVITY KernelExtension_CategoryUid = 1
)

func (KernelExtension_CategoryUid) Descriptor 

func (KernelExtension_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (KernelExtension_CategoryUid) Enum 

func (x KernelExtension_CategoryUid) Enum() *KernelExtension_CategoryUid

func (KernelExtension_CategoryUid) EnumDescriptor deprecated 

func (KernelExtension_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelExtension_CategoryUid.Descriptor instead.

func (KernelExtension_CategoryUid) Number 

func (x KernelExtension_CategoryUid) Number() protoreflect.EnumNumber

func (KernelExtension_CategoryUid) String 

func (x KernelExtension_CategoryUid) String() string

func (KernelExtension_CategoryUid) Type 

func (KernelExtension_CategoryUid) Type() protoreflect.EnumType

type KernelExtension_ClassUid 

type KernelExtension_ClassUid int32
const (
	KernelExtension_CLASS_UID_UNKNOWN                   KernelExtension_ClassUid = 0
	KernelExtension_CLASS_UID_KERNEL_EXTENSION_ACTIVITY KernelExtension_ClassUid = 1002
)

func (KernelExtension_ClassUid) Descriptor 

func (KernelExtension_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (KernelExtension_ClassUid) Enum 

func (x KernelExtension_ClassUid) Enum() *KernelExtension_ClassUid

func (KernelExtension_ClassUid) EnumDescriptor deprecated 

func (KernelExtension_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelExtension_ClassUid.Descriptor instead.

func (KernelExtension_ClassUid) Number 

func (x KernelExtension_ClassUid) Number() protoreflect.EnumNumber

func (KernelExtension_ClassUid) String 

func (x KernelExtension_ClassUid) String() string

func (KernelExtension_ClassUid) Type 

func (KernelExtension_ClassUid) Type() protoreflect.EnumType

type KernelExtension_DispositionId 

type KernelExtension_DispositionId int32
const (
	KernelExtension_DISPOSITION_ID_UNKNOWN KernelExtension_DispositionId = 0 // The disposition was not known.
	KernelExtension_DISPOSITION_ID_ALLOWED KernelExtension_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	KernelExtension_DISPOSITION_ID_BLOCKED KernelExtension_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	KernelExtension_DISPOSITION_ID_QUARANTINED KernelExtension_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	KernelExtension_DISPOSITION_ID_ISOLATED KernelExtension_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	KernelExtension_DISPOSITION_ID_DELETED KernelExtension_DispositionId = 5 // A file or other content was deleted.
	KernelExtension_DISPOSITION_ID_DROPPED KernelExtension_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	KernelExtension_DISPOSITION_ID_CUSTOM_ACTION KernelExtension_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	KernelExtension_DISPOSITION_ID_APPROVED KernelExtension_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	KernelExtension_DISPOSITION_ID_RESTORED KernelExtension_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	KernelExtension_DISPOSITION_ID_EXONERATED KernelExtension_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	KernelExtension_DISPOSITION_ID_CORRECTED KernelExtension_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	KernelExtension_DISPOSITION_ID_PARTIALLY_CORRECTED KernelExtension_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	KernelExtension_DISPOSITION_ID_UNCORRECTED KernelExtension_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	KernelExtension_DISPOSITION_ID_DELAYED KernelExtension_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	KernelExtension_DISPOSITION_ID_DETECTED KernelExtension_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	KernelExtension_DISPOSITION_ID_NO_ACTION KernelExtension_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	KernelExtension_DISPOSITION_ID_LOGGED KernelExtension_DispositionId = 17 // The operation or action was logged
	// without further action.
	KernelExtension_DISPOSITION_ID_TAGGED KernelExtension_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	KernelExtension_DISPOSITION_ID_ALERT KernelExtension_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	KernelExtension_DISPOSITION_ID_COUNT KernelExtension_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	KernelExtension_DISPOSITION_ID_RESET KernelExtension_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	KernelExtension_DISPOSITION_ID_CAPTCHA KernelExtension_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	KernelExtension_DISPOSITION_ID_CHALLENGE KernelExtension_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	KernelExtension_DISPOSITION_ID_ACCESS_REVOKED KernelExtension_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	KernelExtension_DISPOSITION_ID_REJECTED KernelExtension_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	KernelExtension_DISPOSITION_ID_UNAUTHORIZED KernelExtension_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	KernelExtension_DISPOSITION_ID_ERROR KernelExtension_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	KernelExtension_DISPOSITION_ID_OTHER KernelExtension_DispositionId = 99 // The disposition is not listed. The
)

func (KernelExtension_DispositionId) Descriptor 

func (KernelExtension_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (KernelExtension_DispositionId) Enum 

func (x KernelExtension_DispositionId) Enum() *KernelExtension_DispositionId

func (KernelExtension_DispositionId) EnumDescriptor deprecated 

func (KernelExtension_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelExtension_DispositionId.Descriptor instead.

func (KernelExtension_DispositionId) Number 

func (x KernelExtension_DispositionId) Number() protoreflect.EnumNumber

func (KernelExtension_DispositionId) String 

func (x KernelExtension_DispositionId) String() string

func (KernelExtension_DispositionId) Type 

func (KernelExtension_DispositionId) Type() protoreflect.EnumType

type KernelExtension_SeverityId 

type KernelExtension_SeverityId int32
const (
	KernelExtension_SEVERITY_ID_UNKNOWN       KernelExtension_SeverityId = 0 // The event/finding severity is unknown.
	KernelExtension_SEVERITY_ID_INFORMATIONAL KernelExtension_SeverityId = 1 // Informational message. No action required.
	KernelExtension_SEVERITY_ID_LOW           KernelExtension_SeverityId = 2 // The user decides if action is needed.
	KernelExtension_SEVERITY_ID_MEDIUM        KernelExtension_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	KernelExtension_SEVERITY_ID_HIGH     KernelExtension_SeverityId = 4 // Action is required immediately.
	KernelExtension_SEVERITY_ID_CRITICAL KernelExtension_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	KernelExtension_SEVERITY_ID_FATAL KernelExtension_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	KernelExtension_SEVERITY_ID_OTHER KernelExtension_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (KernelExtension_SeverityId) Descriptor 

func (KernelExtension_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (KernelExtension_SeverityId) Enum 

func (x KernelExtension_SeverityId) Enum() *KernelExtension_SeverityId

func (KernelExtension_SeverityId) EnumDescriptor deprecated 

func (KernelExtension_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelExtension_SeverityId.Descriptor instead.

func (KernelExtension_SeverityId) Number 

func (x KernelExtension_SeverityId) Number() protoreflect.EnumNumber

func (KernelExtension_SeverityId) String 

func (x KernelExtension_SeverityId) String() string

func (KernelExtension_SeverityId) Type 

func (KernelExtension_SeverityId) Type() protoreflect.EnumType

type KernelExtension_StatusId 

type KernelExtension_StatusId int32
const (
	KernelExtension_STATUS_ID_UNKNOWN KernelExtension_StatusId = 0 // The status is unknown.
	KernelExtension_STATUS_ID_SUCCESS KernelExtension_StatusId = 1
	KernelExtension_STATUS_ID_FAILURE KernelExtension_StatusId = 2
	KernelExtension_STATUS_ID_OTHER   KernelExtension_StatusId = 99 // The event status is not mapped. See the
)

func (KernelExtension_StatusId) Descriptor 

func (KernelExtension_StatusId) Descriptor() protoreflect.EnumDescriptor

func (KernelExtension_StatusId) Enum 

func (x KernelExtension_StatusId) Enum() *KernelExtension_StatusId

func (KernelExtension_StatusId) EnumDescriptor deprecated 

func (KernelExtension_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelExtension_StatusId.Descriptor instead.

func (KernelExtension_StatusId) Number 

func (x KernelExtension_StatusId) Number() protoreflect.EnumNumber

func (KernelExtension_StatusId) String 

func (x KernelExtension_StatusId) String() string

func (KernelExtension_StatusId) Type 

func (KernelExtension_StatusId) Type() protoreflect.EnumType

type KernelObjectQuery 

type KernelObjectQuery struct {
	ActivityId     KernelObjectQuery_ActivityId    `` /* 141-byte string literal not displayed */
	ActivityName   *string                         `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                          `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                            `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                         `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    KernelObjectQuery_CategoryUid   `` /* 145-byte string literal not displayed */
	ClassName      *string                         `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       KernelObjectQuery_ClassUid      `` /* 133-byte string literal not displayed */
	Cloud          *Cloud                          `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                          `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                         `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                          `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                          `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp          `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                   `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Kernel         *Kernel                         `protobuf:"bytes,16,opt,name=kernel,proto3" json:"kernel,omitempty"`
	Message        *string                         `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                       `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                   `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                      `protobuf:"bytes,20,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                         `protobuf:"bytes,21,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  KernelObjectQuery_QueryResultId `` /* 156-byte string literal not displayed */
	RawData        *string                         `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                         `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     KernelObjectQuery_SeverityId    `` /* 142-byte string literal not displayed */
	StartTime      *int64                          `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp          `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                         `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                         `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                         `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *KernelObjectQuery_StatusId     `` /* 140-byte string literal not displayed */
	Time           int64                           `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp          `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                          `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                         `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                           `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

KernelObjectQuery is an OSF event in category "Discovery" called Kernel Object Query defined in ocsf events/discovery/kernel_object_query.json

Kernel Object Query events report information about discovered kernel resources.

func (*KernelObjectQuery) Descriptor deprecated 

func (*KernelObjectQuery) Descriptor() ([]byte, []int)

Deprecated: Use KernelObjectQuery.ProtoReflect.Descriptor instead.

func (*KernelObjectQuery) GetActivityId 

func (x *KernelObjectQuery) GetActivityId() KernelObjectQuery_ActivityId

func (*KernelObjectQuery) GetActivityName 

func (x *KernelObjectQuery) GetActivityName() string

func (*KernelObjectQuery) GetActor 

func (x *KernelObjectQuery) GetActor() *Actor

func (*KernelObjectQuery) GetApi 

func (x *KernelObjectQuery) GetApi() *Api

func (*KernelObjectQuery) GetCategoryName 

func (x *KernelObjectQuery) GetCategoryName() string

func (*KernelObjectQuery) GetCategoryUid 

func (x *KernelObjectQuery) GetCategoryUid() KernelObjectQuery_CategoryUid

func (*KernelObjectQuery) GetClassName 

func (x *KernelObjectQuery) GetClassName() string

func (*KernelObjectQuery) GetClassUid 

func (x *KernelObjectQuery) GetClassUid() KernelObjectQuery_ClassUid

func (*KernelObjectQuery) GetCloud 

func (x *KernelObjectQuery) GetCloud() *Cloud

func (*KernelObjectQuery) GetCount 

func (x *KernelObjectQuery) GetCount() int32

func (*KernelObjectQuery) GetDevice 

func (x *KernelObjectQuery) GetDevice() *Device

func (*KernelObjectQuery) GetDuration 

func (x *KernelObjectQuery) GetDuration() int32

func (*KernelObjectQuery) GetEndTime 

func (x *KernelObjectQuery) GetEndTime() int64

func (*KernelObjectQuery) GetEndTimeDt 

func (x *KernelObjectQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*KernelObjectQuery) GetEnrichments 

func (x *KernelObjectQuery) GetEnrichments() []*Enrichment

func (*KernelObjectQuery) GetKernel 

func (x *KernelObjectQuery) GetKernel() *Kernel

func (*KernelObjectQuery) GetMessage 

func (x *KernelObjectQuery) GetMessage() string

func (*KernelObjectQuery) GetMetadata 

func (x *KernelObjectQuery) GetMetadata() *Metadata

func (*KernelObjectQuery) GetObservables 

func (x *KernelObjectQuery) GetObservables() []*Observable

func (*KernelObjectQuery) GetQueryInfo 

func (x *KernelObjectQuery) GetQueryInfo() *QueryInfo

func (*KernelObjectQuery) GetQueryResult 

func (x *KernelObjectQuery) GetQueryResult() string

func (*KernelObjectQuery) GetQueryResultId 

func (x *KernelObjectQuery) GetQueryResultId() KernelObjectQuery_QueryResultId

func (*KernelObjectQuery) GetRawData 

func (x *KernelObjectQuery) GetRawData() string

func (*KernelObjectQuery) GetSeverity 

func (x *KernelObjectQuery) GetSeverity() string

func (*KernelObjectQuery) GetSeverityId 

func (x *KernelObjectQuery) GetSeverityId() KernelObjectQuery_SeverityId

func (*KernelObjectQuery) GetStartTime 

func (x *KernelObjectQuery) GetStartTime() int64

func (*KernelObjectQuery) GetStartTimeDt 

func (x *KernelObjectQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*KernelObjectQuery) GetStatus 

func (x *KernelObjectQuery) GetStatus() string

func (*KernelObjectQuery) GetStatusCode 

func (x *KernelObjectQuery) GetStatusCode() string

func (*KernelObjectQuery) GetStatusDetail 

func (x *KernelObjectQuery) GetStatusDetail() string

func (*KernelObjectQuery) GetStatusId 

func (x *KernelObjectQuery) GetStatusId() KernelObjectQuery_StatusId

func (*KernelObjectQuery) GetTime 

func (x *KernelObjectQuery) GetTime() int64

func (*KernelObjectQuery) GetTimeDt 

func (x *KernelObjectQuery) GetTimeDt() *timestamppb.Timestamp

func (*KernelObjectQuery) GetTimezoneOffset 

func (x *KernelObjectQuery) GetTimezoneOffset() int32

func (*KernelObjectQuery) GetTypeName 

func (x *KernelObjectQuery) GetTypeName() string

func (*KernelObjectQuery) GetTypeUid 

func (x *KernelObjectQuery) GetTypeUid() int64

func (*KernelObjectQuery) GetUnmapped 

func (x *KernelObjectQuery) GetUnmapped() *structpb.Struct

func (*KernelObjectQuery) ProtoMessage 

func (*KernelObjectQuery) ProtoMessage()

func (*KernelObjectQuery) ProtoReflect 

func (x *KernelObjectQuery) ProtoReflect() protoreflect.Message

func (*KernelObjectQuery) Reset 

func (x *KernelObjectQuery) Reset()

func (*KernelObjectQuery) String 

func (x *KernelObjectQuery) String() string

type KernelObjectQuery_ActivityId 

type KernelObjectQuery_ActivityId int32
const (
	KernelObjectQuery_ACTIVITY_ID_UNKNOWN KernelObjectQuery_ActivityId = 0
	KernelObjectQuery_ACTIVITY_ID_QUERY   KernelObjectQuery_ActivityId = 1 // The discovered results are via a query request.
	KernelObjectQuery_ACTIVITY_ID_OTHER   KernelObjectQuery_ActivityId = 99
)

func (KernelObjectQuery_ActivityId) Descriptor 

func (KernelObjectQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (KernelObjectQuery_ActivityId) Enum 

func (x KernelObjectQuery_ActivityId) Enum() *KernelObjectQuery_ActivityId

func (KernelObjectQuery_ActivityId) EnumDescriptor deprecated 

func (KernelObjectQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelObjectQuery_ActivityId.Descriptor instead.

func (KernelObjectQuery_ActivityId) Number 

func (x KernelObjectQuery_ActivityId) Number() protoreflect.EnumNumber

func (KernelObjectQuery_ActivityId) String 

func (x KernelObjectQuery_ActivityId) String() string

func (KernelObjectQuery_ActivityId) Type 

func (KernelObjectQuery_ActivityId) Type() protoreflect.EnumType

type KernelObjectQuery_CategoryUid 

type KernelObjectQuery_CategoryUid int32
const (
	KernelObjectQuery_CATEGORY_UID_UNKNOWN   KernelObjectQuery_CategoryUid = 0
	KernelObjectQuery_CATEGORY_UID_DISCOVERY KernelObjectQuery_CategoryUid = 5
)

func (KernelObjectQuery_CategoryUid) Descriptor 

func (KernelObjectQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (KernelObjectQuery_CategoryUid) Enum 

func (x KernelObjectQuery_CategoryUid) Enum() *KernelObjectQuery_CategoryUid

func (KernelObjectQuery_CategoryUid) EnumDescriptor deprecated 

func (KernelObjectQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelObjectQuery_CategoryUid.Descriptor instead.

func (KernelObjectQuery_CategoryUid) Number 

func (x KernelObjectQuery_CategoryUid) Number() protoreflect.EnumNumber

func (KernelObjectQuery_CategoryUid) String 

func (x KernelObjectQuery_CategoryUid) String() string

func (KernelObjectQuery_CategoryUid) Type 

func (KernelObjectQuery_CategoryUid) Type() protoreflect.EnumType

type KernelObjectQuery_ClassUid 

type KernelObjectQuery_ClassUid int32
const (
	KernelObjectQuery_CLASS_UID_UNKNOWN             KernelObjectQuery_ClassUid = 0
	KernelObjectQuery_CLASS_UID_KERNEL_OBJECT_QUERY KernelObjectQuery_ClassUid = 5006
)

func (KernelObjectQuery_ClassUid) Descriptor 

func (KernelObjectQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (KernelObjectQuery_ClassUid) Enum 

func (x KernelObjectQuery_ClassUid) Enum() *KernelObjectQuery_ClassUid

func (KernelObjectQuery_ClassUid) EnumDescriptor deprecated 

func (KernelObjectQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelObjectQuery_ClassUid.Descriptor instead.

func (KernelObjectQuery_ClassUid) Number 

func (x KernelObjectQuery_ClassUid) Number() protoreflect.EnumNumber

func (KernelObjectQuery_ClassUid) String 

func (x KernelObjectQuery_ClassUid) String() string

func (KernelObjectQuery_ClassUid) Type 

func (KernelObjectQuery_ClassUid) Type() protoreflect.EnumType

type KernelObjectQuery_QueryResultId 

type KernelObjectQuery_QueryResultId int32
const (
	KernelObjectQuery_QUERY_RESULT_ID_UNKNOWN        KernelObjectQuery_QueryResultId = 0  // The query result is unknown.
	KernelObjectQuery_QUERY_RESULT_ID_EXISTS         KernelObjectQuery_QueryResultId = 1  // The target was found.
	KernelObjectQuery_QUERY_RESULT_ID_PARTIAL        KernelObjectQuery_QueryResultId = 2  // The target was partially found.
	KernelObjectQuery_QUERY_RESULT_ID_DOES_NOT_EXIST KernelObjectQuery_QueryResultId = 3  // The target was not found.
	KernelObjectQuery_QUERY_RESULT_ID_ERROR          KernelObjectQuery_QueryResultId = 4  // The discovery attempt failed.
	KernelObjectQuery_QUERY_RESULT_ID_UNSUPPORTED    KernelObjectQuery_QueryResultId = 5  // Discovery of the target was not supported.
	KernelObjectQuery_QUERY_RESULT_ID_OTHER          KernelObjectQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (KernelObjectQuery_QueryResultId) Descriptor 

func (KernelObjectQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (KernelObjectQuery_QueryResultId) Enum 

func (x KernelObjectQuery_QueryResultId) Enum() *KernelObjectQuery_QueryResultId

func (KernelObjectQuery_QueryResultId) EnumDescriptor deprecated 

func (KernelObjectQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelObjectQuery_QueryResultId.Descriptor instead.

func (KernelObjectQuery_QueryResultId) Number 

func (x KernelObjectQuery_QueryResultId) Number() protoreflect.EnumNumber

func (KernelObjectQuery_QueryResultId) String 

func (x KernelObjectQuery_QueryResultId) String() string

func (KernelObjectQuery_QueryResultId) Type 

func (KernelObjectQuery_QueryResultId) Type() protoreflect.EnumType

type KernelObjectQuery_SeverityId 

type KernelObjectQuery_SeverityId int32
const (
	KernelObjectQuery_SEVERITY_ID_UNKNOWN       KernelObjectQuery_SeverityId = 0 // The event/finding severity is unknown.
	KernelObjectQuery_SEVERITY_ID_INFORMATIONAL KernelObjectQuery_SeverityId = 1 // Informational message. No action required.
	KernelObjectQuery_SEVERITY_ID_LOW           KernelObjectQuery_SeverityId = 2 // The user decides if action is needed.
	KernelObjectQuery_SEVERITY_ID_MEDIUM        KernelObjectQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	KernelObjectQuery_SEVERITY_ID_HIGH     KernelObjectQuery_SeverityId = 4 // Action is required immediately.
	KernelObjectQuery_SEVERITY_ID_CRITICAL KernelObjectQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	KernelObjectQuery_SEVERITY_ID_FATAL KernelObjectQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	KernelObjectQuery_SEVERITY_ID_OTHER KernelObjectQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (KernelObjectQuery_SeverityId) Descriptor 

func (KernelObjectQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (KernelObjectQuery_SeverityId) Enum 

func (x KernelObjectQuery_SeverityId) Enum() *KernelObjectQuery_SeverityId

func (KernelObjectQuery_SeverityId) EnumDescriptor deprecated 

func (KernelObjectQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelObjectQuery_SeverityId.Descriptor instead.

func (KernelObjectQuery_SeverityId) Number 

func (x KernelObjectQuery_SeverityId) Number() protoreflect.EnumNumber

func (KernelObjectQuery_SeverityId) String 

func (x KernelObjectQuery_SeverityId) String() string

func (KernelObjectQuery_SeverityId) Type 

func (KernelObjectQuery_SeverityId) Type() protoreflect.EnumType

type KernelObjectQuery_StatusId 

type KernelObjectQuery_StatusId int32
const (
	KernelObjectQuery_STATUS_ID_UNKNOWN KernelObjectQuery_StatusId = 0 // The status is unknown.
	KernelObjectQuery_STATUS_ID_SUCCESS KernelObjectQuery_StatusId = 1
	KernelObjectQuery_STATUS_ID_FAILURE KernelObjectQuery_StatusId = 2
	KernelObjectQuery_STATUS_ID_OTHER   KernelObjectQuery_StatusId = 99 // The event status is not mapped. See the
)

func (KernelObjectQuery_StatusId) Descriptor 

func (KernelObjectQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (KernelObjectQuery_StatusId) Enum 

func (x KernelObjectQuery_StatusId) Enum() *KernelObjectQuery_StatusId

func (KernelObjectQuery_StatusId) EnumDescriptor deprecated 

func (KernelObjectQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KernelObjectQuery_StatusId.Descriptor instead.

func (KernelObjectQuery_StatusId) Number 

func (x KernelObjectQuery_StatusId) Number() protoreflect.EnumNumber

func (KernelObjectQuery_StatusId) String 

func (x KernelObjectQuery_StatusId) String() string

func (KernelObjectQuery_StatusId) Type 

func (KernelObjectQuery_StatusId) Type() protoreflect.EnumType

type Kernel_TypeId 

type Kernel_TypeId int32
const (
	Kernel_TYPE_ID_UNKNOWN      Kernel_TypeId = 0 // The type is unknown.
	Kernel_TYPE_ID_SHARED_MUTEX Kernel_TypeId = 1
	Kernel_TYPE_ID_SYSTEM_CALL  Kernel_TypeId = 2
	Kernel_TYPE_ID_OTHER        Kernel_TypeId = 99 // The type is not mapped. See the <code>type</code>
)

func (Kernel_TypeId) Descriptor 

func (Kernel_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Kernel_TypeId) Enum 

func (x Kernel_TypeId) Enum() *Kernel_TypeId

func (Kernel_TypeId) EnumDescriptor deprecated 

func (Kernel_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Kernel_TypeId.Descriptor instead.

func (Kernel_TypeId) Number 

func (x Kernel_TypeId) Number() protoreflect.EnumNumber

func (Kernel_TypeId) String 

func (x Kernel_TypeId) String() string

func (Kernel_TypeId) Type 

func (Kernel_TypeId) Type() protoreflect.EnumType

type KeyboardInfo 

type KeyboardInfo struct {
	FunctionKeys    *int32  `protobuf:"varint,1,opt,name=function_keys,json=functionKeys,proto3,oneof" json:"function_keys,omitempty"`
	Ime             *string `protobuf:"bytes,2,opt,name=ime,proto3,oneof" json:"ime,omitempty"`
	KeyboardLayout  *string `protobuf:"bytes,3,opt,name=keyboard_layout,json=keyboardLayout,proto3,oneof" json:"keyboard_layout,omitempty"`
	KeyboardSubtype *int32  `protobuf:"varint,4,opt,name=keyboard_subtype,json=keyboardSubtype,proto3,oneof" json:"keyboard_subtype,omitempty"`
	KeyboardType    *string `protobuf:"bytes,5,opt,name=keyboard_type,json=keyboardType,proto3,oneof" json:"keyboard_type,omitempty"`
	// contains filtered or unexported fields
}

KeyboardInfo is an OSF object defined in ocsf objects/keyboard_info.json

The Keyboard Information object contains details and attributes related to a computer or device keyboard. It encompasses information that describes the characteristics, capabilities, and configuration of the keyboard.

func (*KeyboardInfo) Descriptor deprecated 

func (*KeyboardInfo) Descriptor() ([]byte, []int)

Deprecated: Use KeyboardInfo.ProtoReflect.Descriptor instead.

func (*KeyboardInfo) GetFunctionKeys 

func (x *KeyboardInfo) GetFunctionKeys() int32

func (*KeyboardInfo) GetIme 

func (x *KeyboardInfo) GetIme() string

func (*KeyboardInfo) GetKeyboardLayout 

func (x *KeyboardInfo) GetKeyboardLayout() string

func (*KeyboardInfo) GetKeyboardSubtype 

func (x *KeyboardInfo) GetKeyboardSubtype() int32

func (*KeyboardInfo) GetKeyboardType 

func (x *KeyboardInfo) GetKeyboardType() string

func (*KeyboardInfo) ProtoMessage 

func (*KeyboardInfo) ProtoMessage()

func (*KeyboardInfo) ProtoReflect 

func (x *KeyboardInfo) ProtoReflect() protoreflect.Message

func (*KeyboardInfo) Reset 

func (x *KeyboardInfo) Reset()

func (*KeyboardInfo) String 

func (x *KeyboardInfo) String() string

type KillChainPhase 

type KillChainPhase struct {
	Phase   *string                `protobuf:"bytes,1,opt,name=phase,proto3,oneof" json:"phase,omitempty"`
	PhaseId KillChainPhase_PhaseId `` /* 126-byte string literal not displayed */
	// contains filtered or unexported fields
}

KillChainPhase is an OSF object defined in ocsf objects/kill_chain_phase.json

The Kill Chain Phase object represents a single phase of a cyber attack, including the initial reconnaissance and planning stages up to the final objective of the attacker. It provides a detailed description of each phase and its associated activities within the broader context of a cyber attack. See <a target='_blank' href='https://www.lockheedmartin.com/en- us/capabilities/cyber/cyber-kill-chain.html'>Cyber Kill Chain®</a>.

func (*KillChainPhase) Descriptor deprecated 

func (*KillChainPhase) Descriptor() ([]byte, []int)

Deprecated: Use KillChainPhase.ProtoReflect.Descriptor instead.

func (*KillChainPhase) GetPhase 

func (x *KillChainPhase) GetPhase() string

func (*KillChainPhase) GetPhaseId 

func (x *KillChainPhase) GetPhaseId() KillChainPhase_PhaseId

func (*KillChainPhase) ProtoMessage 

func (*KillChainPhase) ProtoMessage()

func (*KillChainPhase) ProtoReflect 

func (x *KillChainPhase) ProtoReflect() protoreflect.Message

func (*KillChainPhase) Reset 

func (x *KillChainPhase) Reset()

func (*KillChainPhase) String 

func (x *KillChainPhase) String() string

type KillChainPhase_PhaseId 

type KillChainPhase_PhaseId int32
const (
	KillChainPhase_PHASE_ID_UNKNOWN        KillChainPhase_PhaseId = 0 // The kill chain phase is unknown.
	KillChainPhase_PHASE_ID_RECONNAISSANCE KillChainPhase_PhaseId = 1 // The attackers pick a target and perform a
	// detailed analysis, start collecting
	// information (email addresses, conferences
	// information, etc.) and evaluate the
	// victim’s vulnerabilities to determine how
	// to exploit them.
	KillChainPhase_PHASE_ID_WEAPONIZATION KillChainPhase_PhaseId = 2 // The attackers develop a malware weapon and
	// aim to exploit the discovered
	// vulnerabilities.
	KillChainPhase_PHASE_ID_DELIVERY KillChainPhase_PhaseId = 3 // The intruders will use various tactics,
	// such as phishing, infected USB drives,
	// etc.
	KillChainPhase_PHASE_ID_EXPLOITATION KillChainPhase_PhaseId = 4 // The intruders start leveraging
	// vulnerabilities to executed code on the
	// victim’s system.
	KillChainPhase_PHASE_ID_INSTALLATION KillChainPhase_PhaseId = 5 // The intruders install malware on the
	// victim’s system.
	KillChainPhase_PHASE_ID_COMMAND_CONTROL KillChainPhase_PhaseId = 6 // Malware opens a command channel to enable
	// the intruders to remotely manipulate the
	// victim's system.
	KillChainPhase_PHASE_ID_ACTIONS_ON_OBJECTIVES KillChainPhase_PhaseId = 7 // With hands-on keyboard access, intruders
	// accomplish the mission’s goal.
	KillChainPhase_PHASE_ID_OTHER KillChainPhase_PhaseId = 99 // The kill chain phase is not mapped. See
)

func (KillChainPhase_PhaseId) Descriptor 

func (KillChainPhase_PhaseId) Descriptor() protoreflect.EnumDescriptor

func (KillChainPhase_PhaseId) Enum 

func (x KillChainPhase_PhaseId) Enum() *KillChainPhase_PhaseId

func (KillChainPhase_PhaseId) EnumDescriptor deprecated 

func (KillChainPhase_PhaseId) EnumDescriptor() ([]byte, []int)

Deprecated: Use KillChainPhase_PhaseId.Descriptor instead.

func (KillChainPhase_PhaseId) Number 

func (x KillChainPhase_PhaseId) Number() protoreflect.EnumNumber

func (KillChainPhase_PhaseId) String 

func (x KillChainPhase_PhaseId) String() string

func (KillChainPhase_PhaseId) Type 

func (KillChainPhase_PhaseId) Type() protoreflect.EnumType

type LdapPerson 

type LdapPerson struct {
	CostCenter      *string                `protobuf:"bytes,1,opt,name=cost_center,json=costCenter,proto3,oneof" json:"cost_center,omitempty"`
	CreatedTime     *int64                 `protobuf:"varint,2,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt   *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	DeletedTime     *int64                 `protobuf:"varint,4,opt,name=deleted_time,json=deletedTime,proto3,oneof" json:"deleted_time,omitempty"`
	DeletedTimeDt   *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=deleted_time_dt,json=deletedTimeDt,proto3,oneof" json:"deleted_time_dt,omitempty"`
	EmailAddrs      []string               `protobuf:"bytes,6,rep,name=email_addrs,json=emailAddrs,proto3" json:"email_addrs,omitempty"`
	EmployeeUid     *string                `protobuf:"bytes,7,opt,name=employee_uid,json=employeeUid,proto3,oneof" json:"employee_uid,omitempty"`
	GivenName       *string                `protobuf:"bytes,8,opt,name=given_name,json=givenName,proto3,oneof" json:"given_name,omitempty"`
	HireTime        *int64                 `protobuf:"varint,9,opt,name=hire_time,json=hireTime,proto3,oneof" json:"hire_time,omitempty"`
	HireTimeDt      *timestamppb.Timestamp `protobuf:"bytes,10,opt,name=hire_time_dt,json=hireTimeDt,proto3,oneof" json:"hire_time_dt,omitempty"`
	JobTitle        *string                `protobuf:"bytes,11,opt,name=job_title,json=jobTitle,proto3,oneof" json:"job_title,omitempty"`
	Labels          []string               `protobuf:"bytes,12,rep,name=labels,proto3" json:"labels,omitempty"`
	LastLoginTime   *int64                 `protobuf:"varint,13,opt,name=last_login_time,json=lastLoginTime,proto3,oneof" json:"last_login_time,omitempty"`
	LastLoginTimeDt *timestamppb.Timestamp `protobuf:"bytes,14,opt,name=last_login_time_dt,json=lastLoginTimeDt,proto3,oneof" json:"last_login_time_dt,omitempty"`
	LdapCn          *string                `protobuf:"bytes,15,opt,name=ldap_cn,json=ldapCn,proto3,oneof" json:"ldap_cn,omitempty"`
	LdapDn          *string                `protobuf:"bytes,16,opt,name=ldap_dn,json=ldapDn,proto3,oneof" json:"ldap_dn,omitempty"`
	LeaveTime       *int64                 `protobuf:"varint,17,opt,name=leave_time,json=leaveTime,proto3,oneof" json:"leave_time,omitempty"`
	LeaveTimeDt     *timestamppb.Timestamp `protobuf:"bytes,18,opt,name=leave_time_dt,json=leaveTimeDt,proto3,oneof" json:"leave_time_dt,omitempty"`
	Location        *Location              `protobuf:"bytes,19,opt,name=location,proto3" json:"location,omitempty"`
	Manager         *User                  `protobuf:"bytes,20,opt,name=manager,proto3" json:"manager,omitempty"`
	ModifiedTime    *int64                 `protobuf:"varint,21,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt  *timestamppb.Timestamp `protobuf:"bytes,22,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	OfficeLocation  *string                `protobuf:"bytes,23,opt,name=office_location,json=officeLocation,proto3,oneof" json:"office_location,omitempty"`
	Surname         *string                `protobuf:"bytes,24,opt,name=surname,proto3,oneof" json:"surname,omitempty"`
	// contains filtered or unexported fields
}

LdapPerson is an OSF object defined in ocsf objects/ldap_person.json

The additional LDAP attributes that describe a person.

func (*LdapPerson) Descriptor deprecated 

func (*LdapPerson) Descriptor() ([]byte, []int)

Deprecated: Use LdapPerson.ProtoReflect.Descriptor instead.

func (*LdapPerson) GetCostCenter 

func (x *LdapPerson) GetCostCenter() string

func (*LdapPerson) GetCreatedTime 

func (x *LdapPerson) GetCreatedTime() int64

func (*LdapPerson) GetCreatedTimeDt 

func (x *LdapPerson) GetCreatedTimeDt() *timestamppb.Timestamp

func (*LdapPerson) GetDeletedTime 

func (x *LdapPerson) GetDeletedTime() int64

func (*LdapPerson) GetDeletedTimeDt 

func (x *LdapPerson) GetDeletedTimeDt() *timestamppb.Timestamp

func (*LdapPerson) GetEmailAddrs 

func (x *LdapPerson) GetEmailAddrs() []string

func (*LdapPerson) GetEmployeeUid 

func (x *LdapPerson) GetEmployeeUid() string

func (*LdapPerson) GetGivenName 

func (x *LdapPerson) GetGivenName() string

func (*LdapPerson) GetHireTime 

func (x *LdapPerson) GetHireTime() int64

func (*LdapPerson) GetHireTimeDt 

func (x *LdapPerson) GetHireTimeDt() *timestamppb.Timestamp

func (*LdapPerson) GetJobTitle 

func (x *LdapPerson) GetJobTitle() string

func (*LdapPerson) GetLabels 

func (x *LdapPerson) GetLabels() []string

func (*LdapPerson) GetLastLoginTime 

func (x *LdapPerson) GetLastLoginTime() int64

func (*LdapPerson) GetLastLoginTimeDt 

func (x *LdapPerson) GetLastLoginTimeDt() *timestamppb.Timestamp

func (*LdapPerson) GetLdapCn 

func (x *LdapPerson) GetLdapCn() string

func (*LdapPerson) GetLdapDn 

func (x *LdapPerson) GetLdapDn() string

func (*LdapPerson) GetLeaveTime 

func (x *LdapPerson) GetLeaveTime() int64

func (*LdapPerson) GetLeaveTimeDt 

func (x *LdapPerson) GetLeaveTimeDt() *timestamppb.Timestamp

func (*LdapPerson) GetLocation 

func (x *LdapPerson) GetLocation() *Location

func (*LdapPerson) GetManager 

func (x *LdapPerson) GetManager() *User

func (*LdapPerson) GetModifiedTime 

func (x *LdapPerson) GetModifiedTime() int64

func (*LdapPerson) GetModifiedTimeDt 

func (x *LdapPerson) GetModifiedTimeDt() *timestamppb.Timestamp

func (*LdapPerson) GetOfficeLocation 

func (x *LdapPerson) GetOfficeLocation() string

func (*LdapPerson) GetSurname 

func (x *LdapPerson) GetSurname() string

func (*LdapPerson) ProtoMessage 

func (*LdapPerson) ProtoMessage()

func (*LdapPerson) ProtoReflect 

func (x *LdapPerson) ProtoReflect() protoreflect.Message

func (*LdapPerson) Reset 

func (x *LdapPerson) Reset()

func (*LdapPerson) String 

func (x *LdapPerson) String() string

type LoadBalancer 

type LoadBalancer struct {
	Classification      *string               `protobuf:"bytes,1,opt,name=classification,proto3,oneof" json:"classification,omitempty"`
	Code                *int32                `protobuf:"varint,2,opt,name=code,proto3,oneof" json:"code,omitempty"`
	DstEndpoint         *NetworkEndpoint      `protobuf:"bytes,3,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	EndpointConnections []*EndpointConnection `protobuf:"bytes,4,rep,name=endpoint_connections,json=endpointConnections,proto3" json:"endpoint_connections,omitempty"`
	ErrorMessage        *string               `protobuf:"bytes,5,opt,name=error_message,json=errorMessage,proto3,oneof" json:"error_message,omitempty"`
	Message             *string               `protobuf:"bytes,6,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metrics             []*Metric             `protobuf:"bytes,7,rep,name=metrics,proto3" json:"metrics,omitempty"`
	Name                *string               `protobuf:"bytes,8,opt,name=name,proto3,oneof" json:"name,omitempty"`
	StatusDetail        *string               `protobuf:"bytes,9,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	Uid                 *string               `protobuf:"bytes,10,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

LoadBalancer is an OSF object defined in ocsf objects/load_balancer.json

The load balancer object describes the load balancer entity and contains additional information regarding the distribution of traffic across a network.

func (*LoadBalancer) Descriptor deprecated 

func (*LoadBalancer) Descriptor() ([]byte, []int)

Deprecated: Use LoadBalancer.ProtoReflect.Descriptor instead.

func (*LoadBalancer) GetClassification 

func (x *LoadBalancer) GetClassification() string

func (*LoadBalancer) GetCode 

func (x *LoadBalancer) GetCode() int32

func (*LoadBalancer) GetDstEndpoint 

func (x *LoadBalancer) GetDstEndpoint() *NetworkEndpoint

func (*LoadBalancer) GetEndpointConnections 

func (x *LoadBalancer) GetEndpointConnections() []*EndpointConnection

func (*LoadBalancer) GetErrorMessage 

func (x *LoadBalancer) GetErrorMessage() string

func (*LoadBalancer) GetMessage 

func (x *LoadBalancer) GetMessage() string

func (*LoadBalancer) GetMetrics 

func (x *LoadBalancer) GetMetrics() []*Metric

func (*LoadBalancer) GetName 

func (x *LoadBalancer) GetName() string

func (*LoadBalancer) GetStatusDetail 

func (x *LoadBalancer) GetStatusDetail() string

func (*LoadBalancer) GetUid 

func (x *LoadBalancer) GetUid() string

func (*LoadBalancer) ProtoMessage 

func (*LoadBalancer) ProtoMessage()

func (*LoadBalancer) ProtoReflect 

func (x *LoadBalancer) ProtoReflect() protoreflect.Message

func (*LoadBalancer) Reset 

func (x *LoadBalancer) Reset()

func (*LoadBalancer) String 

func (x *LoadBalancer) String() string

type Location 

type Location struct {
	City         *string   `protobuf:"bytes,1,opt,name=city,proto3,oneof" json:"city,omitempty"`
	Continent    *string   `protobuf:"bytes,2,opt,name=continent,proto3,oneof" json:"continent,omitempty"`
	Coordinates  []float64 `protobuf:"fixed64,3,rep,packed,name=coordinates,proto3" json:"coordinates,omitempty"`
	Country      *string   `protobuf:"bytes,4,opt,name=country,proto3,oneof" json:"country,omitempty"`
	Desc         *string   `protobuf:"bytes,5,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Geohash      *string   `protobuf:"bytes,6,opt,name=geohash,proto3,oneof" json:"geohash,omitempty"`
	IsOnPremises *bool     `protobuf:"varint,7,opt,name=is_on_premises,json=isOnPremises,proto3,oneof" json:"is_on_premises,omitempty"`
	Isp          *string   `protobuf:"bytes,8,opt,name=isp,proto3,oneof" json:"isp,omitempty"`
	Lat          *float64  `protobuf:"fixed64,9,opt,name=lat,proto3,oneof" json:"lat,omitempty"`
	Long         *float64  `protobuf:"fixed64,10,opt,name=long,proto3,oneof" json:"long,omitempty"`
	PostalCode   *string   `protobuf:"bytes,11,opt,name=postal_code,json=postalCode,proto3,oneof" json:"postal_code,omitempty"`
	Provider     *string   `protobuf:"bytes,12,opt,name=provider,proto3,oneof" json:"provider,omitempty"`
	Region       *string   `protobuf:"bytes,13,opt,name=region,proto3,oneof" json:"region,omitempty"`
	// contains filtered or unexported fields
}

Location is an OSF object defined in ocsf objects/location.json

The Geo Location object describes a geographical location, usually associated with an IP address. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:PhysicalLocation/'>d3f:PhysicalLocation</a>.

func (*Location) Descriptor deprecated 

func (*Location) Descriptor() ([]byte, []int)

Deprecated: Use Location.ProtoReflect.Descriptor instead.

func (*Location) GetCity 

func (x *Location) GetCity() string

func (*Location) GetContinent 

func (x *Location) GetContinent() string

func (*Location) GetCoordinates 

func (x *Location) GetCoordinates() []float64

func (*Location) GetCountry 

func (x *Location) GetCountry() string

func (*Location) GetDesc 

func (x *Location) GetDesc() string

func (*Location) GetGeohash 

func (x *Location) GetGeohash() string

func (*Location) GetIsOnPremises 

func (x *Location) GetIsOnPremises() bool

func (*Location) GetIsp 

func (x *Location) GetIsp() string

func (*Location) GetLat 

func (x *Location) GetLat() float64

func (*Location) GetLong 

func (x *Location) GetLong() float64

func (*Location) GetPostalCode 

func (x *Location) GetPostalCode() string

func (*Location) GetProvider 

func (x *Location) GetProvider() string

func (*Location) GetRegion 

func (x *Location) GetRegion() string

func (*Location) ProtoMessage 

func (*Location) ProtoMessage()

func (*Location) ProtoReflect 

func (x *Location) ProtoReflect() protoreflect.Message

func (*Location) Reset 

func (x *Location) Reset()

func (*Location) String 

func (x *Location) String() string

type Logger 

type Logger struct {
	Device         *Device                `protobuf:"bytes,1,opt,name=device,proto3" json:"device,omitempty"`
	LogLevel       *string                `protobuf:"bytes,2,opt,name=log_level,json=logLevel,proto3,oneof" json:"log_level,omitempty"`
	LogName        *string                `protobuf:"bytes,3,opt,name=log_name,json=logName,proto3,oneof" json:"log_name,omitempty"`
	LogProvider    *string                `protobuf:"bytes,4,opt,name=log_provider,json=logProvider,proto3,oneof" json:"log_provider,omitempty"`
	LogVersion     *string                `protobuf:"bytes,5,opt,name=log_version,json=logVersion,proto3,oneof" json:"log_version,omitempty"`
	LoggedTime     *int64                 `protobuf:"varint,6,opt,name=logged_time,json=loggedTime,proto3,oneof" json:"logged_time,omitempty"`
	LoggedTimeDt   *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=logged_time_dt,json=loggedTimeDt,proto3,oneof" json:"logged_time_dt,omitempty"`
	Name           *string                `protobuf:"bytes,8,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Product        *Product               `protobuf:"bytes,9,opt,name=product,proto3" json:"product,omitempty"`
	TransmitTime   *int64                 `protobuf:"varint,10,opt,name=transmit_time,json=transmitTime,proto3,oneof" json:"transmit_time,omitempty"`
	TransmitTimeDt *timestamppb.Timestamp `protobuf:"bytes,11,opt,name=transmit_time_dt,json=transmitTimeDt,proto3,oneof" json:"transmit_time_dt,omitempty"`
	Uid            *string                `protobuf:"bytes,12,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version        *string                `protobuf:"bytes,13,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Logger is an OSF object defined in ocsf objects/logger.json

The Logger object represents the device and product where events are stored with times for receipt and transmission. This may be at the source device where the event occurred, a remote scanning device, intermediate hops, or the ultimate destination.

func (*Logger) Descriptor deprecated 

func (*Logger) Descriptor() ([]byte, []int)

Deprecated: Use Logger.ProtoReflect.Descriptor instead.

func (*Logger) GetDevice 

func (x *Logger) GetDevice() *Device

func (*Logger) GetLogLevel 

func (x *Logger) GetLogLevel() string

func (*Logger) GetLogName 

func (x *Logger) GetLogName() string

func (*Logger) GetLogProvider 

func (x *Logger) GetLogProvider() string

func (*Logger) GetLogVersion 

func (x *Logger) GetLogVersion() string

func (*Logger) GetLoggedTime 

func (x *Logger) GetLoggedTime() int64

func (*Logger) GetLoggedTimeDt 

func (x *Logger) GetLoggedTimeDt() *timestamppb.Timestamp

func (*Logger) GetName 

func (x *Logger) GetName() string

func (*Logger) GetProduct 

func (x *Logger) GetProduct() *Product

func (*Logger) GetTransmitTime 

func (x *Logger) GetTransmitTime() int64

func (*Logger) GetTransmitTimeDt 

func (x *Logger) GetTransmitTimeDt() *timestamppb.Timestamp

func (*Logger) GetUid 

func (x *Logger) GetUid() string

func (*Logger) GetVersion 

func (x *Logger) GetVersion() string

func (*Logger) ProtoMessage 

func (*Logger) ProtoMessage()

func (*Logger) ProtoReflect 

func (x *Logger) ProtoReflect() protoreflect.Message

func (*Logger) Reset 

func (x *Logger) Reset()

func (*Logger) String 

func (x *Logger) String() string

type Malware 

type Malware struct {
	ClassificationIds []Malware_ClassificationIds `` /* 166-byte string literal not displayed */
	Classifications   []string                    `protobuf:"bytes,2,rep,name=classifications,proto3" json:"classifications,omitempty"`
	Cves              []*Cve                      `protobuf:"bytes,3,rep,name=cves,proto3" json:"cves,omitempty"`
	Name              *string                     `protobuf:"bytes,4,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Path              *string                     `protobuf:"bytes,5,opt,name=path,proto3,oneof" json:"path,omitempty"`
	Provider          *string                     `protobuf:"bytes,6,opt,name=provider,proto3,oneof" json:"provider,omitempty"`
	Uid               *string                     `protobuf:"bytes,7,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Malware is an OSF object defined in ocsf objects/malware.json

The Malware object describes the classification of known malicious software, which is intentionally designed to cause damage to a computer, server, client, or computer network.

func (*Malware) Descriptor deprecated 

func (*Malware) Descriptor() ([]byte, []int)

Deprecated: Use Malware.ProtoReflect.Descriptor instead.

func (*Malware) GetClassificationIds 

func (x *Malware) GetClassificationIds() []Malware_ClassificationIds

func (*Malware) GetClassifications 

func (x *Malware) GetClassifications() []string

func (*Malware) GetCves 

func (x *Malware) GetCves() []*Cve

func (*Malware) GetName 

func (x *Malware) GetName() string

func (*Malware) GetPath 

func (x *Malware) GetPath() string

func (*Malware) GetProvider 

func (x *Malware) GetProvider() string

func (*Malware) GetUid 

func (x *Malware) GetUid() string

func (*Malware) ProtoMessage 

func (*Malware) ProtoMessage()

func (*Malware) ProtoReflect 

func (x *Malware) ProtoReflect() protoreflect.Message

func (*Malware) Reset 

func (x *Malware) Reset()

func (*Malware) String 

func (x *Malware) String() string

type Malware_ClassificationIds 

type Malware_ClassificationIds int32
const (
	Malware_CLASSIFICATION_IDS_UNKNOWN                 Malware_ClassificationIds = 0
	Malware_CLASSIFICATION_IDS_ADWARE                  Malware_ClassificationIds = 1
	Malware_CLASSIFICATION_IDS_BACKDOOR                Malware_ClassificationIds = 2
	Malware_CLASSIFICATION_IDS_BOT                     Malware_ClassificationIds = 3
	Malware_CLASSIFICATION_IDS_BOOTKIT                 Malware_ClassificationIds = 4
	Malware_CLASSIFICATION_IDS_DDOS                    Malware_ClassificationIds = 5
	Malware_CLASSIFICATION_IDS_DOWNLOADER              Malware_ClassificationIds = 6
	Malware_CLASSIFICATION_IDS_DROPPER                 Malware_ClassificationIds = 7
	Malware_CLASSIFICATION_IDS_EXPLOIT_KIT             Malware_ClassificationIds = 8
	Malware_CLASSIFICATION_IDS_KEYLOGGER               Malware_ClassificationIds = 9
	Malware_CLASSIFICATION_IDS_RANSOMWARE              Malware_ClassificationIds = 10
	Malware_CLASSIFICATION_IDS_REMOTE_ACCESS_TROJAN    Malware_ClassificationIds = 11
	Malware_CLASSIFICATION_IDS_RESOURCE_EXPLOITATION   Malware_ClassificationIds = 13
	Malware_CLASSIFICATION_IDS_ROGUE_SECURITY_SOFTWARE Malware_ClassificationIds = 14
	Malware_CLASSIFICATION_IDS_ROOTKIT                 Malware_ClassificationIds = 15
	Malware_CLASSIFICATION_IDS_SCREEN_CAPTURE          Malware_ClassificationIds = 16
	Malware_CLASSIFICATION_IDS_SPYWARE                 Malware_ClassificationIds = 17
	Malware_CLASSIFICATION_IDS_TROJAN                  Malware_ClassificationIds = 18
	Malware_CLASSIFICATION_IDS_VIRUS                   Malware_ClassificationIds = 19
	Malware_CLASSIFICATION_IDS_WEBSHELL                Malware_ClassificationIds = 20
	Malware_CLASSIFICATION_IDS_WIPER                   Malware_ClassificationIds = 21
	Malware_CLASSIFICATION_IDS_WORM                    Malware_ClassificationIds = 22
	Malware_CLASSIFICATION_IDS_OTHER                   Malware_ClassificationIds = 99
)

func (Malware_ClassificationIds) Descriptor 

func (Malware_ClassificationIds) Descriptor() protoreflect.EnumDescriptor

func (Malware_ClassificationIds) Enum 

func (x Malware_ClassificationIds) Enum() *Malware_ClassificationIds

func (Malware_ClassificationIds) EnumDescriptor deprecated 

func (Malware_ClassificationIds) EnumDescriptor() ([]byte, []int)

Deprecated: Use Malware_ClassificationIds.Descriptor instead.

func (Malware_ClassificationIds) Number 

func (x Malware_ClassificationIds) Number() protoreflect.EnumNumber

func (Malware_ClassificationIds) String 

func (x Malware_ClassificationIds) String() string

func (Malware_ClassificationIds) Type 

func (Malware_ClassificationIds) Type() protoreflect.EnumType

type ManagedEntity 

type ManagedEntity struct {
	Data    *structpb.Value `protobuf:"bytes,1,opt,name=data,proto3,oneof" json:"data,omitempty"`
	Name    *string         `protobuf:"bytes,2,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Type    *string         `protobuf:"bytes,3,opt,name=type,proto3,oneof" json:"type,omitempty"`
	Uid     *string         `protobuf:"bytes,4,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version *string         `protobuf:"bytes,5,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

ManagedEntity is an OSF object defined in ocsf objects/managed_entity.json

The Managed Entity object describes the type and version of an entity, such as a policy or configuration.

func (*ManagedEntity) Descriptor deprecated 

func (*ManagedEntity) Descriptor() ([]byte, []int)

Deprecated: Use ManagedEntity.ProtoReflect.Descriptor instead.

func (*ManagedEntity) GetData 

func (x *ManagedEntity) GetData() *structpb.Value

func (*ManagedEntity) GetName 

func (x *ManagedEntity) GetName() string

func (*ManagedEntity) GetType 

func (x *ManagedEntity) GetType() string

func (*ManagedEntity) GetUid 

func (x *ManagedEntity) GetUid() string

func (*ManagedEntity) GetVersion 

func (x *ManagedEntity) GetVersion() string

func (*ManagedEntity) ProtoMessage 

func (*ManagedEntity) ProtoMessage()

func (*ManagedEntity) ProtoReflect 

func (x *ManagedEntity) ProtoReflect() protoreflect.Message

func (*ManagedEntity) Reset 

func (x *ManagedEntity) Reset()

func (*ManagedEntity) String 

func (x *ManagedEntity) String() string

type MemoryActivity 

type MemoryActivity struct {
	Action               *string                       `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId             MemoryActivity_ActionId       `` /* 130-byte string literal not displayed */
	ActivityId           MemoryActivity_ActivityId     `` /* 138-byte string literal not displayed */
	ActivityName         *string                       `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor                *Actor                        `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	ActualPermissions    *int32                        `protobuf:"varint,6,opt,name=actual_permissions,json=actualPermissions,proto3,oneof" json:"actual_permissions,omitempty"`
	Api                  *Api                          `protobuf:"bytes,7,opt,name=api,proto3" json:"api,omitempty"`
	Attacks              []*Attack                     `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations       []*Authorization              `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	BaseAddress          *string                       `protobuf:"bytes,10,opt,name=base_address,json=baseAddress,proto3,oneof" json:"base_address,omitempty"`
	CategoryName         *string                       `protobuf:"bytes,11,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid          MemoryActivity_CategoryUid    `` /* 143-byte string literal not displayed */
	ClassName            *string                       `protobuf:"bytes,13,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid             MemoryActivity_ClassUid       `` /* 131-byte string literal not displayed */
	Cloud                *Cloud                        `protobuf:"bytes,15,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count                *int32                        `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device               *Device                       `protobuf:"bytes,17,opt,name=device,proto3" json:"device,omitempty"`
	Disposition          *string                       `protobuf:"bytes,18,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId        *MemoryActivity_DispositionId `` /* 157-byte string literal not displayed */
	Duration             *int32                        `protobuf:"varint,20,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime              *int64                        `protobuf:"varint,21,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt            *timestamppb.Timestamp        `protobuf:"bytes,22,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments          []*Enrichment                 `protobuf:"bytes,23,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule         *FirewallRule                 `protobuf:"bytes,24,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware              []*Malware                    `protobuf:"bytes,25,rep,name=malware,proto3" json:"malware,omitempty"`
	Message              *string                       `protobuf:"bytes,26,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata             *Metadata                     `protobuf:"bytes,27,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables          []*Observable                 `protobuf:"bytes,28,rep,name=observables,proto3" json:"observables,omitempty"`
	Process              *Process                      `protobuf:"bytes,29,opt,name=process,proto3" json:"process,omitempty"`
	RawData              *string                       `protobuf:"bytes,30,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	RequestedPermissions *int32                        `` /* 129-byte string literal not displayed */
	Severity             *string                       `protobuf:"bytes,32,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId           MemoryActivity_SeverityId     `` /* 139-byte string literal not displayed */
	Size                 *int64                        `protobuf:"varint,34,opt,name=size,proto3,oneof" json:"size,omitempty"`
	StartTime            *int64                        `protobuf:"varint,35,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt          *timestamppb.Timestamp        `protobuf:"bytes,36,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status               *string                       `protobuf:"bytes,37,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode           *string                       `protobuf:"bytes,38,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail         *string                       `protobuf:"bytes,39,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId             *MemoryActivity_StatusId      `` /* 137-byte string literal not displayed */
	Time                 int64                         `protobuf:"varint,41,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt               *timestamppb.Timestamp        `protobuf:"bytes,42,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset       *int32                        `protobuf:"varint,43,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName             *string                       `protobuf:"bytes,44,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid              int64                         `protobuf:"varint,45,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped             *structpb.Struct              `protobuf:"bytes,46,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

MemoryActivity is an OSF event in category "System Activity" called Memory Activity defined in ocsf events/system/memory.json

Memory Activity events report when a process has memory allocated, read/modified, or other manipulation activities - such as a buffer overflow or turning off data execution protection (DEP).

func (*MemoryActivity) Descriptor deprecated 

func (*MemoryActivity) Descriptor() ([]byte, []int)

Deprecated: Use MemoryActivity.ProtoReflect.Descriptor instead.

func (*MemoryActivity) GetAction 

func (x *MemoryActivity) GetAction() string

func (*MemoryActivity) GetActionId 

func (x *MemoryActivity) GetActionId() MemoryActivity_ActionId

func (*MemoryActivity) GetActivityId 

func (x *MemoryActivity) GetActivityId() MemoryActivity_ActivityId

func (*MemoryActivity) GetActivityName 

func (x *MemoryActivity) GetActivityName() string

func (*MemoryActivity) GetActor 

func (x *MemoryActivity) GetActor() *Actor

func (*MemoryActivity) GetActualPermissions 

func (x *MemoryActivity) GetActualPermissions() int32

func (*MemoryActivity) GetApi 

func (x *MemoryActivity) GetApi() *Api

func (*MemoryActivity) GetAttacks 

func (x *MemoryActivity) GetAttacks() []*Attack

func (*MemoryActivity) GetAuthorizations 

func (x *MemoryActivity) GetAuthorizations() []*Authorization

func (*MemoryActivity) GetBaseAddress 

func (x *MemoryActivity) GetBaseAddress() string

func (*MemoryActivity) GetCategoryName 

func (x *MemoryActivity) GetCategoryName() string

func (*MemoryActivity) GetCategoryUid 

func (x *MemoryActivity) GetCategoryUid() MemoryActivity_CategoryUid

func (*MemoryActivity) GetClassName 

func (x *MemoryActivity) GetClassName() string

func (*MemoryActivity) GetClassUid 

func (x *MemoryActivity) GetClassUid() MemoryActivity_ClassUid

func (*MemoryActivity) GetCloud 

func (x *MemoryActivity) GetCloud() *Cloud

func (*MemoryActivity) GetCount 

func (x *MemoryActivity) GetCount() int32

func (*MemoryActivity) GetDevice 

func (x *MemoryActivity) GetDevice() *Device

func (*MemoryActivity) GetDisposition 

func (x *MemoryActivity) GetDisposition() string

func (*MemoryActivity) GetDispositionId 

func (x *MemoryActivity) GetDispositionId() MemoryActivity_DispositionId

func (*MemoryActivity) GetDuration 

func (x *MemoryActivity) GetDuration() int32

func (*MemoryActivity) GetEndTime 

func (x *MemoryActivity) GetEndTime() int64

func (*MemoryActivity) GetEndTimeDt 

func (x *MemoryActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*MemoryActivity) GetEnrichments 

func (x *MemoryActivity) GetEnrichments() []*Enrichment

func (*MemoryActivity) GetFirewallRule 

func (x *MemoryActivity) GetFirewallRule() *FirewallRule

func (*MemoryActivity) GetMalware 

func (x *MemoryActivity) GetMalware() []*Malware

func (*MemoryActivity) GetMessage 

func (x *MemoryActivity) GetMessage() string

func (*MemoryActivity) GetMetadata 

func (x *MemoryActivity) GetMetadata() *Metadata

func (*MemoryActivity) GetObservables 

func (x *MemoryActivity) GetObservables() []*Observable

func (*MemoryActivity) GetProcess 

func (x *MemoryActivity) GetProcess() *Process

func (*MemoryActivity) GetRawData 

func (x *MemoryActivity) GetRawData() string

func (*MemoryActivity) GetRequestedPermissions 

func (x *MemoryActivity) GetRequestedPermissions() int32

func (*MemoryActivity) GetSeverity 

func (x *MemoryActivity) GetSeverity() string

func (*MemoryActivity) GetSeverityId 

func (x *MemoryActivity) GetSeverityId() MemoryActivity_SeverityId

func (*MemoryActivity) GetSize 

func (x *MemoryActivity) GetSize() int64

func (*MemoryActivity) GetStartTime 

func (x *MemoryActivity) GetStartTime() int64

func (*MemoryActivity) GetStartTimeDt 

func (x *MemoryActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*MemoryActivity) GetStatus 

func (x *MemoryActivity) GetStatus() string

func (*MemoryActivity) GetStatusCode 

func (x *MemoryActivity) GetStatusCode() string

func (*MemoryActivity) GetStatusDetail 

func (x *MemoryActivity) GetStatusDetail() string

func (*MemoryActivity) GetStatusId 

func (x *MemoryActivity) GetStatusId() MemoryActivity_StatusId

func (*MemoryActivity) GetTime 

func (x *MemoryActivity) GetTime() int64

func (*MemoryActivity) GetTimeDt 

func (x *MemoryActivity) GetTimeDt() *timestamppb.Timestamp

func (*MemoryActivity) GetTimezoneOffset 

func (x *MemoryActivity) GetTimezoneOffset() int32

func (*MemoryActivity) GetTypeName 

func (x *MemoryActivity) GetTypeName() string

func (*MemoryActivity) GetTypeUid 

func (x *MemoryActivity) GetTypeUid() int64

func (*MemoryActivity) GetUnmapped 

func (x *MemoryActivity) GetUnmapped() *structpb.Struct

func (*MemoryActivity) ProtoMessage 

func (*MemoryActivity) ProtoMessage()

func (*MemoryActivity) ProtoReflect 

func (x *MemoryActivity) ProtoReflect() protoreflect.Message

func (*MemoryActivity) Reset 

func (x *MemoryActivity) Reset()

func (*MemoryActivity) String 

func (x *MemoryActivity) String() string

type MemoryActivity_ActionId 

type MemoryActivity_ActionId int32
const (
	MemoryActivity_ACTION_ID_UNKNOWN MemoryActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	MemoryActivity_ACTION_ID_ALLOWED MemoryActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	MemoryActivity_ACTION_ID_DENIED MemoryActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	MemoryActivity_ACTION_ID_OTHER MemoryActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (MemoryActivity_ActionId) Descriptor 

func (MemoryActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (MemoryActivity_ActionId) Enum 

func (x MemoryActivity_ActionId) Enum() *MemoryActivity_ActionId

func (MemoryActivity_ActionId) EnumDescriptor deprecated 

func (MemoryActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use MemoryActivity_ActionId.Descriptor instead.

func (MemoryActivity_ActionId) Number 

func (x MemoryActivity_ActionId) Number() protoreflect.EnumNumber

func (MemoryActivity_ActionId) String 

func (x MemoryActivity_ActionId) String() string

func (MemoryActivity_ActionId) Type 

func (MemoryActivity_ActionId) Type() protoreflect.EnumType

type MemoryActivity_ActivityId 

type MemoryActivity_ActivityId int32
const (
	MemoryActivity_ACTIVITY_ID_UNKNOWN         MemoryActivity_ActivityId = 0
	MemoryActivity_ACTIVITY_ID_ALLOCATE_PAGE   MemoryActivity_ActivityId = 1
	MemoryActivity_ACTIVITY_ID_MODIFY_PAGE     MemoryActivity_ActivityId = 2
	MemoryActivity_ACTIVITY_ID_DELETE_PAGE     MemoryActivity_ActivityId = 3
	MemoryActivity_ACTIVITY_ID_BUFFER_OVERFLOW MemoryActivity_ActivityId = 4
	MemoryActivity_ACTIVITY_ID_DISABLE_DEP     MemoryActivity_ActivityId = 5 // Data Execution Permission
	MemoryActivity_ACTIVITY_ID_ENABLE_DEP      MemoryActivity_ActivityId = 6 // Data Execution Permission
	MemoryActivity_ACTIVITY_ID_READ            MemoryActivity_ActivityId = 7 // Read (Example:
	// <code>ReadProcessMemory</code>)
	MemoryActivity_ACTIVITY_ID_WRITE MemoryActivity_ActivityId = 8 // Write (Example:
	// <code>WriteProcessMemory</code>)
	MemoryActivity_ACTIVITY_ID_OTHER MemoryActivity_ActivityId = 99
)

func (MemoryActivity_ActivityId) Descriptor 

func (MemoryActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (MemoryActivity_ActivityId) Enum 

func (x MemoryActivity_ActivityId) Enum() *MemoryActivity_ActivityId

func (MemoryActivity_ActivityId) EnumDescriptor deprecated 

func (MemoryActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use MemoryActivity_ActivityId.Descriptor instead.

func (MemoryActivity_ActivityId) Number 

func (x MemoryActivity_ActivityId) Number() protoreflect.EnumNumber

func (MemoryActivity_ActivityId) String 

func (x MemoryActivity_ActivityId) String() string

func (MemoryActivity_ActivityId) Type 

func (MemoryActivity_ActivityId) Type() protoreflect.EnumType

type MemoryActivity_CategoryUid 

type MemoryActivity_CategoryUid int32
const (
	MemoryActivity_CATEGORY_UID_UNKNOWN         MemoryActivity_CategoryUid = 0
	MemoryActivity_CATEGORY_UID_SYSTEM_ACTIVITY MemoryActivity_CategoryUid = 1
)

func (MemoryActivity_CategoryUid) Descriptor 

func (MemoryActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (MemoryActivity_CategoryUid) Enum 

func (x MemoryActivity_CategoryUid) Enum() *MemoryActivity_CategoryUid

func (MemoryActivity_CategoryUid) EnumDescriptor deprecated 

func (MemoryActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use MemoryActivity_CategoryUid.Descriptor instead.

func (MemoryActivity_CategoryUid) Number 

func (x MemoryActivity_CategoryUid) Number() protoreflect.EnumNumber

func (MemoryActivity_CategoryUid) String 

func (x MemoryActivity_CategoryUid) String() string

func (MemoryActivity_CategoryUid) Type 

func (MemoryActivity_CategoryUid) Type() protoreflect.EnumType

type MemoryActivity_ClassUid 

type MemoryActivity_ClassUid int32
const (
	MemoryActivity_CLASS_UID_UNKNOWN         MemoryActivity_ClassUid = 0
	MemoryActivity_CLASS_UID_MEMORY_ACTIVITY MemoryActivity_ClassUid = 1004
)

func (MemoryActivity_ClassUid) Descriptor 

func (MemoryActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (MemoryActivity_ClassUid) Enum 

func (x MemoryActivity_ClassUid) Enum() *MemoryActivity_ClassUid

func (MemoryActivity_ClassUid) EnumDescriptor deprecated 

func (MemoryActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use MemoryActivity_ClassUid.Descriptor instead.

func (MemoryActivity_ClassUid) Number 

func (x MemoryActivity_ClassUid) Number() protoreflect.EnumNumber

func (MemoryActivity_ClassUid) String 

func (x MemoryActivity_ClassUid) String() string

func (MemoryActivity_ClassUid) Type 

func (MemoryActivity_ClassUid) Type() protoreflect.EnumType

type MemoryActivity_DispositionId 

type MemoryActivity_DispositionId int32
const (
	MemoryActivity_DISPOSITION_ID_UNKNOWN MemoryActivity_DispositionId = 0 // The disposition was not known.
	MemoryActivity_DISPOSITION_ID_ALLOWED MemoryActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	MemoryActivity_DISPOSITION_ID_BLOCKED MemoryActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	MemoryActivity_DISPOSITION_ID_QUARANTINED MemoryActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	MemoryActivity_DISPOSITION_ID_ISOLATED MemoryActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	MemoryActivity_DISPOSITION_ID_DELETED MemoryActivity_DispositionId = 5 // A file or other content was deleted.
	MemoryActivity_DISPOSITION_ID_DROPPED MemoryActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	MemoryActivity_DISPOSITION_ID_CUSTOM_ACTION MemoryActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	MemoryActivity_DISPOSITION_ID_APPROVED MemoryActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	MemoryActivity_DISPOSITION_ID_RESTORED MemoryActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	MemoryActivity_DISPOSITION_ID_EXONERATED MemoryActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	MemoryActivity_DISPOSITION_ID_CORRECTED MemoryActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	MemoryActivity_DISPOSITION_ID_PARTIALLY_CORRECTED MemoryActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	MemoryActivity_DISPOSITION_ID_UNCORRECTED MemoryActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	MemoryActivity_DISPOSITION_ID_DELAYED MemoryActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	MemoryActivity_DISPOSITION_ID_DETECTED MemoryActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	MemoryActivity_DISPOSITION_ID_NO_ACTION MemoryActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	MemoryActivity_DISPOSITION_ID_LOGGED MemoryActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	MemoryActivity_DISPOSITION_ID_TAGGED MemoryActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	MemoryActivity_DISPOSITION_ID_ALERT MemoryActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	MemoryActivity_DISPOSITION_ID_COUNT MemoryActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	MemoryActivity_DISPOSITION_ID_RESET MemoryActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	MemoryActivity_DISPOSITION_ID_CAPTCHA MemoryActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	MemoryActivity_DISPOSITION_ID_CHALLENGE MemoryActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	MemoryActivity_DISPOSITION_ID_ACCESS_REVOKED MemoryActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	MemoryActivity_DISPOSITION_ID_REJECTED MemoryActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	MemoryActivity_DISPOSITION_ID_UNAUTHORIZED MemoryActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	MemoryActivity_DISPOSITION_ID_ERROR MemoryActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	MemoryActivity_DISPOSITION_ID_OTHER MemoryActivity_DispositionId = 99 // The disposition is not listed. The
)

func (MemoryActivity_DispositionId) Descriptor 

func (MemoryActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (MemoryActivity_DispositionId) Enum 

func (x MemoryActivity_DispositionId) Enum() *MemoryActivity_DispositionId

func (MemoryActivity_DispositionId) EnumDescriptor deprecated 

func (MemoryActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use MemoryActivity_DispositionId.Descriptor instead.

func (MemoryActivity_DispositionId) Number 

func (x MemoryActivity_DispositionId) Number() protoreflect.EnumNumber

func (MemoryActivity_DispositionId) String 

func (x MemoryActivity_DispositionId) String() string

func (MemoryActivity_DispositionId) Type 

func (MemoryActivity_DispositionId) Type() protoreflect.EnumType

type MemoryActivity_SeverityId 

type MemoryActivity_SeverityId int32
const (
	MemoryActivity_SEVERITY_ID_UNKNOWN       MemoryActivity_SeverityId = 0 // The event/finding severity is unknown.
	MemoryActivity_SEVERITY_ID_INFORMATIONAL MemoryActivity_SeverityId = 1 // Informational message. No action required.
	MemoryActivity_SEVERITY_ID_LOW           MemoryActivity_SeverityId = 2 // The user decides if action is needed.
	MemoryActivity_SEVERITY_ID_MEDIUM        MemoryActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	MemoryActivity_SEVERITY_ID_HIGH     MemoryActivity_SeverityId = 4 // Action is required immediately.
	MemoryActivity_SEVERITY_ID_CRITICAL MemoryActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	MemoryActivity_SEVERITY_ID_FATAL MemoryActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	MemoryActivity_SEVERITY_ID_OTHER MemoryActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (MemoryActivity_SeverityId) Descriptor 

func (MemoryActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (MemoryActivity_SeverityId) Enum 

func (x MemoryActivity_SeverityId) Enum() *MemoryActivity_SeverityId

func (MemoryActivity_SeverityId) EnumDescriptor deprecated 

func (MemoryActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use MemoryActivity_SeverityId.Descriptor instead.

func (MemoryActivity_SeverityId) Number 

func (x MemoryActivity_SeverityId) Number() protoreflect.EnumNumber

func (MemoryActivity_SeverityId) String 

func (x MemoryActivity_SeverityId) String() string

func (MemoryActivity_SeverityId) Type 

func (MemoryActivity_SeverityId) Type() protoreflect.EnumType

type MemoryActivity_StatusId 

type MemoryActivity_StatusId int32
const (
	MemoryActivity_STATUS_ID_UNKNOWN MemoryActivity_StatusId = 0 // The status is unknown.
	MemoryActivity_STATUS_ID_SUCCESS MemoryActivity_StatusId = 1
	MemoryActivity_STATUS_ID_FAILURE MemoryActivity_StatusId = 2
	MemoryActivity_STATUS_ID_OTHER   MemoryActivity_StatusId = 99 // The event status is not mapped. See the
)

func (MemoryActivity_StatusId) Descriptor 

func (MemoryActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (MemoryActivity_StatusId) Enum 

func (x MemoryActivity_StatusId) Enum() *MemoryActivity_StatusId

func (MemoryActivity_StatusId) EnumDescriptor deprecated 

func (MemoryActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use MemoryActivity_StatusId.Descriptor instead.

func (MemoryActivity_StatusId) Number 

func (x MemoryActivity_StatusId) Number() protoreflect.EnumNumber

func (MemoryActivity_StatusId) String 

func (x MemoryActivity_StatusId) String() string

func (MemoryActivity_StatusId) Type 

func (MemoryActivity_StatusId) Type() protoreflect.EnumType

type Metadata 

type Metadata struct {
	CorrelationUid     *string                `protobuf:"bytes,1,opt,name=correlation_uid,json=correlationUid,proto3,oneof" json:"correlation_uid,omitempty"`
	DataClassification *DataClassification    `protobuf:"bytes,2,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	EventCode          *string                `protobuf:"bytes,3,opt,name=event_code,json=eventCode,proto3,oneof" json:"event_code,omitempty"`
	Extension          *Extension             `protobuf:"bytes,4,opt,name=extension,proto3" json:"extension,omitempty"`
	Extensions         []*Extension           `protobuf:"bytes,5,rep,name=extensions,proto3" json:"extensions,omitempty"`
	Labels             []string               `protobuf:"bytes,6,rep,name=labels,proto3" json:"labels,omitempty"`
	LogLevel           *string                `protobuf:"bytes,7,opt,name=log_level,json=logLevel,proto3,oneof" json:"log_level,omitempty"`
	LogName            *string                `protobuf:"bytes,8,opt,name=log_name,json=logName,proto3,oneof" json:"log_name,omitempty"`
	LogProvider        *string                `protobuf:"bytes,9,opt,name=log_provider,json=logProvider,proto3,oneof" json:"log_provider,omitempty"`
	LogVersion         *string                `protobuf:"bytes,10,opt,name=log_version,json=logVersion,proto3,oneof" json:"log_version,omitempty"`
	LoggedTime         *int64                 `protobuf:"varint,11,opt,name=logged_time,json=loggedTime,proto3,oneof" json:"logged_time,omitempty"`
	LoggedTimeDt       *timestamppb.Timestamp `protobuf:"bytes,12,opt,name=logged_time_dt,json=loggedTimeDt,proto3,oneof" json:"logged_time_dt,omitempty"`
	Loggers            []*Logger              `protobuf:"bytes,13,rep,name=loggers,proto3" json:"loggers,omitempty"`
	ModifiedTime       *int64                 `protobuf:"varint,14,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt     *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	OriginalTime       *string                `protobuf:"bytes,16,opt,name=original_time,json=originalTime,proto3,oneof" json:"original_time,omitempty"`
	ProcessedTime      *int64                 `protobuf:"varint,17,opt,name=processed_time,json=processedTime,proto3,oneof" json:"processed_time,omitempty"`
	ProcessedTimeDt    *timestamppb.Timestamp `protobuf:"bytes,18,opt,name=processed_time_dt,json=processedTimeDt,proto3,oneof" json:"processed_time_dt,omitempty"`
	Product            *Product               `protobuf:"bytes,19,opt,name=product,proto3" json:"product,omitempty"`
	Profiles           []string               `protobuf:"bytes,20,rep,name=profiles,proto3" json:"profiles,omitempty"`
	Sequence           *int32                 `protobuf:"varint,21,opt,name=sequence,proto3,oneof" json:"sequence,omitempty"`
	TenantUid          *string                `protobuf:"bytes,22,opt,name=tenant_uid,json=tenantUid,proto3,oneof" json:"tenant_uid,omitempty"`
	Uid                *string                `protobuf:"bytes,23,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version            string                 `protobuf:"bytes,24,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Metadata is an OSF object defined in ocsf objects/metadata.json

The Metadata object describes the metadata associated with the event. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:Metadata/'>d3f:Metadata</a>.

func (*Metadata) Descriptor deprecated 

func (*Metadata) Descriptor() ([]byte, []int)

Deprecated: Use Metadata.ProtoReflect.Descriptor instead.

func (*Metadata) GetCorrelationUid 

func (x *Metadata) GetCorrelationUid() string

func (*Metadata) GetDataClassification 

func (x *Metadata) GetDataClassification() *DataClassification

func (*Metadata) GetEventCode 

func (x *Metadata) GetEventCode() string

func (*Metadata) GetExtension 

func (x *Metadata) GetExtension() *Extension

func (*Metadata) GetExtensions 

func (x *Metadata) GetExtensions() []*Extension

func (*Metadata) GetLabels 

func (x *Metadata) GetLabels() []string

func (*Metadata) GetLogLevel 

func (x *Metadata) GetLogLevel() string

func (*Metadata) GetLogName 

func (x *Metadata) GetLogName() string

func (*Metadata) GetLogProvider 

func (x *Metadata) GetLogProvider() string

func (*Metadata) GetLogVersion 

func (x *Metadata) GetLogVersion() string

func (*Metadata) GetLoggedTime 

func (x *Metadata) GetLoggedTime() int64

func (*Metadata) GetLoggedTimeDt 

func (x *Metadata) GetLoggedTimeDt() *timestamppb.Timestamp

func (*Metadata) GetLoggers 

func (x *Metadata) GetLoggers() []*Logger

func (*Metadata) GetModifiedTime 

func (x *Metadata) GetModifiedTime() int64

func (*Metadata) GetModifiedTimeDt 

func (x *Metadata) GetModifiedTimeDt() *timestamppb.Timestamp

func (*Metadata) GetOriginalTime 

func (x *Metadata) GetOriginalTime() string

func (*Metadata) GetProcessedTime 

func (x *Metadata) GetProcessedTime() int64

func (*Metadata) GetProcessedTimeDt 

func (x *Metadata) GetProcessedTimeDt() *timestamppb.Timestamp

func (*Metadata) GetProduct 

func (x *Metadata) GetProduct() *Product

func (*Metadata) GetProfiles 

func (x *Metadata) GetProfiles() []string

func (*Metadata) GetSequence 

func (x *Metadata) GetSequence() int32

func (*Metadata) GetTenantUid 

func (x *Metadata) GetTenantUid() string

func (*Metadata) GetUid 

func (x *Metadata) GetUid() string

func (*Metadata) GetVersion 

func (x *Metadata) GetVersion() string

func (*Metadata) ProtoMessage 

func (*Metadata) ProtoMessage()

func (*Metadata) ProtoReflect 

func (x *Metadata) ProtoReflect() protoreflect.Message

func (*Metadata) Reset 

func (x *Metadata) Reset()

func (*Metadata) String 

func (x *Metadata) String() string

type Metric 

type Metric struct {
	Name  string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

Metric is an OSF object defined in ocsf objects/metric.json

The Metric object defines a simple name/value pair entity for a metric.

func (*Metric) Descriptor deprecated 

func (*Metric) Descriptor() ([]byte, []int)

Deprecated: Use Metric.ProtoReflect.Descriptor instead.

func (*Metric) GetName 

func (x *Metric) GetName() string

func (*Metric) GetValue 

func (x *Metric) GetValue() string

func (*Metric) ProtoMessage 

func (*Metric) ProtoMessage()

func (*Metric) ProtoReflect 

func (x *Metric) ProtoReflect() protoreflect.Message

func (*Metric) Reset 

func (x *Metric) Reset()

func (*Metric) String 

func (x *Metric) String() string

type Module 

type Module struct {
	BaseAddress  *string           `protobuf:"bytes,1,opt,name=base_address,json=baseAddress,proto3,oneof" json:"base_address,omitempty"`
	File         *File             `protobuf:"bytes,2,opt,name=file,proto3" json:"file,omitempty"`
	FunctionName *string           `protobuf:"bytes,3,opt,name=function_name,json=functionName,proto3,oneof" json:"function_name,omitempty"`
	LoadType     *string           `protobuf:"bytes,4,opt,name=load_type,json=loadType,proto3,oneof" json:"load_type,omitempty"`
	LoadTypeId   Module_LoadTypeId `` /* 132-byte string literal not displayed */
	StartAddress *string           `protobuf:"bytes,6,opt,name=start_address,json=startAddress,proto3,oneof" json:"start_address,omitempty"`
	Type         *string           `protobuf:"bytes,7,opt,name=type,proto3,oneof" json:"type,omitempty"`
	// contains filtered or unexported fields
}

Module is an OSF object defined in ocsf objects/module.json

The Module object describes the load attributes of a module.

func (*Module) Descriptor deprecated 

func (*Module) Descriptor() ([]byte, []int)

Deprecated: Use Module.ProtoReflect.Descriptor instead.

func (*Module) GetBaseAddress 

func (x *Module) GetBaseAddress() string

func (*Module) GetFile 

func (x *Module) GetFile() *File

func (*Module) GetFunctionName 

func (x *Module) GetFunctionName() string

func (*Module) GetLoadType 

func (x *Module) GetLoadType() string

func (*Module) GetLoadTypeId 

func (x *Module) GetLoadTypeId() Module_LoadTypeId

func (*Module) GetStartAddress 

func (x *Module) GetStartAddress() string

func (*Module) GetType 

func (x *Module) GetType() string

func (*Module) ProtoMessage 

func (*Module) ProtoMessage()

func (*Module) ProtoReflect 

func (x *Module) ProtoReflect() protoreflect.Message

func (*Module) Reset 

func (x *Module) Reset()

func (*Module) String 

func (x *Module) String() string

type ModuleActivity 

type ModuleActivity struct {
	Action         *string                       `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       ModuleActivity_ActionId       `` /* 130-byte string literal not displayed */
	ActivityId     ModuleActivity_ActivityId     `` /* 138-byte string literal not displayed */
	ActivityName   *string                       `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                        `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                          `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                     `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization              `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                       `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    ModuleActivity_CategoryUid    `` /* 143-byte string literal not displayed */
	ClassName      *string                       `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       ModuleActivity_ClassUid       `` /* 131-byte string literal not displayed */
	Cloud          *Cloud                        `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                        `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                       `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                       `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *ModuleActivity_DispositionId `` /* 157-byte string literal not displayed */
	Duration       *int32                        `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                        `protobuf:"varint,19,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp        `protobuf:"bytes,20,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                 `protobuf:"bytes,21,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                 `protobuf:"bytes,22,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                    `protobuf:"bytes,23,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                       `protobuf:"bytes,24,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                     `protobuf:"bytes,25,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Module         *Module                       `protobuf:"bytes,26,opt,name=module,proto3" json:"module,omitempty"`
	Observables    []*Observable                 `protobuf:"bytes,27,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                       `protobuf:"bytes,28,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                       `protobuf:"bytes,29,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     ModuleActivity_SeverityId     `` /* 139-byte string literal not displayed */
	StartTime      *int64                        `protobuf:"varint,31,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp        `protobuf:"bytes,32,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                       `protobuf:"bytes,33,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                       `protobuf:"bytes,34,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                       `protobuf:"bytes,35,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *ModuleActivity_StatusId      `` /* 137-byte string literal not displayed */
	Time           int64                         `protobuf:"varint,37,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp        `protobuf:"bytes,38,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                        `protobuf:"varint,39,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                       `protobuf:"bytes,40,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                         `protobuf:"varint,41,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct              `protobuf:"bytes,42,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ModuleActivity is an OSF event in category "System Activity" called Module Activity defined in ocsf events/system/module.json

Module Activity events report when a process loads or unloads the <code>module</code>.

func (*ModuleActivity) Descriptor deprecated 

func (*ModuleActivity) Descriptor() ([]byte, []int)

Deprecated: Use ModuleActivity.ProtoReflect.Descriptor instead.

func (*ModuleActivity) GetAction 

func (x *ModuleActivity) GetAction() string

func (*ModuleActivity) GetActionId 

func (x *ModuleActivity) GetActionId() ModuleActivity_ActionId

func (*ModuleActivity) GetActivityId 

func (x *ModuleActivity) GetActivityId() ModuleActivity_ActivityId

func (*ModuleActivity) GetActivityName 

func (x *ModuleActivity) GetActivityName() string

func (*ModuleActivity) GetActor 

func (x *ModuleActivity) GetActor() *Actor

func (*ModuleActivity) GetApi 

func (x *ModuleActivity) GetApi() *Api

func (*ModuleActivity) GetAttacks 

func (x *ModuleActivity) GetAttacks() []*Attack

func (*ModuleActivity) GetAuthorizations 

func (x *ModuleActivity) GetAuthorizations() []*Authorization

func (*ModuleActivity) GetCategoryName 

func (x *ModuleActivity) GetCategoryName() string

func (*ModuleActivity) GetCategoryUid 

func (x *ModuleActivity) GetCategoryUid() ModuleActivity_CategoryUid

func (*ModuleActivity) GetClassName 

func (x *ModuleActivity) GetClassName() string

func (*ModuleActivity) GetClassUid 

func (x *ModuleActivity) GetClassUid() ModuleActivity_ClassUid

func (*ModuleActivity) GetCloud 

func (x *ModuleActivity) GetCloud() *Cloud

func (*ModuleActivity) GetCount 

func (x *ModuleActivity) GetCount() int32

func (*ModuleActivity) GetDevice 

func (x *ModuleActivity) GetDevice() *Device

func (*ModuleActivity) GetDisposition 

func (x *ModuleActivity) GetDisposition() string

func (*ModuleActivity) GetDispositionId 

func (x *ModuleActivity) GetDispositionId() ModuleActivity_DispositionId

func (*ModuleActivity) GetDuration 

func (x *ModuleActivity) GetDuration() int32

func (*ModuleActivity) GetEndTime 

func (x *ModuleActivity) GetEndTime() int64

func (*ModuleActivity) GetEndTimeDt 

func (x *ModuleActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*ModuleActivity) GetEnrichments 

func (x *ModuleActivity) GetEnrichments() []*Enrichment

func (*ModuleActivity) GetFirewallRule 

func (x *ModuleActivity) GetFirewallRule() *FirewallRule

func (*ModuleActivity) GetMalware 

func (x *ModuleActivity) GetMalware() []*Malware

func (*ModuleActivity) GetMessage 

func (x *ModuleActivity) GetMessage() string

func (*ModuleActivity) GetMetadata 

func (x *ModuleActivity) GetMetadata() *Metadata

func (*ModuleActivity) GetModule 

func (x *ModuleActivity) GetModule() *Module

func (*ModuleActivity) GetObservables 

func (x *ModuleActivity) GetObservables() []*Observable

func (*ModuleActivity) GetRawData 

func (x *ModuleActivity) GetRawData() string

func (*ModuleActivity) GetSeverity 

func (x *ModuleActivity) GetSeverity() string

func (*ModuleActivity) GetSeverityId 

func (x *ModuleActivity) GetSeverityId() ModuleActivity_SeverityId

func (*ModuleActivity) GetStartTime 

func (x *ModuleActivity) GetStartTime() int64

func (*ModuleActivity) GetStartTimeDt 

func (x *ModuleActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*ModuleActivity) GetStatus 

func (x *ModuleActivity) GetStatus() string

func (*ModuleActivity) GetStatusCode 

func (x *ModuleActivity) GetStatusCode() string

func (*ModuleActivity) GetStatusDetail 

func (x *ModuleActivity) GetStatusDetail() string

func (*ModuleActivity) GetStatusId 

func (x *ModuleActivity) GetStatusId() ModuleActivity_StatusId

func (*ModuleActivity) GetTime 

func (x *ModuleActivity) GetTime() int64

func (*ModuleActivity) GetTimeDt 

func (x *ModuleActivity) GetTimeDt() *timestamppb.Timestamp

func (*ModuleActivity) GetTimezoneOffset 

func (x *ModuleActivity) GetTimezoneOffset() int32

func (*ModuleActivity) GetTypeName 

func (x *ModuleActivity) GetTypeName() string

func (*ModuleActivity) GetTypeUid 

func (x *ModuleActivity) GetTypeUid() int64

func (*ModuleActivity) GetUnmapped 

func (x *ModuleActivity) GetUnmapped() *structpb.Struct

func (*ModuleActivity) ProtoMessage 

func (*ModuleActivity) ProtoMessage()

func (*ModuleActivity) ProtoReflect 

func (x *ModuleActivity) ProtoReflect() protoreflect.Message

func (*ModuleActivity) Reset 

func (x *ModuleActivity) Reset()

func (*ModuleActivity) String 

func (x *ModuleActivity) String() string

type ModuleActivity_ActionId 

type ModuleActivity_ActionId int32
const (
	ModuleActivity_ACTION_ID_UNKNOWN ModuleActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	ModuleActivity_ACTION_ID_ALLOWED ModuleActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	ModuleActivity_ACTION_ID_DENIED ModuleActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	ModuleActivity_ACTION_ID_OTHER ModuleActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (ModuleActivity_ActionId) Descriptor 

func (ModuleActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (ModuleActivity_ActionId) Enum 

func (x ModuleActivity_ActionId) Enum() *ModuleActivity_ActionId

func (ModuleActivity_ActionId) EnumDescriptor deprecated 

func (ModuleActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleActivity_ActionId.Descriptor instead.

func (ModuleActivity_ActionId) Number 

func (x ModuleActivity_ActionId) Number() protoreflect.EnumNumber

func (ModuleActivity_ActionId) String 

func (x ModuleActivity_ActionId) String() string

func (ModuleActivity_ActionId) Type 

func (ModuleActivity_ActionId) Type() protoreflect.EnumType

type ModuleActivity_ActivityId 

type ModuleActivity_ActivityId int32
const (
	ModuleActivity_ACTIVITY_ID_UNKNOWN ModuleActivity_ActivityId = 0
	ModuleActivity_ACTIVITY_ID_LOAD    ModuleActivity_ActivityId = 1
	ModuleActivity_ACTIVITY_ID_UNLOAD  ModuleActivity_ActivityId = 2
	ModuleActivity_ACTIVITY_ID_OTHER   ModuleActivity_ActivityId = 99
)

func (ModuleActivity_ActivityId) Descriptor 

func (ModuleActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ModuleActivity_ActivityId) Enum 

func (x ModuleActivity_ActivityId) Enum() *ModuleActivity_ActivityId

func (ModuleActivity_ActivityId) EnumDescriptor deprecated 

func (ModuleActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleActivity_ActivityId.Descriptor instead.

func (ModuleActivity_ActivityId) Number 

func (x ModuleActivity_ActivityId) Number() protoreflect.EnumNumber

func (ModuleActivity_ActivityId) String 

func (x ModuleActivity_ActivityId) String() string

func (ModuleActivity_ActivityId) Type 

func (ModuleActivity_ActivityId) Type() protoreflect.EnumType

type ModuleActivity_CategoryUid 

type ModuleActivity_CategoryUid int32
const (
	ModuleActivity_CATEGORY_UID_UNKNOWN         ModuleActivity_CategoryUid = 0
	ModuleActivity_CATEGORY_UID_SYSTEM_ACTIVITY ModuleActivity_CategoryUid = 1
)

func (ModuleActivity_CategoryUid) Descriptor 

func (ModuleActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ModuleActivity_CategoryUid) Enum 

func (x ModuleActivity_CategoryUid) Enum() *ModuleActivity_CategoryUid

func (ModuleActivity_CategoryUid) EnumDescriptor deprecated 

func (ModuleActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleActivity_CategoryUid.Descriptor instead.

func (ModuleActivity_CategoryUid) Number 

func (x ModuleActivity_CategoryUid) Number() protoreflect.EnumNumber

func (ModuleActivity_CategoryUid) String 

func (x ModuleActivity_CategoryUid) String() string

func (ModuleActivity_CategoryUid) Type 

func (ModuleActivity_CategoryUid) Type() protoreflect.EnumType

type ModuleActivity_ClassUid 

type ModuleActivity_ClassUid int32
const (
	ModuleActivity_CLASS_UID_UNKNOWN         ModuleActivity_ClassUid = 0
	ModuleActivity_CLASS_UID_MODULE_ACTIVITY ModuleActivity_ClassUid = 1005
)

func (ModuleActivity_ClassUid) Descriptor 

func (ModuleActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ModuleActivity_ClassUid) Enum 

func (x ModuleActivity_ClassUid) Enum() *ModuleActivity_ClassUid

func (ModuleActivity_ClassUid) EnumDescriptor deprecated 

func (ModuleActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleActivity_ClassUid.Descriptor instead.

func (ModuleActivity_ClassUid) Number 

func (x ModuleActivity_ClassUid) Number() protoreflect.EnumNumber

func (ModuleActivity_ClassUid) String 

func (x ModuleActivity_ClassUid) String() string

func (ModuleActivity_ClassUid) Type 

func (ModuleActivity_ClassUid) Type() protoreflect.EnumType

type ModuleActivity_DispositionId 

type ModuleActivity_DispositionId int32
const (
	ModuleActivity_DISPOSITION_ID_UNKNOWN ModuleActivity_DispositionId = 0 // The disposition was not known.
	ModuleActivity_DISPOSITION_ID_ALLOWED ModuleActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	ModuleActivity_DISPOSITION_ID_BLOCKED ModuleActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	ModuleActivity_DISPOSITION_ID_QUARANTINED ModuleActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	ModuleActivity_DISPOSITION_ID_ISOLATED ModuleActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	ModuleActivity_DISPOSITION_ID_DELETED ModuleActivity_DispositionId = 5 // A file or other content was deleted.
	ModuleActivity_DISPOSITION_ID_DROPPED ModuleActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	ModuleActivity_DISPOSITION_ID_CUSTOM_ACTION ModuleActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	ModuleActivity_DISPOSITION_ID_APPROVED ModuleActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	ModuleActivity_DISPOSITION_ID_RESTORED ModuleActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	ModuleActivity_DISPOSITION_ID_EXONERATED ModuleActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	ModuleActivity_DISPOSITION_ID_CORRECTED ModuleActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	ModuleActivity_DISPOSITION_ID_PARTIALLY_CORRECTED ModuleActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	ModuleActivity_DISPOSITION_ID_UNCORRECTED ModuleActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	ModuleActivity_DISPOSITION_ID_DELAYED ModuleActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	ModuleActivity_DISPOSITION_ID_DETECTED ModuleActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	ModuleActivity_DISPOSITION_ID_NO_ACTION ModuleActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	ModuleActivity_DISPOSITION_ID_LOGGED ModuleActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	ModuleActivity_DISPOSITION_ID_TAGGED ModuleActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	ModuleActivity_DISPOSITION_ID_ALERT ModuleActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	ModuleActivity_DISPOSITION_ID_COUNT ModuleActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	ModuleActivity_DISPOSITION_ID_RESET ModuleActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	ModuleActivity_DISPOSITION_ID_CAPTCHA ModuleActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	ModuleActivity_DISPOSITION_ID_CHALLENGE ModuleActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	ModuleActivity_DISPOSITION_ID_ACCESS_REVOKED ModuleActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	ModuleActivity_DISPOSITION_ID_REJECTED ModuleActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	ModuleActivity_DISPOSITION_ID_UNAUTHORIZED ModuleActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	ModuleActivity_DISPOSITION_ID_ERROR ModuleActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	ModuleActivity_DISPOSITION_ID_OTHER ModuleActivity_DispositionId = 99 // The disposition is not listed. The
)

func (ModuleActivity_DispositionId) Descriptor 

func (ModuleActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (ModuleActivity_DispositionId) Enum 

func (x ModuleActivity_DispositionId) Enum() *ModuleActivity_DispositionId

func (ModuleActivity_DispositionId) EnumDescriptor deprecated 

func (ModuleActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleActivity_DispositionId.Descriptor instead.

func (ModuleActivity_DispositionId) Number 

func (x ModuleActivity_DispositionId) Number() protoreflect.EnumNumber

func (ModuleActivity_DispositionId) String 

func (x ModuleActivity_DispositionId) String() string

func (ModuleActivity_DispositionId) Type 

func (ModuleActivity_DispositionId) Type() protoreflect.EnumType

type ModuleActivity_SeverityId 

type ModuleActivity_SeverityId int32
const (
	ModuleActivity_SEVERITY_ID_UNKNOWN       ModuleActivity_SeverityId = 0 // The event/finding severity is unknown.
	ModuleActivity_SEVERITY_ID_INFORMATIONAL ModuleActivity_SeverityId = 1 // Informational message. No action required.
	ModuleActivity_SEVERITY_ID_LOW           ModuleActivity_SeverityId = 2 // The user decides if action is needed.
	ModuleActivity_SEVERITY_ID_MEDIUM        ModuleActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ModuleActivity_SEVERITY_ID_HIGH     ModuleActivity_SeverityId = 4 // Action is required immediately.
	ModuleActivity_SEVERITY_ID_CRITICAL ModuleActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ModuleActivity_SEVERITY_ID_FATAL ModuleActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ModuleActivity_SEVERITY_ID_OTHER ModuleActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ModuleActivity_SeverityId) Descriptor 

func (ModuleActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ModuleActivity_SeverityId) Enum 

func (x ModuleActivity_SeverityId) Enum() *ModuleActivity_SeverityId

func (ModuleActivity_SeverityId) EnumDescriptor deprecated 

func (ModuleActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleActivity_SeverityId.Descriptor instead.

func (ModuleActivity_SeverityId) Number 

func (x ModuleActivity_SeverityId) Number() protoreflect.EnumNumber

func (ModuleActivity_SeverityId) String 

func (x ModuleActivity_SeverityId) String() string

func (ModuleActivity_SeverityId) Type 

func (ModuleActivity_SeverityId) Type() protoreflect.EnumType

type ModuleActivity_StatusId 

type ModuleActivity_StatusId int32
const (
	ModuleActivity_STATUS_ID_UNKNOWN ModuleActivity_StatusId = 0 // The status is unknown.
	ModuleActivity_STATUS_ID_SUCCESS ModuleActivity_StatusId = 1
	ModuleActivity_STATUS_ID_FAILURE ModuleActivity_StatusId = 2
	ModuleActivity_STATUS_ID_OTHER   ModuleActivity_StatusId = 99 // The event status is not mapped. See the
)

func (ModuleActivity_StatusId) Descriptor 

func (ModuleActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ModuleActivity_StatusId) Enum 

func (x ModuleActivity_StatusId) Enum() *ModuleActivity_StatusId

func (ModuleActivity_StatusId) EnumDescriptor deprecated 

func (ModuleActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleActivity_StatusId.Descriptor instead.

func (ModuleActivity_StatusId) Number 

func (x ModuleActivity_StatusId) Number() protoreflect.EnumNumber

func (ModuleActivity_StatusId) String 

func (x ModuleActivity_StatusId) String() string

func (ModuleActivity_StatusId) Type 

func (ModuleActivity_StatusId) Type() protoreflect.EnumType

type ModuleQuery 

type ModuleQuery struct {
	ActivityId     ModuleQuery_ActivityId    `` /* 135-byte string literal not displayed */
	ActivityName   *string                   `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                    `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                      `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                   `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    ModuleQuery_CategoryUid   `` /* 139-byte string literal not displayed */
	ClassName      *string                   `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       ModuleQuery_ClassUid      `` /* 127-byte string literal not displayed */
	Cloud          *Cloud                    `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                    `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                   `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                    `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                    `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp    `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment             `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                   `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                 `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Module         *Module                   `protobuf:"bytes,18,opt,name=module,proto3" json:"module,omitempty"`
	Observables    []*Observable             `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	Process        *Process                  `protobuf:"bytes,20,opt,name=process,proto3" json:"process,omitempty"`
	QueryInfo      *QueryInfo                `protobuf:"bytes,21,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                   `protobuf:"bytes,22,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  ModuleQuery_QueryResultId `` /* 150-byte string literal not displayed */
	RawData        *string                   `protobuf:"bytes,24,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                   `protobuf:"bytes,25,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     ModuleQuery_SeverityId    `` /* 136-byte string literal not displayed */
	StartTime      *int64                    `protobuf:"varint,27,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp    `protobuf:"bytes,28,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                   `protobuf:"bytes,29,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                   `protobuf:"bytes,30,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                   `protobuf:"bytes,31,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *ModuleQuery_StatusId     `` /* 134-byte string literal not displayed */
	Time           int64                     `protobuf:"varint,33,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp    `protobuf:"bytes,34,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                    `protobuf:"varint,35,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                   `protobuf:"bytes,36,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                     `protobuf:"varint,37,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct          `protobuf:"bytes,38,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ModuleQuery is an OSF event in category "Discovery" called Module Query defined in ocsf events/discovery/module_query.json

Module Query events report information about loaded modules.

func (*ModuleQuery) Descriptor deprecated 

func (*ModuleQuery) Descriptor() ([]byte, []int)

Deprecated: Use ModuleQuery.ProtoReflect.Descriptor instead.

func (*ModuleQuery) GetActivityId 

func (x *ModuleQuery) GetActivityId() ModuleQuery_ActivityId

func (*ModuleQuery) GetActivityName 

func (x *ModuleQuery) GetActivityName() string

func (*ModuleQuery) GetActor 

func (x *ModuleQuery) GetActor() *Actor

func (*ModuleQuery) GetApi 

func (x *ModuleQuery) GetApi() *Api

func (*ModuleQuery) GetCategoryName 

func (x *ModuleQuery) GetCategoryName() string

func (*ModuleQuery) GetCategoryUid 

func (x *ModuleQuery) GetCategoryUid() ModuleQuery_CategoryUid

func (*ModuleQuery) GetClassName 

func (x *ModuleQuery) GetClassName() string

func (*ModuleQuery) GetClassUid 

func (x *ModuleQuery) GetClassUid() ModuleQuery_ClassUid

func (*ModuleQuery) GetCloud 

func (x *ModuleQuery) GetCloud() *Cloud

func (*ModuleQuery) GetCount 

func (x *ModuleQuery) GetCount() int32

func (*ModuleQuery) GetDevice 

func (x *ModuleQuery) GetDevice() *Device

func (*ModuleQuery) GetDuration 

func (x *ModuleQuery) GetDuration() int32

func (*ModuleQuery) GetEndTime 

func (x *ModuleQuery) GetEndTime() int64

func (*ModuleQuery) GetEndTimeDt 

func (x *ModuleQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*ModuleQuery) GetEnrichments 

func (x *ModuleQuery) GetEnrichments() []*Enrichment

func (*ModuleQuery) GetMessage 

func (x *ModuleQuery) GetMessage() string

func (*ModuleQuery) GetMetadata 

func (x *ModuleQuery) GetMetadata() *Metadata

func (*ModuleQuery) GetModule 

func (x *ModuleQuery) GetModule() *Module

func (*ModuleQuery) GetObservables 

func (x *ModuleQuery) GetObservables() []*Observable

func (*ModuleQuery) GetProcess 

func (x *ModuleQuery) GetProcess() *Process

func (*ModuleQuery) GetQueryInfo 

func (x *ModuleQuery) GetQueryInfo() *QueryInfo

func (*ModuleQuery) GetQueryResult 

func (x *ModuleQuery) GetQueryResult() string

func (*ModuleQuery) GetQueryResultId 

func (x *ModuleQuery) GetQueryResultId() ModuleQuery_QueryResultId

func (*ModuleQuery) GetRawData 

func (x *ModuleQuery) GetRawData() string

func (*ModuleQuery) GetSeverity 

func (x *ModuleQuery) GetSeverity() string

func (*ModuleQuery) GetSeverityId 

func (x *ModuleQuery) GetSeverityId() ModuleQuery_SeverityId

func (*ModuleQuery) GetStartTime 

func (x *ModuleQuery) GetStartTime() int64

func (*ModuleQuery) GetStartTimeDt 

func (x *ModuleQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*ModuleQuery) GetStatus 

func (x *ModuleQuery) GetStatus() string

func (*ModuleQuery) GetStatusCode 

func (x *ModuleQuery) GetStatusCode() string

func (*ModuleQuery) GetStatusDetail 

func (x *ModuleQuery) GetStatusDetail() string

func (*ModuleQuery) GetStatusId 

func (x *ModuleQuery) GetStatusId() ModuleQuery_StatusId

func (*ModuleQuery) GetTime 

func (x *ModuleQuery) GetTime() int64

func (*ModuleQuery) GetTimeDt 

func (x *ModuleQuery) GetTimeDt() *timestamppb.Timestamp

func (*ModuleQuery) GetTimezoneOffset 

func (x *ModuleQuery) GetTimezoneOffset() int32

func (*ModuleQuery) GetTypeName 

func (x *ModuleQuery) GetTypeName() string

func (*ModuleQuery) GetTypeUid 

func (x *ModuleQuery) GetTypeUid() int64

func (*ModuleQuery) GetUnmapped 

func (x *ModuleQuery) GetUnmapped() *structpb.Struct

func (*ModuleQuery) ProtoMessage 

func (*ModuleQuery) ProtoMessage()

func (*ModuleQuery) ProtoReflect 

func (x *ModuleQuery) ProtoReflect() protoreflect.Message

func (*ModuleQuery) Reset 

func (x *ModuleQuery) Reset()

func (*ModuleQuery) String 

func (x *ModuleQuery) String() string

type ModuleQuery_ActivityId 

type ModuleQuery_ActivityId int32
const (
	ModuleQuery_ACTIVITY_ID_UNKNOWN ModuleQuery_ActivityId = 0
	ModuleQuery_ACTIVITY_ID_QUERY   ModuleQuery_ActivityId = 1 // The discovered results are via a query request.
	ModuleQuery_ACTIVITY_ID_OTHER   ModuleQuery_ActivityId = 99
)

func (ModuleQuery_ActivityId) Descriptor 

func (ModuleQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ModuleQuery_ActivityId) Enum 

func (x ModuleQuery_ActivityId) Enum() *ModuleQuery_ActivityId

func (ModuleQuery_ActivityId) EnumDescriptor deprecated 

func (ModuleQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleQuery_ActivityId.Descriptor instead.

func (ModuleQuery_ActivityId) Number 

func (x ModuleQuery_ActivityId) Number() protoreflect.EnumNumber

func (ModuleQuery_ActivityId) String 

func (x ModuleQuery_ActivityId) String() string

func (ModuleQuery_ActivityId) Type 

func (ModuleQuery_ActivityId) Type() protoreflect.EnumType

type ModuleQuery_CategoryUid 

type ModuleQuery_CategoryUid int32
const (
	ModuleQuery_CATEGORY_UID_UNKNOWN   ModuleQuery_CategoryUid = 0
	ModuleQuery_CATEGORY_UID_DISCOVERY ModuleQuery_CategoryUid = 5
)

func (ModuleQuery_CategoryUid) Descriptor 

func (ModuleQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ModuleQuery_CategoryUid) Enum 

func (x ModuleQuery_CategoryUid) Enum() *ModuleQuery_CategoryUid

func (ModuleQuery_CategoryUid) EnumDescriptor deprecated 

func (ModuleQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleQuery_CategoryUid.Descriptor instead.

func (ModuleQuery_CategoryUid) Number 

func (x ModuleQuery_CategoryUid) Number() protoreflect.EnumNumber

func (ModuleQuery_CategoryUid) String 

func (x ModuleQuery_CategoryUid) String() string

func (ModuleQuery_CategoryUid) Type 

func (ModuleQuery_CategoryUid) Type() protoreflect.EnumType

type ModuleQuery_ClassUid 

type ModuleQuery_ClassUid int32
const (
	ModuleQuery_CLASS_UID_UNKNOWN      ModuleQuery_ClassUid = 0
	ModuleQuery_CLASS_UID_MODULE_QUERY ModuleQuery_ClassUid = 5011
)

func (ModuleQuery_ClassUid) Descriptor 

func (ModuleQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ModuleQuery_ClassUid) Enum 

func (x ModuleQuery_ClassUid) Enum() *ModuleQuery_ClassUid

func (ModuleQuery_ClassUid) EnumDescriptor deprecated 

func (ModuleQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleQuery_ClassUid.Descriptor instead.

func (ModuleQuery_ClassUid) Number 

func (x ModuleQuery_ClassUid) Number() protoreflect.EnumNumber

func (ModuleQuery_ClassUid) String 

func (x ModuleQuery_ClassUid) String() string

func (ModuleQuery_ClassUid) Type 

func (ModuleQuery_ClassUid) Type() protoreflect.EnumType

type ModuleQuery_QueryResultId 

type ModuleQuery_QueryResultId int32
const (
	ModuleQuery_QUERY_RESULT_ID_UNKNOWN        ModuleQuery_QueryResultId = 0  // The query result is unknown.
	ModuleQuery_QUERY_RESULT_ID_EXISTS         ModuleQuery_QueryResultId = 1  // The target was found.
	ModuleQuery_QUERY_RESULT_ID_PARTIAL        ModuleQuery_QueryResultId = 2  // The target was partially found.
	ModuleQuery_QUERY_RESULT_ID_DOES_NOT_EXIST ModuleQuery_QueryResultId = 3  // The target was not found.
	ModuleQuery_QUERY_RESULT_ID_ERROR          ModuleQuery_QueryResultId = 4  // The discovery attempt failed.
	ModuleQuery_QUERY_RESULT_ID_UNSUPPORTED    ModuleQuery_QueryResultId = 5  // Discovery of the target was not supported.
	ModuleQuery_QUERY_RESULT_ID_OTHER          ModuleQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (ModuleQuery_QueryResultId) Descriptor 

func (ModuleQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (ModuleQuery_QueryResultId) Enum 

func (x ModuleQuery_QueryResultId) Enum() *ModuleQuery_QueryResultId

func (ModuleQuery_QueryResultId) EnumDescriptor deprecated 

func (ModuleQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleQuery_QueryResultId.Descriptor instead.

func (ModuleQuery_QueryResultId) Number 

func (x ModuleQuery_QueryResultId) Number() protoreflect.EnumNumber

func (ModuleQuery_QueryResultId) String 

func (x ModuleQuery_QueryResultId) String() string

func (ModuleQuery_QueryResultId) Type 

func (ModuleQuery_QueryResultId) Type() protoreflect.EnumType

type ModuleQuery_SeverityId 

type ModuleQuery_SeverityId int32
const (
	ModuleQuery_SEVERITY_ID_UNKNOWN       ModuleQuery_SeverityId = 0 // The event/finding severity is unknown.
	ModuleQuery_SEVERITY_ID_INFORMATIONAL ModuleQuery_SeverityId = 1 // Informational message. No action required.
	ModuleQuery_SEVERITY_ID_LOW           ModuleQuery_SeverityId = 2 // The user decides if action is needed.
	ModuleQuery_SEVERITY_ID_MEDIUM        ModuleQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ModuleQuery_SEVERITY_ID_HIGH     ModuleQuery_SeverityId = 4 // Action is required immediately.
	ModuleQuery_SEVERITY_ID_CRITICAL ModuleQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ModuleQuery_SEVERITY_ID_FATAL ModuleQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ModuleQuery_SEVERITY_ID_OTHER ModuleQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ModuleQuery_SeverityId) Descriptor 

func (ModuleQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ModuleQuery_SeverityId) Enum 

func (x ModuleQuery_SeverityId) Enum() *ModuleQuery_SeverityId

func (ModuleQuery_SeverityId) EnumDescriptor deprecated 

func (ModuleQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleQuery_SeverityId.Descriptor instead.

func (ModuleQuery_SeverityId) Number 

func (x ModuleQuery_SeverityId) Number() protoreflect.EnumNumber

func (ModuleQuery_SeverityId) String 

func (x ModuleQuery_SeverityId) String() string

func (ModuleQuery_SeverityId) Type 

func (ModuleQuery_SeverityId) Type() protoreflect.EnumType

type ModuleQuery_StatusId 

type ModuleQuery_StatusId int32
const (
	ModuleQuery_STATUS_ID_UNKNOWN ModuleQuery_StatusId = 0 // The status is unknown.
	ModuleQuery_STATUS_ID_SUCCESS ModuleQuery_StatusId = 1
	ModuleQuery_STATUS_ID_FAILURE ModuleQuery_StatusId = 2
	ModuleQuery_STATUS_ID_OTHER   ModuleQuery_StatusId = 99 // The event status is not mapped. See the
)

func (ModuleQuery_StatusId) Descriptor 

func (ModuleQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ModuleQuery_StatusId) Enum 

func (x ModuleQuery_StatusId) Enum() *ModuleQuery_StatusId

func (ModuleQuery_StatusId) EnumDescriptor deprecated 

func (ModuleQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ModuleQuery_StatusId.Descriptor instead.

func (ModuleQuery_StatusId) Number 

func (x ModuleQuery_StatusId) Number() protoreflect.EnumNumber

func (ModuleQuery_StatusId) String 

func (x ModuleQuery_StatusId) String() string

func (ModuleQuery_StatusId) Type 

func (ModuleQuery_StatusId) Type() protoreflect.EnumType

type Module_LoadTypeId 

type Module_LoadTypeId int32
const (
	Module_LOAD_TYPE_ID_UNKNOWN  Module_LoadTypeId = 0
	Module_LOAD_TYPE_ID_STANDARD Module_LoadTypeId = 1 // A normal module loaded by the normal
	// windows loading mechanism i.e.
	// LoadLibrary.
	Module_LOAD_TYPE_ID_NON_STANDARD Module_LoadTypeId = 2 // A module loaded in a way avoidant of
	// normal windows procedures. i.e.
	// Bootstrapped Loading/Manual Dll Loading.
	Module_LOAD_TYPE_ID_SHELLCODE Module_LoadTypeId = 3 // A raw module in process memory that is
	// READWRITE_EXECUTE and had a thread
	// started in its range.
	Module_LOAD_TYPE_ID_MAPPED Module_LoadTypeId = 4 // A memory mapped file, typically created
	// with CreatefileMapping/MapViewOfFile.
	Module_LOAD_TYPE_ID_NONSTANDARD_BACKED Module_LoadTypeId = 5 // A module loaded in a non standard way.
	// However, GetModuleFileName succeeds on
	// this allocation.
	Module_LOAD_TYPE_ID_OTHER Module_LoadTypeId = 99
)

func (Module_LoadTypeId) Descriptor 

func (Module_LoadTypeId) Descriptor() protoreflect.EnumDescriptor

func (Module_LoadTypeId) Enum 

func (x Module_LoadTypeId) Enum() *Module_LoadTypeId

func (Module_LoadTypeId) EnumDescriptor deprecated 

func (Module_LoadTypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Module_LoadTypeId.Descriptor instead.

func (Module_LoadTypeId) Number 

func (x Module_LoadTypeId) Number() protoreflect.EnumNumber

func (Module_LoadTypeId) String 

func (x Module_LoadTypeId) String() string

func (Module_LoadTypeId) Type 

func (Module_LoadTypeId) Type() protoreflect.EnumType

type NetworkActivity 

type NetworkActivity struct {
	Action              *string                        `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            NetworkActivity_ActionId       `` /* 131-byte string literal not displayed */
	ActivityId          NetworkActivity_ActivityId     `` /* 139-byte string literal not displayed */
	ActivityName        *string                        `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                         `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                           `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                        `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                      `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization               `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                        `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         NetworkActivity_CategoryUid    `` /* 144-byte string literal not displayed */
	ClassName           *string                        `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            NetworkActivity_ClassUid       `` /* 132-byte string literal not displayed */
	Cloud               *Cloud                         `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo         `protobuf:"bytes,15,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                         `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                        `protobuf:"bytes,17,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                        `protobuf:"bytes,18,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *NetworkActivity_DispositionId `` /* 158-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint               `protobuf:"bytes,20,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                         `protobuf:"varint,21,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                         `protobuf:"varint,22,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp         `protobuf:"bytes,23,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment                  `protobuf:"bytes,24,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule        *FirewallRule                  `protobuf:"bytes,25,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	LoadBalancer        *LoadBalancer                  `protobuf:"bytes,26,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                     `protobuf:"bytes,27,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                        `protobuf:"bytes,28,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                      `protobuf:"bytes,29,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable                  `protobuf:"bytes,30,rep,name=observables,proto3" json:"observables,omitempty"`
	Proxy               *NetworkProxy                  `protobuf:"bytes,31,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo         `protobuf:"bytes,32,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy                  `protobuf:"bytes,33,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest                   `protobuf:"bytes,34,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse                  `protobuf:"bytes,35,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                           `protobuf:"bytes,36,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic                `protobuf:"bytes,37,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                        `protobuf:"bytes,38,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity            *string                        `protobuf:"bytes,39,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          NetworkActivity_SeverityId     `` /* 140-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint               `protobuf:"bytes,41,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                         `protobuf:"varint,42,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp         `protobuf:"bytes,43,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                        `protobuf:"bytes,44,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                        `protobuf:"bytes,45,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                        `protobuf:"bytes,46,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *NetworkActivity_StatusId      `` /* 138-byte string literal not displayed */
	Time                int64                          `protobuf:"varint,48,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp         `protobuf:"bytes,49,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                         `protobuf:"varint,50,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                           `protobuf:"bytes,51,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic                `protobuf:"bytes,52,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TypeName            *string                        `protobuf:"bytes,53,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                          `protobuf:"varint,54,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct               `protobuf:"bytes,55,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	Url                 *Url                           `protobuf:"bytes,56,opt,name=url,proto3" json:"url,omitempty"`
	// contains filtered or unexported fields
}

NetworkActivity is an OSF event in category "Network Activity" called Network Activity defined in ocsf events/network/network_activity.json

Network Activity events report network connection and traffic activity.

func (*NetworkActivity) Descriptor deprecated 

func (*NetworkActivity) Descriptor() ([]byte, []int)

Deprecated: Use NetworkActivity.ProtoReflect.Descriptor instead.

func (*NetworkActivity) GetAction 

func (x *NetworkActivity) GetAction() string

func (*NetworkActivity) GetActionId 

func (x *NetworkActivity) GetActionId() NetworkActivity_ActionId

func (*NetworkActivity) GetActivityId 

func (x *NetworkActivity) GetActivityId() NetworkActivity_ActivityId

func (*NetworkActivity) GetActivityName 

func (x *NetworkActivity) GetActivityName() string

func (*NetworkActivity) GetActor 

func (x *NetworkActivity) GetActor() *Actor

func (*NetworkActivity) GetApi 

func (x *NetworkActivity) GetApi() *Api

func (*NetworkActivity) GetAppName 

func (x *NetworkActivity) GetAppName() string

func (*NetworkActivity) GetAttacks 

func (x *NetworkActivity) GetAttacks() []*Attack

func (*NetworkActivity) GetAuthorizations 

func (x *NetworkActivity) GetAuthorizations() []*Authorization

func (*NetworkActivity) GetCategoryName 

func (x *NetworkActivity) GetCategoryName() string

func (*NetworkActivity) GetCategoryUid 

func (x *NetworkActivity) GetCategoryUid() NetworkActivity_CategoryUid

func (*NetworkActivity) GetClassName 

func (x *NetworkActivity) GetClassName() string

func (*NetworkActivity) GetClassUid 

func (x *NetworkActivity) GetClassUid() NetworkActivity_ClassUid

func (*NetworkActivity) GetCloud 

func (x *NetworkActivity) GetCloud() *Cloud

func (*NetworkActivity) GetConnectionInfo 

func (x *NetworkActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*NetworkActivity) GetCount 

func (x *NetworkActivity) GetCount() int32

func (*NetworkActivity) GetDevice 

func (x *NetworkActivity) GetDevice() *Device

func (*NetworkActivity) GetDisposition 

func (x *NetworkActivity) GetDisposition() string

func (*NetworkActivity) GetDispositionId 

func (x *NetworkActivity) GetDispositionId() NetworkActivity_DispositionId

func (*NetworkActivity) GetDstEndpoint 

func (x *NetworkActivity) GetDstEndpoint() *NetworkEndpoint

func (*NetworkActivity) GetDuration 

func (x *NetworkActivity) GetDuration() int32

func (*NetworkActivity) GetEndTime 

func (x *NetworkActivity) GetEndTime() int64

func (*NetworkActivity) GetEndTimeDt 

func (x *NetworkActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*NetworkActivity) GetEnrichments 

func (x *NetworkActivity) GetEnrichments() []*Enrichment

func (*NetworkActivity) GetFirewallRule 

func (x *NetworkActivity) GetFirewallRule() *FirewallRule

func (*NetworkActivity) GetLoadBalancer 

func (x *NetworkActivity) GetLoadBalancer() *LoadBalancer

func (*NetworkActivity) GetMalware 

func (x *NetworkActivity) GetMalware() []*Malware

func (*NetworkActivity) GetMessage 

func (x *NetworkActivity) GetMessage() string

func (*NetworkActivity) GetMetadata 

func (x *NetworkActivity) GetMetadata() *Metadata

func (*NetworkActivity) GetObservables 

func (x *NetworkActivity) GetObservables() []*Observable

func (*NetworkActivity) GetProxy 

func (x *NetworkActivity) GetProxy() *NetworkProxy

func (*NetworkActivity) GetProxyConnectionInfo 

func (x *NetworkActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*NetworkActivity) GetProxyEndpoint 

func (x *NetworkActivity) GetProxyEndpoint() *NetworkProxy

func (*NetworkActivity) GetProxyHttpRequest 

func (x *NetworkActivity) GetProxyHttpRequest() *HttpRequest

func (*NetworkActivity) GetProxyHttpResponse 

func (x *NetworkActivity) GetProxyHttpResponse() *HttpResponse

func (*NetworkActivity) GetProxyTls 

func (x *NetworkActivity) GetProxyTls() *Tls

func (*NetworkActivity) GetProxyTraffic 

func (x *NetworkActivity) GetProxyTraffic() *NetworkTraffic

func (*NetworkActivity) GetRawData 

func (x *NetworkActivity) GetRawData() string

func (*NetworkActivity) GetSeverity 

func (x *NetworkActivity) GetSeverity() string

func (*NetworkActivity) GetSeverityId 

func (x *NetworkActivity) GetSeverityId() NetworkActivity_SeverityId

func (*NetworkActivity) GetSrcEndpoint 

func (x *NetworkActivity) GetSrcEndpoint() *NetworkEndpoint

func (*NetworkActivity) GetStartTime 

func (x *NetworkActivity) GetStartTime() int64

func (*NetworkActivity) GetStartTimeDt 

func (x *NetworkActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*NetworkActivity) GetStatus 

func (x *NetworkActivity) GetStatus() string

func (*NetworkActivity) GetStatusCode 

func (x *NetworkActivity) GetStatusCode() string

func (*NetworkActivity) GetStatusDetail 

func (x *NetworkActivity) GetStatusDetail() string

func (*NetworkActivity) GetStatusId 

func (x *NetworkActivity) GetStatusId() NetworkActivity_StatusId

func (*NetworkActivity) GetTime 

func (x *NetworkActivity) GetTime() int64

func (*NetworkActivity) GetTimeDt 

func (x *NetworkActivity) GetTimeDt() *timestamppb.Timestamp

func (*NetworkActivity) GetTimezoneOffset 

func (x *NetworkActivity) GetTimezoneOffset() int32

func (*NetworkActivity) GetTls 

func (x *NetworkActivity) GetTls() *Tls

func (*NetworkActivity) GetTraffic 

func (x *NetworkActivity) GetTraffic() *NetworkTraffic

func (*NetworkActivity) GetTypeName 

func (x *NetworkActivity) GetTypeName() string

func (*NetworkActivity) GetTypeUid 

func (x *NetworkActivity) GetTypeUid() int64

func (*NetworkActivity) GetUnmapped 

func (x *NetworkActivity) GetUnmapped() *structpb.Struct

func (*NetworkActivity) GetUrl 

func (x *NetworkActivity) GetUrl() *Url

func (*NetworkActivity) ProtoMessage 

func (*NetworkActivity) ProtoMessage()

func (*NetworkActivity) ProtoReflect 

func (x *NetworkActivity) ProtoReflect() protoreflect.Message

func (*NetworkActivity) Reset 

func (x *NetworkActivity) Reset()

func (*NetworkActivity) String 

func (x *NetworkActivity) String() string

type NetworkActivity_ActionId 

type NetworkActivity_ActionId int32
const (
	NetworkActivity_ACTION_ID_UNKNOWN NetworkActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	NetworkActivity_ACTION_ID_ALLOWED NetworkActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	NetworkActivity_ACTION_ID_DENIED NetworkActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	NetworkActivity_ACTION_ID_OTHER NetworkActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (NetworkActivity_ActionId) Descriptor 

func (NetworkActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (NetworkActivity_ActionId) Enum 

func (x NetworkActivity_ActionId) Enum() *NetworkActivity_ActionId

func (NetworkActivity_ActionId) EnumDescriptor deprecated 

func (NetworkActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkActivity_ActionId.Descriptor instead.

func (NetworkActivity_ActionId) Number 

func (x NetworkActivity_ActionId) Number() protoreflect.EnumNumber

func (NetworkActivity_ActionId) String 

func (x NetworkActivity_ActionId) String() string

func (NetworkActivity_ActionId) Type 

func (NetworkActivity_ActionId) Type() protoreflect.EnumType

type NetworkActivity_ActivityId 

type NetworkActivity_ActivityId int32
const (
	NetworkActivity_ACTIVITY_ID_UNKNOWN NetworkActivity_ActivityId = 0
	NetworkActivity_ACTIVITY_ID_OPEN    NetworkActivity_ActivityId = 1 // A new network connection was opened.
	NetworkActivity_ACTIVITY_ID_CLOSE   NetworkActivity_ActivityId = 2 // The network connection was closed.
	NetworkActivity_ACTIVITY_ID_RESET   NetworkActivity_ActivityId = 3 // The network connection was abnormally terminated or
	// closed by a middle device like firewalls.
	NetworkActivity_ACTIVITY_ID_FAIL NetworkActivity_ActivityId = 4 // The network connection failed. For example a
	// connection timeout or no route to host.
	NetworkActivity_ACTIVITY_ID_REFUSE NetworkActivity_ActivityId = 5 // The network connection was refused. For example an
	// attempt to connect to a server port which is not
	// open.
	NetworkActivity_ACTIVITY_ID_TRAFFIC NetworkActivity_ActivityId = 6 // Network traffic report.
	NetworkActivity_ACTIVITY_ID_OTHER   NetworkActivity_ActivityId = 99
)

func (NetworkActivity_ActivityId) Descriptor 

func (NetworkActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (NetworkActivity_ActivityId) Enum 

func (x NetworkActivity_ActivityId) Enum() *NetworkActivity_ActivityId

func (NetworkActivity_ActivityId) EnumDescriptor deprecated 

func (NetworkActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkActivity_ActivityId.Descriptor instead.

func (NetworkActivity_ActivityId) Number 

func (x NetworkActivity_ActivityId) Number() protoreflect.EnumNumber

func (NetworkActivity_ActivityId) String 

func (x NetworkActivity_ActivityId) String() string

func (NetworkActivity_ActivityId) Type 

func (NetworkActivity_ActivityId) Type() protoreflect.EnumType

type NetworkActivity_CategoryUid 

type NetworkActivity_CategoryUid int32
const (
	NetworkActivity_CATEGORY_UID_UNKNOWN          NetworkActivity_CategoryUid = 0
	NetworkActivity_CATEGORY_UID_NETWORK_ACTIVITY NetworkActivity_CategoryUid = 4
)

func (NetworkActivity_CategoryUid) Descriptor 

func (NetworkActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (NetworkActivity_CategoryUid) Enum 

func (x NetworkActivity_CategoryUid) Enum() *NetworkActivity_CategoryUid

func (NetworkActivity_CategoryUid) EnumDescriptor deprecated 

func (NetworkActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkActivity_CategoryUid.Descriptor instead.

func (NetworkActivity_CategoryUid) Number 

func (x NetworkActivity_CategoryUid) Number() protoreflect.EnumNumber

func (NetworkActivity_CategoryUid) String 

func (x NetworkActivity_CategoryUid) String() string

func (NetworkActivity_CategoryUid) Type 

func (NetworkActivity_CategoryUid) Type() protoreflect.EnumType

type NetworkActivity_ClassUid 

type NetworkActivity_ClassUid int32
const (
	NetworkActivity_CLASS_UID_UNKNOWN          NetworkActivity_ClassUid = 0
	NetworkActivity_CLASS_UID_NETWORK_ACTIVITY NetworkActivity_ClassUid = 4001
)

func (NetworkActivity_ClassUid) Descriptor 

func (NetworkActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (NetworkActivity_ClassUid) Enum 

func (x NetworkActivity_ClassUid) Enum() *NetworkActivity_ClassUid

func (NetworkActivity_ClassUid) EnumDescriptor deprecated 

func (NetworkActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkActivity_ClassUid.Descriptor instead.

func (NetworkActivity_ClassUid) Number 

func (x NetworkActivity_ClassUid) Number() protoreflect.EnumNumber

func (NetworkActivity_ClassUid) String 

func (x NetworkActivity_ClassUid) String() string

func (NetworkActivity_ClassUid) Type 

func (NetworkActivity_ClassUid) Type() protoreflect.EnumType

type NetworkActivity_DispositionId 

type NetworkActivity_DispositionId int32
const (
	NetworkActivity_DISPOSITION_ID_UNKNOWN NetworkActivity_DispositionId = 0 // The disposition was not known.
	NetworkActivity_DISPOSITION_ID_ALLOWED NetworkActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	NetworkActivity_DISPOSITION_ID_BLOCKED NetworkActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	NetworkActivity_DISPOSITION_ID_QUARANTINED NetworkActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	NetworkActivity_DISPOSITION_ID_ISOLATED NetworkActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	NetworkActivity_DISPOSITION_ID_DELETED NetworkActivity_DispositionId = 5 // A file or other content was deleted.
	NetworkActivity_DISPOSITION_ID_DROPPED NetworkActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	NetworkActivity_DISPOSITION_ID_CUSTOM_ACTION NetworkActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	NetworkActivity_DISPOSITION_ID_APPROVED NetworkActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	NetworkActivity_DISPOSITION_ID_RESTORED NetworkActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	NetworkActivity_DISPOSITION_ID_EXONERATED NetworkActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	NetworkActivity_DISPOSITION_ID_CORRECTED NetworkActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	NetworkActivity_DISPOSITION_ID_PARTIALLY_CORRECTED NetworkActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	NetworkActivity_DISPOSITION_ID_UNCORRECTED NetworkActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	NetworkActivity_DISPOSITION_ID_DELAYED NetworkActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	NetworkActivity_DISPOSITION_ID_DETECTED NetworkActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	NetworkActivity_DISPOSITION_ID_NO_ACTION NetworkActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	NetworkActivity_DISPOSITION_ID_LOGGED NetworkActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	NetworkActivity_DISPOSITION_ID_TAGGED NetworkActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	NetworkActivity_DISPOSITION_ID_ALERT NetworkActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	NetworkActivity_DISPOSITION_ID_COUNT NetworkActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	NetworkActivity_DISPOSITION_ID_RESET NetworkActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	NetworkActivity_DISPOSITION_ID_CAPTCHA NetworkActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	NetworkActivity_DISPOSITION_ID_CHALLENGE NetworkActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	NetworkActivity_DISPOSITION_ID_ACCESS_REVOKED NetworkActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	NetworkActivity_DISPOSITION_ID_REJECTED NetworkActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	NetworkActivity_DISPOSITION_ID_UNAUTHORIZED NetworkActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	NetworkActivity_DISPOSITION_ID_ERROR NetworkActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	NetworkActivity_DISPOSITION_ID_OTHER NetworkActivity_DispositionId = 99 // The disposition is not listed. The
)

func (NetworkActivity_DispositionId) Descriptor 

func (NetworkActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (NetworkActivity_DispositionId) Enum 

func (x NetworkActivity_DispositionId) Enum() *NetworkActivity_DispositionId

func (NetworkActivity_DispositionId) EnumDescriptor deprecated 

func (NetworkActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkActivity_DispositionId.Descriptor instead.

func (NetworkActivity_DispositionId) Number 

func (x NetworkActivity_DispositionId) Number() protoreflect.EnumNumber

func (NetworkActivity_DispositionId) String 

func (x NetworkActivity_DispositionId) String() string

func (NetworkActivity_DispositionId) Type 

func (NetworkActivity_DispositionId) Type() protoreflect.EnumType

type NetworkActivity_SeverityId 

type NetworkActivity_SeverityId int32
const (
	NetworkActivity_SEVERITY_ID_UNKNOWN       NetworkActivity_SeverityId = 0 // The event/finding severity is unknown.
	NetworkActivity_SEVERITY_ID_INFORMATIONAL NetworkActivity_SeverityId = 1 // Informational message. No action required.
	NetworkActivity_SEVERITY_ID_LOW           NetworkActivity_SeverityId = 2 // The user decides if action is needed.
	NetworkActivity_SEVERITY_ID_MEDIUM        NetworkActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	NetworkActivity_SEVERITY_ID_HIGH     NetworkActivity_SeverityId = 4 // Action is required immediately.
	NetworkActivity_SEVERITY_ID_CRITICAL NetworkActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	NetworkActivity_SEVERITY_ID_FATAL NetworkActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	NetworkActivity_SEVERITY_ID_OTHER NetworkActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (NetworkActivity_SeverityId) Descriptor 

func (NetworkActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (NetworkActivity_SeverityId) Enum 

func (x NetworkActivity_SeverityId) Enum() *NetworkActivity_SeverityId

func (NetworkActivity_SeverityId) EnumDescriptor deprecated 

func (NetworkActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkActivity_SeverityId.Descriptor instead.

func (NetworkActivity_SeverityId) Number 

func (x NetworkActivity_SeverityId) Number() protoreflect.EnumNumber

func (NetworkActivity_SeverityId) String 

func (x NetworkActivity_SeverityId) String() string

func (NetworkActivity_SeverityId) Type 

func (NetworkActivity_SeverityId) Type() protoreflect.EnumType

type NetworkActivity_StatusId 

type NetworkActivity_StatusId int32
const (
	NetworkActivity_STATUS_ID_UNKNOWN NetworkActivity_StatusId = 0 // The status is unknown.
	NetworkActivity_STATUS_ID_SUCCESS NetworkActivity_StatusId = 1
	NetworkActivity_STATUS_ID_FAILURE NetworkActivity_StatusId = 2
	NetworkActivity_STATUS_ID_OTHER   NetworkActivity_StatusId = 99 // The event status is not mapped. See the
)

func (NetworkActivity_StatusId) Descriptor 

func (NetworkActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (NetworkActivity_StatusId) Enum 

func (x NetworkActivity_StatusId) Enum() *NetworkActivity_StatusId

func (NetworkActivity_StatusId) EnumDescriptor deprecated 

func (NetworkActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkActivity_StatusId.Descriptor instead.

func (NetworkActivity_StatusId) Number 

func (x NetworkActivity_StatusId) Number() protoreflect.EnumNumber

func (NetworkActivity_StatusId) String 

func (x NetworkActivity_StatusId) String() string

func (NetworkActivity_StatusId) Type 

func (NetworkActivity_StatusId) Type() protoreflect.EnumType

type NetworkConnectionInfo 

type NetworkConnectionInfo struct {
	Boundary      *string                              `protobuf:"bytes,1,opt,name=boundary,proto3,oneof" json:"boundary,omitempty"`
	BoundaryId    *NetworkConnectionInfo_BoundaryId    `` /* 151-byte string literal not displayed */
	Direction     *string                              `protobuf:"bytes,3,opt,name=direction,proto3,oneof" json:"direction,omitempty"`
	DirectionId   NetworkConnectionInfo_DirectionId    `` /* 149-byte string literal not displayed */
	ProtocolName  *string                              `protobuf:"bytes,5,opt,name=protocol_name,json=protocolName,proto3,oneof" json:"protocol_name,omitempty"`
	ProtocolNum   *int32                               `protobuf:"varint,6,opt,name=protocol_num,json=protocolNum,proto3,oneof" json:"protocol_num,omitempty"`
	ProtocolVer   *string                              `protobuf:"bytes,7,opt,name=protocol_ver,json=protocolVer,proto3,oneof" json:"protocol_ver,omitempty"`
	ProtocolVerId *NetworkConnectionInfo_ProtocolVerId `` /* 165-byte string literal not displayed */
	Session       *Session                             `protobuf:"bytes,9,opt,name=session,proto3" json:"session,omitempty"`
	TcpFlags      *int32                               `protobuf:"varint,10,opt,name=tcp_flags,json=tcpFlags,proto3,oneof" json:"tcp_flags,omitempty"`
	Uid           *string                              `protobuf:"bytes,11,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

NetworkConnectionInfo is an OSF object defined in ocsf objects/network_connection_info.json

The Network Connection Information object describes characteristics of a network connection. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:NetworkSession/'>d3f:NetworkSession</a>.

func (*NetworkConnectionInfo) Descriptor deprecated 

func (*NetworkConnectionInfo) Descriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionInfo.ProtoReflect.Descriptor instead.

func (*NetworkConnectionInfo) GetBoundary 

func (x *NetworkConnectionInfo) GetBoundary() string

func (*NetworkConnectionInfo) GetBoundaryId 

func (x *NetworkConnectionInfo) GetBoundaryId() NetworkConnectionInfo_BoundaryId

func (*NetworkConnectionInfo) GetDirection 

func (x *NetworkConnectionInfo) GetDirection() string

func (*NetworkConnectionInfo) GetDirectionId 

func (x *NetworkConnectionInfo) GetDirectionId() NetworkConnectionInfo_DirectionId

func (*NetworkConnectionInfo) GetProtocolName 

func (x *NetworkConnectionInfo) GetProtocolName() string

func (*NetworkConnectionInfo) GetProtocolNum 

func (x *NetworkConnectionInfo) GetProtocolNum() int32

func (*NetworkConnectionInfo) GetProtocolVer 

func (x *NetworkConnectionInfo) GetProtocolVer() string

func (*NetworkConnectionInfo) GetProtocolVerId 

func (x *NetworkConnectionInfo) GetProtocolVerId() NetworkConnectionInfo_ProtocolVerId

func (*NetworkConnectionInfo) GetSession 

func (x *NetworkConnectionInfo) GetSession() *Session

func (*NetworkConnectionInfo) GetTcpFlags 

func (x *NetworkConnectionInfo) GetTcpFlags() int32

func (*NetworkConnectionInfo) GetUid 

func (x *NetworkConnectionInfo) GetUid() string

func (*NetworkConnectionInfo) ProtoMessage 

func (*NetworkConnectionInfo) ProtoMessage()

func (*NetworkConnectionInfo) ProtoReflect 

func (x *NetworkConnectionInfo) ProtoReflect() protoreflect.Message

func (*NetworkConnectionInfo) Reset 

func (x *NetworkConnectionInfo) Reset()

func (*NetworkConnectionInfo) String 

func (x *NetworkConnectionInfo) String() string

type NetworkConnectionInfo_BoundaryId 

type NetworkConnectionInfo_BoundaryId int32
const (
	NetworkConnectionInfo_BOUNDARY_ID_UNKNOWN   NetworkConnectionInfo_BoundaryId = 0 // The connection boundary is unknown.
	NetworkConnectionInfo_BOUNDARY_ID_LOCALHOST NetworkConnectionInfo_BoundaryId = 1 // Local network traffic on the same
	// endpoint.
	NetworkConnectionInfo_BOUNDARY_ID_INTERNAL NetworkConnectionInfo_BoundaryId = 2 // Internal network traffic between two
	// endpoints inside network.
	NetworkConnectionInfo_BOUNDARY_ID_EXTERNAL NetworkConnectionInfo_BoundaryId = 3 // External network traffic between two
	// endpoints on the Internet or outside
	// the network.
	NetworkConnectionInfo_BOUNDARY_ID_SAME_VPC NetworkConnectionInfo_BoundaryId = 4 // Through another resource in the same
	// VPC
	NetworkConnectionInfo_BOUNDARY_ID_INTERNET_VPC_GATEWAY NetworkConnectionInfo_BoundaryId = 5 // Through an Internet gateway or a
	// gateway VPC endpoint
	NetworkConnectionInfo_BOUNDARY_ID_VIRTUAL_PRIVATE_GATEWAY NetworkConnectionInfo_BoundaryId = 6 // Through a virtual private gateway
	NetworkConnectionInfo_BOUNDARY_ID_INTRA_REGION_VPC        NetworkConnectionInfo_BoundaryId = 7 // Through an intra-region VPC peering
	// connection
	NetworkConnectionInfo_BOUNDARY_ID_INTER_REGION_VPC NetworkConnectionInfo_BoundaryId = 8 // Through an inter-region VPC peering
	// connection
	NetworkConnectionInfo_BOUNDARY_ID_LOCAL_GATEWAY NetworkConnectionInfo_BoundaryId = 9  // Through a local gateway
	NetworkConnectionInfo_BOUNDARY_ID_GATEWAY_VPC   NetworkConnectionInfo_BoundaryId = 10 // Through a gateway VPC endpoint (Nitro-
	// based instances only)
	NetworkConnectionInfo_BOUNDARY_ID_INTERNET_GATEWAY NetworkConnectionInfo_BoundaryId = 11 // Through an Internet gateway (Nitro-
	// based instances only)
	NetworkConnectionInfo_BOUNDARY_ID_OTHER NetworkConnectionInfo_BoundaryId = 99 // The boundary is not mapped. See the
)

func (NetworkConnectionInfo_BoundaryId) Descriptor 

func (NetworkConnectionInfo_BoundaryId) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionInfo_BoundaryId) Enum 

func (x NetworkConnectionInfo_BoundaryId) Enum() *NetworkConnectionInfo_BoundaryId

func (NetworkConnectionInfo_BoundaryId) EnumDescriptor deprecated 

func (NetworkConnectionInfo_BoundaryId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionInfo_BoundaryId.Descriptor instead.

func (NetworkConnectionInfo_BoundaryId) Number 

func (x NetworkConnectionInfo_BoundaryId) Number() protoreflect.EnumNumber

func (NetworkConnectionInfo_BoundaryId) String 

func (x NetworkConnectionInfo_BoundaryId) String() string

func (NetworkConnectionInfo_BoundaryId) Type 

func (NetworkConnectionInfo_BoundaryId) Type() protoreflect.EnumType

type NetworkConnectionInfo_DirectionId 

type NetworkConnectionInfo_DirectionId int32
const (
	NetworkConnectionInfo_DIRECTION_ID_UNKNOWN NetworkConnectionInfo_DirectionId = 0 // The connection direction is unknown.
	NetworkConnectionInfo_DIRECTION_ID_INBOUND NetworkConnectionInfo_DirectionId = 1 // Inbound network connection. The connection was
	// originated from the Internet or outside network,
	// destined for services on the inside network.
	NetworkConnectionInfo_DIRECTION_ID_OUTBOUND NetworkConnectionInfo_DirectionId = 2 // Outbound network connection. The connection was
	// originated from inside the network, destined for
	// services on the Internet or outside network.
	NetworkConnectionInfo_DIRECTION_ID_LATERAL NetworkConnectionInfo_DirectionId = 3 // Lateral network connection. The connection was
	// originated from inside the network, destined for
	// services on the inside network.
	NetworkConnectionInfo_DIRECTION_ID_OTHER NetworkConnectionInfo_DirectionId = 99 // The direction is not mapped. See the
)

func (NetworkConnectionInfo_DirectionId) Descriptor 

func (NetworkConnectionInfo_DirectionId) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionInfo_DirectionId) Enum 

func (x NetworkConnectionInfo_DirectionId) Enum() *NetworkConnectionInfo_DirectionId

func (NetworkConnectionInfo_DirectionId) EnumDescriptor deprecated 

func (NetworkConnectionInfo_DirectionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionInfo_DirectionId.Descriptor instead.

func (NetworkConnectionInfo_DirectionId) Number 

func (x NetworkConnectionInfo_DirectionId) Number() protoreflect.EnumNumber

func (NetworkConnectionInfo_DirectionId) String 

func (x NetworkConnectionInfo_DirectionId) String() string

func (NetworkConnectionInfo_DirectionId) Type 

func (NetworkConnectionInfo_DirectionId) Type() protoreflect.EnumType

type NetworkConnectionInfo_ProtocolVerId 

type NetworkConnectionInfo_ProtocolVerId int32
const (
	NetworkConnectionInfo_PROTOCOL_VER_ID_UNKNOWN                          NetworkConnectionInfo_ProtocolVerId = 0
	NetworkConnectionInfo_PROTOCOL_VER_ID_INTERNET_PROTOCOL_VERSION_4_IPV4 NetworkConnectionInfo_ProtocolVerId = 4
	NetworkConnectionInfo_PROTOCOL_VER_ID_INTERNET_PROTOCOL_VERSION_6_IPV6 NetworkConnectionInfo_ProtocolVerId = 6
	NetworkConnectionInfo_PROTOCOL_VER_ID_OTHER                            NetworkConnectionInfo_ProtocolVerId = 99
)

func (NetworkConnectionInfo_ProtocolVerId) Descriptor 

func (NetworkConnectionInfo_ProtocolVerId) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionInfo_ProtocolVerId) Enum 

func (x NetworkConnectionInfo_ProtocolVerId) Enum() *NetworkConnectionInfo_ProtocolVerId

func (NetworkConnectionInfo_ProtocolVerId) EnumDescriptor deprecated 

func (NetworkConnectionInfo_ProtocolVerId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionInfo_ProtocolVerId.Descriptor instead.

func (NetworkConnectionInfo_ProtocolVerId) Number 

func (x NetworkConnectionInfo_ProtocolVerId) Number() protoreflect.EnumNumber

func (NetworkConnectionInfo_ProtocolVerId) String 

func (x NetworkConnectionInfo_ProtocolVerId) String() string

func (NetworkConnectionInfo_ProtocolVerId) Type 

func (NetworkConnectionInfo_ProtocolVerId) Type() protoreflect.EnumType

type NetworkConnectionQuery 

type NetworkConnectionQuery struct {
	ActivityId     NetworkConnectionQuery_ActivityId    `` /* 146-byte string literal not displayed */
	ActivityName   *string                              `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                               `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                                 `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                              `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    NetworkConnectionQuery_CategoryUid   `` /* 150-byte string literal not displayed */
	ClassName      *string                              `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       NetworkConnectionQuery_ClassUid      `` /* 138-byte string literal not displayed */
	Cloud          *Cloud                               `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo *NetworkConnectionInfo               `protobuf:"bytes,10,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count          *int32                               `protobuf:"varint,11,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                              `protobuf:"bytes,12,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                               `protobuf:"varint,13,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                               `protobuf:"varint,14,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp               `protobuf:"bytes,15,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                        `protobuf:"bytes,16,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                              `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                            `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                        `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	Process        *Process                             `protobuf:"bytes,20,opt,name=process,proto3" json:"process,omitempty"`
	QueryInfo      *QueryInfo                           `protobuf:"bytes,21,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                              `protobuf:"bytes,22,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  NetworkConnectionQuery_QueryResultId `` /* 161-byte string literal not displayed */
	RawData        *string                              `protobuf:"bytes,24,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                              `protobuf:"bytes,25,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     NetworkConnectionQuery_SeverityId    `` /* 147-byte string literal not displayed */
	StartTime      *int64                               `protobuf:"varint,27,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp               `protobuf:"bytes,28,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	State          *string                              `protobuf:"bytes,29,opt,name=state,proto3,oneof" json:"state,omitempty"`
	StateId        NetworkConnectionQuery_StateId       `` /* 135-byte string literal not displayed */
	Status         *string                              `protobuf:"bytes,31,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                              `protobuf:"bytes,32,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                              `protobuf:"bytes,33,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *NetworkConnectionQuery_StatusId     `` /* 145-byte string literal not displayed */
	Time           int64                                `protobuf:"varint,35,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp               `protobuf:"bytes,36,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                               `protobuf:"varint,37,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                              `protobuf:"bytes,38,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                                `protobuf:"varint,39,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                     `protobuf:"bytes,40,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

NetworkConnectionQuery is an OSF event in category "Discovery" called Network Connection Query defined in ocsf events/discovery/network_connection_query.json

Network Connection Query events report information about active network connections.

func (*NetworkConnectionQuery) Descriptor deprecated 

func (*NetworkConnectionQuery) Descriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionQuery.ProtoReflect.Descriptor instead.

func (*NetworkConnectionQuery) GetActivityId 

func (x *NetworkConnectionQuery) GetActivityId() NetworkConnectionQuery_ActivityId

func (*NetworkConnectionQuery) GetActivityName 

func (x *NetworkConnectionQuery) GetActivityName() string

func (*NetworkConnectionQuery) GetActor 

func (x *NetworkConnectionQuery) GetActor() *Actor

func (*NetworkConnectionQuery) GetApi 

func (x *NetworkConnectionQuery) GetApi() *Api

func (*NetworkConnectionQuery) GetCategoryName 

func (x *NetworkConnectionQuery) GetCategoryName() string

func (*NetworkConnectionQuery) GetCategoryUid 

func (x *NetworkConnectionQuery) GetCategoryUid() NetworkConnectionQuery_CategoryUid

func (*NetworkConnectionQuery) GetClassName 

func (x *NetworkConnectionQuery) GetClassName() string

func (*NetworkConnectionQuery) GetClassUid 

func (x *NetworkConnectionQuery) GetClassUid() NetworkConnectionQuery_ClassUid

func (*NetworkConnectionQuery) GetCloud 

func (x *NetworkConnectionQuery) GetCloud() *Cloud

func (*NetworkConnectionQuery) GetConnectionInfo 

func (x *NetworkConnectionQuery) GetConnectionInfo() *NetworkConnectionInfo

func (*NetworkConnectionQuery) GetCount 

func (x *NetworkConnectionQuery) GetCount() int32

func (*NetworkConnectionQuery) GetDevice 

func (x *NetworkConnectionQuery) GetDevice() *Device

func (*NetworkConnectionQuery) GetDuration 

func (x *NetworkConnectionQuery) GetDuration() int32

func (*NetworkConnectionQuery) GetEndTime 

func (x *NetworkConnectionQuery) GetEndTime() int64

func (*NetworkConnectionQuery) GetEndTimeDt 

func (x *NetworkConnectionQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*NetworkConnectionQuery) GetEnrichments 

func (x *NetworkConnectionQuery) GetEnrichments() []*Enrichment

func (*NetworkConnectionQuery) GetMessage 

func (x *NetworkConnectionQuery) GetMessage() string

func (*NetworkConnectionQuery) GetMetadata 

func (x *NetworkConnectionQuery) GetMetadata() *Metadata

func (*NetworkConnectionQuery) GetObservables 

func (x *NetworkConnectionQuery) GetObservables() []*Observable

func (*NetworkConnectionQuery) GetProcess 

func (x *NetworkConnectionQuery) GetProcess() *Process

func (*NetworkConnectionQuery) GetQueryInfo 

func (x *NetworkConnectionQuery) GetQueryInfo() *QueryInfo

func (*NetworkConnectionQuery) GetQueryResult 

func (x *NetworkConnectionQuery) GetQueryResult() string

func (*NetworkConnectionQuery) GetQueryResultId 

func (x *NetworkConnectionQuery) GetQueryResultId() NetworkConnectionQuery_QueryResultId

func (*NetworkConnectionQuery) GetRawData 

func (x *NetworkConnectionQuery) GetRawData() string

func (*NetworkConnectionQuery) GetSeverity 

func (x *NetworkConnectionQuery) GetSeverity() string

func (*NetworkConnectionQuery) GetSeverityId 

func (x *NetworkConnectionQuery) GetSeverityId() NetworkConnectionQuery_SeverityId

func (*NetworkConnectionQuery) GetStartTime 

func (x *NetworkConnectionQuery) GetStartTime() int64

func (*NetworkConnectionQuery) GetStartTimeDt 

func (x *NetworkConnectionQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*NetworkConnectionQuery) GetState 

func (x *NetworkConnectionQuery) GetState() string

func (*NetworkConnectionQuery) GetStateId 

func (x *NetworkConnectionQuery) GetStateId() NetworkConnectionQuery_StateId

func (*NetworkConnectionQuery) GetStatus 

func (x *NetworkConnectionQuery) GetStatus() string

func (*NetworkConnectionQuery) GetStatusCode 

func (x *NetworkConnectionQuery) GetStatusCode() string

func (*NetworkConnectionQuery) GetStatusDetail 

func (x *NetworkConnectionQuery) GetStatusDetail() string

func (*NetworkConnectionQuery) GetStatusId 

func (x *NetworkConnectionQuery) GetStatusId() NetworkConnectionQuery_StatusId

func (*NetworkConnectionQuery) GetTime 

func (x *NetworkConnectionQuery) GetTime() int64

func (*NetworkConnectionQuery) GetTimeDt 

func (x *NetworkConnectionQuery) GetTimeDt() *timestamppb.Timestamp

func (*NetworkConnectionQuery) GetTimezoneOffset 

func (x *NetworkConnectionQuery) GetTimezoneOffset() int32

func (*NetworkConnectionQuery) GetTypeName 

func (x *NetworkConnectionQuery) GetTypeName() string

func (*NetworkConnectionQuery) GetTypeUid 

func (x *NetworkConnectionQuery) GetTypeUid() int64

func (*NetworkConnectionQuery) GetUnmapped 

func (x *NetworkConnectionQuery) GetUnmapped() *structpb.Struct

func (*NetworkConnectionQuery) ProtoMessage 

func (*NetworkConnectionQuery) ProtoMessage()

func (*NetworkConnectionQuery) ProtoReflect 

func (x *NetworkConnectionQuery) ProtoReflect() protoreflect.Message

func (*NetworkConnectionQuery) Reset 

func (x *NetworkConnectionQuery) Reset()

func (*NetworkConnectionQuery) String 

func (x *NetworkConnectionQuery) String() string

type NetworkConnectionQuery_ActivityId 

type NetworkConnectionQuery_ActivityId int32
const (
	NetworkConnectionQuery_ACTIVITY_ID_UNKNOWN NetworkConnectionQuery_ActivityId = 0
	NetworkConnectionQuery_ACTIVITY_ID_QUERY   NetworkConnectionQuery_ActivityId = 1 // The discovered results are via a query request.
	NetworkConnectionQuery_ACTIVITY_ID_OTHER   NetworkConnectionQuery_ActivityId = 99
)

func (NetworkConnectionQuery_ActivityId) Descriptor 

func (NetworkConnectionQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionQuery_ActivityId) Enum 

func (x NetworkConnectionQuery_ActivityId) Enum() *NetworkConnectionQuery_ActivityId

func (NetworkConnectionQuery_ActivityId) EnumDescriptor deprecated 

func (NetworkConnectionQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionQuery_ActivityId.Descriptor instead.

func (NetworkConnectionQuery_ActivityId) Number 

func (x NetworkConnectionQuery_ActivityId) Number() protoreflect.EnumNumber

func (NetworkConnectionQuery_ActivityId) String 

func (x NetworkConnectionQuery_ActivityId) String() string

func (NetworkConnectionQuery_ActivityId) Type 

func (NetworkConnectionQuery_ActivityId) Type() protoreflect.EnumType

type NetworkConnectionQuery_CategoryUid 

type NetworkConnectionQuery_CategoryUid int32
const (
	NetworkConnectionQuery_CATEGORY_UID_UNKNOWN   NetworkConnectionQuery_CategoryUid = 0
	NetworkConnectionQuery_CATEGORY_UID_DISCOVERY NetworkConnectionQuery_CategoryUid = 5
)

func (NetworkConnectionQuery_CategoryUid) Descriptor 

func (NetworkConnectionQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionQuery_CategoryUid) Enum 

func (x NetworkConnectionQuery_CategoryUid) Enum() *NetworkConnectionQuery_CategoryUid

func (NetworkConnectionQuery_CategoryUid) EnumDescriptor deprecated 

func (NetworkConnectionQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionQuery_CategoryUid.Descriptor instead.

func (NetworkConnectionQuery_CategoryUid) Number 

func (x NetworkConnectionQuery_CategoryUid) Number() protoreflect.EnumNumber

func (NetworkConnectionQuery_CategoryUid) String 

func (x NetworkConnectionQuery_CategoryUid) String() string

func (NetworkConnectionQuery_CategoryUid) Type 

func (NetworkConnectionQuery_CategoryUid) Type() protoreflect.EnumType

type NetworkConnectionQuery_ClassUid 

type NetworkConnectionQuery_ClassUid int32
const (
	NetworkConnectionQuery_CLASS_UID_UNKNOWN                  NetworkConnectionQuery_ClassUid = 0
	NetworkConnectionQuery_CLASS_UID_NETWORK_CONNECTION_QUERY NetworkConnectionQuery_ClassUid = 5012
)

func (NetworkConnectionQuery_ClassUid) Descriptor 

func (NetworkConnectionQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionQuery_ClassUid) Enum 

func (x NetworkConnectionQuery_ClassUid) Enum() *NetworkConnectionQuery_ClassUid

func (NetworkConnectionQuery_ClassUid) EnumDescriptor deprecated 

func (NetworkConnectionQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionQuery_ClassUid.Descriptor instead.

func (NetworkConnectionQuery_ClassUid) Number 

func (x NetworkConnectionQuery_ClassUid) Number() protoreflect.EnumNumber

func (NetworkConnectionQuery_ClassUid) String 

func (x NetworkConnectionQuery_ClassUid) String() string

func (NetworkConnectionQuery_ClassUid) Type 

func (NetworkConnectionQuery_ClassUid) Type() protoreflect.EnumType

type NetworkConnectionQuery_QueryResultId 

type NetworkConnectionQuery_QueryResultId int32
const (
	NetworkConnectionQuery_QUERY_RESULT_ID_UNKNOWN        NetworkConnectionQuery_QueryResultId = 0  // The query result is unknown.
	NetworkConnectionQuery_QUERY_RESULT_ID_EXISTS         NetworkConnectionQuery_QueryResultId = 1  // The target was found.
	NetworkConnectionQuery_QUERY_RESULT_ID_PARTIAL        NetworkConnectionQuery_QueryResultId = 2  // The target was partially found.
	NetworkConnectionQuery_QUERY_RESULT_ID_DOES_NOT_EXIST NetworkConnectionQuery_QueryResultId = 3  // The target was not found.
	NetworkConnectionQuery_QUERY_RESULT_ID_ERROR          NetworkConnectionQuery_QueryResultId = 4  // The discovery attempt failed.
	NetworkConnectionQuery_QUERY_RESULT_ID_UNSUPPORTED    NetworkConnectionQuery_QueryResultId = 5  // Discovery of the target was not supported.
	NetworkConnectionQuery_QUERY_RESULT_ID_OTHER          NetworkConnectionQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (NetworkConnectionQuery_QueryResultId) Descriptor 

func (NetworkConnectionQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionQuery_QueryResultId) Enum 

func (x NetworkConnectionQuery_QueryResultId) Enum() *NetworkConnectionQuery_QueryResultId

func (NetworkConnectionQuery_QueryResultId) EnumDescriptor deprecated 

func (NetworkConnectionQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionQuery_QueryResultId.Descriptor instead.

func (NetworkConnectionQuery_QueryResultId) Number 

func (x NetworkConnectionQuery_QueryResultId) Number() protoreflect.EnumNumber

func (NetworkConnectionQuery_QueryResultId) String 

func (x NetworkConnectionQuery_QueryResultId) String() string

func (NetworkConnectionQuery_QueryResultId) Type 

func (NetworkConnectionQuery_QueryResultId) Type() protoreflect.EnumType

type NetworkConnectionQuery_SeverityId 

type NetworkConnectionQuery_SeverityId int32
const (
	NetworkConnectionQuery_SEVERITY_ID_UNKNOWN       NetworkConnectionQuery_SeverityId = 0 // The event/finding severity is unknown.
	NetworkConnectionQuery_SEVERITY_ID_INFORMATIONAL NetworkConnectionQuery_SeverityId = 1 // Informational message. No action required.
	NetworkConnectionQuery_SEVERITY_ID_LOW           NetworkConnectionQuery_SeverityId = 2 // The user decides if action is needed.
	NetworkConnectionQuery_SEVERITY_ID_MEDIUM        NetworkConnectionQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	NetworkConnectionQuery_SEVERITY_ID_HIGH     NetworkConnectionQuery_SeverityId = 4 // Action is required immediately.
	NetworkConnectionQuery_SEVERITY_ID_CRITICAL NetworkConnectionQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	NetworkConnectionQuery_SEVERITY_ID_FATAL NetworkConnectionQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	NetworkConnectionQuery_SEVERITY_ID_OTHER NetworkConnectionQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (NetworkConnectionQuery_SeverityId) Descriptor 

func (NetworkConnectionQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionQuery_SeverityId) Enum 

func (x NetworkConnectionQuery_SeverityId) Enum() *NetworkConnectionQuery_SeverityId

func (NetworkConnectionQuery_SeverityId) EnumDescriptor deprecated 

func (NetworkConnectionQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionQuery_SeverityId.Descriptor instead.

func (NetworkConnectionQuery_SeverityId) Number 

func (x NetworkConnectionQuery_SeverityId) Number() protoreflect.EnumNumber

func (NetworkConnectionQuery_SeverityId) String 

func (x NetworkConnectionQuery_SeverityId) String() string

func (NetworkConnectionQuery_SeverityId) Type 

func (NetworkConnectionQuery_SeverityId) Type() protoreflect.EnumType

type NetworkConnectionQuery_StateId 

type NetworkConnectionQuery_StateId int32
const (
	NetworkConnectionQuery_STATE_ID_UNKNOWN     NetworkConnectionQuery_StateId = 0 // The socket state is unknown.
	NetworkConnectionQuery_STATE_ID_ESTABLISHED NetworkConnectionQuery_StateId = 1 // The socket has an established connection between a
	// local application and a remote peer.
	NetworkConnectionQuery_STATE_ID_SYN_SENT NetworkConnectionQuery_StateId = 2 // The socket is actively trying to establish a
	// connection to a remote peer.
	NetworkConnectionQuery_STATE_ID_SYN_RECV NetworkConnectionQuery_StateId = 3 // The socket has passively received a connection
	// request from a remote peer.
	NetworkConnectionQuery_STATE_ID_FIN_WAIT1 NetworkConnectionQuery_StateId = 4 // The socket connection has been closed by the local
	// application, the remote peer has not yet
	// acknowledged the close, and the system is waiting
	// for it to close its half of the connection.
	NetworkConnectionQuery_STATE_ID_FIN_WAIT2 NetworkConnectionQuery_StateId = 5 // The socket connection has been closed by the local
	// application, the remote peer has acknowledged the
	// close, and the system is waiting for it to close its
	// half of the connection.
	NetworkConnectionQuery_STATE_ID_TIME_WAIT NetworkConnectionQuery_StateId = 6 // The socket connection has been closed by the local
	// application, the remote peer has closed its half of
	// the connection, and the system is waiting to be sure
	// that the remote peer received the last
	// acknowledgement.
	NetworkConnectionQuery_STATE_ID_CLOSED     NetworkConnectionQuery_StateId = 7 // The socket is not in use.
	NetworkConnectionQuery_STATE_ID_CLOSE_WAIT NetworkConnectionQuery_StateId = 8 // The socket connection has been closed by the remote
	// peer, and the system is waiting for the local
	// application to close its half of the connection.
	NetworkConnectionQuery_STATE_ID_LAST_ACK NetworkConnectionQuery_StateId = 9 // The socket connection has been closed by the remote
	// peer, the local application has closed its half of
	// the connection, and the system is waiting for the
	// remote peer to acknowledge the close.
	NetworkConnectionQuery_STATE_ID_LISTEN  NetworkConnectionQuery_StateId = 10 // The socket is listening for incoming connections.
	NetworkConnectionQuery_STATE_ID_CLOSING NetworkConnectionQuery_StateId = 11 // The socket connection has been closed by the local
	// application and the remote peer simultaneously, and
	// the remote peer has not yet acknowledged the close
	// attempt of the local application.
	NetworkConnectionQuery_STATE_ID_OTHER NetworkConnectionQuery_StateId = 99 // The state is not mapped. See the <code>state</code>
)

func (NetworkConnectionQuery_StateId) Descriptor 

func (NetworkConnectionQuery_StateId) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionQuery_StateId) Enum 

func (x NetworkConnectionQuery_StateId) Enum() *NetworkConnectionQuery_StateId

func (NetworkConnectionQuery_StateId) EnumDescriptor deprecated 

func (NetworkConnectionQuery_StateId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionQuery_StateId.Descriptor instead.

func (NetworkConnectionQuery_StateId) Number 

func (x NetworkConnectionQuery_StateId) Number() protoreflect.EnumNumber

func (NetworkConnectionQuery_StateId) String 

func (x NetworkConnectionQuery_StateId) String() string

func (NetworkConnectionQuery_StateId) Type 

func (NetworkConnectionQuery_StateId) Type() protoreflect.EnumType

type NetworkConnectionQuery_StatusId 

type NetworkConnectionQuery_StatusId int32
const (
	NetworkConnectionQuery_STATUS_ID_UNKNOWN NetworkConnectionQuery_StatusId = 0 // The status is unknown.
	NetworkConnectionQuery_STATUS_ID_SUCCESS NetworkConnectionQuery_StatusId = 1
	NetworkConnectionQuery_STATUS_ID_FAILURE NetworkConnectionQuery_StatusId = 2
	NetworkConnectionQuery_STATUS_ID_OTHER   NetworkConnectionQuery_StatusId = 99 // The event status is not mapped. See the
)

func (NetworkConnectionQuery_StatusId) Descriptor 

func (NetworkConnectionQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (NetworkConnectionQuery_StatusId) Enum 

func (x NetworkConnectionQuery_StatusId) Enum() *NetworkConnectionQuery_StatusId

func (NetworkConnectionQuery_StatusId) EnumDescriptor deprecated 

func (NetworkConnectionQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkConnectionQuery_StatusId.Descriptor instead.

func (NetworkConnectionQuery_StatusId) Number 

func (x NetworkConnectionQuery_StatusId) Number() protoreflect.EnumNumber

func (NetworkConnectionQuery_StatusId) String 

func (x NetworkConnectionQuery_StatusId) String() string

func (NetworkConnectionQuery_StatusId) Type 

func (NetworkConnectionQuery_StatusId) Type() protoreflect.EnumType

type NetworkEndpoint 

type NetworkEndpoint struct {
	AgentList        []*Agent                `protobuf:"bytes,1,rep,name=agent_list,json=agentList,proto3" json:"agent_list,omitempty"`
	AutonomousSystem *AutonomousSystem       `protobuf:"bytes,2,opt,name=autonomous_system,json=autonomousSystem,proto3" json:"autonomous_system,omitempty"`
	Container        *Container              `protobuf:"bytes,3,opt,name=container,proto3" json:"container,omitempty"`
	Domain           *string                 `protobuf:"bytes,4,opt,name=domain,proto3,oneof" json:"domain,omitempty"`
	Hostname         *string                 `protobuf:"bytes,5,opt,name=hostname,proto3,oneof" json:"hostname,omitempty"`
	HwInfo           *DeviceHwInfo           `protobuf:"bytes,6,opt,name=hw_info,json=hwInfo,proto3" json:"hw_info,omitempty"`
	InstanceUid      *string                 `protobuf:"bytes,7,opt,name=instance_uid,json=instanceUid,proto3,oneof" json:"instance_uid,omitempty"`
	InterfaceName    *string                 `protobuf:"bytes,8,opt,name=interface_name,json=interfaceName,proto3,oneof" json:"interface_name,omitempty"`
	InterfaceUid     *string                 `protobuf:"bytes,9,opt,name=interface_uid,json=interfaceUid,proto3,oneof" json:"interface_uid,omitempty"`
	IntermediateIps  []string                `protobuf:"bytes,10,rep,name=intermediate_ips,json=intermediateIps,proto3" json:"intermediate_ips,omitempty"`
	Ip               *string                 `protobuf:"bytes,11,opt,name=ip,proto3,oneof" json:"ip,omitempty"`
	Location         *Location               `protobuf:"bytes,12,opt,name=location,proto3" json:"location,omitempty"`
	Mac              *string                 `protobuf:"bytes,13,opt,name=mac,proto3,oneof" json:"mac,omitempty"`
	Name             *string                 `protobuf:"bytes,14,opt,name=name,proto3,oneof" json:"name,omitempty"`
	NamespacePid     *int32                  `protobuf:"varint,15,opt,name=namespace_pid,json=namespacePid,proto3,oneof" json:"namespace_pid,omitempty"`
	Os               *Os                     `protobuf:"bytes,16,opt,name=os,proto3" json:"os,omitempty"`
	Owner            *User                   `protobuf:"bytes,17,opt,name=owner,proto3" json:"owner,omitempty"`
	Port             *int32                  `protobuf:"varint,18,opt,name=port,proto3,oneof" json:"port,omitempty"`
	ProxyEndpoint    *NetworkProxy           `protobuf:"bytes,19,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	SubnetUid        *string                 `protobuf:"bytes,20,opt,name=subnet_uid,json=subnetUid,proto3,oneof" json:"subnet_uid,omitempty"`
	SvcName          *string                 `protobuf:"bytes,21,opt,name=svc_name,json=svcName,proto3,oneof" json:"svc_name,omitempty"`
	Type             *string                 `protobuf:"bytes,22,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId           *NetworkEndpoint_TypeId `` /* 130-byte string literal not displayed */
	Uid              *string                 `protobuf:"bytes,24,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	VlanUid          *string                 `protobuf:"bytes,25,opt,name=vlan_uid,json=vlanUid,proto3,oneof" json:"vlan_uid,omitempty"`
	VpcUid           *string                 `protobuf:"bytes,26,opt,name=vpc_uid,json=vpcUid,proto3,oneof" json:"vpc_uid,omitempty"`
	Zone             *string                 `protobuf:"bytes,27,opt,name=zone,proto3,oneof" json:"zone,omitempty"`
	// contains filtered or unexported fields
}

NetworkEndpoint is an OSF object defined in ocsf objects/network_endpoint.json

The Network Endpoint object describes characteristics of a network endpoint. These can be a source or destination of a network connection.

func (*NetworkEndpoint) Descriptor deprecated 

func (*NetworkEndpoint) Descriptor() ([]byte, []int)

Deprecated: Use NetworkEndpoint.ProtoReflect.Descriptor instead.

func (*NetworkEndpoint) GetAgentList 

func (x *NetworkEndpoint) GetAgentList() []*Agent

func (*NetworkEndpoint) GetAutonomousSystem 

func (x *NetworkEndpoint) GetAutonomousSystem() *AutonomousSystem

func (*NetworkEndpoint) GetContainer 

func (x *NetworkEndpoint) GetContainer() *Container

func (*NetworkEndpoint) GetDomain 

func (x *NetworkEndpoint) GetDomain() string

func (*NetworkEndpoint) GetHostname 

func (x *NetworkEndpoint) GetHostname() string

func (*NetworkEndpoint) GetHwInfo 

func (x *NetworkEndpoint) GetHwInfo() *DeviceHwInfo

func (*NetworkEndpoint) GetInstanceUid 

func (x *NetworkEndpoint) GetInstanceUid() string

func (*NetworkEndpoint) GetInterfaceName 

func (x *NetworkEndpoint) GetInterfaceName() string

func (*NetworkEndpoint) GetInterfaceUid 

func (x *NetworkEndpoint) GetInterfaceUid() string

func (*NetworkEndpoint) GetIntermediateIps 

func (x *NetworkEndpoint) GetIntermediateIps() []string

func (*NetworkEndpoint) GetIp 

func (x *NetworkEndpoint) GetIp() string

func (*NetworkEndpoint) GetLocation 

func (x *NetworkEndpoint) GetLocation() *Location

func (*NetworkEndpoint) GetMac 

func (x *NetworkEndpoint) GetMac() string

func (*NetworkEndpoint) GetName 

func (x *NetworkEndpoint) GetName() string

func (*NetworkEndpoint) GetNamespacePid 

func (x *NetworkEndpoint) GetNamespacePid() int32

func (*NetworkEndpoint) GetOs 

func (x *NetworkEndpoint) GetOs() *Os

func (*NetworkEndpoint) GetOwner 

func (x *NetworkEndpoint) GetOwner() *User

func (*NetworkEndpoint) GetPort 

func (x *NetworkEndpoint) GetPort() int32

func (*NetworkEndpoint) GetProxyEndpoint 

func (x *NetworkEndpoint) GetProxyEndpoint() *NetworkProxy

func (*NetworkEndpoint) GetSubnetUid 

func (x *NetworkEndpoint) GetSubnetUid() string

func (*NetworkEndpoint) GetSvcName 

func (x *NetworkEndpoint) GetSvcName() string

func (*NetworkEndpoint) GetType 

func (x *NetworkEndpoint) GetType() string

func (*NetworkEndpoint) GetTypeId 

func (x *NetworkEndpoint) GetTypeId() NetworkEndpoint_TypeId

func (*NetworkEndpoint) GetUid 

func (x *NetworkEndpoint) GetUid() string

func (*NetworkEndpoint) GetVlanUid 

func (x *NetworkEndpoint) GetVlanUid() string

func (*NetworkEndpoint) GetVpcUid 

func (x *NetworkEndpoint) GetVpcUid() string

func (*NetworkEndpoint) GetZone 

func (x *NetworkEndpoint) GetZone() string

func (*NetworkEndpoint) ProtoMessage 

func (*NetworkEndpoint) ProtoMessage()

func (*NetworkEndpoint) ProtoReflect 

func (x *NetworkEndpoint) ProtoReflect() protoreflect.Message

func (*NetworkEndpoint) Reset 

func (x *NetworkEndpoint) Reset()

func (*NetworkEndpoint) String 

func (x *NetworkEndpoint) String() string

type NetworkEndpoint_TypeId 

type NetworkEndpoint_TypeId int32
const (
	NetworkEndpoint_TYPE_ID_UNKNOWN NetworkEndpoint_TypeId = 0 // The type is unknown.
	NetworkEndpoint_TYPE_ID_SERVER  NetworkEndpoint_TypeId = 1 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Server/'>server</a>.
	NetworkEndpoint_TYPE_ID_DESKTOP NetworkEndpoint_TypeId = 2 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:DesktopComputer/'>desktop
	// computer</a>.
	NetworkEndpoint_TYPE_ID_LAPTOP NetworkEndpoint_TypeId = 3 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:LaptopComputer/'>laptop
	// computer</a>.
	NetworkEndpoint_TYPE_ID_TABLET NetworkEndpoint_TypeId = 4 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:TabletComputer/'>tablet
	// computer</a>.
	NetworkEndpoint_TYPE_ID_MOBILE NetworkEndpoint_TypeId = 5 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:MobilePhone/'>mobile
	// phone</a>.
	NetworkEndpoint_TYPE_ID_VIRTUAL NetworkEndpoint_TypeId = 6 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:VirtualizationSoftware/'>virtual
	// machine</a>.
	NetworkEndpoint_TYPE_ID_IOT NetworkEndpoint_TypeId = 7 // A <a target='_blank'
	// href='https://www.techtarget.com/iotagenda/definition/IoT-
	// device'>IOT (Internet of Things) device</a>.
	NetworkEndpoint_TYPE_ID_BROWSER NetworkEndpoint_TypeId = 8 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Browser/'>web
	// browser</a>.
	NetworkEndpoint_TYPE_ID_FIREWALL NetworkEndpoint_TypeId = 9 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Firewall/'>networking
	// firewall</a>.
	NetworkEndpoint_TYPE_ID_SWITCH NetworkEndpoint_TypeId = 10 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Switch/'>networking
	// switch</a>.
	NetworkEndpoint_TYPE_ID_HUB NetworkEndpoint_TypeId = 11 // A <a target='_blank'
	// href='https://en.wikipedia.org/wiki/Ethernet_hub'>networking
	// hub</a>.
	NetworkEndpoint_TYPE_ID_OTHER NetworkEndpoint_TypeId = 99 // The type is not mapped. See the <code>type</code>
)

func (NetworkEndpoint_TypeId) Descriptor 

func (NetworkEndpoint_TypeId) Descriptor() protoreflect.EnumDescriptor

func (NetworkEndpoint_TypeId) Enum 

func (x NetworkEndpoint_TypeId) Enum() *NetworkEndpoint_TypeId

func (NetworkEndpoint_TypeId) EnumDescriptor deprecated 

func (NetworkEndpoint_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkEndpoint_TypeId.Descriptor instead.

func (NetworkEndpoint_TypeId) Number 

func (x NetworkEndpoint_TypeId) Number() protoreflect.EnumNumber

func (NetworkEndpoint_TypeId) String 

func (x NetworkEndpoint_TypeId) String() string

func (NetworkEndpoint_TypeId) Type 

func (NetworkEndpoint_TypeId) Type() protoreflect.EnumType

type NetworkFileActivity 

type NetworkFileActivity struct {
	Action              *string                            `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            NetworkFileActivity_ActionId       `` /* 135-byte string literal not displayed */
	ActivityId          NetworkFileActivity_ActivityId     `` /* 143-byte string literal not displayed */
	ActivityName        *string                            `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                             `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                               `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                            `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                          `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization                   `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                            `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         NetworkFileActivity_CategoryUid    `` /* 148-byte string literal not displayed */
	ClassName           *string                            `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            NetworkFileActivity_ClassUid       `` /* 136-byte string literal not displayed */
	Cloud               *Cloud                             `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo             `protobuf:"bytes,15,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                             `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                            `protobuf:"bytes,17,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                            `protobuf:"bytes,18,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *NetworkFileActivity_DispositionId `` /* 162-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint                   `protobuf:"bytes,20,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                             `protobuf:"varint,21,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                             `protobuf:"varint,22,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp             `protobuf:"bytes,23,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment                      `protobuf:"bytes,24,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	ExpirationTime      *int64                             `protobuf:"varint,25,opt,name=expiration_time,json=expirationTime,proto3,oneof" json:"expiration_time,omitempty"`
	ExpirationTimeDt    *timestamppb.Timestamp             `protobuf:"bytes,26,opt,name=expiration_time_dt,json=expirationTimeDt,proto3,oneof" json:"expiration_time_dt,omitempty"`
	File                *File                              `protobuf:"bytes,27,opt,name=file,proto3" json:"file,omitempty"`
	FirewallRule        *FirewallRule                      `protobuf:"bytes,28,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	LoadBalancer        *LoadBalancer                      `protobuf:"bytes,29,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                         `protobuf:"bytes,30,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                            `protobuf:"bytes,31,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                          `protobuf:"bytes,32,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable                      `protobuf:"bytes,33,rep,name=observables,proto3" json:"observables,omitempty"`
	Proxy               *NetworkProxy                      `protobuf:"bytes,34,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo             `protobuf:"bytes,35,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy                      `protobuf:"bytes,36,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest                       `protobuf:"bytes,37,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse                      `protobuf:"bytes,38,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                               `protobuf:"bytes,39,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic                    `protobuf:"bytes,40,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                            `protobuf:"bytes,41,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity            *string                            `protobuf:"bytes,42,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          NetworkFileActivity_SeverityId     `` /* 144-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint                   `protobuf:"bytes,44,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                             `protobuf:"varint,45,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp             `protobuf:"bytes,46,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                            `protobuf:"bytes,47,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                            `protobuf:"bytes,48,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                            `protobuf:"bytes,49,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *NetworkFileActivity_StatusId      `` /* 142-byte string literal not displayed */
	Time                int64                              `protobuf:"varint,51,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp             `protobuf:"bytes,52,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                             `protobuf:"varint,53,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                               `protobuf:"bytes,54,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic                    `protobuf:"bytes,55,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TypeName            *string                            `protobuf:"bytes,56,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                              `protobuf:"varint,57,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct                   `protobuf:"bytes,58,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

NetworkFileActivity is an OSF event in category "Network Activity" called Network File Activity defined in ocsf events/network/file_activity.json

Network File Activity events report file activities traversing the network, including file storage services such as Box, MS OneDrive, or Google Drive.

func (*NetworkFileActivity) Descriptor deprecated 

func (*NetworkFileActivity) Descriptor() ([]byte, []int)

Deprecated: Use NetworkFileActivity.ProtoReflect.Descriptor instead.

func (*NetworkFileActivity) GetAction 

func (x *NetworkFileActivity) GetAction() string

func (*NetworkFileActivity) GetActionId 

func (x *NetworkFileActivity) GetActionId() NetworkFileActivity_ActionId

func (*NetworkFileActivity) GetActivityId 

func (x *NetworkFileActivity) GetActivityId() NetworkFileActivity_ActivityId

func (*NetworkFileActivity) GetActivityName 

func (x *NetworkFileActivity) GetActivityName() string

func (*NetworkFileActivity) GetActor 

func (x *NetworkFileActivity) GetActor() *Actor

func (*NetworkFileActivity) GetApi 

func (x *NetworkFileActivity) GetApi() *Api

func (*NetworkFileActivity) GetAppName 

func (x *NetworkFileActivity) GetAppName() string

func (*NetworkFileActivity) GetAttacks 

func (x *NetworkFileActivity) GetAttacks() []*Attack

func (*NetworkFileActivity) GetAuthorizations 

func (x *NetworkFileActivity) GetAuthorizations() []*Authorization

func (*NetworkFileActivity) GetCategoryName 

func (x *NetworkFileActivity) GetCategoryName() string

func (*NetworkFileActivity) GetCategoryUid 

func (x *NetworkFileActivity) GetCategoryUid() NetworkFileActivity_CategoryUid

func (*NetworkFileActivity) GetClassName 

func (x *NetworkFileActivity) GetClassName() string

func (*NetworkFileActivity) GetClassUid 

func (x *NetworkFileActivity) GetClassUid() NetworkFileActivity_ClassUid

func (*NetworkFileActivity) GetCloud 

func (x *NetworkFileActivity) GetCloud() *Cloud

func (*NetworkFileActivity) GetConnectionInfo 

func (x *NetworkFileActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*NetworkFileActivity) GetCount 

func (x *NetworkFileActivity) GetCount() int32

func (*NetworkFileActivity) GetDevice 

func (x *NetworkFileActivity) GetDevice() *Device

func (*NetworkFileActivity) GetDisposition 

func (x *NetworkFileActivity) GetDisposition() string

func (*NetworkFileActivity) GetDispositionId 

func (x *NetworkFileActivity) GetDispositionId() NetworkFileActivity_DispositionId

func (*NetworkFileActivity) GetDstEndpoint 

func (x *NetworkFileActivity) GetDstEndpoint() *NetworkEndpoint

func (*NetworkFileActivity) GetDuration 

func (x *NetworkFileActivity) GetDuration() int32

func (*NetworkFileActivity) GetEndTime 

func (x *NetworkFileActivity) GetEndTime() int64

func (*NetworkFileActivity) GetEndTimeDt 

func (x *NetworkFileActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*NetworkFileActivity) GetEnrichments 

func (x *NetworkFileActivity) GetEnrichments() []*Enrichment

func (*NetworkFileActivity) GetExpirationTime 

func (x *NetworkFileActivity) GetExpirationTime() int64

func (*NetworkFileActivity) GetExpirationTimeDt 

func (x *NetworkFileActivity) GetExpirationTimeDt() *timestamppb.Timestamp

func (*NetworkFileActivity) GetFile 

func (x *NetworkFileActivity) GetFile() *File

func (*NetworkFileActivity) GetFirewallRule 

func (x *NetworkFileActivity) GetFirewallRule() *FirewallRule

func (*NetworkFileActivity) GetLoadBalancer 

func (x *NetworkFileActivity) GetLoadBalancer() *LoadBalancer

func (*NetworkFileActivity) GetMalware 

func (x *NetworkFileActivity) GetMalware() []*Malware

func (*NetworkFileActivity) GetMessage 

func (x *NetworkFileActivity) GetMessage() string

func (*NetworkFileActivity) GetMetadata 

func (x *NetworkFileActivity) GetMetadata() *Metadata

func (*NetworkFileActivity) GetObservables 

func (x *NetworkFileActivity) GetObservables() []*Observable

func (*NetworkFileActivity) GetProxy 

func (x *NetworkFileActivity) GetProxy() *NetworkProxy

func (*NetworkFileActivity) GetProxyConnectionInfo 

func (x *NetworkFileActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*NetworkFileActivity) GetProxyEndpoint 

func (x *NetworkFileActivity) GetProxyEndpoint() *NetworkProxy

func (*NetworkFileActivity) GetProxyHttpRequest 

func (x *NetworkFileActivity) GetProxyHttpRequest() *HttpRequest

func (*NetworkFileActivity) GetProxyHttpResponse 

func (x *NetworkFileActivity) GetProxyHttpResponse() *HttpResponse

func (*NetworkFileActivity) GetProxyTls 

func (x *NetworkFileActivity) GetProxyTls() *Tls

func (*NetworkFileActivity) GetProxyTraffic 

func (x *NetworkFileActivity) GetProxyTraffic() *NetworkTraffic

func (*NetworkFileActivity) GetRawData 

func (x *NetworkFileActivity) GetRawData() string

func (*NetworkFileActivity) GetSeverity 

func (x *NetworkFileActivity) GetSeverity() string

func (*NetworkFileActivity) GetSeverityId 

func (x *NetworkFileActivity) GetSeverityId() NetworkFileActivity_SeverityId

func (*NetworkFileActivity) GetSrcEndpoint 

func (x *NetworkFileActivity) GetSrcEndpoint() *NetworkEndpoint

func (*NetworkFileActivity) GetStartTime 

func (x *NetworkFileActivity) GetStartTime() int64

func (*NetworkFileActivity) GetStartTimeDt 

func (x *NetworkFileActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*NetworkFileActivity) GetStatus 

func (x *NetworkFileActivity) GetStatus() string

func (*NetworkFileActivity) GetStatusCode 

func (x *NetworkFileActivity) GetStatusCode() string

func (*NetworkFileActivity) GetStatusDetail 

func (x *NetworkFileActivity) GetStatusDetail() string

func (*NetworkFileActivity) GetStatusId 

func (x *NetworkFileActivity) GetStatusId() NetworkFileActivity_StatusId

func (*NetworkFileActivity) GetTime 

func (x *NetworkFileActivity) GetTime() int64

func (*NetworkFileActivity) GetTimeDt 

func (x *NetworkFileActivity) GetTimeDt() *timestamppb.Timestamp

func (*NetworkFileActivity) GetTimezoneOffset 

func (x *NetworkFileActivity) GetTimezoneOffset() int32

func (*NetworkFileActivity) GetTls 

func (x *NetworkFileActivity) GetTls() *Tls

func (*NetworkFileActivity) GetTraffic 

func (x *NetworkFileActivity) GetTraffic() *NetworkTraffic

func (*NetworkFileActivity) GetTypeName 

func (x *NetworkFileActivity) GetTypeName() string

func (*NetworkFileActivity) GetTypeUid 

func (x *NetworkFileActivity) GetTypeUid() int64

func (*NetworkFileActivity) GetUnmapped 

func (x *NetworkFileActivity) GetUnmapped() *structpb.Struct

func (*NetworkFileActivity) ProtoMessage 

func (*NetworkFileActivity) ProtoMessage()

func (*NetworkFileActivity) ProtoReflect 

func (x *NetworkFileActivity) ProtoReflect() protoreflect.Message

func (*NetworkFileActivity) Reset 

func (x *NetworkFileActivity) Reset()

func (*NetworkFileActivity) String 

func (x *NetworkFileActivity) String() string

type NetworkFileActivity_ActionId 

type NetworkFileActivity_ActionId int32
const (
	NetworkFileActivity_ACTION_ID_UNKNOWN NetworkFileActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	NetworkFileActivity_ACTION_ID_ALLOWED NetworkFileActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	NetworkFileActivity_ACTION_ID_DENIED NetworkFileActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	NetworkFileActivity_ACTION_ID_OTHER NetworkFileActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (NetworkFileActivity_ActionId) Descriptor 

func (NetworkFileActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (NetworkFileActivity_ActionId) Enum 

func (x NetworkFileActivity_ActionId) Enum() *NetworkFileActivity_ActionId

func (NetworkFileActivity_ActionId) EnumDescriptor deprecated 

func (NetworkFileActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkFileActivity_ActionId.Descriptor instead.

func (NetworkFileActivity_ActionId) Number 

func (x NetworkFileActivity_ActionId) Number() protoreflect.EnumNumber

func (NetworkFileActivity_ActionId) String 

func (x NetworkFileActivity_ActionId) String() string

func (NetworkFileActivity_ActionId) Type 

func (NetworkFileActivity_ActionId) Type() protoreflect.EnumType

type NetworkFileActivity_ActivityId 

type NetworkFileActivity_ActivityId int32
const (
	NetworkFileActivity_ACTIVITY_ID_UNKNOWN  NetworkFileActivity_ActivityId = 0
	NetworkFileActivity_ACTIVITY_ID_UPLOAD   NetworkFileActivity_ActivityId = 1  // Upload a file.
	NetworkFileActivity_ACTIVITY_ID_DOWNLOAD NetworkFileActivity_ActivityId = 2  // Download a file.
	NetworkFileActivity_ACTIVITY_ID_UPDATE   NetworkFileActivity_ActivityId = 3  // Update a file.
	NetworkFileActivity_ACTIVITY_ID_DELETE   NetworkFileActivity_ActivityId = 4  // Delete a file.
	NetworkFileActivity_ACTIVITY_ID_RENAME   NetworkFileActivity_ActivityId = 5  // Rename a file.
	NetworkFileActivity_ACTIVITY_ID_COPY     NetworkFileActivity_ActivityId = 6  // Copy a file.
	NetworkFileActivity_ACTIVITY_ID_MOVE     NetworkFileActivity_ActivityId = 7  // Move a file.
	NetworkFileActivity_ACTIVITY_ID_RESTORE  NetworkFileActivity_ActivityId = 8  // Restore a file.
	NetworkFileActivity_ACTIVITY_ID_PREVIEW  NetworkFileActivity_ActivityId = 9  // Preview a file.
	NetworkFileActivity_ACTIVITY_ID_LOCK     NetworkFileActivity_ActivityId = 10 // Lock a file.
	NetworkFileActivity_ACTIVITY_ID_UNLOCK   NetworkFileActivity_ActivityId = 11 // Unlock a file.
	NetworkFileActivity_ACTIVITY_ID_SHARE    NetworkFileActivity_ActivityId = 12 // Share a file.
	NetworkFileActivity_ACTIVITY_ID_UNSHARE  NetworkFileActivity_ActivityId = 13 // Unshare a file.
	NetworkFileActivity_ACTIVITY_ID_OPEN     NetworkFileActivity_ActivityId = 14 // Open a file.
	NetworkFileActivity_ACTIVITY_ID_SYNC     NetworkFileActivity_ActivityId = 15 // Mark a file or folder to sync with a computer.
	NetworkFileActivity_ACTIVITY_ID_UNSYNC   NetworkFileActivity_ActivityId = 16 // Mark a file or folder to not sync with a computer.
	NetworkFileActivity_ACTIVITY_ID_OTHER    NetworkFileActivity_ActivityId = 99
)

func (NetworkFileActivity_ActivityId) Descriptor 

func (NetworkFileActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (NetworkFileActivity_ActivityId) Enum 

func (x NetworkFileActivity_ActivityId) Enum() *NetworkFileActivity_ActivityId

func (NetworkFileActivity_ActivityId) EnumDescriptor deprecated 

func (NetworkFileActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkFileActivity_ActivityId.Descriptor instead.

func (NetworkFileActivity_ActivityId) Number 

func (x NetworkFileActivity_ActivityId) Number() protoreflect.EnumNumber

func (NetworkFileActivity_ActivityId) String 

func (x NetworkFileActivity_ActivityId) String() string

func (NetworkFileActivity_ActivityId) Type 

func (NetworkFileActivity_ActivityId) Type() protoreflect.EnumType

type NetworkFileActivity_CategoryUid 

type NetworkFileActivity_CategoryUid int32
const (
	NetworkFileActivity_CATEGORY_UID_UNKNOWN          NetworkFileActivity_CategoryUid = 0
	NetworkFileActivity_CATEGORY_UID_NETWORK_ACTIVITY NetworkFileActivity_CategoryUid = 4
)

func (NetworkFileActivity_CategoryUid) Descriptor 

func (NetworkFileActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (NetworkFileActivity_CategoryUid) Enum 

func (x NetworkFileActivity_CategoryUid) Enum() *NetworkFileActivity_CategoryUid

func (NetworkFileActivity_CategoryUid) EnumDescriptor deprecated 

func (NetworkFileActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkFileActivity_CategoryUid.Descriptor instead.

func (NetworkFileActivity_CategoryUid) Number 

func (x NetworkFileActivity_CategoryUid) Number() protoreflect.EnumNumber

func (NetworkFileActivity_CategoryUid) String 

func (x NetworkFileActivity_CategoryUid) String() string

func (NetworkFileActivity_CategoryUid) Type 

func (NetworkFileActivity_CategoryUid) Type() protoreflect.EnumType

type NetworkFileActivity_ClassUid 

type NetworkFileActivity_ClassUid int32
const (
	NetworkFileActivity_CLASS_UID_UNKNOWN               NetworkFileActivity_ClassUid = 0
	NetworkFileActivity_CLASS_UID_NETWORK_FILE_ACTIVITY NetworkFileActivity_ClassUid = 4010
)

func (NetworkFileActivity_ClassUid) Descriptor 

func (NetworkFileActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (NetworkFileActivity_ClassUid) Enum 

func (x NetworkFileActivity_ClassUid) Enum() *NetworkFileActivity_ClassUid

func (NetworkFileActivity_ClassUid) EnumDescriptor deprecated 

func (NetworkFileActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkFileActivity_ClassUid.Descriptor instead.

func (NetworkFileActivity_ClassUid) Number 

func (x NetworkFileActivity_ClassUid) Number() protoreflect.EnumNumber

func (NetworkFileActivity_ClassUid) String 

func (x NetworkFileActivity_ClassUid) String() string

func (NetworkFileActivity_ClassUid) Type 

func (NetworkFileActivity_ClassUid) Type() protoreflect.EnumType

type NetworkFileActivity_DispositionId 

type NetworkFileActivity_DispositionId int32
const (
	NetworkFileActivity_DISPOSITION_ID_UNKNOWN NetworkFileActivity_DispositionId = 0 // The disposition was not known.
	NetworkFileActivity_DISPOSITION_ID_ALLOWED NetworkFileActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	NetworkFileActivity_DISPOSITION_ID_BLOCKED NetworkFileActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	NetworkFileActivity_DISPOSITION_ID_QUARANTINED NetworkFileActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	NetworkFileActivity_DISPOSITION_ID_ISOLATED NetworkFileActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	NetworkFileActivity_DISPOSITION_ID_DELETED NetworkFileActivity_DispositionId = 5 // A file or other content was deleted.
	NetworkFileActivity_DISPOSITION_ID_DROPPED NetworkFileActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	NetworkFileActivity_DISPOSITION_ID_CUSTOM_ACTION NetworkFileActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	NetworkFileActivity_DISPOSITION_ID_APPROVED NetworkFileActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	NetworkFileActivity_DISPOSITION_ID_RESTORED NetworkFileActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	NetworkFileActivity_DISPOSITION_ID_EXONERATED NetworkFileActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	NetworkFileActivity_DISPOSITION_ID_CORRECTED NetworkFileActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	NetworkFileActivity_DISPOSITION_ID_PARTIALLY_CORRECTED NetworkFileActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	NetworkFileActivity_DISPOSITION_ID_UNCORRECTED NetworkFileActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	NetworkFileActivity_DISPOSITION_ID_DELAYED NetworkFileActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	NetworkFileActivity_DISPOSITION_ID_DETECTED NetworkFileActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	NetworkFileActivity_DISPOSITION_ID_NO_ACTION NetworkFileActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	NetworkFileActivity_DISPOSITION_ID_LOGGED NetworkFileActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	NetworkFileActivity_DISPOSITION_ID_TAGGED NetworkFileActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	NetworkFileActivity_DISPOSITION_ID_ALERT NetworkFileActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	NetworkFileActivity_DISPOSITION_ID_COUNT NetworkFileActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	NetworkFileActivity_DISPOSITION_ID_RESET NetworkFileActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	NetworkFileActivity_DISPOSITION_ID_CAPTCHA NetworkFileActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	NetworkFileActivity_DISPOSITION_ID_CHALLENGE NetworkFileActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	NetworkFileActivity_DISPOSITION_ID_ACCESS_REVOKED NetworkFileActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	NetworkFileActivity_DISPOSITION_ID_REJECTED NetworkFileActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	NetworkFileActivity_DISPOSITION_ID_UNAUTHORIZED NetworkFileActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	NetworkFileActivity_DISPOSITION_ID_ERROR NetworkFileActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	NetworkFileActivity_DISPOSITION_ID_OTHER NetworkFileActivity_DispositionId = 99 // The disposition is not listed. The
)

func (NetworkFileActivity_DispositionId) Descriptor 

func (NetworkFileActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (NetworkFileActivity_DispositionId) Enum 

func (x NetworkFileActivity_DispositionId) Enum() *NetworkFileActivity_DispositionId

func (NetworkFileActivity_DispositionId) EnumDescriptor deprecated 

func (NetworkFileActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkFileActivity_DispositionId.Descriptor instead.

func (NetworkFileActivity_DispositionId) Number 

func (x NetworkFileActivity_DispositionId) Number() protoreflect.EnumNumber

func (NetworkFileActivity_DispositionId) String 

func (x NetworkFileActivity_DispositionId) String() string

func (NetworkFileActivity_DispositionId) Type 

func (NetworkFileActivity_DispositionId) Type() protoreflect.EnumType

type NetworkFileActivity_SeverityId 

type NetworkFileActivity_SeverityId int32
const (
	NetworkFileActivity_SEVERITY_ID_UNKNOWN       NetworkFileActivity_SeverityId = 0 // The event/finding severity is unknown.
	NetworkFileActivity_SEVERITY_ID_INFORMATIONAL NetworkFileActivity_SeverityId = 1 // Informational message. No action required.
	NetworkFileActivity_SEVERITY_ID_LOW           NetworkFileActivity_SeverityId = 2 // The user decides if action is needed.
	NetworkFileActivity_SEVERITY_ID_MEDIUM        NetworkFileActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	NetworkFileActivity_SEVERITY_ID_HIGH     NetworkFileActivity_SeverityId = 4 // Action is required immediately.
	NetworkFileActivity_SEVERITY_ID_CRITICAL NetworkFileActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	NetworkFileActivity_SEVERITY_ID_FATAL NetworkFileActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	NetworkFileActivity_SEVERITY_ID_OTHER NetworkFileActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (NetworkFileActivity_SeverityId) Descriptor 

func (NetworkFileActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (NetworkFileActivity_SeverityId) Enum 

func (x NetworkFileActivity_SeverityId) Enum() *NetworkFileActivity_SeverityId

func (NetworkFileActivity_SeverityId) EnumDescriptor deprecated 

func (NetworkFileActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkFileActivity_SeverityId.Descriptor instead.

func (NetworkFileActivity_SeverityId) Number 

func (x NetworkFileActivity_SeverityId) Number() protoreflect.EnumNumber

func (NetworkFileActivity_SeverityId) String 

func (x NetworkFileActivity_SeverityId) String() string

func (NetworkFileActivity_SeverityId) Type 

func (NetworkFileActivity_SeverityId) Type() protoreflect.EnumType

type NetworkFileActivity_StatusId 

type NetworkFileActivity_StatusId int32
const (
	NetworkFileActivity_STATUS_ID_UNKNOWN NetworkFileActivity_StatusId = 0 // The status is unknown.
	NetworkFileActivity_STATUS_ID_SUCCESS NetworkFileActivity_StatusId = 1
	NetworkFileActivity_STATUS_ID_FAILURE NetworkFileActivity_StatusId = 2
	NetworkFileActivity_STATUS_ID_OTHER   NetworkFileActivity_StatusId = 99 // The event status is not mapped. See the
)

func (NetworkFileActivity_StatusId) Descriptor 

func (NetworkFileActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (NetworkFileActivity_StatusId) Enum 

func (x NetworkFileActivity_StatusId) Enum() *NetworkFileActivity_StatusId

func (NetworkFileActivity_StatusId) EnumDescriptor deprecated 

func (NetworkFileActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkFileActivity_StatusId.Descriptor instead.

func (NetworkFileActivity_StatusId) Number 

func (x NetworkFileActivity_StatusId) Number() protoreflect.EnumNumber

func (NetworkFileActivity_StatusId) String 

func (x NetworkFileActivity_StatusId) String() string

func (NetworkFileActivity_StatusId) Type 

func (NetworkFileActivity_StatusId) Type() protoreflect.EnumType

type NetworkInterface 

type NetworkInterface struct {
	Hostname     *string                 `protobuf:"bytes,1,opt,name=hostname,proto3,oneof" json:"hostname,omitempty"`
	Ip           *string                 `protobuf:"bytes,2,opt,name=ip,proto3,oneof" json:"ip,omitempty"`
	Mac          *string                 `protobuf:"bytes,3,opt,name=mac,proto3,oneof" json:"mac,omitempty"`
	Name         *string                 `protobuf:"bytes,4,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Namespace    *string                 `protobuf:"bytes,5,opt,name=namespace,proto3,oneof" json:"namespace,omitempty"`
	SubnetPrefix *int32                  `protobuf:"varint,6,opt,name=subnet_prefix,json=subnetPrefix,proto3,oneof" json:"subnet_prefix,omitempty"`
	Type         *string                 `protobuf:"bytes,7,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId       NetworkInterface_TypeId `protobuf:"varint,8,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.NetworkInterface_TypeId" json:"type_id,omitempty"`
	Uid          *string                 `protobuf:"bytes,9,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

NetworkInterface is an OSF object defined in ocsf objects/network_interface.json

The Network Interface object describes the type and associated attributes of a network interface.

func (*NetworkInterface) Descriptor deprecated 

func (*NetworkInterface) Descriptor() ([]byte, []int)

Deprecated: Use NetworkInterface.ProtoReflect.Descriptor instead.

func (*NetworkInterface) GetHostname 

func (x *NetworkInterface) GetHostname() string

func (*NetworkInterface) GetIp 

func (x *NetworkInterface) GetIp() string

func (*NetworkInterface) GetMac 

func (x *NetworkInterface) GetMac() string

func (*NetworkInterface) GetName 

func (x *NetworkInterface) GetName() string

func (*NetworkInterface) GetNamespace 

func (x *NetworkInterface) GetNamespace() string

func (*NetworkInterface) GetSubnetPrefix 

func (x *NetworkInterface) GetSubnetPrefix() int32

func (*NetworkInterface) GetType 

func (x *NetworkInterface) GetType() string

func (*NetworkInterface) GetTypeId 

func (x *NetworkInterface) GetTypeId() NetworkInterface_TypeId

func (*NetworkInterface) GetUid 

func (x *NetworkInterface) GetUid() string

func (*NetworkInterface) ProtoMessage 

func (*NetworkInterface) ProtoMessage()

func (*NetworkInterface) ProtoReflect 

func (x *NetworkInterface) ProtoReflect() protoreflect.Message

func (*NetworkInterface) Reset 

func (x *NetworkInterface) Reset()

func (*NetworkInterface) String 

func (x *NetworkInterface) String() string

type NetworkInterface_TypeId 

type NetworkInterface_TypeId int32
const (
	NetworkInterface_TYPE_ID_UNKNOWN  NetworkInterface_TypeId = 0
	NetworkInterface_TYPE_ID_WIRED    NetworkInterface_TypeId = 1
	NetworkInterface_TYPE_ID_WIRELESS NetworkInterface_TypeId = 2
	NetworkInterface_TYPE_ID_MOBILE   NetworkInterface_TypeId = 3
	NetworkInterface_TYPE_ID_TUNNEL   NetworkInterface_TypeId = 4
	NetworkInterface_TYPE_ID_OTHER    NetworkInterface_TypeId = 99
)

func (NetworkInterface_TypeId) Descriptor 

func (NetworkInterface_TypeId) Descriptor() protoreflect.EnumDescriptor

func (NetworkInterface_TypeId) Enum 

func (x NetworkInterface_TypeId) Enum() *NetworkInterface_TypeId

func (NetworkInterface_TypeId) EnumDescriptor deprecated 

func (NetworkInterface_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkInterface_TypeId.Descriptor instead.

func (NetworkInterface_TypeId) Number 

func (x NetworkInterface_TypeId) Number() protoreflect.EnumNumber

func (NetworkInterface_TypeId) String 

func (x NetworkInterface_TypeId) String() string

func (NetworkInterface_TypeId) Type 

func (NetworkInterface_TypeId) Type() protoreflect.EnumType

type NetworkProxy 

type NetworkProxy struct {
	AgentList        []*Agent             `protobuf:"bytes,1,rep,name=agent_list,json=agentList,proto3" json:"agent_list,omitempty"`
	AutonomousSystem *AutonomousSystem    `protobuf:"bytes,2,opt,name=autonomous_system,json=autonomousSystem,proto3" json:"autonomous_system,omitempty"`
	Container        *Container           `protobuf:"bytes,3,opt,name=container,proto3" json:"container,omitempty"`
	Domain           *string              `protobuf:"bytes,4,opt,name=domain,proto3,oneof" json:"domain,omitempty"`
	Hostname         *string              `protobuf:"bytes,5,opt,name=hostname,proto3,oneof" json:"hostname,omitempty"`
	HwInfo           *DeviceHwInfo        `protobuf:"bytes,6,opt,name=hw_info,json=hwInfo,proto3" json:"hw_info,omitempty"`
	InstanceUid      *string              `protobuf:"bytes,7,opt,name=instance_uid,json=instanceUid,proto3,oneof" json:"instance_uid,omitempty"`
	InterfaceName    *string              `protobuf:"bytes,8,opt,name=interface_name,json=interfaceName,proto3,oneof" json:"interface_name,omitempty"`
	InterfaceUid     *string              `protobuf:"bytes,9,opt,name=interface_uid,json=interfaceUid,proto3,oneof" json:"interface_uid,omitempty"`
	IntermediateIps  []string             `protobuf:"bytes,10,rep,name=intermediate_ips,json=intermediateIps,proto3" json:"intermediate_ips,omitempty"`
	Ip               *string              `protobuf:"bytes,11,opt,name=ip,proto3,oneof" json:"ip,omitempty"`
	Location         *Location            `protobuf:"bytes,12,opt,name=location,proto3" json:"location,omitempty"`
	Mac              *string              `protobuf:"bytes,13,opt,name=mac,proto3,oneof" json:"mac,omitempty"`
	Name             *string              `protobuf:"bytes,14,opt,name=name,proto3,oneof" json:"name,omitempty"`
	NamespacePid     *int32               `protobuf:"varint,15,opt,name=namespace_pid,json=namespacePid,proto3,oneof" json:"namespace_pid,omitempty"`
	Os               *Os                  `protobuf:"bytes,16,opt,name=os,proto3" json:"os,omitempty"`
	Owner            *User                `protobuf:"bytes,17,opt,name=owner,proto3" json:"owner,omitempty"`
	Port             *int32               `protobuf:"varint,18,opt,name=port,proto3,oneof" json:"port,omitempty"`
	ProxyEndpoint    *NetworkProxy        `protobuf:"bytes,19,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	SubnetUid        *string              `protobuf:"bytes,20,opt,name=subnet_uid,json=subnetUid,proto3,oneof" json:"subnet_uid,omitempty"`
	SvcName          *string              `protobuf:"bytes,21,opt,name=svc_name,json=svcName,proto3,oneof" json:"svc_name,omitempty"`
	Type             *string              `protobuf:"bytes,22,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId           *NetworkProxy_TypeId `` /* 127-byte string literal not displayed */
	Uid              *string              `protobuf:"bytes,24,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	VlanUid          *string              `protobuf:"bytes,25,opt,name=vlan_uid,json=vlanUid,proto3,oneof" json:"vlan_uid,omitempty"`
	VpcUid           *string              `protobuf:"bytes,26,opt,name=vpc_uid,json=vpcUid,proto3,oneof" json:"vpc_uid,omitempty"`
	Zone             *string              `protobuf:"bytes,27,opt,name=zone,proto3,oneof" json:"zone,omitempty"`
	// contains filtered or unexported fields
}

NetworkProxy is an OSF object defined in ocsf objects/network_proxy.json

The network proxy endpoint object describes a proxy server, which acts as an intermediary between a client requesting a resource and the server providing that resource. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:ProxyServer/'>d3f:ProxyServer</a>.

func (*NetworkProxy) Descriptor deprecated 

func (*NetworkProxy) Descriptor() ([]byte, []int)

Deprecated: Use NetworkProxy.ProtoReflect.Descriptor instead.

func (*NetworkProxy) GetAgentList 

func (x *NetworkProxy) GetAgentList() []*Agent

func (*NetworkProxy) GetAutonomousSystem 

func (x *NetworkProxy) GetAutonomousSystem() *AutonomousSystem

func (*NetworkProxy) GetContainer 

func (x *NetworkProxy) GetContainer() *Container

func (*NetworkProxy) GetDomain 

func (x *NetworkProxy) GetDomain() string

func (*NetworkProxy) GetHostname 

func (x *NetworkProxy) GetHostname() string

func (*NetworkProxy) GetHwInfo 

func (x *NetworkProxy) GetHwInfo() *DeviceHwInfo

func (*NetworkProxy) GetInstanceUid 

func (x *NetworkProxy) GetInstanceUid() string

func (*NetworkProxy) GetInterfaceName 

func (x *NetworkProxy) GetInterfaceName() string

func (*NetworkProxy) GetInterfaceUid 

func (x *NetworkProxy) GetInterfaceUid() string

func (*NetworkProxy) GetIntermediateIps 

func (x *NetworkProxy) GetIntermediateIps() []string

func (*NetworkProxy) GetIp 

func (x *NetworkProxy) GetIp() string

func (*NetworkProxy) GetLocation 

func (x *NetworkProxy) GetLocation() *Location

func (*NetworkProxy) GetMac 

func (x *NetworkProxy) GetMac() string

func (*NetworkProxy) GetName 

func (x *NetworkProxy) GetName() string

func (*NetworkProxy) GetNamespacePid 

func (x *NetworkProxy) GetNamespacePid() int32

func (*NetworkProxy) GetOs 

func (x *NetworkProxy) GetOs() *Os

func (*NetworkProxy) GetOwner 

func (x *NetworkProxy) GetOwner() *User

func (*NetworkProxy) GetPort 

func (x *NetworkProxy) GetPort() int32

func (*NetworkProxy) GetProxyEndpoint 

func (x *NetworkProxy) GetProxyEndpoint() *NetworkProxy

func (*NetworkProxy) GetSubnetUid 

func (x *NetworkProxy) GetSubnetUid() string

func (*NetworkProxy) GetSvcName 

func (x *NetworkProxy) GetSvcName() string

func (*NetworkProxy) GetType 

func (x *NetworkProxy) GetType() string

func (*NetworkProxy) GetTypeId 

func (x *NetworkProxy) GetTypeId() NetworkProxy_TypeId

func (*NetworkProxy) GetUid 

func (x *NetworkProxy) GetUid() string

func (*NetworkProxy) GetVlanUid 

func (x *NetworkProxy) GetVlanUid() string

func (*NetworkProxy) GetVpcUid 

func (x *NetworkProxy) GetVpcUid() string

func (*NetworkProxy) GetZone 

func (x *NetworkProxy) GetZone() string

func (*NetworkProxy) ProtoMessage 

func (*NetworkProxy) ProtoMessage()

func (*NetworkProxy) ProtoReflect 

func (x *NetworkProxy) ProtoReflect() protoreflect.Message

func (*NetworkProxy) Reset 

func (x *NetworkProxy) Reset()

func (*NetworkProxy) String 

func (x *NetworkProxy) String() string

type NetworkProxy_TypeId 

type NetworkProxy_TypeId int32
const (
	NetworkProxy_TYPE_ID_UNKNOWN NetworkProxy_TypeId = 0 // The type is unknown.
	NetworkProxy_TYPE_ID_SERVER  NetworkProxy_TypeId = 1 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Server/'>server</a>.
	NetworkProxy_TYPE_ID_DESKTOP NetworkProxy_TypeId = 2 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:DesktopComputer/'>desktop
	// computer</a>.
	NetworkProxy_TYPE_ID_LAPTOP NetworkProxy_TypeId = 3 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:LaptopComputer/'>laptop
	// computer</a>.
	NetworkProxy_TYPE_ID_TABLET NetworkProxy_TypeId = 4 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:TabletComputer/'>tablet
	// computer</a>.
	NetworkProxy_TYPE_ID_MOBILE NetworkProxy_TypeId = 5 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:MobilePhone/'>mobile
	// phone</a>.
	NetworkProxy_TYPE_ID_VIRTUAL NetworkProxy_TypeId = 6 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:VirtualizationSoftware/'>virtual
	// machine</a>.
	NetworkProxy_TYPE_ID_IOT NetworkProxy_TypeId = 7 // A <a target='_blank'
	// href='https://www.techtarget.com/iotagenda/definition/IoT-
	// device'>IOT (Internet of Things) device</a>.
	NetworkProxy_TYPE_ID_BROWSER NetworkProxy_TypeId = 8 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Browser/'>web
	// browser</a>.
	NetworkProxy_TYPE_ID_FIREWALL NetworkProxy_TypeId = 9 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Firewall/'>networking
	// firewall</a>.
	NetworkProxy_TYPE_ID_SWITCH NetworkProxy_TypeId = 10 // A <a target='_blank'
	// href='https://d3fend.mitre.org/dao/artifact/d3f:Switch/'>networking
	// switch</a>.
	NetworkProxy_TYPE_ID_HUB NetworkProxy_TypeId = 11 // A <a target='_blank'
	// href='https://en.wikipedia.org/wiki/Ethernet_hub'>networking
	// hub</a>.
	NetworkProxy_TYPE_ID_OTHER NetworkProxy_TypeId = 99 // The type is not mapped. See the <code>type</code>
)

func (NetworkProxy_TypeId) Descriptor 

func (NetworkProxy_TypeId) Descriptor() protoreflect.EnumDescriptor

func (NetworkProxy_TypeId) Enum 

func (x NetworkProxy_TypeId) Enum() *NetworkProxy_TypeId

func (NetworkProxy_TypeId) EnumDescriptor deprecated 

func (NetworkProxy_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworkProxy_TypeId.Descriptor instead.

func (NetworkProxy_TypeId) Number 

func (x NetworkProxy_TypeId) Number() protoreflect.EnumNumber

func (NetworkProxy_TypeId) String 

func (x NetworkProxy_TypeId) String() string

func (NetworkProxy_TypeId) Type 

func (NetworkProxy_TypeId) Type() protoreflect.EnumType

type NetworkTraffic 

type NetworkTraffic struct {
	Bytes      *int64 `protobuf:"varint,1,opt,name=bytes,proto3,oneof" json:"bytes,omitempty"`
	BytesIn    *int64 `protobuf:"varint,2,opt,name=bytes_in,json=bytesIn,proto3,oneof" json:"bytes_in,omitempty"`
	BytesOut   *int64 `protobuf:"varint,3,opt,name=bytes_out,json=bytesOut,proto3,oneof" json:"bytes_out,omitempty"`
	Chunks     *int64 `protobuf:"varint,4,opt,name=chunks,proto3,oneof" json:"chunks,omitempty"`
	ChunksIn   *int64 `protobuf:"varint,5,opt,name=chunks_in,json=chunksIn,proto3,oneof" json:"chunks_in,omitempty"`
	ChunksOut  *int64 `protobuf:"varint,6,opt,name=chunks_out,json=chunksOut,proto3,oneof" json:"chunks_out,omitempty"`
	Packets    *int64 `protobuf:"varint,7,opt,name=packets,proto3,oneof" json:"packets,omitempty"`
	PacketsIn  *int64 `protobuf:"varint,8,opt,name=packets_in,json=packetsIn,proto3,oneof" json:"packets_in,omitempty"`
	PacketsOut *int64 `protobuf:"varint,9,opt,name=packets_out,json=packetsOut,proto3,oneof" json:"packets_out,omitempty"`
	// contains filtered or unexported fields
}

NetworkTraffic is an OSF object defined in ocsf objects/network_traffic.json

The Network Traffic object describes characteristics of network traffic. Network traffic refers to data moving across a network at a given point of time. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:NetworkTraffic/'>d3f:NetworkTraffic</a>.

func (*NetworkTraffic) Descriptor deprecated 

func (*NetworkTraffic) Descriptor() ([]byte, []int)

Deprecated: Use NetworkTraffic.ProtoReflect.Descriptor instead.

func (*NetworkTraffic) GetBytes 

func (x *NetworkTraffic) GetBytes() int64

func (*NetworkTraffic) GetBytesIn 

func (x *NetworkTraffic) GetBytesIn() int64

func (*NetworkTraffic) GetBytesOut 

func (x *NetworkTraffic) GetBytesOut() int64

func (*NetworkTraffic) GetChunks 

func (x *NetworkTraffic) GetChunks() int64

func (*NetworkTraffic) GetChunksIn 

func (x *NetworkTraffic) GetChunksIn() int64

func (*NetworkTraffic) GetChunksOut 

func (x *NetworkTraffic) GetChunksOut() int64

func (*NetworkTraffic) GetPackets 

func (x *NetworkTraffic) GetPackets() int64

func (*NetworkTraffic) GetPacketsIn 

func (x *NetworkTraffic) GetPacketsIn() int64

func (*NetworkTraffic) GetPacketsOut 

func (x *NetworkTraffic) GetPacketsOut() int64

func (*NetworkTraffic) ProtoMessage 

func (*NetworkTraffic) ProtoMessage()

func (*NetworkTraffic) ProtoReflect 

func (x *NetworkTraffic) ProtoReflect() protoreflect.Message

func (*NetworkTraffic) Reset 

func (x *NetworkTraffic) Reset()

func (*NetworkTraffic) String 

func (x *NetworkTraffic) String() string

type NetworksQuery 

type NetworksQuery struct {
	ActivityId        NetworksQuery_ActivityId    `` /* 137-byte string literal not displayed */
	ActivityName      *string                     `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor             *Actor                      `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api               *Api                        `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName      *string                     `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid       NetworksQuery_CategoryUid   `` /* 141-byte string literal not displayed */
	ClassName         *string                     `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid          NetworksQuery_ClassUid      `` /* 129-byte string literal not displayed */
	Cloud             *Cloud                      `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count             *int32                      `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device            *Device                     `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration          *int32                      `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime           *int64                      `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt         *timestamppb.Timestamp      `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments       []*Enrichment               `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message           *string                     `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata          *Metadata                   `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	NetworkInterfaces []*NetworkInterface         `protobuf:"bytes,18,rep,name=network_interfaces,json=networkInterfaces,proto3" json:"network_interfaces,omitempty"`
	Observables       []*Observable               `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo         *QueryInfo                  `protobuf:"bytes,20,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult       *string                     `protobuf:"bytes,21,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId     NetworksQuery_QueryResultId `` /* 152-byte string literal not displayed */
	RawData           *string                     `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity          *string                     `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId        NetworksQuery_SeverityId    `` /* 138-byte string literal not displayed */
	StartTime         *int64                      `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt       *timestamppb.Timestamp      `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status            *string                     `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode        *string                     `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail      *string                     `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId          *NetworksQuery_StatusId     `` /* 136-byte string literal not displayed */
	Time              int64                       `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt            *timestamppb.Timestamp      `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset    *int32                      `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName          *string                     `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid           int64                       `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped          *structpb.Struct            `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

NetworksQuery is an OSF event in category "Discovery" called Networks Query defined in ocsf events/discovery/networks_query.json

Networks Query events report information about network adapters.

func (*NetworksQuery) Descriptor deprecated 

func (*NetworksQuery) Descriptor() ([]byte, []int)

Deprecated: Use NetworksQuery.ProtoReflect.Descriptor instead.

func (*NetworksQuery) GetActivityId 

func (x *NetworksQuery) GetActivityId() NetworksQuery_ActivityId

func (*NetworksQuery) GetActivityName 

func (x *NetworksQuery) GetActivityName() string

func (*NetworksQuery) GetActor 

func (x *NetworksQuery) GetActor() *Actor

func (*NetworksQuery) GetApi 

func (x *NetworksQuery) GetApi() *Api

func (*NetworksQuery) GetCategoryName 

func (x *NetworksQuery) GetCategoryName() string

func (*NetworksQuery) GetCategoryUid 

func (x *NetworksQuery) GetCategoryUid() NetworksQuery_CategoryUid

func (*NetworksQuery) GetClassName 

func (x *NetworksQuery) GetClassName() string

func (*NetworksQuery) GetClassUid 

func (x *NetworksQuery) GetClassUid() NetworksQuery_ClassUid

func (*NetworksQuery) GetCloud 

func (x *NetworksQuery) GetCloud() *Cloud

func (*NetworksQuery) GetCount 

func (x *NetworksQuery) GetCount() int32

func (*NetworksQuery) GetDevice 

func (x *NetworksQuery) GetDevice() *Device

func (*NetworksQuery) GetDuration 

func (x *NetworksQuery) GetDuration() int32

func (*NetworksQuery) GetEndTime 

func (x *NetworksQuery) GetEndTime() int64

func (*NetworksQuery) GetEndTimeDt 

func (x *NetworksQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*NetworksQuery) GetEnrichments 

func (x *NetworksQuery) GetEnrichments() []*Enrichment

func (*NetworksQuery) GetMessage 

func (x *NetworksQuery) GetMessage() string

func (*NetworksQuery) GetMetadata 

func (x *NetworksQuery) GetMetadata() *Metadata

func (*NetworksQuery) GetNetworkInterfaces 

func (x *NetworksQuery) GetNetworkInterfaces() []*NetworkInterface

func (*NetworksQuery) GetObservables 

func (x *NetworksQuery) GetObservables() []*Observable

func (*NetworksQuery) GetQueryInfo 

func (x *NetworksQuery) GetQueryInfo() *QueryInfo

func (*NetworksQuery) GetQueryResult 

func (x *NetworksQuery) GetQueryResult() string

func (*NetworksQuery) GetQueryResultId 

func (x *NetworksQuery) GetQueryResultId() NetworksQuery_QueryResultId

func (*NetworksQuery) GetRawData 

func (x *NetworksQuery) GetRawData() string

func (*NetworksQuery) GetSeverity 

func (x *NetworksQuery) GetSeverity() string

func (*NetworksQuery) GetSeverityId 

func (x *NetworksQuery) GetSeverityId() NetworksQuery_SeverityId

func (*NetworksQuery) GetStartTime 

func (x *NetworksQuery) GetStartTime() int64

func (*NetworksQuery) GetStartTimeDt 

func (x *NetworksQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*NetworksQuery) GetStatus 

func (x *NetworksQuery) GetStatus() string

func (*NetworksQuery) GetStatusCode 

func (x *NetworksQuery) GetStatusCode() string

func (*NetworksQuery) GetStatusDetail 

func (x *NetworksQuery) GetStatusDetail() string

func (*NetworksQuery) GetStatusId 

func (x *NetworksQuery) GetStatusId() NetworksQuery_StatusId

func (*NetworksQuery) GetTime 

func (x *NetworksQuery) GetTime() int64

func (*NetworksQuery) GetTimeDt 

func (x *NetworksQuery) GetTimeDt() *timestamppb.Timestamp

func (*NetworksQuery) GetTimezoneOffset 

func (x *NetworksQuery) GetTimezoneOffset() int32

func (*NetworksQuery) GetTypeName 

func (x *NetworksQuery) GetTypeName() string

func (*NetworksQuery) GetTypeUid 

func (x *NetworksQuery) GetTypeUid() int64

func (*NetworksQuery) GetUnmapped 

func (x *NetworksQuery) GetUnmapped() *structpb.Struct

func (*NetworksQuery) ProtoMessage 

func (*NetworksQuery) ProtoMessage()

func (*NetworksQuery) ProtoReflect 

func (x *NetworksQuery) ProtoReflect() protoreflect.Message

func (*NetworksQuery) Reset 

func (x *NetworksQuery) Reset()

func (*NetworksQuery) String 

func (x *NetworksQuery) String() string

type NetworksQuery_ActivityId 

type NetworksQuery_ActivityId int32
const (
	NetworksQuery_ACTIVITY_ID_UNKNOWN NetworksQuery_ActivityId = 0
	NetworksQuery_ACTIVITY_ID_QUERY   NetworksQuery_ActivityId = 1 // The discovered results are via a query request.
	NetworksQuery_ACTIVITY_ID_OTHER   NetworksQuery_ActivityId = 99
)

func (NetworksQuery_ActivityId) Descriptor 

func (NetworksQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (NetworksQuery_ActivityId) Enum 

func (x NetworksQuery_ActivityId) Enum() *NetworksQuery_ActivityId

func (NetworksQuery_ActivityId) EnumDescriptor deprecated 

func (NetworksQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworksQuery_ActivityId.Descriptor instead.

func (NetworksQuery_ActivityId) Number 

func (x NetworksQuery_ActivityId) Number() protoreflect.EnumNumber

func (NetworksQuery_ActivityId) String 

func (x NetworksQuery_ActivityId) String() string

func (NetworksQuery_ActivityId) Type 

func (NetworksQuery_ActivityId) Type() protoreflect.EnumType

type NetworksQuery_CategoryUid 

type NetworksQuery_CategoryUid int32
const (
	NetworksQuery_CATEGORY_UID_UNKNOWN   NetworksQuery_CategoryUid = 0
	NetworksQuery_CATEGORY_UID_DISCOVERY NetworksQuery_CategoryUid = 5
)

func (NetworksQuery_CategoryUid) Descriptor 

func (NetworksQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (NetworksQuery_CategoryUid) Enum 

func (x NetworksQuery_CategoryUid) Enum() *NetworksQuery_CategoryUid

func (NetworksQuery_CategoryUid) EnumDescriptor deprecated 

func (NetworksQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworksQuery_CategoryUid.Descriptor instead.

func (NetworksQuery_CategoryUid) Number 

func (x NetworksQuery_CategoryUid) Number() protoreflect.EnumNumber

func (NetworksQuery_CategoryUid) String 

func (x NetworksQuery_CategoryUid) String() string

func (NetworksQuery_CategoryUid) Type 

func (NetworksQuery_CategoryUid) Type() protoreflect.EnumType

type NetworksQuery_ClassUid 

type NetworksQuery_ClassUid int32
const (
	NetworksQuery_CLASS_UID_UNKNOWN        NetworksQuery_ClassUid = 0
	NetworksQuery_CLASS_UID_NETWORKS_QUERY NetworksQuery_ClassUid = 5013
)

func (NetworksQuery_ClassUid) Descriptor 

func (NetworksQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (NetworksQuery_ClassUid) Enum 

func (x NetworksQuery_ClassUid) Enum() *NetworksQuery_ClassUid

func (NetworksQuery_ClassUid) EnumDescriptor deprecated 

func (NetworksQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworksQuery_ClassUid.Descriptor instead.

func (NetworksQuery_ClassUid) Number 

func (x NetworksQuery_ClassUid) Number() protoreflect.EnumNumber

func (NetworksQuery_ClassUid) String 

func (x NetworksQuery_ClassUid) String() string

func (NetworksQuery_ClassUid) Type 

func (NetworksQuery_ClassUid) Type() protoreflect.EnumType

type NetworksQuery_QueryResultId 

type NetworksQuery_QueryResultId int32
const (
	NetworksQuery_QUERY_RESULT_ID_UNKNOWN        NetworksQuery_QueryResultId = 0  // The query result is unknown.
	NetworksQuery_QUERY_RESULT_ID_EXISTS         NetworksQuery_QueryResultId = 1  // The target was found.
	NetworksQuery_QUERY_RESULT_ID_PARTIAL        NetworksQuery_QueryResultId = 2  // The target was partially found.
	NetworksQuery_QUERY_RESULT_ID_DOES_NOT_EXIST NetworksQuery_QueryResultId = 3  // The target was not found.
	NetworksQuery_QUERY_RESULT_ID_ERROR          NetworksQuery_QueryResultId = 4  // The discovery attempt failed.
	NetworksQuery_QUERY_RESULT_ID_UNSUPPORTED    NetworksQuery_QueryResultId = 5  // Discovery of the target was not supported.
	NetworksQuery_QUERY_RESULT_ID_OTHER          NetworksQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (NetworksQuery_QueryResultId) Descriptor 

func (NetworksQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (NetworksQuery_QueryResultId) Enum 

func (x NetworksQuery_QueryResultId) Enum() *NetworksQuery_QueryResultId

func (NetworksQuery_QueryResultId) EnumDescriptor deprecated 

func (NetworksQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworksQuery_QueryResultId.Descriptor instead.

func (NetworksQuery_QueryResultId) Number 

func (x NetworksQuery_QueryResultId) Number() protoreflect.EnumNumber

func (NetworksQuery_QueryResultId) String 

func (x NetworksQuery_QueryResultId) String() string

func (NetworksQuery_QueryResultId) Type 

func (NetworksQuery_QueryResultId) Type() protoreflect.EnumType

type NetworksQuery_SeverityId 

type NetworksQuery_SeverityId int32
const (
	NetworksQuery_SEVERITY_ID_UNKNOWN       NetworksQuery_SeverityId = 0 // The event/finding severity is unknown.
	NetworksQuery_SEVERITY_ID_INFORMATIONAL NetworksQuery_SeverityId = 1 // Informational message. No action required.
	NetworksQuery_SEVERITY_ID_LOW           NetworksQuery_SeverityId = 2 // The user decides if action is needed.
	NetworksQuery_SEVERITY_ID_MEDIUM        NetworksQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	NetworksQuery_SEVERITY_ID_HIGH     NetworksQuery_SeverityId = 4 // Action is required immediately.
	NetworksQuery_SEVERITY_ID_CRITICAL NetworksQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	NetworksQuery_SEVERITY_ID_FATAL NetworksQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	NetworksQuery_SEVERITY_ID_OTHER NetworksQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (NetworksQuery_SeverityId) Descriptor 

func (NetworksQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (NetworksQuery_SeverityId) Enum 

func (x NetworksQuery_SeverityId) Enum() *NetworksQuery_SeverityId

func (NetworksQuery_SeverityId) EnumDescriptor deprecated 

func (NetworksQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworksQuery_SeverityId.Descriptor instead.

func (NetworksQuery_SeverityId) Number 

func (x NetworksQuery_SeverityId) Number() protoreflect.EnumNumber

func (NetworksQuery_SeverityId) String 

func (x NetworksQuery_SeverityId) String() string

func (NetworksQuery_SeverityId) Type 

func (NetworksQuery_SeverityId) Type() protoreflect.EnumType

type NetworksQuery_StatusId 

type NetworksQuery_StatusId int32
const (
	NetworksQuery_STATUS_ID_UNKNOWN NetworksQuery_StatusId = 0 // The status is unknown.
	NetworksQuery_STATUS_ID_SUCCESS NetworksQuery_StatusId = 1
	NetworksQuery_STATUS_ID_FAILURE NetworksQuery_StatusId = 2
	NetworksQuery_STATUS_ID_OTHER   NetworksQuery_StatusId = 99 // The event status is not mapped. See the
)

func (NetworksQuery_StatusId) Descriptor 

func (NetworksQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (NetworksQuery_StatusId) Enum 

func (x NetworksQuery_StatusId) Enum() *NetworksQuery_StatusId

func (NetworksQuery_StatusId) EnumDescriptor deprecated 

func (NetworksQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NetworksQuery_StatusId.Descriptor instead.

func (NetworksQuery_StatusId) Number 

func (x NetworksQuery_StatusId) Number() protoreflect.EnumNumber

func (NetworksQuery_StatusId) String 

func (x NetworksQuery_StatusId) String() string

func (NetworksQuery_StatusId) Type 

func (NetworksQuery_StatusId) Type() protoreflect.EnumType

type NtpActivity 

type NtpActivity struct {
	Action              *string                    `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            NtpActivity_ActionId       `` /* 127-byte string literal not displayed */
	ActivityId          NtpActivity_ActivityId     `` /* 135-byte string literal not displayed */
	ActivityName        *string                    `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                     `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                       `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                    `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                  `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization           `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                    `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         NtpActivity_CategoryUid    `` /* 140-byte string literal not displayed */
	ClassName           *string                    `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            NtpActivity_ClassUid       `` /* 128-byte string literal not displayed */
	Cloud               *Cloud                     `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo     `protobuf:"bytes,15,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                     `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Delay               *int32                     `protobuf:"varint,17,opt,name=delay,proto3,oneof" json:"delay,omitempty"`
	Device              *Device                    `protobuf:"bytes,18,opt,name=device,proto3" json:"device,omitempty"`
	Dispersion          *int32                     `protobuf:"varint,19,opt,name=dispersion,proto3,oneof" json:"dispersion,omitempty"`
	Disposition         *string                    `protobuf:"bytes,20,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *NtpActivity_DispositionId `` /* 154-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint           `protobuf:"bytes,22,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                     `protobuf:"varint,23,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                     `protobuf:"varint,24,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp     `protobuf:"bytes,25,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment              `protobuf:"bytes,26,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule        *FirewallRule              `protobuf:"bytes,27,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	LoadBalancer        *LoadBalancer              `protobuf:"bytes,28,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                 `protobuf:"bytes,29,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                    `protobuf:"bytes,30,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                  `protobuf:"bytes,31,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable              `protobuf:"bytes,32,rep,name=observables,proto3" json:"observables,omitempty"`
	Precision           *int32                     `protobuf:"varint,33,opt,name=precision,proto3,oneof" json:"precision,omitempty"`
	Proxy               *NetworkProxy              `protobuf:"bytes,34,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo     `protobuf:"bytes,35,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy              `protobuf:"bytes,36,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest               `protobuf:"bytes,37,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse              `protobuf:"bytes,38,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                       `protobuf:"bytes,39,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic            `protobuf:"bytes,40,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                    `protobuf:"bytes,41,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity            *string                    `protobuf:"bytes,42,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          NtpActivity_SeverityId     `` /* 136-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint           `protobuf:"bytes,44,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                     `protobuf:"varint,45,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp     `protobuf:"bytes,46,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                    `protobuf:"bytes,47,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                    `protobuf:"bytes,48,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                    `protobuf:"bytes,49,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *NtpActivity_StatusId      `` /* 134-byte string literal not displayed */
	Stratum             *string                    `protobuf:"bytes,51,opt,name=stratum,proto3,oneof" json:"stratum,omitempty"`
	StratumId           *NtpActivity_StratumId     `` /* 138-byte string literal not displayed */
	Time                int64                      `protobuf:"varint,53,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp     `protobuf:"bytes,54,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                     `protobuf:"varint,55,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                       `protobuf:"bytes,56,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic            `protobuf:"bytes,57,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TypeName            *string                    `protobuf:"bytes,58,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                      `protobuf:"varint,59,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct           `protobuf:"bytes,60,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	Version             string                     `protobuf:"bytes,61,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

NtpActivity is an OSF event in category "Network Activity" called NTP Activity defined in ocsf events/network/ntp.json

The Network Time Protocol (NTP) Activity events report instances of remote clients synchronizing their clocks with an NTP server, as observed on the network.

func (*NtpActivity) Descriptor deprecated 

func (*NtpActivity) Descriptor() ([]byte, []int)

Deprecated: Use NtpActivity.ProtoReflect.Descriptor instead.

func (*NtpActivity) GetAction 

func (x *NtpActivity) GetAction() string

func (*NtpActivity) GetActionId 

func (x *NtpActivity) GetActionId() NtpActivity_ActionId

func (*NtpActivity) GetActivityId 

func (x *NtpActivity) GetActivityId() NtpActivity_ActivityId

func (*NtpActivity) GetActivityName 

func (x *NtpActivity) GetActivityName() string

func (*NtpActivity) GetActor 

func (x *NtpActivity) GetActor() *Actor

func (*NtpActivity) GetApi 

func (x *NtpActivity) GetApi() *Api

func (*NtpActivity) GetAppName 

func (x *NtpActivity) GetAppName() string

func (*NtpActivity) GetAttacks 

func (x *NtpActivity) GetAttacks() []*Attack

func (*NtpActivity) GetAuthorizations 

func (x *NtpActivity) GetAuthorizations() []*Authorization

func (*NtpActivity) GetCategoryName 

func (x *NtpActivity) GetCategoryName() string

func (*NtpActivity) GetCategoryUid 

func (x *NtpActivity) GetCategoryUid() NtpActivity_CategoryUid

func (*NtpActivity) GetClassName 

func (x *NtpActivity) GetClassName() string

func (*NtpActivity) GetClassUid 

func (x *NtpActivity) GetClassUid() NtpActivity_ClassUid

func (*NtpActivity) GetCloud 

func (x *NtpActivity) GetCloud() *Cloud

func (*NtpActivity) GetConnectionInfo 

func (x *NtpActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*NtpActivity) GetCount 

func (x *NtpActivity) GetCount() int32

func (*NtpActivity) GetDelay 

func (x *NtpActivity) GetDelay() int32

func (*NtpActivity) GetDevice 

func (x *NtpActivity) GetDevice() *Device

func (*NtpActivity) GetDispersion 

func (x *NtpActivity) GetDispersion() int32

func (*NtpActivity) GetDisposition 

func (x *NtpActivity) GetDisposition() string

func (*NtpActivity) GetDispositionId 

func (x *NtpActivity) GetDispositionId() NtpActivity_DispositionId

func (*NtpActivity) GetDstEndpoint 

func (x *NtpActivity) GetDstEndpoint() *NetworkEndpoint

func (*NtpActivity) GetDuration 

func (x *NtpActivity) GetDuration() int32

func (*NtpActivity) GetEndTime 

func (x *NtpActivity) GetEndTime() int64

func (*NtpActivity) GetEndTimeDt 

func (x *NtpActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*NtpActivity) GetEnrichments 

func (x *NtpActivity) GetEnrichments() []*Enrichment

func (*NtpActivity) GetFirewallRule 

func (x *NtpActivity) GetFirewallRule() *FirewallRule

func (*NtpActivity) GetLoadBalancer 

func (x *NtpActivity) GetLoadBalancer() *LoadBalancer

func (*NtpActivity) GetMalware 

func (x *NtpActivity) GetMalware() []*Malware

func (*NtpActivity) GetMessage 

func (x *NtpActivity) GetMessage() string

func (*NtpActivity) GetMetadata 

func (x *NtpActivity) GetMetadata() *Metadata

func (*NtpActivity) GetObservables 

func (x *NtpActivity) GetObservables() []*Observable

func (*NtpActivity) GetPrecision 

func (x *NtpActivity) GetPrecision() int32

func (*NtpActivity) GetProxy 

func (x *NtpActivity) GetProxy() *NetworkProxy

func (*NtpActivity) GetProxyConnectionInfo 

func (x *NtpActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*NtpActivity) GetProxyEndpoint 

func (x *NtpActivity) GetProxyEndpoint() *NetworkProxy

func (*NtpActivity) GetProxyHttpRequest 

func (x *NtpActivity) GetProxyHttpRequest() *HttpRequest

func (*NtpActivity) GetProxyHttpResponse 

func (x *NtpActivity) GetProxyHttpResponse() *HttpResponse

func (*NtpActivity) GetProxyTls 

func (x *NtpActivity) GetProxyTls() *Tls

func (*NtpActivity) GetProxyTraffic 

func (x *NtpActivity) GetProxyTraffic() *NetworkTraffic

func (*NtpActivity) GetRawData 

func (x *NtpActivity) GetRawData() string

func (*NtpActivity) GetSeverity 

func (x *NtpActivity) GetSeverity() string

func (*NtpActivity) GetSeverityId 

func (x *NtpActivity) GetSeverityId() NtpActivity_SeverityId

func (*NtpActivity) GetSrcEndpoint 

func (x *NtpActivity) GetSrcEndpoint() *NetworkEndpoint

func (*NtpActivity) GetStartTime 

func (x *NtpActivity) GetStartTime() int64

func (*NtpActivity) GetStartTimeDt 

func (x *NtpActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*NtpActivity) GetStatus 

func (x *NtpActivity) GetStatus() string

func (*NtpActivity) GetStatusCode 

func (x *NtpActivity) GetStatusCode() string

func (*NtpActivity) GetStatusDetail 

func (x *NtpActivity) GetStatusDetail() string

func (*NtpActivity) GetStatusId 

func (x *NtpActivity) GetStatusId() NtpActivity_StatusId

func (*NtpActivity) GetStratum 

func (x *NtpActivity) GetStratum() string

func (*NtpActivity) GetStratumId 

func (x *NtpActivity) GetStratumId() NtpActivity_StratumId

func (*NtpActivity) GetTime 

func (x *NtpActivity) GetTime() int64

func (*NtpActivity) GetTimeDt 

func (x *NtpActivity) GetTimeDt() *timestamppb.Timestamp

func (*NtpActivity) GetTimezoneOffset 

func (x *NtpActivity) GetTimezoneOffset() int32

func (*NtpActivity) GetTls 

func (x *NtpActivity) GetTls() *Tls

func (*NtpActivity) GetTraffic 

func (x *NtpActivity) GetTraffic() *NetworkTraffic

func (*NtpActivity) GetTypeName 

func (x *NtpActivity) GetTypeName() string

func (*NtpActivity) GetTypeUid 

func (x *NtpActivity) GetTypeUid() int64

func (*NtpActivity) GetUnmapped 

func (x *NtpActivity) GetUnmapped() *structpb.Struct

func (*NtpActivity) GetVersion 

func (x *NtpActivity) GetVersion() string

func (*NtpActivity) ProtoMessage 

func (*NtpActivity) ProtoMessage()

func (*NtpActivity) ProtoReflect 

func (x *NtpActivity) ProtoReflect() protoreflect.Message

func (*NtpActivity) Reset 

func (x *NtpActivity) Reset()

func (*NtpActivity) String 

func (x *NtpActivity) String() string

type NtpActivity_ActionId 

type NtpActivity_ActionId int32
const (
	NtpActivity_ACTION_ID_UNKNOWN NtpActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	NtpActivity_ACTION_ID_ALLOWED NtpActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	NtpActivity_ACTION_ID_DENIED NtpActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	NtpActivity_ACTION_ID_OTHER NtpActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (NtpActivity_ActionId) Descriptor 

func (NtpActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (NtpActivity_ActionId) Enum 

func (x NtpActivity_ActionId) Enum() *NtpActivity_ActionId

func (NtpActivity_ActionId) EnumDescriptor deprecated 

func (NtpActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NtpActivity_ActionId.Descriptor instead.

func (NtpActivity_ActionId) Number 

func (x NtpActivity_ActionId) Number() protoreflect.EnumNumber

func (NtpActivity_ActionId) String 

func (x NtpActivity_ActionId) String() string

func (NtpActivity_ActionId) Type 

func (NtpActivity_ActionId) Type() protoreflect.EnumType

type NtpActivity_ActivityId 

type NtpActivity_ActivityId int32
const (
	NtpActivity_ACTIVITY_ID_UNKNOWN NtpActivity_ActivityId = 0 // Not used in standard NTP
	// implementations.
	NtpActivity_ACTIVITY_ID_SYMMETRIC_ACTIVE_EXCHANGE NtpActivity_ActivityId = 1 // Bidirectional time exchange
	// between devices.
	NtpActivity_ACTIVITY_ID_SYMMETRIC_PASSIVE_RESPONSE NtpActivity_ActivityId = 2 // Device responds as a server to
	// peers in symmetric active mode.
	NtpActivity_ACTIVITY_ID_CLIENT_SYNCHRONIZATION NtpActivity_ActivityId = 3 // NTP client, syncs with servers.
	NtpActivity_ACTIVITY_ID_SERVER_RESPONSE        NtpActivity_ActivityId = 4 // Dedicated NTP time server,
	// responds to clients.
	NtpActivity_ACTIVITY_ID_BROADCAST NtpActivity_ActivityId = 5 // Broadcast time info to network
	// devices.
	NtpActivity_ACTIVITY_ID_CONTROL          NtpActivity_ActivityId = 6 // Monitoring and control messaging.
	NtpActivity_ACTIVITY_ID_PRIVATE_USE_CASE NtpActivity_ActivityId = 7 // Reserved - Not defined in standard
	// NTP specifications.
	NtpActivity_ACTIVITY_ID_OTHER NtpActivity_ActivityId = 99 // The event activity is not mapped.
)

func (NtpActivity_ActivityId) Descriptor 

func (NtpActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (NtpActivity_ActivityId) Enum 

func (x NtpActivity_ActivityId) Enum() *NtpActivity_ActivityId

func (NtpActivity_ActivityId) EnumDescriptor deprecated 

func (NtpActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NtpActivity_ActivityId.Descriptor instead.

func (NtpActivity_ActivityId) Number 

func (x NtpActivity_ActivityId) Number() protoreflect.EnumNumber

func (NtpActivity_ActivityId) String 

func (x NtpActivity_ActivityId) String() string

func (NtpActivity_ActivityId) Type 

func (NtpActivity_ActivityId) Type() protoreflect.EnumType

type NtpActivity_CategoryUid 

type NtpActivity_CategoryUid int32
const (
	NtpActivity_CATEGORY_UID_UNKNOWN          NtpActivity_CategoryUid = 0
	NtpActivity_CATEGORY_UID_NETWORK_ACTIVITY NtpActivity_CategoryUid = 4
)

func (NtpActivity_CategoryUid) Descriptor 

func (NtpActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (NtpActivity_CategoryUid) Enum 

func (x NtpActivity_CategoryUid) Enum() *NtpActivity_CategoryUid

func (NtpActivity_CategoryUid) EnumDescriptor deprecated 

func (NtpActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NtpActivity_CategoryUid.Descriptor instead.

func (NtpActivity_CategoryUid) Number 

func (x NtpActivity_CategoryUid) Number() protoreflect.EnumNumber

func (NtpActivity_CategoryUid) String 

func (x NtpActivity_CategoryUid) String() string

func (NtpActivity_CategoryUid) Type 

func (NtpActivity_CategoryUid) Type() protoreflect.EnumType

type NtpActivity_ClassUid 

type NtpActivity_ClassUid int32
const (
	NtpActivity_CLASS_UID_UNKNOWN      NtpActivity_ClassUid = 0
	NtpActivity_CLASS_UID_NTP_ACTIVITY NtpActivity_ClassUid = 4013
)

func (NtpActivity_ClassUid) Descriptor 

func (NtpActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (NtpActivity_ClassUid) Enum 

func (x NtpActivity_ClassUid) Enum() *NtpActivity_ClassUid

func (NtpActivity_ClassUid) EnumDescriptor deprecated 

func (NtpActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use NtpActivity_ClassUid.Descriptor instead.

func (NtpActivity_ClassUid) Number 

func (x NtpActivity_ClassUid) Number() protoreflect.EnumNumber

func (NtpActivity_ClassUid) String 

func (x NtpActivity_ClassUid) String() string

func (NtpActivity_ClassUid) Type 

func (NtpActivity_ClassUid) Type() protoreflect.EnumType

type NtpActivity_DispositionId 

type NtpActivity_DispositionId int32
const (
	NtpActivity_DISPOSITION_ID_UNKNOWN NtpActivity_DispositionId = 0 // The disposition was not known.
	NtpActivity_DISPOSITION_ID_ALLOWED NtpActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	NtpActivity_DISPOSITION_ID_BLOCKED NtpActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	NtpActivity_DISPOSITION_ID_QUARANTINED NtpActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	NtpActivity_DISPOSITION_ID_ISOLATED NtpActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	NtpActivity_DISPOSITION_ID_DELETED NtpActivity_DispositionId = 5 // A file or other content was deleted.
	NtpActivity_DISPOSITION_ID_DROPPED NtpActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	NtpActivity_DISPOSITION_ID_CUSTOM_ACTION NtpActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	NtpActivity_DISPOSITION_ID_APPROVED NtpActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	NtpActivity_DISPOSITION_ID_RESTORED NtpActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	NtpActivity_DISPOSITION_ID_EXONERATED NtpActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	NtpActivity_DISPOSITION_ID_CORRECTED NtpActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	NtpActivity_DISPOSITION_ID_PARTIALLY_CORRECTED NtpActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	NtpActivity_DISPOSITION_ID_UNCORRECTED NtpActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	NtpActivity_DISPOSITION_ID_DELAYED NtpActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	NtpActivity_DISPOSITION_ID_DETECTED NtpActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	NtpActivity_DISPOSITION_ID_NO_ACTION NtpActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	NtpActivity_DISPOSITION_ID_LOGGED NtpActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	NtpActivity_DISPOSITION_ID_TAGGED NtpActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	NtpActivity_DISPOSITION_ID_ALERT NtpActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	NtpActivity_DISPOSITION_ID_COUNT NtpActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	NtpActivity_DISPOSITION_ID_RESET NtpActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	NtpActivity_DISPOSITION_ID_CAPTCHA NtpActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	NtpActivity_DISPOSITION_ID_CHALLENGE NtpActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	NtpActivity_DISPOSITION_ID_ACCESS_REVOKED NtpActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	NtpActivity_DISPOSITION_ID_REJECTED NtpActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	NtpActivity_DISPOSITION_ID_UNAUTHORIZED NtpActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	NtpActivity_DISPOSITION_ID_ERROR NtpActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	NtpActivity_DISPOSITION_ID_OTHER NtpActivity_DispositionId = 99 // The disposition is not listed. The
)

func (NtpActivity_DispositionId) Descriptor 

func (NtpActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (NtpActivity_DispositionId) Enum 

func (x NtpActivity_DispositionId) Enum() *NtpActivity_DispositionId

func (NtpActivity_DispositionId) EnumDescriptor deprecated 

func (NtpActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NtpActivity_DispositionId.Descriptor instead.

func (NtpActivity_DispositionId) Number 

func (x NtpActivity_DispositionId) Number() protoreflect.EnumNumber

func (NtpActivity_DispositionId) String 

func (x NtpActivity_DispositionId) String() string

func (NtpActivity_DispositionId) Type 

func (NtpActivity_DispositionId) Type() protoreflect.EnumType

type NtpActivity_SeverityId 

type NtpActivity_SeverityId int32
const (
	NtpActivity_SEVERITY_ID_UNKNOWN       NtpActivity_SeverityId = 0 // The event/finding severity is unknown.
	NtpActivity_SEVERITY_ID_INFORMATIONAL NtpActivity_SeverityId = 1 // Informational message. No action required.
	NtpActivity_SEVERITY_ID_LOW           NtpActivity_SeverityId = 2 // The user decides if action is needed.
	NtpActivity_SEVERITY_ID_MEDIUM        NtpActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	NtpActivity_SEVERITY_ID_HIGH     NtpActivity_SeverityId = 4 // Action is required immediately.
	NtpActivity_SEVERITY_ID_CRITICAL NtpActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	NtpActivity_SEVERITY_ID_FATAL NtpActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	NtpActivity_SEVERITY_ID_OTHER NtpActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (NtpActivity_SeverityId) Descriptor 

func (NtpActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (NtpActivity_SeverityId) Enum 

func (x NtpActivity_SeverityId) Enum() *NtpActivity_SeverityId

func (NtpActivity_SeverityId) EnumDescriptor deprecated 

func (NtpActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NtpActivity_SeverityId.Descriptor instead.

func (NtpActivity_SeverityId) Number 

func (x NtpActivity_SeverityId) Number() protoreflect.EnumNumber

func (NtpActivity_SeverityId) String 

func (x NtpActivity_SeverityId) String() string

func (NtpActivity_SeverityId) Type 

func (NtpActivity_SeverityId) Type() protoreflect.EnumType

type NtpActivity_StatusId 

type NtpActivity_StatusId int32
const (
	NtpActivity_STATUS_ID_UNKNOWN NtpActivity_StatusId = 0 // The status is unknown.
	NtpActivity_STATUS_ID_SUCCESS NtpActivity_StatusId = 1
	NtpActivity_STATUS_ID_FAILURE NtpActivity_StatusId = 2
	NtpActivity_STATUS_ID_OTHER   NtpActivity_StatusId = 99 // The event status is not mapped. See the
)

func (NtpActivity_StatusId) Descriptor 

func (NtpActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (NtpActivity_StatusId) Enum 

func (x NtpActivity_StatusId) Enum() *NtpActivity_StatusId

func (NtpActivity_StatusId) EnumDescriptor deprecated 

func (NtpActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NtpActivity_StatusId.Descriptor instead.

func (NtpActivity_StatusId) Number 

func (x NtpActivity_StatusId) Number() protoreflect.EnumNumber

func (NtpActivity_StatusId) String 

func (x NtpActivity_StatusId) String() string

func (NtpActivity_StatusId) Type 

func (NtpActivity_StatusId) Type() protoreflect.EnumType

type NtpActivity_StratumId 

type NtpActivity_StratumId int32
const (
	NtpActivity_STRATUM_ID_UNKNOWN        NtpActivity_StratumId = 0 // Unspecified or invalid.
	NtpActivity_STRATUM_ID_PRIMARY_SERVER NtpActivity_StratumId = 1 // The highest precision primary server (e.g
	// atomic clock or GPS).
	NtpActivity_STRATUM_ID_SECONDARY_SERVER NtpActivity_StratumId = 2 // A secondary level server (possible values: 2-
	// 15).
	NtpActivity_STRATUM_ID_UNSYNCHRONIZED NtpActivity_StratumId = 16
	NtpActivity_STRATUM_ID_RESERVED       NtpActivity_StratumId = 17 // Reserved stratum (possible values: 17-255).
	NtpActivity_STRATUM_ID_OTHER          NtpActivity_StratumId = 99 // The stratum level is not mapped. See the
)

func (NtpActivity_StratumId) Descriptor 

func (NtpActivity_StratumId) Descriptor() protoreflect.EnumDescriptor

func (NtpActivity_StratumId) Enum 

func (x NtpActivity_StratumId) Enum() *NtpActivity_StratumId

func (NtpActivity_StratumId) EnumDescriptor deprecated 

func (NtpActivity_StratumId) EnumDescriptor() ([]byte, []int)

Deprecated: Use NtpActivity_StratumId.Descriptor instead.

func (NtpActivity_StratumId) Number 

func (x NtpActivity_StratumId) Number() protoreflect.EnumNumber

func (NtpActivity_StratumId) String 

func (x NtpActivity_StratumId) String() string

func (NtpActivity_StratumId) Type 

func (NtpActivity_StratumId) Type() protoreflect.EnumType

type Observable 

type Observable struct {
	Name       string            `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	Reputation *Reputation       `protobuf:"bytes,2,opt,name=reputation,proto3" json:"reputation,omitempty"`
	Type       *string           `protobuf:"bytes,3,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId     Observable_TypeId `protobuf:"varint,4,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Observable_TypeId" json:"type_id,omitempty"`
	Value      *string           `protobuf:"bytes,5,opt,name=value,proto3,oneof" json:"value,omitempty"`
	// contains filtered or unexported fields
}

Observable is an OSF object defined in ocsf objects/observable.json

The observable object is a pivot element that contains related information found in many places in the event.

func (*Observable) Descriptor deprecated 

func (*Observable) Descriptor() ([]byte, []int)

Deprecated: Use Observable.ProtoReflect.Descriptor instead.

func (*Observable) GetName 

func (x *Observable) GetName() string

func (*Observable) GetReputation 

func (x *Observable) GetReputation() *Reputation

func (*Observable) GetType 

func (x *Observable) GetType() string

func (*Observable) GetTypeId 

func (x *Observable) GetTypeId() Observable_TypeId

func (*Observable) GetValue 

func (x *Observable) GetValue() string

func (*Observable) ProtoMessage 

func (*Observable) ProtoMessage()

func (*Observable) ProtoReflect 

func (x *Observable) ProtoReflect() protoreflect.Message

func (*Observable) Reset 

func (x *Observable) Reset()

func (*Observable) String 

func (x *Observable) String() string

type Observable_TypeId 

type Observable_TypeId int32
const (
	Observable_TYPE_ID_UNKNOWN         Observable_TypeId = 0 // Unknown observable data type.
	Observable_TYPE_ID_HOSTNAME        Observable_TypeId = 1
	Observable_TYPE_ID_IP_ADDRESS      Observable_TypeId = 2
	Observable_TYPE_ID_MAC_ADDRESS     Observable_TypeId = 3
	Observable_TYPE_ID_USER_NAME       Observable_TypeId = 4
	Observable_TYPE_ID_EMAIL_ADDRESS   Observable_TypeId = 5
	Observable_TYPE_ID_URL_STRING      Observable_TypeId = 6
	Observable_TYPE_ID_FILE_NAME       Observable_TypeId = 7
	Observable_TYPE_ID_HASH            Observable_TypeId = 8
	Observable_TYPE_ID_PROCESS_NAME    Observable_TypeId = 9
	Observable_TYPE_ID_RESOURCE_UID    Observable_TypeId = 10
	Observable_TYPE_ID_PORT            Observable_TypeId = 11
	Observable_TYPE_ID_SUBNET          Observable_TypeId = 12
	Observable_TYPE_ID_COMMAND_LINE    Observable_TypeId = 13
	Observable_TYPE_ID_COUNTRY         Observable_TypeId = 14
	Observable_TYPE_ID_PROCESS_ID      Observable_TypeId = 15
	Observable_TYPE_ID_HTTP_USER_AGENT Observable_TypeId = 16
	Observable_TYPE_ID_OTHER           Observable_TypeId = 99 // The observable data type is not mapped. See the
)

func (Observable_TypeId) Descriptor 

func (Observable_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Observable_TypeId) Enum 

func (x Observable_TypeId) Enum() *Observable_TypeId

func (Observable_TypeId) EnumDescriptor deprecated 

func (Observable_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Observable_TypeId.Descriptor instead.

func (Observable_TypeId) Number 

func (x Observable_TypeId) Number() protoreflect.EnumNumber

func (Observable_TypeId) String 

func (x Observable_TypeId) String() string

func (Observable_TypeId) Type 

func (Observable_TypeId) Type() protoreflect.EnumType

type Organization 

type Organization struct {
	Name   *string `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	OuName *string `protobuf:"bytes,2,opt,name=ou_name,json=ouName,proto3,oneof" json:"ou_name,omitempty"`
	OuUid  *string `protobuf:"bytes,3,opt,name=ou_uid,json=ouUid,proto3,oneof" json:"ou_uid,omitempty"`
	Uid    *string `protobuf:"bytes,4,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Organization is an OSF object defined in ocsf objects/organization.json

The Organization object describes characteristics of an organization or company and its division if any.

func (*Organization) Descriptor deprecated 

func (*Organization) Descriptor() ([]byte, []int)

Deprecated: Use Organization.ProtoReflect.Descriptor instead.

func (*Organization) GetName 

func (x *Organization) GetName() string

func (*Organization) GetOuName 

func (x *Organization) GetOuName() string

func (*Organization) GetOuUid 

func (x *Organization) GetOuUid() string

func (*Organization) GetUid 

func (x *Organization) GetUid() string

func (*Organization) ProtoMessage 

func (*Organization) ProtoMessage()

func (*Organization) ProtoReflect 

func (x *Organization) ProtoReflect() protoreflect.Message

func (*Organization) Reset 

func (x *Organization) Reset()

func (*Organization) String 

func (x *Organization) String() string

type Os 

type Os struct {
	Build   *string   `protobuf:"bytes,1,opt,name=build,proto3,oneof" json:"build,omitempty"`
	Country *string   `protobuf:"bytes,2,opt,name=country,proto3,oneof" json:"country,omitempty"`
	CpeName *string   `protobuf:"bytes,3,opt,name=cpe_name,json=cpeName,proto3,oneof" json:"cpe_name,omitempty"`
	CpuBits *int32    `protobuf:"varint,4,opt,name=cpu_bits,json=cpuBits,proto3,oneof" json:"cpu_bits,omitempty"`
	Edition *string   `protobuf:"bytes,5,opt,name=edition,proto3,oneof" json:"edition,omitempty"`
	Lang    *string   `protobuf:"bytes,6,opt,name=lang,proto3,oneof" json:"lang,omitempty"`
	Name    string    `protobuf:"bytes,7,opt,name=name,proto3" json:"name,omitempty"`
	SpName  *string   `protobuf:"bytes,8,opt,name=sp_name,json=spName,proto3,oneof" json:"sp_name,omitempty"`
	SpVer   *int32    `protobuf:"varint,9,opt,name=sp_ver,json=spVer,proto3,oneof" json:"sp_ver,omitempty"`
	Type    *string   `protobuf:"bytes,10,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId  Os_TypeId `protobuf:"varint,11,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Os_TypeId" json:"type_id,omitempty"`
	Version *string   `protobuf:"bytes,12,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Os is an OSF object defined in ocsf objects/os.json

The Operating System (OS) object describes characteristics of an OS, such as Linux or Windows. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:OperatingSystem/'>d3f:OperatingSystem</a>.

func (*Os) Descriptor deprecated 

func (*Os) Descriptor() ([]byte, []int)

Deprecated: Use Os.ProtoReflect.Descriptor instead.

func (*Os) GetBuild 

func (x *Os) GetBuild() string

func (*Os) GetCountry 

func (x *Os) GetCountry() string

func (*Os) GetCpeName 

func (x *Os) GetCpeName() string

func (*Os) GetCpuBits 

func (x *Os) GetCpuBits() int32

func (*Os) GetEdition 

func (x *Os) GetEdition() string

func (*Os) GetLang 

func (x *Os) GetLang() string

func (*Os) GetName 

func (x *Os) GetName() string

func (*Os) GetSpName 

func (x *Os) GetSpName() string

func (*Os) GetSpVer 

func (x *Os) GetSpVer() int32

func (*Os) GetType 

func (x *Os) GetType() string

func (*Os) GetTypeId 

func (x *Os) GetTypeId() Os_TypeId

func (*Os) GetVersion 

func (x *Os) GetVersion() string

func (*Os) ProtoMessage 

func (*Os) ProtoMessage()

func (*Os) ProtoReflect 

func (x *Os) ProtoReflect() protoreflect.Message

func (*Os) Reset 

func (x *Os) Reset()

func (*Os) String 

func (x *Os) String() string

type Os_TypeId 

type Os_TypeId int32
const (
	Os_TYPE_ID_UNKNOWN Os_TypeId = 0  // The type is unknown.
	Os_TYPE_ID_OTHER   Os_TypeId = 99 // The type is not mapped. See the <code>type</code>
	// attribute, which contains a data source specific
	// value.
	Os_TYPE_ID_WINDOWS        Os_TypeId = 100
	Os_TYPE_ID_WINDOWS_MOBILE Os_TypeId = 101
	Os_TYPE_ID_LINUX          Os_TypeId = 200
	Os_TYPE_ID_ANDROID        Os_TypeId = 201
	Os_TYPE_ID_MACOS          Os_TypeId = 300
	Os_TYPE_ID_IOS            Os_TypeId = 301
	Os_TYPE_ID_IPADOS         Os_TypeId = 302
	Os_TYPE_ID_SOLARIS        Os_TypeId = 400
	Os_TYPE_ID_AIX            Os_TypeId = 401
	Os_TYPE_ID_HP_UX          Os_TypeId = 402
)

func (Os_TypeId) Descriptor 

func (Os_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Os_TypeId) Enum 

func (x Os_TypeId) Enum() *Os_TypeId

func (Os_TypeId) EnumDescriptor deprecated 

func (Os_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Os_TypeId.Descriptor instead.

func (Os_TypeId) Number 

func (x Os_TypeId) Number() protoreflect.EnumNumber

func (Os_TypeId) String 

func (x Os_TypeId) String() string

func (Os_TypeId) Type 

func (Os_TypeId) Type() protoreflect.EnumType

type Package 

type Package struct {
	Architecture *string `protobuf:"bytes,1,opt,name=architecture,proto3,oneof" json:"architecture,omitempty"`
	Epoch        *int32  `protobuf:"varint,2,opt,name=epoch,proto3,oneof" json:"epoch,omitempty"`
	License      *string `protobuf:"bytes,3,opt,name=license,proto3,oneof" json:"license,omitempty"`
	Name         string  `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"`
	Purl         *string `protobuf:"bytes,5,opt,name=purl,proto3,oneof" json:"purl,omitempty"`
	Release      *string `protobuf:"bytes,6,opt,name=release,proto3,oneof" json:"release,omitempty"`
	Version      string  `protobuf:"bytes,7,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Package is an OSF object defined in ocsf objects/package.json

The Software Package object describes details about a software package. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:SoftwarePackage/'>d3f:SoftwarePackage</a>.

func (*Package) Descriptor deprecated 

func (*Package) Descriptor() ([]byte, []int)

Deprecated: Use Package.ProtoReflect.Descriptor instead.

func (*Package) GetArchitecture 

func (x *Package) GetArchitecture() string

func (*Package) GetEpoch 

func (x *Package) GetEpoch() int32

func (*Package) GetLicense 

func (x *Package) GetLicense() string

func (*Package) GetName 

func (x *Package) GetName() string

func (*Package) GetPurl 

func (x *Package) GetPurl() string

func (*Package) GetRelease 

func (x *Package) GetRelease() string

func (*Package) GetVersion 

func (x *Package) GetVersion() string

func (*Package) ProtoMessage 

func (*Package) ProtoMessage()

func (*Package) ProtoReflect 

func (x *Package) ProtoReflect() protoreflect.Message

func (*Package) Reset 

func (x *Package) Reset()

func (*Package) String 

func (x *Package) String() string

type PatchState 

type PatchState struct {
	ActivityId     PatchState_ActivityId  `` /* 134-byte string literal not displayed */
	ActivityName   *string                `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Api            *Api                   `protobuf:"bytes,3,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                `protobuf:"bytes,4,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    PatchState_CategoryUid `` /* 138-byte string literal not displayed */
	ClassName      *string                `protobuf:"bytes,6,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       PatchState_ClassUid    `` /* 126-byte string literal not displayed */
	Cloud          *Cloud                 `protobuf:"bytes,8,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                 `protobuf:"varint,9,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                `protobuf:"bytes,10,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                 `protobuf:"varint,11,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                 `protobuf:"varint,12,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp `protobuf:"bytes,13,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment          `protobuf:"bytes,14,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	KbArticleList  []*KbArticle           `protobuf:"bytes,15,rep,name=kb_article_list,json=kbArticleList,proto3" json:"kb_article_list,omitempty"`
	Message        *string                `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata              `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable          `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                `protobuf:"bytes,19,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                `protobuf:"bytes,20,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     PatchState_SeverityId  `` /* 135-byte string literal not displayed */
	StartTime      *int64                 `protobuf:"varint,22,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp `protobuf:"bytes,23,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                `protobuf:"bytes,24,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                `protobuf:"bytes,25,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                `protobuf:"bytes,26,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *PatchState_StatusId   `` /* 133-byte string literal not displayed */
	Time           int64                  `protobuf:"varint,28,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp `protobuf:"bytes,29,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                 `protobuf:"varint,30,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                `protobuf:"bytes,31,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                  `protobuf:"varint,32,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct       `protobuf:"bytes,33,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

PatchState is an OSF event in category "Discovery" called Operating System Patch State defined in ocsf events/discovery/patch_state.json

Operating System Patch State reports the installation of an OS patch to a device and any associated knowledgebase articles.

func (*PatchState) Descriptor deprecated 

func (*PatchState) Descriptor() ([]byte, []int)

Deprecated: Use PatchState.ProtoReflect.Descriptor instead.

func (*PatchState) GetActivityId 

func (x *PatchState) GetActivityId() PatchState_ActivityId

func (*PatchState) GetActivityName 

func (x *PatchState) GetActivityName() string

func (*PatchState) GetApi 

func (x *PatchState) GetApi() *Api

func (*PatchState) GetCategoryName 

func (x *PatchState) GetCategoryName() string

func (*PatchState) GetCategoryUid 

func (x *PatchState) GetCategoryUid() PatchState_CategoryUid

func (*PatchState) GetClassName 

func (x *PatchState) GetClassName() string

func (*PatchState) GetClassUid 

func (x *PatchState) GetClassUid() PatchState_ClassUid

func (*PatchState) GetCloud 

func (x *PatchState) GetCloud() *Cloud

func (*PatchState) GetCount 

func (x *PatchState) GetCount() int32

func (*PatchState) GetDevice 

func (x *PatchState) GetDevice() *Device

func (*PatchState) GetDuration 

func (x *PatchState) GetDuration() int32

func (*PatchState) GetEndTime 

func (x *PatchState) GetEndTime() int64

func (*PatchState) GetEndTimeDt 

func (x *PatchState) GetEndTimeDt() *timestamppb.Timestamp

func (*PatchState) GetEnrichments 

func (x *PatchState) GetEnrichments() []*Enrichment

func (*PatchState) GetKbArticleList 

func (x *PatchState) GetKbArticleList() []*KbArticle

func (*PatchState) GetMessage 

func (x *PatchState) GetMessage() string

func (*PatchState) GetMetadata 

func (x *PatchState) GetMetadata() *Metadata

func (*PatchState) GetObservables 

func (x *PatchState) GetObservables() []*Observable

func (*PatchState) GetRawData 

func (x *PatchState) GetRawData() string

func (*PatchState) GetSeverity 

func (x *PatchState) GetSeverity() string

func (*PatchState) GetSeverityId 

func (x *PatchState) GetSeverityId() PatchState_SeverityId

func (*PatchState) GetStartTime 

func (x *PatchState) GetStartTime() int64

func (*PatchState) GetStartTimeDt 

func (x *PatchState) GetStartTimeDt() *timestamppb.Timestamp

func (*PatchState) GetStatus 

func (x *PatchState) GetStatus() string

func (*PatchState) GetStatusCode 

func (x *PatchState) GetStatusCode() string

func (*PatchState) GetStatusDetail 

func (x *PatchState) GetStatusDetail() string

func (*PatchState) GetStatusId 

func (x *PatchState) GetStatusId() PatchState_StatusId

func (*PatchState) GetTime 

func (x *PatchState) GetTime() int64

func (*PatchState) GetTimeDt 

func (x *PatchState) GetTimeDt() *timestamppb.Timestamp

func (*PatchState) GetTimezoneOffset 

func (x *PatchState) GetTimezoneOffset() int32

func (*PatchState) GetTypeName 

func (x *PatchState) GetTypeName() string

func (*PatchState) GetTypeUid 

func (x *PatchState) GetTypeUid() int64

func (*PatchState) GetUnmapped 

func (x *PatchState) GetUnmapped() *structpb.Struct

func (*PatchState) ProtoMessage 

func (*PatchState) ProtoMessage()

func (*PatchState) ProtoReflect 

func (x *PatchState) ProtoReflect() protoreflect.Message

func (*PatchState) Reset 

func (x *PatchState) Reset()

func (*PatchState) String 

func (x *PatchState) String() string

type PatchState_ActivityId 

type PatchState_ActivityId int32
const (
	PatchState_ACTIVITY_ID_UNKNOWN PatchState_ActivityId = 0
	PatchState_ACTIVITY_ID_LOG     PatchState_ActivityId = 1 // The discovered information is via a log.
	PatchState_ACTIVITY_ID_COLLECT PatchState_ActivityId = 2 // The discovered information is via a collection
	// process.
	PatchState_ACTIVITY_ID_OTHER PatchState_ActivityId = 99
)

func (PatchState_ActivityId) Descriptor 

func (PatchState_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (PatchState_ActivityId) Enum 

func (x PatchState_ActivityId) Enum() *PatchState_ActivityId

func (PatchState_ActivityId) EnumDescriptor deprecated 

func (PatchState_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PatchState_ActivityId.Descriptor instead.

func (PatchState_ActivityId) Number 

func (x PatchState_ActivityId) Number() protoreflect.EnumNumber

func (PatchState_ActivityId) String 

func (x PatchState_ActivityId) String() string

func (PatchState_ActivityId) Type 

func (PatchState_ActivityId) Type() protoreflect.EnumType

type PatchState_CategoryUid 

type PatchState_CategoryUid int32
const (
	PatchState_CATEGORY_UID_UNKNOWN   PatchState_CategoryUid = 0
	PatchState_CATEGORY_UID_DISCOVERY PatchState_CategoryUid = 5
)

func (PatchState_CategoryUid) Descriptor 

func (PatchState_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (PatchState_CategoryUid) Enum 

func (x PatchState_CategoryUid) Enum() *PatchState_CategoryUid

func (PatchState_CategoryUid) EnumDescriptor deprecated 

func (PatchState_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use PatchState_CategoryUid.Descriptor instead.

func (PatchState_CategoryUid) Number 

func (x PatchState_CategoryUid) Number() protoreflect.EnumNumber

func (PatchState_CategoryUid) String 

func (x PatchState_CategoryUid) String() string

func (PatchState_CategoryUid) Type 

func (PatchState_CategoryUid) Type() protoreflect.EnumType

type PatchState_ClassUid 

type PatchState_ClassUid int32
const (
	PatchState_CLASS_UID_UNKNOWN                      PatchState_ClassUid = 0
	PatchState_CLASS_UID_OPERATING_SYSTEM_PATCH_STATE PatchState_ClassUid = 5004
)

func (PatchState_ClassUid) Descriptor 

func (PatchState_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (PatchState_ClassUid) Enum 

func (x PatchState_ClassUid) Enum() *PatchState_ClassUid

func (PatchState_ClassUid) EnumDescriptor deprecated 

func (PatchState_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use PatchState_ClassUid.Descriptor instead.

func (PatchState_ClassUid) Number 

func (x PatchState_ClassUid) Number() protoreflect.EnumNumber

func (PatchState_ClassUid) String 

func (x PatchState_ClassUid) String() string

func (PatchState_ClassUid) Type 

func (PatchState_ClassUid) Type() protoreflect.EnumType

type PatchState_SeverityId 

type PatchState_SeverityId int32
const (
	PatchState_SEVERITY_ID_UNKNOWN       PatchState_SeverityId = 0 // The event/finding severity is unknown.
	PatchState_SEVERITY_ID_INFORMATIONAL PatchState_SeverityId = 1 // Informational message. No action required.
	PatchState_SEVERITY_ID_LOW           PatchState_SeverityId = 2 // The user decides if action is needed.
	PatchState_SEVERITY_ID_MEDIUM        PatchState_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	PatchState_SEVERITY_ID_HIGH     PatchState_SeverityId = 4 // Action is required immediately.
	PatchState_SEVERITY_ID_CRITICAL PatchState_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	PatchState_SEVERITY_ID_FATAL PatchState_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	PatchState_SEVERITY_ID_OTHER PatchState_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (PatchState_SeverityId) Descriptor 

func (PatchState_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (PatchState_SeverityId) Enum 

func (x PatchState_SeverityId) Enum() *PatchState_SeverityId

func (PatchState_SeverityId) EnumDescriptor deprecated 

func (PatchState_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PatchState_SeverityId.Descriptor instead.

func (PatchState_SeverityId) Number 

func (x PatchState_SeverityId) Number() protoreflect.EnumNumber

func (PatchState_SeverityId) String 

func (x PatchState_SeverityId) String() string

func (PatchState_SeverityId) Type 

func (PatchState_SeverityId) Type() protoreflect.EnumType

type PatchState_StatusId 

type PatchState_StatusId int32
const (
	PatchState_STATUS_ID_UNKNOWN PatchState_StatusId = 0 // The status is unknown.
	PatchState_STATUS_ID_SUCCESS PatchState_StatusId = 1
	PatchState_STATUS_ID_FAILURE PatchState_StatusId = 2
	PatchState_STATUS_ID_OTHER   PatchState_StatusId = 99 // The event status is not mapped. See the
)

func (PatchState_StatusId) Descriptor 

func (PatchState_StatusId) Descriptor() protoreflect.EnumDescriptor

func (PatchState_StatusId) Enum 

func (x PatchState_StatusId) Enum() *PatchState_StatusId

func (PatchState_StatusId) EnumDescriptor deprecated 

func (PatchState_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PatchState_StatusId.Descriptor instead.

func (PatchState_StatusId) Number 

func (x PatchState_StatusId) Number() protoreflect.EnumNumber

func (PatchState_StatusId) String 

func (x PatchState_StatusId) String() string

func (PatchState_StatusId) Type 

func (PatchState_StatusId) Type() protoreflect.EnumType

type PeripheralDevice 

type PeripheralDevice struct {
	Class        string  `protobuf:"bytes,1,opt,name=class,proto3" json:"class,omitempty"`
	Model        *string `protobuf:"bytes,2,opt,name=model,proto3,oneof" json:"model,omitempty"`
	Name         string  `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
	SerialNumber *string `protobuf:"bytes,4,opt,name=serial_number,json=serialNumber,proto3,oneof" json:"serial_number,omitempty"`
	Uid          *string `protobuf:"bytes,5,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	VendorName   *string `protobuf:"bytes,6,opt,name=vendor_name,json=vendorName,proto3,oneof" json:"vendor_name,omitempty"`
	// contains filtered or unexported fields
}

PeripheralDevice is an OSF object defined in ocsf objects/peripheral_device.json

The peripheral device object describes the identity, vendor and model of a peripheral device.

func (*PeripheralDevice) Descriptor deprecated 

func (*PeripheralDevice) Descriptor() ([]byte, []int)

Deprecated: Use PeripheralDevice.ProtoReflect.Descriptor instead.

func (*PeripheralDevice) GetClass 

func (x *PeripheralDevice) GetClass() string

func (*PeripheralDevice) GetModel 

func (x *PeripheralDevice) GetModel() string

func (*PeripheralDevice) GetName 

func (x *PeripheralDevice) GetName() string

func (*PeripheralDevice) GetSerialNumber 

func (x *PeripheralDevice) GetSerialNumber() string

func (*PeripheralDevice) GetUid 

func (x *PeripheralDevice) GetUid() string

func (*PeripheralDevice) GetVendorName 

func (x *PeripheralDevice) GetVendorName() string

func (*PeripheralDevice) ProtoMessage 

func (*PeripheralDevice) ProtoMessage()

func (*PeripheralDevice) ProtoReflect 

func (x *PeripheralDevice) ProtoReflect() protoreflect.Message

func (*PeripheralDevice) Reset 

func (x *PeripheralDevice) Reset()

func (*PeripheralDevice) String 

func (x *PeripheralDevice) String() string

type PeripheralDeviceQuery 

type PeripheralDeviceQuery struct {
	ActivityId       PeripheralDeviceQuery_ActivityId    `` /* 145-byte string literal not displayed */
	ActivityName     *string                             `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor            *Actor                              `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api              *Api                                `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName     *string                             `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid      PeripheralDeviceQuery_CategoryUid   `` /* 149-byte string literal not displayed */
	ClassName        *string                             `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid         PeripheralDeviceQuery_ClassUid      `` /* 137-byte string literal not displayed */
	Cloud            *Cloud                              `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count            *int32                              `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device           *Device                             `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration         *int32                              `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime          *int64                              `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt        *timestamppb.Timestamp              `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments      []*Enrichment                       `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message          *string                             `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata         *Metadata                           `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables      []*Observable                       `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	PeripheralDevice *PeripheralDevice                   `protobuf:"bytes,19,opt,name=peripheral_device,json=peripheralDevice,proto3" json:"peripheral_device,omitempty"`
	QueryInfo        *QueryInfo                          `protobuf:"bytes,20,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult      *string                             `protobuf:"bytes,21,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId    PeripheralDeviceQuery_QueryResultId `` /* 160-byte string literal not displayed */
	RawData          *string                             `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity         *string                             `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId       PeripheralDeviceQuery_SeverityId    `` /* 146-byte string literal not displayed */
	StartTime        *int64                              `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt      *timestamppb.Timestamp              `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status           *string                             `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode       *string                             `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail     *string                             `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId         *PeripheralDeviceQuery_StatusId     `` /* 144-byte string literal not displayed */
	Time             int64                               `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt           *timestamppb.Timestamp              `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset   *int32                              `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName         *string                             `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid          int64                               `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped         *structpb.Struct                    `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

PeripheralDeviceQuery is an OSF event in category "Discovery" called Peripheral Device Query defined in ocsf events/discovery/peripheral_device_query.json

Peripheral Device Query events report information about peripheral devices.

func (*PeripheralDeviceQuery) Descriptor deprecated 

func (*PeripheralDeviceQuery) Descriptor() ([]byte, []int)

Deprecated: Use PeripheralDeviceQuery.ProtoReflect.Descriptor instead.

func (*PeripheralDeviceQuery) GetActivityId 

func (x *PeripheralDeviceQuery) GetActivityId() PeripheralDeviceQuery_ActivityId

func (*PeripheralDeviceQuery) GetActivityName 

func (x *PeripheralDeviceQuery) GetActivityName() string

func (*PeripheralDeviceQuery) GetActor 

func (x *PeripheralDeviceQuery) GetActor() *Actor

func (*PeripheralDeviceQuery) GetApi 

func (x *PeripheralDeviceQuery) GetApi() *Api

func (*PeripheralDeviceQuery) GetCategoryName 

func (x *PeripheralDeviceQuery) GetCategoryName() string

func (*PeripheralDeviceQuery) GetCategoryUid 

func (x *PeripheralDeviceQuery) GetCategoryUid() PeripheralDeviceQuery_CategoryUid

func (*PeripheralDeviceQuery) GetClassName 

func (x *PeripheralDeviceQuery) GetClassName() string

func (*PeripheralDeviceQuery) GetClassUid 

func (x *PeripheralDeviceQuery) GetClassUid() PeripheralDeviceQuery_ClassUid

func (*PeripheralDeviceQuery) GetCloud 

func (x *PeripheralDeviceQuery) GetCloud() *Cloud

func (*PeripheralDeviceQuery) GetCount 

func (x *PeripheralDeviceQuery) GetCount() int32

func (*PeripheralDeviceQuery) GetDevice 

func (x *PeripheralDeviceQuery) GetDevice() *Device

func (*PeripheralDeviceQuery) GetDuration 

func (x *PeripheralDeviceQuery) GetDuration() int32

func (*PeripheralDeviceQuery) GetEndTime 

func (x *PeripheralDeviceQuery) GetEndTime() int64

func (*PeripheralDeviceQuery) GetEndTimeDt 

func (x *PeripheralDeviceQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*PeripheralDeviceQuery) GetEnrichments 

func (x *PeripheralDeviceQuery) GetEnrichments() []*Enrichment

func (*PeripheralDeviceQuery) GetMessage 

func (x *PeripheralDeviceQuery) GetMessage() string

func (*PeripheralDeviceQuery) GetMetadata 

func (x *PeripheralDeviceQuery) GetMetadata() *Metadata

func (*PeripheralDeviceQuery) GetObservables 

func (x *PeripheralDeviceQuery) GetObservables() []*Observable

func (*PeripheralDeviceQuery) GetPeripheralDevice 

func (x *PeripheralDeviceQuery) GetPeripheralDevice() *PeripheralDevice

func (*PeripheralDeviceQuery) GetQueryInfo 

func (x *PeripheralDeviceQuery) GetQueryInfo() *QueryInfo

func (*PeripheralDeviceQuery) GetQueryResult 

func (x *PeripheralDeviceQuery) GetQueryResult() string

func (*PeripheralDeviceQuery) GetQueryResultId 

func (x *PeripheralDeviceQuery) GetQueryResultId() PeripheralDeviceQuery_QueryResultId

func (*PeripheralDeviceQuery) GetRawData 

func (x *PeripheralDeviceQuery) GetRawData() string

func (*PeripheralDeviceQuery) GetSeverity 

func (x *PeripheralDeviceQuery) GetSeverity() string

func (*PeripheralDeviceQuery) GetSeverityId 

func (x *PeripheralDeviceQuery) GetSeverityId() PeripheralDeviceQuery_SeverityId

func (*PeripheralDeviceQuery) GetStartTime 

func (x *PeripheralDeviceQuery) GetStartTime() int64

func (*PeripheralDeviceQuery) GetStartTimeDt 

func (x *PeripheralDeviceQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*PeripheralDeviceQuery) GetStatus 

func (x *PeripheralDeviceQuery) GetStatus() string

func (*PeripheralDeviceQuery) GetStatusCode 

func (x *PeripheralDeviceQuery) GetStatusCode() string

func (*PeripheralDeviceQuery) GetStatusDetail 

func (x *PeripheralDeviceQuery) GetStatusDetail() string

func (*PeripheralDeviceQuery) GetStatusId 

func (x *PeripheralDeviceQuery) GetStatusId() PeripheralDeviceQuery_StatusId

func (*PeripheralDeviceQuery) GetTime 

func (x *PeripheralDeviceQuery) GetTime() int64

func (*PeripheralDeviceQuery) GetTimeDt 

func (x *PeripheralDeviceQuery) GetTimeDt() *timestamppb.Timestamp

func (*PeripheralDeviceQuery) GetTimezoneOffset 

func (x *PeripheralDeviceQuery) GetTimezoneOffset() int32

func (*PeripheralDeviceQuery) GetTypeName 

func (x *PeripheralDeviceQuery) GetTypeName() string

func (*PeripheralDeviceQuery) GetTypeUid 

func (x *PeripheralDeviceQuery) GetTypeUid() int64

func (*PeripheralDeviceQuery) GetUnmapped 

func (x *PeripheralDeviceQuery) GetUnmapped() *structpb.Struct

func (*PeripheralDeviceQuery) ProtoMessage 

func (*PeripheralDeviceQuery) ProtoMessage()

func (*PeripheralDeviceQuery) ProtoReflect 

func (x *PeripheralDeviceQuery) ProtoReflect() protoreflect.Message

func (*PeripheralDeviceQuery) Reset 

func (x *PeripheralDeviceQuery) Reset()

func (*PeripheralDeviceQuery) String 

func (x *PeripheralDeviceQuery) String() string

type PeripheralDeviceQuery_ActivityId 

type PeripheralDeviceQuery_ActivityId int32
const (
	PeripheralDeviceQuery_ACTIVITY_ID_UNKNOWN PeripheralDeviceQuery_ActivityId = 0
	PeripheralDeviceQuery_ACTIVITY_ID_QUERY   PeripheralDeviceQuery_ActivityId = 1 // The discovered results are via a query request.
	PeripheralDeviceQuery_ACTIVITY_ID_OTHER   PeripheralDeviceQuery_ActivityId = 99
)

func (PeripheralDeviceQuery_ActivityId) Descriptor 

func (PeripheralDeviceQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (PeripheralDeviceQuery_ActivityId) Enum 

func (x PeripheralDeviceQuery_ActivityId) Enum() *PeripheralDeviceQuery_ActivityId

func (PeripheralDeviceQuery_ActivityId) EnumDescriptor deprecated 

func (PeripheralDeviceQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PeripheralDeviceQuery_ActivityId.Descriptor instead.

func (PeripheralDeviceQuery_ActivityId) Number 

func (x PeripheralDeviceQuery_ActivityId) Number() protoreflect.EnumNumber

func (PeripheralDeviceQuery_ActivityId) String 

func (x PeripheralDeviceQuery_ActivityId) String() string

func (PeripheralDeviceQuery_ActivityId) Type 

func (PeripheralDeviceQuery_ActivityId) Type() protoreflect.EnumType

type PeripheralDeviceQuery_CategoryUid 

type PeripheralDeviceQuery_CategoryUid int32
const (
	PeripheralDeviceQuery_CATEGORY_UID_UNKNOWN   PeripheralDeviceQuery_CategoryUid = 0
	PeripheralDeviceQuery_CATEGORY_UID_DISCOVERY PeripheralDeviceQuery_CategoryUid = 5
)

func (PeripheralDeviceQuery_CategoryUid) Descriptor 

func (PeripheralDeviceQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (PeripheralDeviceQuery_CategoryUid) Enum 

func (x PeripheralDeviceQuery_CategoryUid) Enum() *PeripheralDeviceQuery_CategoryUid

func (PeripheralDeviceQuery_CategoryUid) EnumDescriptor deprecated 

func (PeripheralDeviceQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use PeripheralDeviceQuery_CategoryUid.Descriptor instead.

func (PeripheralDeviceQuery_CategoryUid) Number 

func (x PeripheralDeviceQuery_CategoryUid) Number() protoreflect.EnumNumber

func (PeripheralDeviceQuery_CategoryUid) String 

func (x PeripheralDeviceQuery_CategoryUid) String() string

func (PeripheralDeviceQuery_CategoryUid) Type 

func (PeripheralDeviceQuery_CategoryUid) Type() protoreflect.EnumType

type PeripheralDeviceQuery_ClassUid 

type PeripheralDeviceQuery_ClassUid int32
const (
	PeripheralDeviceQuery_CLASS_UID_UNKNOWN                 PeripheralDeviceQuery_ClassUid = 0
	PeripheralDeviceQuery_CLASS_UID_PERIPHERAL_DEVICE_QUERY PeripheralDeviceQuery_ClassUid = 5014
)

func (PeripheralDeviceQuery_ClassUid) Descriptor 

func (PeripheralDeviceQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (PeripheralDeviceQuery_ClassUid) Enum 

func (x PeripheralDeviceQuery_ClassUid) Enum() *PeripheralDeviceQuery_ClassUid

func (PeripheralDeviceQuery_ClassUid) EnumDescriptor deprecated 

func (PeripheralDeviceQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use PeripheralDeviceQuery_ClassUid.Descriptor instead.

func (PeripheralDeviceQuery_ClassUid) Number 

func (x PeripheralDeviceQuery_ClassUid) Number() protoreflect.EnumNumber

func (PeripheralDeviceQuery_ClassUid) String 

func (x PeripheralDeviceQuery_ClassUid) String() string

func (PeripheralDeviceQuery_ClassUid) Type 

func (PeripheralDeviceQuery_ClassUid) Type() protoreflect.EnumType

type PeripheralDeviceQuery_QueryResultId 

type PeripheralDeviceQuery_QueryResultId int32
const (
	PeripheralDeviceQuery_QUERY_RESULT_ID_UNKNOWN        PeripheralDeviceQuery_QueryResultId = 0  // The query result is unknown.
	PeripheralDeviceQuery_QUERY_RESULT_ID_EXISTS         PeripheralDeviceQuery_QueryResultId = 1  // The target was found.
	PeripheralDeviceQuery_QUERY_RESULT_ID_PARTIAL        PeripheralDeviceQuery_QueryResultId = 2  // The target was partially found.
	PeripheralDeviceQuery_QUERY_RESULT_ID_DOES_NOT_EXIST PeripheralDeviceQuery_QueryResultId = 3  // The target was not found.
	PeripheralDeviceQuery_QUERY_RESULT_ID_ERROR          PeripheralDeviceQuery_QueryResultId = 4  // The discovery attempt failed.
	PeripheralDeviceQuery_QUERY_RESULT_ID_UNSUPPORTED    PeripheralDeviceQuery_QueryResultId = 5  // Discovery of the target was not supported.
	PeripheralDeviceQuery_QUERY_RESULT_ID_OTHER          PeripheralDeviceQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (PeripheralDeviceQuery_QueryResultId) Descriptor 

func (PeripheralDeviceQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (PeripheralDeviceQuery_QueryResultId) Enum 

func (x PeripheralDeviceQuery_QueryResultId) Enum() *PeripheralDeviceQuery_QueryResultId

func (PeripheralDeviceQuery_QueryResultId) EnumDescriptor deprecated 

func (PeripheralDeviceQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PeripheralDeviceQuery_QueryResultId.Descriptor instead.

func (PeripheralDeviceQuery_QueryResultId) Number 

func (x PeripheralDeviceQuery_QueryResultId) Number() protoreflect.EnumNumber

func (PeripheralDeviceQuery_QueryResultId) String 

func (x PeripheralDeviceQuery_QueryResultId) String() string

func (PeripheralDeviceQuery_QueryResultId) Type 

func (PeripheralDeviceQuery_QueryResultId) Type() protoreflect.EnumType

type PeripheralDeviceQuery_SeverityId 

type PeripheralDeviceQuery_SeverityId int32
const (
	PeripheralDeviceQuery_SEVERITY_ID_UNKNOWN       PeripheralDeviceQuery_SeverityId = 0 // The event/finding severity is unknown.
	PeripheralDeviceQuery_SEVERITY_ID_INFORMATIONAL PeripheralDeviceQuery_SeverityId = 1 // Informational message. No action required.
	PeripheralDeviceQuery_SEVERITY_ID_LOW           PeripheralDeviceQuery_SeverityId = 2 // The user decides if action is needed.
	PeripheralDeviceQuery_SEVERITY_ID_MEDIUM        PeripheralDeviceQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	PeripheralDeviceQuery_SEVERITY_ID_HIGH     PeripheralDeviceQuery_SeverityId = 4 // Action is required immediately.
	PeripheralDeviceQuery_SEVERITY_ID_CRITICAL PeripheralDeviceQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	PeripheralDeviceQuery_SEVERITY_ID_FATAL PeripheralDeviceQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	PeripheralDeviceQuery_SEVERITY_ID_OTHER PeripheralDeviceQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (PeripheralDeviceQuery_SeverityId) Descriptor 

func (PeripheralDeviceQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (PeripheralDeviceQuery_SeverityId) Enum 

func (x PeripheralDeviceQuery_SeverityId) Enum() *PeripheralDeviceQuery_SeverityId

func (PeripheralDeviceQuery_SeverityId) EnumDescriptor deprecated 

func (PeripheralDeviceQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PeripheralDeviceQuery_SeverityId.Descriptor instead.

func (PeripheralDeviceQuery_SeverityId) Number 

func (x PeripheralDeviceQuery_SeverityId) Number() protoreflect.EnumNumber

func (PeripheralDeviceQuery_SeverityId) String 

func (x PeripheralDeviceQuery_SeverityId) String() string

func (PeripheralDeviceQuery_SeverityId) Type 

func (PeripheralDeviceQuery_SeverityId) Type() protoreflect.EnumType

type PeripheralDeviceQuery_StatusId 

type PeripheralDeviceQuery_StatusId int32
const (
	PeripheralDeviceQuery_STATUS_ID_UNKNOWN PeripheralDeviceQuery_StatusId = 0 // The status is unknown.
	PeripheralDeviceQuery_STATUS_ID_SUCCESS PeripheralDeviceQuery_StatusId = 1
	PeripheralDeviceQuery_STATUS_ID_FAILURE PeripheralDeviceQuery_StatusId = 2
	PeripheralDeviceQuery_STATUS_ID_OTHER   PeripheralDeviceQuery_StatusId = 99 // The event status is not mapped. See the
)

func (PeripheralDeviceQuery_StatusId) Descriptor 

func (PeripheralDeviceQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (PeripheralDeviceQuery_StatusId) Enum 

func (x PeripheralDeviceQuery_StatusId) Enum() *PeripheralDeviceQuery_StatusId

func (PeripheralDeviceQuery_StatusId) EnumDescriptor deprecated 

func (PeripheralDeviceQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PeripheralDeviceQuery_StatusId.Descriptor instead.

func (PeripheralDeviceQuery_StatusId) Number 

func (x PeripheralDeviceQuery_StatusId) Number() protoreflect.EnumNumber

func (PeripheralDeviceQuery_StatusId) String 

func (x PeripheralDeviceQuery_StatusId) String() string

func (PeripheralDeviceQuery_StatusId) Type 

func (PeripheralDeviceQuery_StatusId) Type() protoreflect.EnumType

type Policy 

type Policy struct {
	Desc      *string `protobuf:"bytes,1,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Group     *Group  `protobuf:"bytes,2,opt,name=group,proto3" json:"group,omitempty"`
	IsApplied *bool   `protobuf:"varint,3,opt,name=is_applied,json=isApplied,proto3,oneof" json:"is_applied,omitempty"`
	Name      *string `protobuf:"bytes,4,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Uid       *string `protobuf:"bytes,5,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version   *string `protobuf:"bytes,6,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Policy is an OSF object defined in ocsf objects/policy.json

The Policy object describes the policies that are applicable. <p>Policy attributes provide traceability to the operational state of the security product at the time that the event was captured, facilitating forensics, troubleshooting, and policy tuning/adjustments.</p>

func (*Policy) Descriptor deprecated 

func (*Policy) Descriptor() ([]byte, []int)

Deprecated: Use Policy.ProtoReflect.Descriptor instead.

func (*Policy) GetDesc 

func (x *Policy) GetDesc() string

func (*Policy) GetGroup 

func (x *Policy) GetGroup() *Group

func (*Policy) GetIsApplied 

func (x *Policy) GetIsApplied() bool

func (*Policy) GetName 

func (x *Policy) GetName() string

func (*Policy) GetUid 

func (x *Policy) GetUid() string

func (*Policy) GetVersion 

func (x *Policy) GetVersion() string

func (*Policy) ProtoMessage 

func (*Policy) ProtoMessage()

func (*Policy) ProtoReflect 

func (x *Policy) ProtoReflect() protoreflect.Message

func (*Policy) Reset 

func (x *Policy) Reset()

func (*Policy) String 

func (x *Policy) String() string

type PrefetchQuery 

type PrefetchQuery struct {
	ActivityId     PrefetchQuery_ActivityId    `` /* 137-byte string literal not displayed */
	ActivityName   *string                     `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                      `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                        `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                     `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    PrefetchQuery_CategoryUid   `` /* 141-byte string literal not displayed */
	ClassName      *string                     `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       PrefetchQuery_ClassUid      `` /* 129-byte string literal not displayed */
	Cloud          *Cloud                      `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                      `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                     `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                      `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                      `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp      `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment               `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	LastRunTime    *int64                      `protobuf:"varint,16,opt,name=last_run_time,json=lastRunTime,proto3,oneof" json:"last_run_time,omitempty"`
	LastRunTimeDt  *timestamppb.Timestamp      `protobuf:"bytes,17,opt,name=last_run_time_dt,json=lastRunTimeDt,proto3,oneof" json:"last_run_time_dt,omitempty"`
	Message        *string                     `protobuf:"bytes,18,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                   `protobuf:"bytes,19,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Name           string                      `protobuf:"bytes,20,opt,name=name,proto3" json:"name,omitempty"`
	Observables    []*Observable               `protobuf:"bytes,21,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                  `protobuf:"bytes,22,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                     `protobuf:"bytes,23,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  PrefetchQuery_QueryResultId `` /* 152-byte string literal not displayed */
	RawData        *string                     `protobuf:"bytes,25,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                     `protobuf:"bytes,26,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     PrefetchQuery_SeverityId    `` /* 138-byte string literal not displayed */
	StartTime      *int64                      `protobuf:"varint,28,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp      `protobuf:"bytes,29,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                     `protobuf:"bytes,30,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                     `protobuf:"bytes,31,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                     `protobuf:"bytes,32,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *PrefetchQuery_StatusId     `` /* 136-byte string literal not displayed */
	Time           int64                       `protobuf:"varint,34,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp      `protobuf:"bytes,35,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                      `protobuf:"varint,36,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                     `protobuf:"bytes,37,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                       `protobuf:"varint,38,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct            `protobuf:"bytes,39,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	RunCount       *int32                      `protobuf:"varint,2001,opt,name=run_count,json=runCount,proto3,oneof" json:"run_count,omitempty"`
	// contains filtered or unexported fields
}

PrefetchQuery is an OSF event in category "Discovery" called Prefetch Query defined in win events/prefetch_query.json

Prefetch Query events report information about Windows prefetch files.

func (*PrefetchQuery) Descriptor deprecated 

func (*PrefetchQuery) Descriptor() ([]byte, []int)

Deprecated: Use PrefetchQuery.ProtoReflect.Descriptor instead.

func (*PrefetchQuery) GetActivityId 

func (x *PrefetchQuery) GetActivityId() PrefetchQuery_ActivityId

func (*PrefetchQuery) GetActivityName 

func (x *PrefetchQuery) GetActivityName() string

func (*PrefetchQuery) GetActor 

func (x *PrefetchQuery) GetActor() *Actor

func (*PrefetchQuery) GetApi 

func (x *PrefetchQuery) GetApi() *Api

func (*PrefetchQuery) GetCategoryName 

func (x *PrefetchQuery) GetCategoryName() string

func (*PrefetchQuery) GetCategoryUid 

func (x *PrefetchQuery) GetCategoryUid() PrefetchQuery_CategoryUid

func (*PrefetchQuery) GetClassName 

func (x *PrefetchQuery) GetClassName() string

func (*PrefetchQuery) GetClassUid 

func (x *PrefetchQuery) GetClassUid() PrefetchQuery_ClassUid

func (*PrefetchQuery) GetCloud 

func (x *PrefetchQuery) GetCloud() *Cloud

func (*PrefetchQuery) GetCount 

func (x *PrefetchQuery) GetCount() int32

func (*PrefetchQuery) GetDevice 

func (x *PrefetchQuery) GetDevice() *Device

func (*PrefetchQuery) GetDuration 

func (x *PrefetchQuery) GetDuration() int32

func (*PrefetchQuery) GetEndTime 

func (x *PrefetchQuery) GetEndTime() int64

func (*PrefetchQuery) GetEndTimeDt 

func (x *PrefetchQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*PrefetchQuery) GetEnrichments 

func (x *PrefetchQuery) GetEnrichments() []*Enrichment

func (*PrefetchQuery) GetLastRunTime 

func (x *PrefetchQuery) GetLastRunTime() int64

func (*PrefetchQuery) GetLastRunTimeDt 

func (x *PrefetchQuery) GetLastRunTimeDt() *timestamppb.Timestamp

func (*PrefetchQuery) GetMessage 

func (x *PrefetchQuery) GetMessage() string

func (*PrefetchQuery) GetMetadata 

func (x *PrefetchQuery) GetMetadata() *Metadata

func (*PrefetchQuery) GetName 

func (x *PrefetchQuery) GetName() string

func (*PrefetchQuery) GetObservables 

func (x *PrefetchQuery) GetObservables() []*Observable

func (*PrefetchQuery) GetQueryInfo 

func (x *PrefetchQuery) GetQueryInfo() *QueryInfo

func (*PrefetchQuery) GetQueryResult 

func (x *PrefetchQuery) GetQueryResult() string

func (*PrefetchQuery) GetQueryResultId 

func (x *PrefetchQuery) GetQueryResultId() PrefetchQuery_QueryResultId

func (*PrefetchQuery) GetRawData 

func (x *PrefetchQuery) GetRawData() string

func (*PrefetchQuery) GetRunCount 

func (x *PrefetchQuery) GetRunCount() int32

func (*PrefetchQuery) GetSeverity 

func (x *PrefetchQuery) GetSeverity() string

func (*PrefetchQuery) GetSeverityId 

func (x *PrefetchQuery) GetSeverityId() PrefetchQuery_SeverityId

func (*PrefetchQuery) GetStartTime 

func (x *PrefetchQuery) GetStartTime() int64

func (*PrefetchQuery) GetStartTimeDt 

func (x *PrefetchQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*PrefetchQuery) GetStatus 

func (x *PrefetchQuery) GetStatus() string

func (*PrefetchQuery) GetStatusCode 

func (x *PrefetchQuery) GetStatusCode() string

func (*PrefetchQuery) GetStatusDetail 

func (x *PrefetchQuery) GetStatusDetail() string

func (*PrefetchQuery) GetStatusId 

func (x *PrefetchQuery) GetStatusId() PrefetchQuery_StatusId

func (*PrefetchQuery) GetTime 

func (x *PrefetchQuery) GetTime() int64

func (*PrefetchQuery) GetTimeDt 

func (x *PrefetchQuery) GetTimeDt() *timestamppb.Timestamp

func (*PrefetchQuery) GetTimezoneOffset 

func (x *PrefetchQuery) GetTimezoneOffset() int32

func (*PrefetchQuery) GetTypeName 

func (x *PrefetchQuery) GetTypeName() string

func (*PrefetchQuery) GetTypeUid 

func (x *PrefetchQuery) GetTypeUid() int64

func (*PrefetchQuery) GetUnmapped 

func (x *PrefetchQuery) GetUnmapped() *structpb.Struct

func (*PrefetchQuery) ProtoMessage 

func (*PrefetchQuery) ProtoMessage()

func (*PrefetchQuery) ProtoReflect 

func (x *PrefetchQuery) ProtoReflect() protoreflect.Message

func (*PrefetchQuery) Reset 

func (x *PrefetchQuery) Reset()

func (*PrefetchQuery) String 

func (x *PrefetchQuery) String() string

type PrefetchQuery_ActivityId 

type PrefetchQuery_ActivityId int32
const (
	PrefetchQuery_ACTIVITY_ID_UNKNOWN PrefetchQuery_ActivityId = 0
	PrefetchQuery_ACTIVITY_ID_QUERY   PrefetchQuery_ActivityId = 1 // The discovered results are via a query request.
	PrefetchQuery_ACTIVITY_ID_OTHER   PrefetchQuery_ActivityId = 99
)

func (PrefetchQuery_ActivityId) Descriptor 

func (PrefetchQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (PrefetchQuery_ActivityId) Enum 

func (x PrefetchQuery_ActivityId) Enum() *PrefetchQuery_ActivityId

func (PrefetchQuery_ActivityId) EnumDescriptor deprecated 

func (PrefetchQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PrefetchQuery_ActivityId.Descriptor instead.

func (PrefetchQuery_ActivityId) Number 

func (x PrefetchQuery_ActivityId) Number() protoreflect.EnumNumber

func (PrefetchQuery_ActivityId) String 

func (x PrefetchQuery_ActivityId) String() string

func (PrefetchQuery_ActivityId) Type 

func (PrefetchQuery_ActivityId) Type() protoreflect.EnumType

type PrefetchQuery_CategoryUid 

type PrefetchQuery_CategoryUid int32
const (
	PrefetchQuery_CATEGORY_UID_UNKNOWN   PrefetchQuery_CategoryUid = 0
	PrefetchQuery_CATEGORY_UID_DISCOVERY PrefetchQuery_CategoryUid = 5
)

func (PrefetchQuery_CategoryUid) Descriptor 

func (PrefetchQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (PrefetchQuery_CategoryUid) Enum 

func (x PrefetchQuery_CategoryUid) Enum() *PrefetchQuery_CategoryUid

func (PrefetchQuery_CategoryUid) EnumDescriptor deprecated 

func (PrefetchQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use PrefetchQuery_CategoryUid.Descriptor instead.

func (PrefetchQuery_CategoryUid) Number 

func (x PrefetchQuery_CategoryUid) Number() protoreflect.EnumNumber

func (PrefetchQuery_CategoryUid) String 

func (x PrefetchQuery_CategoryUid) String() string

func (PrefetchQuery_CategoryUid) Type 

func (PrefetchQuery_CategoryUid) Type() protoreflect.EnumType

type PrefetchQuery_ClassUid 

type PrefetchQuery_ClassUid int32
const (
	PrefetchQuery_CLASS_UID_UNKNOWN        PrefetchQuery_ClassUid = 0
	PrefetchQuery_CLASS_UID_PREFETCH_QUERY PrefetchQuery_ClassUid = 205019
)

func (PrefetchQuery_ClassUid) Descriptor 

func (PrefetchQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (PrefetchQuery_ClassUid) Enum 

func (x PrefetchQuery_ClassUid) Enum() *PrefetchQuery_ClassUid

func (PrefetchQuery_ClassUid) EnumDescriptor deprecated 

func (PrefetchQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use PrefetchQuery_ClassUid.Descriptor instead.

func (PrefetchQuery_ClassUid) Number 

func (x PrefetchQuery_ClassUid) Number() protoreflect.EnumNumber

func (PrefetchQuery_ClassUid) String 

func (x PrefetchQuery_ClassUid) String() string

func (PrefetchQuery_ClassUid) Type 

func (PrefetchQuery_ClassUid) Type() protoreflect.EnumType

type PrefetchQuery_QueryResultId 

type PrefetchQuery_QueryResultId int32
const (
	PrefetchQuery_QUERY_RESULT_ID_UNKNOWN        PrefetchQuery_QueryResultId = 0  // The query result is unknown.
	PrefetchQuery_QUERY_RESULT_ID_EXISTS         PrefetchQuery_QueryResultId = 1  // The target was found.
	PrefetchQuery_QUERY_RESULT_ID_PARTIAL        PrefetchQuery_QueryResultId = 2  // The target was partially found.
	PrefetchQuery_QUERY_RESULT_ID_DOES_NOT_EXIST PrefetchQuery_QueryResultId = 3  // The target was not found.
	PrefetchQuery_QUERY_RESULT_ID_ERROR          PrefetchQuery_QueryResultId = 4  // The discovery attempt failed.
	PrefetchQuery_QUERY_RESULT_ID_UNSUPPORTED    PrefetchQuery_QueryResultId = 5  // Discovery of the target was not supported.
	PrefetchQuery_QUERY_RESULT_ID_OTHER          PrefetchQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (PrefetchQuery_QueryResultId) Descriptor 

func (PrefetchQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (PrefetchQuery_QueryResultId) Enum 

func (x PrefetchQuery_QueryResultId) Enum() *PrefetchQuery_QueryResultId

func (PrefetchQuery_QueryResultId) EnumDescriptor deprecated 

func (PrefetchQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PrefetchQuery_QueryResultId.Descriptor instead.

func (PrefetchQuery_QueryResultId) Number 

func (x PrefetchQuery_QueryResultId) Number() protoreflect.EnumNumber

func (PrefetchQuery_QueryResultId) String 

func (x PrefetchQuery_QueryResultId) String() string

func (PrefetchQuery_QueryResultId) Type 

func (PrefetchQuery_QueryResultId) Type() protoreflect.EnumType

type PrefetchQuery_SeverityId 

type PrefetchQuery_SeverityId int32
const (
	PrefetchQuery_SEVERITY_ID_UNKNOWN       PrefetchQuery_SeverityId = 0 // The event/finding severity is unknown.
	PrefetchQuery_SEVERITY_ID_INFORMATIONAL PrefetchQuery_SeverityId = 1 // Informational message. No action required.
	PrefetchQuery_SEVERITY_ID_LOW           PrefetchQuery_SeverityId = 2 // The user decides if action is needed.
	PrefetchQuery_SEVERITY_ID_MEDIUM        PrefetchQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	PrefetchQuery_SEVERITY_ID_HIGH     PrefetchQuery_SeverityId = 4 // Action is required immediately.
	PrefetchQuery_SEVERITY_ID_CRITICAL PrefetchQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	PrefetchQuery_SEVERITY_ID_FATAL PrefetchQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	PrefetchQuery_SEVERITY_ID_OTHER PrefetchQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (PrefetchQuery_SeverityId) Descriptor 

func (PrefetchQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (PrefetchQuery_SeverityId) Enum 

func (x PrefetchQuery_SeverityId) Enum() *PrefetchQuery_SeverityId

func (PrefetchQuery_SeverityId) EnumDescriptor deprecated 

func (PrefetchQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PrefetchQuery_SeverityId.Descriptor instead.

func (PrefetchQuery_SeverityId) Number 

func (x PrefetchQuery_SeverityId) Number() protoreflect.EnumNumber

func (PrefetchQuery_SeverityId) String 

func (x PrefetchQuery_SeverityId) String() string

func (PrefetchQuery_SeverityId) Type 

func (PrefetchQuery_SeverityId) Type() protoreflect.EnumType

type PrefetchQuery_StatusId 

type PrefetchQuery_StatusId int32
const (
	PrefetchQuery_STATUS_ID_UNKNOWN PrefetchQuery_StatusId = 0 // The status is unknown.
	PrefetchQuery_STATUS_ID_SUCCESS PrefetchQuery_StatusId = 1
	PrefetchQuery_STATUS_ID_FAILURE PrefetchQuery_StatusId = 2
	PrefetchQuery_STATUS_ID_OTHER   PrefetchQuery_StatusId = 99 // The event status is not mapped. See the
)

func (PrefetchQuery_StatusId) Descriptor 

func (PrefetchQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (PrefetchQuery_StatusId) Enum 

func (x PrefetchQuery_StatusId) Enum() *PrefetchQuery_StatusId

func (PrefetchQuery_StatusId) EnumDescriptor deprecated 

func (PrefetchQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use PrefetchQuery_StatusId.Descriptor instead.

func (PrefetchQuery_StatusId) Number 

func (x PrefetchQuery_StatusId) Number() protoreflect.EnumNumber

func (PrefetchQuery_StatusId) String 

func (x PrefetchQuery_StatusId) String() string

func (PrefetchQuery_StatusId) Type 

func (PrefetchQuery_StatusId) Type() protoreflect.EnumType

type Process 

type Process struct {
	CmdLine          *string                `protobuf:"bytes,1,opt,name=cmd_line,json=cmdLine,proto3,oneof" json:"cmd_line,omitempty"`
	Container        *Container             `protobuf:"bytes,2,opt,name=container,proto3" json:"container,omitempty"`
	CreatedTime      *int64                 `protobuf:"varint,3,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt    *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	File             *File                  `protobuf:"bytes,5,opt,name=file,proto3" json:"file,omitempty"`
	Group            *Group                 `protobuf:"bytes,6,opt,name=group,proto3" json:"group,omitempty"`
	Integrity        *string                `protobuf:"bytes,7,opt,name=integrity,proto3,oneof" json:"integrity,omitempty"`
	IntegrityId      *Process_IntegrityId   `` /* 141-byte string literal not displayed */
	Lineage          []string               `protobuf:"bytes,9,rep,name=lineage,proto3" json:"lineage,omitempty"`
	LoadedModules    []string               `protobuf:"bytes,10,rep,name=loaded_modules,json=loadedModules,proto3" json:"loaded_modules,omitempty"`
	Name             *string                `protobuf:"bytes,11,opt,name=name,proto3,oneof" json:"name,omitempty"`
	NamespacePid     *int32                 `protobuf:"varint,12,opt,name=namespace_pid,json=namespacePid,proto3,oneof" json:"namespace_pid,omitempty"`
	ParentProcess    *Process               `protobuf:"bytes,13,opt,name=parent_process,json=parentProcess,proto3" json:"parent_process,omitempty"`
	Pid              *int32                 `protobuf:"varint,14,opt,name=pid,proto3,oneof" json:"pid,omitempty"`
	Sandbox          *string                `protobuf:"bytes,15,opt,name=sandbox,proto3,oneof" json:"sandbox,omitempty"`
	Session          *Session               `protobuf:"bytes,16,opt,name=session,proto3" json:"session,omitempty"`
	TerminatedTime   *int64                 `protobuf:"varint,17,opt,name=terminated_time,json=terminatedTime,proto3,oneof" json:"terminated_time,omitempty"`
	TerminatedTimeDt *timestamppb.Timestamp `protobuf:"bytes,18,opt,name=terminated_time_dt,json=terminatedTimeDt,proto3,oneof" json:"terminated_time_dt,omitempty"`
	Tid              *int32                 `protobuf:"varint,19,opt,name=tid,proto3,oneof" json:"tid,omitempty"`
	Uid              *string                `protobuf:"bytes,20,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	User             *User                  `protobuf:"bytes,21,opt,name=user,proto3" json:"user,omitempty"`
	Xattributes      *structpb.Struct       `protobuf:"bytes,22,opt,name=xattributes,proto3" json:"xattributes,omitempty"`
	Auid             *int32                 `protobuf:"varint,1001,opt,name=auid,proto3,oneof" json:"auid,omitempty"`
	Egid             *int32                 `protobuf:"varint,1002,opt,name=egid,proto3,oneof" json:"egid,omitempty"`
	Euid             *int32                 `protobuf:"varint,1003,opt,name=euid,proto3,oneof" json:"euid,omitempty"`
	// contains filtered or unexported fields
}

Process is an OSF object defined in ocsf objects/process.json and linux objects/process.json

Extends the process object to add Linux specific fields

func (*Process) Descriptor deprecated 

func (*Process) Descriptor() ([]byte, []int)

Deprecated: Use Process.ProtoReflect.Descriptor instead.

func (*Process) GetAuid 

func (x *Process) GetAuid() int32

func (*Process) GetCmdLine 

func (x *Process) GetCmdLine() string

func (*Process) GetContainer 

func (x *Process) GetContainer() *Container

func (*Process) GetCreatedTime 

func (x *Process) GetCreatedTime() int64

func (*Process) GetCreatedTimeDt 

func (x *Process) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Process) GetEgid 

func (x *Process) GetEgid() int32

func (*Process) GetEuid 

func (x *Process) GetEuid() int32

func (*Process) GetFile 

func (x *Process) GetFile() *File

func (*Process) GetGroup 

func (x *Process) GetGroup() *Group

func (*Process) GetIntegrity 

func (x *Process) GetIntegrity() string

func (*Process) GetIntegrityId 

func (x *Process) GetIntegrityId() Process_IntegrityId

func (*Process) GetLineage 

func (x *Process) GetLineage() []string

func (*Process) GetLoadedModules 

func (x *Process) GetLoadedModules() []string

func (*Process) GetName 

func (x *Process) GetName() string

func (*Process) GetNamespacePid 

func (x *Process) GetNamespacePid() int32

func (*Process) GetParentProcess 

func (x *Process) GetParentProcess() *Process

func (*Process) GetPid 

func (x *Process) GetPid() int32

func (*Process) GetSandbox 

func (x *Process) GetSandbox() string

func (*Process) GetSession 

func (x *Process) GetSession() *Session

func (*Process) GetTerminatedTime 

func (x *Process) GetTerminatedTime() int64

func (*Process) GetTerminatedTimeDt 

func (x *Process) GetTerminatedTimeDt() *timestamppb.Timestamp

func (*Process) GetTid 

func (x *Process) GetTid() int32

func (*Process) GetUid 

func (x *Process) GetUid() string

func (*Process) GetUser 

func (x *Process) GetUser() *User

func (*Process) GetXattributes 

func (x *Process) GetXattributes() *structpb.Struct

func (*Process) ProtoMessage 

func (*Process) ProtoMessage()

func (*Process) ProtoReflect 

func (x *Process) ProtoReflect() protoreflect.Message

func (*Process) Reset 

func (x *Process) Reset()

func (*Process) String 

func (x *Process) String() string

type ProcessActivity 

type ProcessActivity struct {
	Action               *string                          `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId             ProcessActivity_ActionId         `` /* 131-byte string literal not displayed */
	ActivityId           ProcessActivity_ActivityId       `` /* 139-byte string literal not displayed */
	ActivityName         *string                          `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor                *Actor                           `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	ActualPermissions    *int32                           `protobuf:"varint,6,opt,name=actual_permissions,json=actualPermissions,proto3,oneof" json:"actual_permissions,omitempty"`
	Api                  *Api                             `protobuf:"bytes,7,opt,name=api,proto3" json:"api,omitempty"`
	Attacks              []*Attack                        `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations       []*Authorization                 `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName         *string                          `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid          ProcessActivity_CategoryUid      `` /* 144-byte string literal not displayed */
	ClassName            *string                          `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid             ProcessActivity_ClassUid         `` /* 132-byte string literal not displayed */
	Cloud                *Cloud                           `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count                *int32                           `protobuf:"varint,15,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device               *Device                          `protobuf:"bytes,16,opt,name=device,proto3" json:"device,omitempty"`
	Disposition          *string                          `protobuf:"bytes,17,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId        *ProcessActivity_DispositionId   `` /* 158-byte string literal not displayed */
	Duration             *int32                           `protobuf:"varint,19,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime              *int64                           `protobuf:"varint,20,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt            *timestamppb.Timestamp           `protobuf:"bytes,21,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments          []*Enrichment                    `protobuf:"bytes,22,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	ExitCode             *int32                           `protobuf:"varint,23,opt,name=exit_code,json=exitCode,proto3,oneof" json:"exit_code,omitempty"`
	FirewallRule         *FirewallRule                    `protobuf:"bytes,24,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	InjectionType        *string                          `protobuf:"bytes,25,opt,name=injection_type,json=injectionType,proto3,oneof" json:"injection_type,omitempty"`
	InjectionTypeId      *ProcessActivity_InjectionTypeId `` /* 168-byte string literal not displayed */
	Malware              []*Malware                       `protobuf:"bytes,27,rep,name=malware,proto3" json:"malware,omitempty"`
	Message              *string                          `protobuf:"bytes,28,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata             *Metadata                        `protobuf:"bytes,29,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Module               *Module                          `protobuf:"bytes,30,opt,name=module,proto3" json:"module,omitempty"`
	Observables          []*Observable                    `protobuf:"bytes,31,rep,name=observables,proto3" json:"observables,omitempty"`
	Process              *Process                         `protobuf:"bytes,32,opt,name=process,proto3" json:"process,omitempty"`
	RawData              *string                          `protobuf:"bytes,33,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	RequestedPermissions *int32                           `` /* 129-byte string literal not displayed */
	Severity             *string                          `protobuf:"bytes,35,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId           ProcessActivity_SeverityId       `` /* 140-byte string literal not displayed */
	StartTime            *int64                           `protobuf:"varint,37,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt          *timestamppb.Timestamp           `protobuf:"bytes,38,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status               *string                          `protobuf:"bytes,39,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode           *string                          `protobuf:"bytes,40,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail         *string                          `protobuf:"bytes,41,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId             *ProcessActivity_StatusId        `` /* 138-byte string literal not displayed */
	Time                 int64                            `protobuf:"varint,43,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt               *timestamppb.Timestamp           `protobuf:"bytes,44,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset       *int32                           `protobuf:"varint,45,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName             *string                          `protobuf:"bytes,46,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid              int64                            `protobuf:"varint,47,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped             *structpb.Struct                 `protobuf:"bytes,48,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ProcessActivity is an OSF event in category "System Activity" called Process Activity defined in ocsf events/system/process.json

Process Activity events report when a process launches, injects, opens or terminates another process, successful or otherwise.

func (*ProcessActivity) Descriptor deprecated 

func (*ProcessActivity) Descriptor() ([]byte, []int)

Deprecated: Use ProcessActivity.ProtoReflect.Descriptor instead.

func (*ProcessActivity) GetAction 

func (x *ProcessActivity) GetAction() string

func (*ProcessActivity) GetActionId 

func (x *ProcessActivity) GetActionId() ProcessActivity_ActionId

func (*ProcessActivity) GetActivityId 

func (x *ProcessActivity) GetActivityId() ProcessActivity_ActivityId

func (*ProcessActivity) GetActivityName 

func (x *ProcessActivity) GetActivityName() string

func (*ProcessActivity) GetActor 

func (x *ProcessActivity) GetActor() *Actor

func (*ProcessActivity) GetActualPermissions 

func (x *ProcessActivity) GetActualPermissions() int32

func (*ProcessActivity) GetApi 

func (x *ProcessActivity) GetApi() *Api

func (*ProcessActivity) GetAttacks 

func (x *ProcessActivity) GetAttacks() []*Attack

func (*ProcessActivity) GetAuthorizations 

func (x *ProcessActivity) GetAuthorizations() []*Authorization

func (*ProcessActivity) GetCategoryName 

func (x *ProcessActivity) GetCategoryName() string

func (*ProcessActivity) GetCategoryUid 

func (x *ProcessActivity) GetCategoryUid() ProcessActivity_CategoryUid

func (*ProcessActivity) GetClassName 

func (x *ProcessActivity) GetClassName() string

func (*ProcessActivity) GetClassUid 

func (x *ProcessActivity) GetClassUid() ProcessActivity_ClassUid

func (*ProcessActivity) GetCloud 

func (x *ProcessActivity) GetCloud() *Cloud

func (*ProcessActivity) GetCount 

func (x *ProcessActivity) GetCount() int32

func (*ProcessActivity) GetDevice 

func (x *ProcessActivity) GetDevice() *Device

func (*ProcessActivity) GetDisposition 

func (x *ProcessActivity) GetDisposition() string

func (*ProcessActivity) GetDispositionId 

func (x *ProcessActivity) GetDispositionId() ProcessActivity_DispositionId

func (*ProcessActivity) GetDuration 

func (x *ProcessActivity) GetDuration() int32

func (*ProcessActivity) GetEndTime 

func (x *ProcessActivity) GetEndTime() int64

func (*ProcessActivity) GetEndTimeDt 

func (x *ProcessActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*ProcessActivity) GetEnrichments 

func (x *ProcessActivity) GetEnrichments() []*Enrichment

func (*ProcessActivity) GetExitCode 

func (x *ProcessActivity) GetExitCode() int32

func (*ProcessActivity) GetFirewallRule 

func (x *ProcessActivity) GetFirewallRule() *FirewallRule

func (*ProcessActivity) GetInjectionType 

func (x *ProcessActivity) GetInjectionType() string

func (*ProcessActivity) GetInjectionTypeId 

func (x *ProcessActivity) GetInjectionTypeId() ProcessActivity_InjectionTypeId

func (*ProcessActivity) GetMalware 

func (x *ProcessActivity) GetMalware() []*Malware

func (*ProcessActivity) GetMessage 

func (x *ProcessActivity) GetMessage() string

func (*ProcessActivity) GetMetadata 

func (x *ProcessActivity) GetMetadata() *Metadata

func (*ProcessActivity) GetModule 

func (x *ProcessActivity) GetModule() *Module

func (*ProcessActivity) GetObservables 

func (x *ProcessActivity) GetObservables() []*Observable

func (*ProcessActivity) GetProcess 

func (x *ProcessActivity) GetProcess() *Process

func (*ProcessActivity) GetRawData 

func (x *ProcessActivity) GetRawData() string

func (*ProcessActivity) GetRequestedPermissions 

func (x *ProcessActivity) GetRequestedPermissions() int32

func (*ProcessActivity) GetSeverity 

func (x *ProcessActivity) GetSeverity() string

func (*ProcessActivity) GetSeverityId 

func (x *ProcessActivity) GetSeverityId() ProcessActivity_SeverityId

func (*ProcessActivity) GetStartTime 

func (x *ProcessActivity) GetStartTime() int64

func (*ProcessActivity) GetStartTimeDt 

func (x *ProcessActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*ProcessActivity) GetStatus 

func (x *ProcessActivity) GetStatus() string

func (*ProcessActivity) GetStatusCode 

func (x *ProcessActivity) GetStatusCode() string

func (*ProcessActivity) GetStatusDetail 

func (x *ProcessActivity) GetStatusDetail() string

func (*ProcessActivity) GetStatusId 

func (x *ProcessActivity) GetStatusId() ProcessActivity_StatusId

func (*ProcessActivity) GetTime 

func (x *ProcessActivity) GetTime() int64

func (*ProcessActivity) GetTimeDt 

func (x *ProcessActivity) GetTimeDt() *timestamppb.Timestamp

func (*ProcessActivity) GetTimezoneOffset 

func (x *ProcessActivity) GetTimezoneOffset() int32

func (*ProcessActivity) GetTypeName 

func (x *ProcessActivity) GetTypeName() string

func (*ProcessActivity) GetTypeUid 

func (x *ProcessActivity) GetTypeUid() int64

func (*ProcessActivity) GetUnmapped 

func (x *ProcessActivity) GetUnmapped() *structpb.Struct

func (*ProcessActivity) ProtoMessage 

func (*ProcessActivity) ProtoMessage()

func (*ProcessActivity) ProtoReflect 

func (x *ProcessActivity) ProtoReflect() protoreflect.Message

func (*ProcessActivity) Reset 

func (x *ProcessActivity) Reset()

func (*ProcessActivity) String 

func (x *ProcessActivity) String() string

type ProcessActivity_ActionId 

type ProcessActivity_ActionId int32
const (
	ProcessActivity_ACTION_ID_UNKNOWN ProcessActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	ProcessActivity_ACTION_ID_ALLOWED ProcessActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	ProcessActivity_ACTION_ID_DENIED ProcessActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	ProcessActivity_ACTION_ID_OTHER ProcessActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (ProcessActivity_ActionId) Descriptor 

func (ProcessActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (ProcessActivity_ActionId) Enum 

func (x ProcessActivity_ActionId) Enum() *ProcessActivity_ActionId

func (ProcessActivity_ActionId) EnumDescriptor deprecated 

func (ProcessActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessActivity_ActionId.Descriptor instead.

func (ProcessActivity_ActionId) Number 

func (x ProcessActivity_ActionId) Number() protoreflect.EnumNumber

func (ProcessActivity_ActionId) String 

func (x ProcessActivity_ActionId) String() string

func (ProcessActivity_ActionId) Type 

func (ProcessActivity_ActionId) Type() protoreflect.EnumType

type ProcessActivity_ActivityId 

type ProcessActivity_ActivityId int32
const (
	ProcessActivity_ACTIVITY_ID_UNKNOWN     ProcessActivity_ActivityId = 0
	ProcessActivity_ACTIVITY_ID_LAUNCH      ProcessActivity_ActivityId = 1
	ProcessActivity_ACTIVITY_ID_TERMINATE   ProcessActivity_ActivityId = 2
	ProcessActivity_ACTIVITY_ID_OPEN        ProcessActivity_ActivityId = 3
	ProcessActivity_ACTIVITY_ID_INJECT      ProcessActivity_ActivityId = 4
	ProcessActivity_ACTIVITY_ID_SET_USER_ID ProcessActivity_ActivityId = 5
	ProcessActivity_ACTIVITY_ID_OTHER       ProcessActivity_ActivityId = 99
)

func (ProcessActivity_ActivityId) Descriptor 

func (ProcessActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ProcessActivity_ActivityId) Enum 

func (x ProcessActivity_ActivityId) Enum() *ProcessActivity_ActivityId

func (ProcessActivity_ActivityId) EnumDescriptor deprecated 

func (ProcessActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessActivity_ActivityId.Descriptor instead.

func (ProcessActivity_ActivityId) Number 

func (x ProcessActivity_ActivityId) Number() protoreflect.EnumNumber

func (ProcessActivity_ActivityId) String 

func (x ProcessActivity_ActivityId) String() string

func (ProcessActivity_ActivityId) Type 

func (ProcessActivity_ActivityId) Type() protoreflect.EnumType

type ProcessActivity_CategoryUid 

type ProcessActivity_CategoryUid int32
const (
	ProcessActivity_CATEGORY_UID_UNKNOWN         ProcessActivity_CategoryUid = 0
	ProcessActivity_CATEGORY_UID_SYSTEM_ACTIVITY ProcessActivity_CategoryUid = 1
)

func (ProcessActivity_CategoryUid) Descriptor 

func (ProcessActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ProcessActivity_CategoryUid) Enum 

func (x ProcessActivity_CategoryUid) Enum() *ProcessActivity_CategoryUid

func (ProcessActivity_CategoryUid) EnumDescriptor deprecated 

func (ProcessActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessActivity_CategoryUid.Descriptor instead.

func (ProcessActivity_CategoryUid) Number 

func (x ProcessActivity_CategoryUid) Number() protoreflect.EnumNumber

func (ProcessActivity_CategoryUid) String 

func (x ProcessActivity_CategoryUid) String() string

func (ProcessActivity_CategoryUid) Type 

func (ProcessActivity_CategoryUid) Type() protoreflect.EnumType

type ProcessActivity_ClassUid 

type ProcessActivity_ClassUid int32
const (
	ProcessActivity_CLASS_UID_UNKNOWN          ProcessActivity_ClassUid = 0
	ProcessActivity_CLASS_UID_PROCESS_ACTIVITY ProcessActivity_ClassUid = 1007
)

func (ProcessActivity_ClassUid) Descriptor 

func (ProcessActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ProcessActivity_ClassUid) Enum 

func (x ProcessActivity_ClassUid) Enum() *ProcessActivity_ClassUid

func (ProcessActivity_ClassUid) EnumDescriptor deprecated 

func (ProcessActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessActivity_ClassUid.Descriptor instead.

func (ProcessActivity_ClassUid) Number 

func (x ProcessActivity_ClassUid) Number() protoreflect.EnumNumber

func (ProcessActivity_ClassUid) String 

func (x ProcessActivity_ClassUid) String() string

func (ProcessActivity_ClassUid) Type 

func (ProcessActivity_ClassUid) Type() protoreflect.EnumType

type ProcessActivity_DispositionId 

type ProcessActivity_DispositionId int32
const (
	ProcessActivity_DISPOSITION_ID_UNKNOWN ProcessActivity_DispositionId = 0 // The disposition was not known.
	ProcessActivity_DISPOSITION_ID_ALLOWED ProcessActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	ProcessActivity_DISPOSITION_ID_BLOCKED ProcessActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	ProcessActivity_DISPOSITION_ID_QUARANTINED ProcessActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	ProcessActivity_DISPOSITION_ID_ISOLATED ProcessActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	ProcessActivity_DISPOSITION_ID_DELETED ProcessActivity_DispositionId = 5 // A file or other content was deleted.
	ProcessActivity_DISPOSITION_ID_DROPPED ProcessActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	ProcessActivity_DISPOSITION_ID_CUSTOM_ACTION ProcessActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	ProcessActivity_DISPOSITION_ID_APPROVED ProcessActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	ProcessActivity_DISPOSITION_ID_RESTORED ProcessActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	ProcessActivity_DISPOSITION_ID_EXONERATED ProcessActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	ProcessActivity_DISPOSITION_ID_CORRECTED ProcessActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	ProcessActivity_DISPOSITION_ID_PARTIALLY_CORRECTED ProcessActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	ProcessActivity_DISPOSITION_ID_UNCORRECTED ProcessActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	ProcessActivity_DISPOSITION_ID_DELAYED ProcessActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	ProcessActivity_DISPOSITION_ID_DETECTED ProcessActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	ProcessActivity_DISPOSITION_ID_NO_ACTION ProcessActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	ProcessActivity_DISPOSITION_ID_LOGGED ProcessActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	ProcessActivity_DISPOSITION_ID_TAGGED ProcessActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	ProcessActivity_DISPOSITION_ID_ALERT ProcessActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	ProcessActivity_DISPOSITION_ID_COUNT ProcessActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	ProcessActivity_DISPOSITION_ID_RESET ProcessActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	ProcessActivity_DISPOSITION_ID_CAPTCHA ProcessActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	ProcessActivity_DISPOSITION_ID_CHALLENGE ProcessActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	ProcessActivity_DISPOSITION_ID_ACCESS_REVOKED ProcessActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	ProcessActivity_DISPOSITION_ID_REJECTED ProcessActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	ProcessActivity_DISPOSITION_ID_UNAUTHORIZED ProcessActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	ProcessActivity_DISPOSITION_ID_ERROR ProcessActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	ProcessActivity_DISPOSITION_ID_OTHER ProcessActivity_DispositionId = 99 // The disposition is not listed. The
)

func (ProcessActivity_DispositionId) Descriptor 

func (ProcessActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (ProcessActivity_DispositionId) Enum 

func (x ProcessActivity_DispositionId) Enum() *ProcessActivity_DispositionId

func (ProcessActivity_DispositionId) EnumDescriptor deprecated 

func (ProcessActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessActivity_DispositionId.Descriptor instead.

func (ProcessActivity_DispositionId) Number 

func (x ProcessActivity_DispositionId) Number() protoreflect.EnumNumber

func (ProcessActivity_DispositionId) String 

func (x ProcessActivity_DispositionId) String() string

func (ProcessActivity_DispositionId) Type 

func (ProcessActivity_DispositionId) Type() protoreflect.EnumType

type ProcessActivity_InjectionTypeId 

type ProcessActivity_InjectionTypeId int32
const (
	ProcessActivity_INJECTION_TYPE_ID_UNKNOWN       ProcessActivity_InjectionTypeId = 0 // The injection type is unknown.
	ProcessActivity_INJECTION_TYPE_ID_REMOTE_THREAD ProcessActivity_InjectionTypeId = 1
	ProcessActivity_INJECTION_TYPE_ID_LOAD_LIBRARY  ProcessActivity_InjectionTypeId = 2
	ProcessActivity_INJECTION_TYPE_ID_OTHER         ProcessActivity_InjectionTypeId = 99 // The injection type is not mapped. See the
)

func (ProcessActivity_InjectionTypeId) Descriptor 

func (ProcessActivity_InjectionTypeId) Descriptor() protoreflect.EnumDescriptor

func (ProcessActivity_InjectionTypeId) Enum 

func (x ProcessActivity_InjectionTypeId) Enum() *ProcessActivity_InjectionTypeId

func (ProcessActivity_InjectionTypeId) EnumDescriptor deprecated 

func (ProcessActivity_InjectionTypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessActivity_InjectionTypeId.Descriptor instead.

func (ProcessActivity_InjectionTypeId) Number 

func (x ProcessActivity_InjectionTypeId) Number() protoreflect.EnumNumber

func (ProcessActivity_InjectionTypeId) String 

func (x ProcessActivity_InjectionTypeId) String() string

func (ProcessActivity_InjectionTypeId) Type 

func (ProcessActivity_InjectionTypeId) Type() protoreflect.EnumType

type ProcessActivity_SeverityId 

type ProcessActivity_SeverityId int32
const (
	ProcessActivity_SEVERITY_ID_UNKNOWN       ProcessActivity_SeverityId = 0 // The event/finding severity is unknown.
	ProcessActivity_SEVERITY_ID_INFORMATIONAL ProcessActivity_SeverityId = 1 // Informational message. No action required.
	ProcessActivity_SEVERITY_ID_LOW           ProcessActivity_SeverityId = 2 // The user decides if action is needed.
	ProcessActivity_SEVERITY_ID_MEDIUM        ProcessActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ProcessActivity_SEVERITY_ID_HIGH     ProcessActivity_SeverityId = 4 // Action is required immediately.
	ProcessActivity_SEVERITY_ID_CRITICAL ProcessActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ProcessActivity_SEVERITY_ID_FATAL ProcessActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ProcessActivity_SEVERITY_ID_OTHER ProcessActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ProcessActivity_SeverityId) Descriptor 

func (ProcessActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ProcessActivity_SeverityId) Enum 

func (x ProcessActivity_SeverityId) Enum() *ProcessActivity_SeverityId

func (ProcessActivity_SeverityId) EnumDescriptor deprecated 

func (ProcessActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessActivity_SeverityId.Descriptor instead.

func (ProcessActivity_SeverityId) Number 

func (x ProcessActivity_SeverityId) Number() protoreflect.EnumNumber

func (ProcessActivity_SeverityId) String 

func (x ProcessActivity_SeverityId) String() string

func (ProcessActivity_SeverityId) Type 

func (ProcessActivity_SeverityId) Type() protoreflect.EnumType

type ProcessActivity_StatusId 

type ProcessActivity_StatusId int32
const (
	ProcessActivity_STATUS_ID_UNKNOWN ProcessActivity_StatusId = 0 // The status is unknown.
	ProcessActivity_STATUS_ID_SUCCESS ProcessActivity_StatusId = 1
	ProcessActivity_STATUS_ID_FAILURE ProcessActivity_StatusId = 2
	ProcessActivity_STATUS_ID_OTHER   ProcessActivity_StatusId = 99 // The event status is not mapped. See the
)

func (ProcessActivity_StatusId) Descriptor 

func (ProcessActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ProcessActivity_StatusId) Enum 

func (x ProcessActivity_StatusId) Enum() *ProcessActivity_StatusId

func (ProcessActivity_StatusId) EnumDescriptor deprecated 

func (ProcessActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessActivity_StatusId.Descriptor instead.

func (ProcessActivity_StatusId) Number 

func (x ProcessActivity_StatusId) Number() protoreflect.EnumNumber

func (ProcessActivity_StatusId) String 

func (x ProcessActivity_StatusId) String() string

func (ProcessActivity_StatusId) Type 

func (ProcessActivity_StatusId) Type() protoreflect.EnumType

type ProcessQuery 

type ProcessQuery struct {
	ActivityId     ProcessQuery_ActivityId    `` /* 136-byte string literal not displayed */
	ActivityName   *string                    `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                     `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                       `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                    `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    ProcessQuery_CategoryUid   `` /* 140-byte string literal not displayed */
	ClassName      *string                    `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       ProcessQuery_ClassUid      `` /* 128-byte string literal not displayed */
	Cloud          *Cloud                     `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                     `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                    `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                     `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                     `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp     `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment              `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                    `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                  `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable              `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	Process        *Process                   `protobuf:"bytes,19,opt,name=process,proto3" json:"process,omitempty"`
	QueryInfo      *QueryInfo                 `protobuf:"bytes,20,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                    `protobuf:"bytes,21,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  ProcessQuery_QueryResultId `` /* 151-byte string literal not displayed */
	RawData        *string                    `protobuf:"bytes,23,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                    `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     ProcessQuery_SeverityId    `` /* 137-byte string literal not displayed */
	StartTime      *int64                     `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp     `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                    `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                    `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                    `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *ProcessQuery_StatusId     `` /* 135-byte string literal not displayed */
	Time           int64                      `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp     `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                     `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                    `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                      `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct           `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ProcessQuery is an OSF event in category "Discovery" called Process Query defined in ocsf events/discovery/process_query.json

Process Query events report information about running processes.

func (*ProcessQuery) Descriptor deprecated 

func (*ProcessQuery) Descriptor() ([]byte, []int)

Deprecated: Use ProcessQuery.ProtoReflect.Descriptor instead.

func (*ProcessQuery) GetActivityId 

func (x *ProcessQuery) GetActivityId() ProcessQuery_ActivityId

func (*ProcessQuery) GetActivityName 

func (x *ProcessQuery) GetActivityName() string

func (*ProcessQuery) GetActor 

func (x *ProcessQuery) GetActor() *Actor

func (*ProcessQuery) GetApi 

func (x *ProcessQuery) GetApi() *Api

func (*ProcessQuery) GetCategoryName 

func (x *ProcessQuery) GetCategoryName() string

func (*ProcessQuery) GetCategoryUid 

func (x *ProcessQuery) GetCategoryUid() ProcessQuery_CategoryUid

func (*ProcessQuery) GetClassName 

func (x *ProcessQuery) GetClassName() string

func (*ProcessQuery) GetClassUid 

func (x *ProcessQuery) GetClassUid() ProcessQuery_ClassUid

func (*ProcessQuery) GetCloud 

func (x *ProcessQuery) GetCloud() *Cloud

func (*ProcessQuery) GetCount 

func (x *ProcessQuery) GetCount() int32

func (*ProcessQuery) GetDevice 

func (x *ProcessQuery) GetDevice() *Device

func (*ProcessQuery) GetDuration 

func (x *ProcessQuery) GetDuration() int32

func (*ProcessQuery) GetEndTime 

func (x *ProcessQuery) GetEndTime() int64

func (*ProcessQuery) GetEndTimeDt 

func (x *ProcessQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*ProcessQuery) GetEnrichments 

func (x *ProcessQuery) GetEnrichments() []*Enrichment

func (*ProcessQuery) GetMessage 

func (x *ProcessQuery) GetMessage() string

func (*ProcessQuery) GetMetadata 

func (x *ProcessQuery) GetMetadata() *Metadata

func (*ProcessQuery) GetObservables 

func (x *ProcessQuery) GetObservables() []*Observable

func (*ProcessQuery) GetProcess 

func (x *ProcessQuery) GetProcess() *Process

func (*ProcessQuery) GetQueryInfo 

func (x *ProcessQuery) GetQueryInfo() *QueryInfo

func (*ProcessQuery) GetQueryResult 

func (x *ProcessQuery) GetQueryResult() string

func (*ProcessQuery) GetQueryResultId 

func (x *ProcessQuery) GetQueryResultId() ProcessQuery_QueryResultId

func (*ProcessQuery) GetRawData 

func (x *ProcessQuery) GetRawData() string

func (*ProcessQuery) GetSeverity 

func (x *ProcessQuery) GetSeverity() string

func (*ProcessQuery) GetSeverityId 

func (x *ProcessQuery) GetSeverityId() ProcessQuery_SeverityId

func (*ProcessQuery) GetStartTime 

func (x *ProcessQuery) GetStartTime() int64

func (*ProcessQuery) GetStartTimeDt 

func (x *ProcessQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*ProcessQuery) GetStatus 

func (x *ProcessQuery) GetStatus() string

func (*ProcessQuery) GetStatusCode 

func (x *ProcessQuery) GetStatusCode() string

func (*ProcessQuery) GetStatusDetail 

func (x *ProcessQuery) GetStatusDetail() string

func (*ProcessQuery) GetStatusId 

func (x *ProcessQuery) GetStatusId() ProcessQuery_StatusId

func (*ProcessQuery) GetTime 

func (x *ProcessQuery) GetTime() int64

func (*ProcessQuery) GetTimeDt 

func (x *ProcessQuery) GetTimeDt() *timestamppb.Timestamp

func (*ProcessQuery) GetTimezoneOffset 

func (x *ProcessQuery) GetTimezoneOffset() int32

func (*ProcessQuery) GetTypeName 

func (x *ProcessQuery) GetTypeName() string

func (*ProcessQuery) GetTypeUid 

func (x *ProcessQuery) GetTypeUid() int64

func (*ProcessQuery) GetUnmapped 

func (x *ProcessQuery) GetUnmapped() *structpb.Struct

func (*ProcessQuery) ProtoMessage 

func (*ProcessQuery) ProtoMessage()

func (*ProcessQuery) ProtoReflect 

func (x *ProcessQuery) ProtoReflect() protoreflect.Message

func (*ProcessQuery) Reset 

func (x *ProcessQuery) Reset()

func (*ProcessQuery) String 

func (x *ProcessQuery) String() string

type ProcessQuery_ActivityId 

type ProcessQuery_ActivityId int32
const (
	ProcessQuery_ACTIVITY_ID_UNKNOWN ProcessQuery_ActivityId = 0
	ProcessQuery_ACTIVITY_ID_QUERY   ProcessQuery_ActivityId = 1 // The discovered results are via a query request.
	ProcessQuery_ACTIVITY_ID_OTHER   ProcessQuery_ActivityId = 99
)

func (ProcessQuery_ActivityId) Descriptor 

func (ProcessQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ProcessQuery_ActivityId) Enum 

func (x ProcessQuery_ActivityId) Enum() *ProcessQuery_ActivityId

func (ProcessQuery_ActivityId) EnumDescriptor deprecated 

func (ProcessQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessQuery_ActivityId.Descriptor instead.

func (ProcessQuery_ActivityId) Number 

func (x ProcessQuery_ActivityId) Number() protoreflect.EnumNumber

func (ProcessQuery_ActivityId) String 

func (x ProcessQuery_ActivityId) String() string

func (ProcessQuery_ActivityId) Type 

func (ProcessQuery_ActivityId) Type() protoreflect.EnumType

type ProcessQuery_CategoryUid 

type ProcessQuery_CategoryUid int32
const (
	ProcessQuery_CATEGORY_UID_UNKNOWN   ProcessQuery_CategoryUid = 0
	ProcessQuery_CATEGORY_UID_DISCOVERY ProcessQuery_CategoryUid = 5
)

func (ProcessQuery_CategoryUid) Descriptor 

func (ProcessQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ProcessQuery_CategoryUid) Enum 

func (x ProcessQuery_CategoryUid) Enum() *ProcessQuery_CategoryUid

func (ProcessQuery_CategoryUid) EnumDescriptor deprecated 

func (ProcessQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessQuery_CategoryUid.Descriptor instead.

func (ProcessQuery_CategoryUid) Number 

func (x ProcessQuery_CategoryUid) Number() protoreflect.EnumNumber

func (ProcessQuery_CategoryUid) String 

func (x ProcessQuery_CategoryUid) String() string

func (ProcessQuery_CategoryUid) Type 

func (ProcessQuery_CategoryUid) Type() protoreflect.EnumType

type ProcessQuery_ClassUid 

type ProcessQuery_ClassUid int32
const (
	ProcessQuery_CLASS_UID_UNKNOWN       ProcessQuery_ClassUid = 0
	ProcessQuery_CLASS_UID_PROCESS_QUERY ProcessQuery_ClassUid = 5015
)

func (ProcessQuery_ClassUid) Descriptor 

func (ProcessQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ProcessQuery_ClassUid) Enum 

func (x ProcessQuery_ClassUid) Enum() *ProcessQuery_ClassUid

func (ProcessQuery_ClassUid) EnumDescriptor deprecated 

func (ProcessQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessQuery_ClassUid.Descriptor instead.

func (ProcessQuery_ClassUid) Number 

func (x ProcessQuery_ClassUid) Number() protoreflect.EnumNumber

func (ProcessQuery_ClassUid) String 

func (x ProcessQuery_ClassUid) String() string

func (ProcessQuery_ClassUid) Type 

func (ProcessQuery_ClassUid) Type() protoreflect.EnumType

type ProcessQuery_QueryResultId 

type ProcessQuery_QueryResultId int32
const (
	ProcessQuery_QUERY_RESULT_ID_UNKNOWN        ProcessQuery_QueryResultId = 0  // The query result is unknown.
	ProcessQuery_QUERY_RESULT_ID_EXISTS         ProcessQuery_QueryResultId = 1  // The target was found.
	ProcessQuery_QUERY_RESULT_ID_PARTIAL        ProcessQuery_QueryResultId = 2  // The target was partially found.
	ProcessQuery_QUERY_RESULT_ID_DOES_NOT_EXIST ProcessQuery_QueryResultId = 3  // The target was not found.
	ProcessQuery_QUERY_RESULT_ID_ERROR          ProcessQuery_QueryResultId = 4  // The discovery attempt failed.
	ProcessQuery_QUERY_RESULT_ID_UNSUPPORTED    ProcessQuery_QueryResultId = 5  // Discovery of the target was not supported.
	ProcessQuery_QUERY_RESULT_ID_OTHER          ProcessQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (ProcessQuery_QueryResultId) Descriptor 

func (ProcessQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (ProcessQuery_QueryResultId) Enum 

func (x ProcessQuery_QueryResultId) Enum() *ProcessQuery_QueryResultId

func (ProcessQuery_QueryResultId) EnumDescriptor deprecated 

func (ProcessQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessQuery_QueryResultId.Descriptor instead.

func (ProcessQuery_QueryResultId) Number 

func (x ProcessQuery_QueryResultId) Number() protoreflect.EnumNumber

func (ProcessQuery_QueryResultId) String 

func (x ProcessQuery_QueryResultId) String() string

func (ProcessQuery_QueryResultId) Type 

func (ProcessQuery_QueryResultId) Type() protoreflect.EnumType

type ProcessQuery_SeverityId 

type ProcessQuery_SeverityId int32
const (
	ProcessQuery_SEVERITY_ID_UNKNOWN       ProcessQuery_SeverityId = 0 // The event/finding severity is unknown.
	ProcessQuery_SEVERITY_ID_INFORMATIONAL ProcessQuery_SeverityId = 1 // Informational message. No action required.
	ProcessQuery_SEVERITY_ID_LOW           ProcessQuery_SeverityId = 2 // The user decides if action is needed.
	ProcessQuery_SEVERITY_ID_MEDIUM        ProcessQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ProcessQuery_SEVERITY_ID_HIGH     ProcessQuery_SeverityId = 4 // Action is required immediately.
	ProcessQuery_SEVERITY_ID_CRITICAL ProcessQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ProcessQuery_SEVERITY_ID_FATAL ProcessQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ProcessQuery_SEVERITY_ID_OTHER ProcessQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ProcessQuery_SeverityId) Descriptor 

func (ProcessQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ProcessQuery_SeverityId) Enum 

func (x ProcessQuery_SeverityId) Enum() *ProcessQuery_SeverityId

func (ProcessQuery_SeverityId) EnumDescriptor deprecated 

func (ProcessQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessQuery_SeverityId.Descriptor instead.

func (ProcessQuery_SeverityId) Number 

func (x ProcessQuery_SeverityId) Number() protoreflect.EnumNumber

func (ProcessQuery_SeverityId) String 

func (x ProcessQuery_SeverityId) String() string

func (ProcessQuery_SeverityId) Type 

func (ProcessQuery_SeverityId) Type() protoreflect.EnumType

type ProcessQuery_StatusId 

type ProcessQuery_StatusId int32
const (
	ProcessQuery_STATUS_ID_UNKNOWN ProcessQuery_StatusId = 0 // The status is unknown.
	ProcessQuery_STATUS_ID_SUCCESS ProcessQuery_StatusId = 1
	ProcessQuery_STATUS_ID_FAILURE ProcessQuery_StatusId = 2
	ProcessQuery_STATUS_ID_OTHER   ProcessQuery_StatusId = 99 // The event status is not mapped. See the
)

func (ProcessQuery_StatusId) Descriptor 

func (ProcessQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ProcessQuery_StatusId) Enum 

func (x ProcessQuery_StatusId) Enum() *ProcessQuery_StatusId

func (ProcessQuery_StatusId) EnumDescriptor deprecated 

func (ProcessQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProcessQuery_StatusId.Descriptor instead.

func (ProcessQuery_StatusId) Number 

func (x ProcessQuery_StatusId) Number() protoreflect.EnumNumber

func (ProcessQuery_StatusId) String 

func (x ProcessQuery_StatusId) String() string

func (ProcessQuery_StatusId) Type 

func (ProcessQuery_StatusId) Type() protoreflect.EnumType

type Process_IntegrityId 

type Process_IntegrityId int32
const (
	Process_INTEGRITY_ID_UNKNOWN   Process_IntegrityId = 0
	Process_INTEGRITY_ID_UNTRUSTED Process_IntegrityId = 1
	Process_INTEGRITY_ID_LOW       Process_IntegrityId = 2
	Process_INTEGRITY_ID_MEDIUM    Process_IntegrityId = 3
	Process_INTEGRITY_ID_HIGH      Process_IntegrityId = 4
	Process_INTEGRITY_ID_SYSTEM    Process_IntegrityId = 5
	Process_INTEGRITY_ID_PROTECTED Process_IntegrityId = 6
	Process_INTEGRITY_ID_OTHER     Process_IntegrityId = 99
)

func (Process_IntegrityId) Descriptor 

func (Process_IntegrityId) Descriptor() protoreflect.EnumDescriptor

func (Process_IntegrityId) Enum 

func (x Process_IntegrityId) Enum() *Process_IntegrityId

func (Process_IntegrityId) EnumDescriptor deprecated 

func (Process_IntegrityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Process_IntegrityId.Descriptor instead.

func (Process_IntegrityId) Number 

func (x Process_IntegrityId) Number() protoreflect.EnumNumber

func (Process_IntegrityId) String 

func (x Process_IntegrityId) String() string

func (Process_IntegrityId) Type 

func (Process_IntegrityId) Type() protoreflect.EnumType

type Product 

type Product struct {
	CpeName            *string             `protobuf:"bytes,1,opt,name=cpe_name,json=cpeName,proto3,oneof" json:"cpe_name,omitempty"`
	DataClassification *DataClassification `protobuf:"bytes,2,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	Feature            *Feature            `protobuf:"bytes,3,opt,name=feature,proto3" json:"feature,omitempty"`
	Lang               *string             `protobuf:"bytes,4,opt,name=lang,proto3,oneof" json:"lang,omitempty"`
	Name               *string             `protobuf:"bytes,5,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Path               *string             `protobuf:"bytes,6,opt,name=path,proto3,oneof" json:"path,omitempty"`
	Uid                *string             `protobuf:"bytes,7,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	UrlString          *string             `protobuf:"bytes,8,opt,name=url_string,json=urlString,proto3,oneof" json:"url_string,omitempty"`
	VendorName         string              `protobuf:"bytes,9,opt,name=vendor_name,json=vendorName,proto3" json:"vendor_name,omitempty"`
	Version            *string             `protobuf:"bytes,10,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Product is an OSF object defined in ocsf objects/product.json

The Product object describes characteristics of a software product.

func (*Product) Descriptor deprecated 

func (*Product) Descriptor() ([]byte, []int)

Deprecated: Use Product.ProtoReflect.Descriptor instead.

func (*Product) GetCpeName 

func (x *Product) GetCpeName() string

func (*Product) GetDataClassification 

func (x *Product) GetDataClassification() *DataClassification

func (*Product) GetFeature 

func (x *Product) GetFeature() *Feature

func (*Product) GetLang 

func (x *Product) GetLang() string

func (*Product) GetName 

func (x *Product) GetName() string

func (*Product) GetPath 

func (x *Product) GetPath() string

func (*Product) GetUid 

func (x *Product) GetUid() string

func (*Product) GetUrlString 

func (x *Product) GetUrlString() string

func (*Product) GetVendorName 

func (x *Product) GetVendorName() string

func (*Product) GetVersion 

func (x *Product) GetVersion() string

func (*Product) ProtoMessage 

func (*Product) ProtoMessage()

func (*Product) ProtoReflect 

func (x *Product) ProtoReflect() protoreflect.Message

func (*Product) Reset 

func (x *Product) Reset()

func (*Product) String 

func (x *Product) String() string

type QueryInfo 

type QueryInfo struct {
	Bytes       *int64                 `protobuf:"varint,1,opt,name=bytes,proto3,oneof" json:"bytes,omitempty"`
	Data        *structpb.Value        `protobuf:"bytes,2,opt,name=data,proto3,oneof" json:"data,omitempty"`
	Name        *string                `protobuf:"bytes,3,opt,name=name,proto3,oneof" json:"name,omitempty"`
	QueryString string                 `protobuf:"bytes,4,opt,name=query_string,json=queryString,proto3" json:"query_string,omitempty"`
	QueryTime   *int64                 `protobuf:"varint,5,opt,name=query_time,json=queryTime,proto3,oneof" json:"query_time,omitempty"`
	QueryTimeDt *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=query_time_dt,json=queryTimeDt,proto3,oneof" json:"query_time_dt,omitempty"`
	Uid         *string                `protobuf:"bytes,7,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

QueryInfo is an OSF object defined in ocsf objects/query_info.json

The query info object holds information related to data access within a datastore. To access, manipulate, delete, or retrieve data from a datastore, a query must be written using a specific syntax.

func (*QueryInfo) Descriptor deprecated 

func (*QueryInfo) Descriptor() ([]byte, []int)

Deprecated: Use QueryInfo.ProtoReflect.Descriptor instead.

func (*QueryInfo) GetBytes 

func (x *QueryInfo) GetBytes() int64

func (*QueryInfo) GetData 

func (x *QueryInfo) GetData() *structpb.Value

func (*QueryInfo) GetName 

func (x *QueryInfo) GetName() string

func (*QueryInfo) GetQueryString 

func (x *QueryInfo) GetQueryString() string

func (*QueryInfo) GetQueryTime 

func (x *QueryInfo) GetQueryTime() int64

func (*QueryInfo) GetQueryTimeDt 

func (x *QueryInfo) GetQueryTimeDt() *timestamppb.Timestamp

func (*QueryInfo) GetUid 

func (x *QueryInfo) GetUid() string

func (*QueryInfo) ProtoMessage 

func (*QueryInfo) ProtoMessage()

func (*QueryInfo) ProtoReflect 

func (x *QueryInfo) ProtoReflect() protoreflect.Message

func (*QueryInfo) Reset 

func (x *QueryInfo) Reset()

func (*QueryInfo) String 

func (x *QueryInfo) String() string

type RdpActivity 

type RdpActivity struct {
	Action              *string                    `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            RdpActivity_ActionId       `` /* 127-byte string literal not displayed */
	ActivityId          RdpActivity_ActivityId     `` /* 135-byte string literal not displayed */
	ActivityName        *string                    `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                     `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                       `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                    `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                  `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization           `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	Capabilities        []string                   `protobuf:"bytes,10,rep,name=capabilities,proto3" json:"capabilities,omitempty"`
	CategoryName        *string                    `protobuf:"bytes,11,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         RdpActivity_CategoryUid    `` /* 140-byte string literal not displayed */
	CertificateChain    []string                   `protobuf:"bytes,13,rep,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
	ClassName           *string                    `protobuf:"bytes,14,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            RdpActivity_ClassUid       `` /* 128-byte string literal not displayed */
	Cloud               *Cloud                     `protobuf:"bytes,16,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo     `protobuf:"bytes,17,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                     `protobuf:"varint,18,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                    `protobuf:"bytes,19,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                    `protobuf:"bytes,20,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *RdpActivity_DispositionId `` /* 154-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint           `protobuf:"bytes,22,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                     `protobuf:"varint,23,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                     `protobuf:"varint,24,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp     `protobuf:"bytes,25,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment              `protobuf:"bytes,26,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File                *File                      `protobuf:"bytes,27,opt,name=file,proto3" json:"file,omitempty"`
	FirewallRule        *FirewallRule              `protobuf:"bytes,28,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	IdentifierCookie    *string                    `protobuf:"bytes,29,opt,name=identifier_cookie,json=identifierCookie,proto3,oneof" json:"identifier_cookie,omitempty"`
	LoadBalancer        *LoadBalancer              `protobuf:"bytes,30,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                 `protobuf:"bytes,31,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                    `protobuf:"bytes,32,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                  `protobuf:"bytes,33,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable              `protobuf:"bytes,34,rep,name=observables,proto3" json:"observables,omitempty"`
	ProtocolVer         *string                    `protobuf:"bytes,35,opt,name=protocol_ver,json=protocolVer,proto3,oneof" json:"protocol_ver,omitempty"`
	Proxy               *NetworkProxy              `protobuf:"bytes,36,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo     `protobuf:"bytes,37,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy              `protobuf:"bytes,38,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest               `protobuf:"bytes,39,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse              `protobuf:"bytes,40,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                       `protobuf:"bytes,41,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic            `protobuf:"bytes,42,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                    `protobuf:"bytes,43,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	RemoteDisplay       *Display                   `protobuf:"bytes,44,opt,name=remote_display,json=remoteDisplay,proto3" json:"remote_display,omitempty"`
	Request             *Request                   `protobuf:"bytes,45,opt,name=request,proto3" json:"request,omitempty"`
	Response            *Response                  `protobuf:"bytes,46,opt,name=response,proto3" json:"response,omitempty"`
	Severity            *string                    `protobuf:"bytes,47,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          RdpActivity_SeverityId     `` /* 136-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint           `protobuf:"bytes,49,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                     `protobuf:"varint,50,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp     `protobuf:"bytes,51,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                    `protobuf:"bytes,52,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                    `protobuf:"bytes,53,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                    `protobuf:"bytes,54,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *RdpActivity_StatusId      `` /* 134-byte string literal not displayed */
	Time                int64                      `protobuf:"varint,56,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp     `protobuf:"bytes,57,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                     `protobuf:"varint,58,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                       `protobuf:"bytes,59,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic            `protobuf:"bytes,60,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TypeName            *string                    `protobuf:"bytes,61,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                      `protobuf:"varint,62,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct           `protobuf:"bytes,63,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

RdpActivity is an OSF event in category "Network Activity" called RDP Activity defined in ocsf events/network/rdp.json

Remote Desktop Protocol (RDP) Activity events report remote client connections to a server as seen on the network.

func (*RdpActivity) Descriptor deprecated 

func (*RdpActivity) Descriptor() ([]byte, []int)

Deprecated: Use RdpActivity.ProtoReflect.Descriptor instead.

func (*RdpActivity) GetAction 

func (x *RdpActivity) GetAction() string

func (*RdpActivity) GetActionId 

func (x *RdpActivity) GetActionId() RdpActivity_ActionId

func (*RdpActivity) GetActivityId 

func (x *RdpActivity) GetActivityId() RdpActivity_ActivityId

func (*RdpActivity) GetActivityName 

func (x *RdpActivity) GetActivityName() string

func (*RdpActivity) GetActor 

func (x *RdpActivity) GetActor() *Actor

func (*RdpActivity) GetApi 

func (x *RdpActivity) GetApi() *Api

func (*RdpActivity) GetAppName 

func (x *RdpActivity) GetAppName() string

func (*RdpActivity) GetAttacks 

func (x *RdpActivity) GetAttacks() []*Attack

func (*RdpActivity) GetAuthorizations 

func (x *RdpActivity) GetAuthorizations() []*Authorization

func (*RdpActivity) GetCapabilities 

func (x *RdpActivity) GetCapabilities() []string

func (*RdpActivity) GetCategoryName 

func (x *RdpActivity) GetCategoryName() string

func (*RdpActivity) GetCategoryUid 

func (x *RdpActivity) GetCategoryUid() RdpActivity_CategoryUid

func (*RdpActivity) GetCertificateChain 

func (x *RdpActivity) GetCertificateChain() []string

func (*RdpActivity) GetClassName 

func (x *RdpActivity) GetClassName() string

func (*RdpActivity) GetClassUid 

func (x *RdpActivity) GetClassUid() RdpActivity_ClassUid

func (*RdpActivity) GetCloud 

func (x *RdpActivity) GetCloud() *Cloud

func (*RdpActivity) GetConnectionInfo 

func (x *RdpActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*RdpActivity) GetCount 

func (x *RdpActivity) GetCount() int32

func (*RdpActivity) GetDevice 

func (x *RdpActivity) GetDevice() *Device

func (*RdpActivity) GetDisposition 

func (x *RdpActivity) GetDisposition() string

func (*RdpActivity) GetDispositionId 

func (x *RdpActivity) GetDispositionId() RdpActivity_DispositionId

func (*RdpActivity) GetDstEndpoint 

func (x *RdpActivity) GetDstEndpoint() *NetworkEndpoint

func (*RdpActivity) GetDuration 

func (x *RdpActivity) GetDuration() int32

func (*RdpActivity) GetEndTime 

func (x *RdpActivity) GetEndTime() int64

func (*RdpActivity) GetEndTimeDt 

func (x *RdpActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*RdpActivity) GetEnrichments 

func (x *RdpActivity) GetEnrichments() []*Enrichment

func (*RdpActivity) GetFile 

func (x *RdpActivity) GetFile() *File

func (*RdpActivity) GetFirewallRule 

func (x *RdpActivity) GetFirewallRule() *FirewallRule

func (*RdpActivity) GetIdentifierCookie 

func (x *RdpActivity) GetIdentifierCookie() string

func (*RdpActivity) GetLoadBalancer 

func (x *RdpActivity) GetLoadBalancer() *LoadBalancer

func (*RdpActivity) GetMalware 

func (x *RdpActivity) GetMalware() []*Malware

func (*RdpActivity) GetMessage 

func (x *RdpActivity) GetMessage() string

func (*RdpActivity) GetMetadata 

func (x *RdpActivity) GetMetadata() *Metadata

func (*RdpActivity) GetObservables 

func (x *RdpActivity) GetObservables() []*Observable

func (*RdpActivity) GetProtocolVer 

func (x *RdpActivity) GetProtocolVer() string

func (*RdpActivity) GetProxy 

func (x *RdpActivity) GetProxy() *NetworkProxy

func (*RdpActivity) GetProxyConnectionInfo 

func (x *RdpActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*RdpActivity) GetProxyEndpoint 

func (x *RdpActivity) GetProxyEndpoint() *NetworkProxy

func (*RdpActivity) GetProxyHttpRequest 

func (x *RdpActivity) GetProxyHttpRequest() *HttpRequest

func (*RdpActivity) GetProxyHttpResponse 

func (x *RdpActivity) GetProxyHttpResponse() *HttpResponse

func (*RdpActivity) GetProxyTls 

func (x *RdpActivity) GetProxyTls() *Tls

func (*RdpActivity) GetProxyTraffic 

func (x *RdpActivity) GetProxyTraffic() *NetworkTraffic

func (*RdpActivity) GetRawData 

func (x *RdpActivity) GetRawData() string

func (*RdpActivity) GetRemoteDisplay 

func (x *RdpActivity) GetRemoteDisplay() *Display

func (*RdpActivity) GetRequest 

func (x *RdpActivity) GetRequest() *Request

func (*RdpActivity) GetResponse 

func (x *RdpActivity) GetResponse() *Response

func (*RdpActivity) GetSeverity 

func (x *RdpActivity) GetSeverity() string

func (*RdpActivity) GetSeverityId 

func (x *RdpActivity) GetSeverityId() RdpActivity_SeverityId

func (*RdpActivity) GetSrcEndpoint 

func (x *RdpActivity) GetSrcEndpoint() *NetworkEndpoint

func (*RdpActivity) GetStartTime 

func (x *RdpActivity) GetStartTime() int64

func (*RdpActivity) GetStartTimeDt 

func (x *RdpActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*RdpActivity) GetStatus 

func (x *RdpActivity) GetStatus() string

func (*RdpActivity) GetStatusCode 

func (x *RdpActivity) GetStatusCode() string

func (*RdpActivity) GetStatusDetail 

func (x *RdpActivity) GetStatusDetail() string

func (*RdpActivity) GetStatusId 

func (x *RdpActivity) GetStatusId() RdpActivity_StatusId

func (*RdpActivity) GetTime 

func (x *RdpActivity) GetTime() int64

func (*RdpActivity) GetTimeDt 

func (x *RdpActivity) GetTimeDt() *timestamppb.Timestamp

func (*RdpActivity) GetTimezoneOffset 

func (x *RdpActivity) GetTimezoneOffset() int32

func (*RdpActivity) GetTls 

func (x *RdpActivity) GetTls() *Tls

func (*RdpActivity) GetTraffic 

func (x *RdpActivity) GetTraffic() *NetworkTraffic

func (*RdpActivity) GetTypeName 

func (x *RdpActivity) GetTypeName() string

func (*RdpActivity) GetTypeUid 

func (x *RdpActivity) GetTypeUid() int64

func (*RdpActivity) GetUnmapped 

func (x *RdpActivity) GetUnmapped() *structpb.Struct

func (*RdpActivity) ProtoMessage 

func (*RdpActivity) ProtoMessage()

func (*RdpActivity) ProtoReflect 

func (x *RdpActivity) ProtoReflect() protoreflect.Message

func (*RdpActivity) Reset 

func (x *RdpActivity) Reset()

func (*RdpActivity) String 

func (x *RdpActivity) String() string

type RdpActivity_ActionId 

type RdpActivity_ActionId int32
const (
	RdpActivity_ACTION_ID_UNKNOWN RdpActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	RdpActivity_ACTION_ID_ALLOWED RdpActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	RdpActivity_ACTION_ID_DENIED RdpActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	RdpActivity_ACTION_ID_OTHER RdpActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (RdpActivity_ActionId) Descriptor 

func (RdpActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (RdpActivity_ActionId) Enum 

func (x RdpActivity_ActionId) Enum() *RdpActivity_ActionId

func (RdpActivity_ActionId) EnumDescriptor deprecated 

func (RdpActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RdpActivity_ActionId.Descriptor instead.

func (RdpActivity_ActionId) Number 

func (x RdpActivity_ActionId) Number() protoreflect.EnumNumber

func (RdpActivity_ActionId) String 

func (x RdpActivity_ActionId) String() string

func (RdpActivity_ActionId) Type 

func (RdpActivity_ActionId) Type() protoreflect.EnumType

type RdpActivity_ActivityId 

type RdpActivity_ActivityId int32
const (
	RdpActivity_ACTIVITY_ID_UNKNOWN          RdpActivity_ActivityId = 0
	RdpActivity_ACTIVITY_ID_INITIAL_REQUEST  RdpActivity_ActivityId = 1 // The initial RDP request.
	RdpActivity_ACTIVITY_ID_INITIAL_RESPONSE RdpActivity_ActivityId = 2 // The initial RDP response.
	RdpActivity_ACTIVITY_ID_CONNECT_REQUEST  RdpActivity_ActivityId = 3 // An RDP connection request.
	RdpActivity_ACTIVITY_ID_CONNECT_RESPONSE RdpActivity_ActivityId = 4 // An RDP connection response.
	RdpActivity_ACTIVITY_ID_TLS_HANDSHAKE    RdpActivity_ActivityId = 5 // The TLS handshake.
	RdpActivity_ACTIVITY_ID_TRAFFIC          RdpActivity_ActivityId = 6 // Network traffic report.
	RdpActivity_ACTIVITY_ID_OTHER            RdpActivity_ActivityId = 99
)

func (RdpActivity_ActivityId) Descriptor 

func (RdpActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (RdpActivity_ActivityId) Enum 

func (x RdpActivity_ActivityId) Enum() *RdpActivity_ActivityId

func (RdpActivity_ActivityId) EnumDescriptor deprecated 

func (RdpActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RdpActivity_ActivityId.Descriptor instead.

func (RdpActivity_ActivityId) Number 

func (x RdpActivity_ActivityId) Number() protoreflect.EnumNumber

func (RdpActivity_ActivityId) String 

func (x RdpActivity_ActivityId) String() string

func (RdpActivity_ActivityId) Type 

func (RdpActivity_ActivityId) Type() protoreflect.EnumType

type RdpActivity_CategoryUid 

type RdpActivity_CategoryUid int32
const (
	RdpActivity_CATEGORY_UID_UNKNOWN          RdpActivity_CategoryUid = 0
	RdpActivity_CATEGORY_UID_NETWORK_ACTIVITY RdpActivity_CategoryUid = 4
)

func (RdpActivity_CategoryUid) Descriptor 

func (RdpActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (RdpActivity_CategoryUid) Enum 

func (x RdpActivity_CategoryUid) Enum() *RdpActivity_CategoryUid

func (RdpActivity_CategoryUid) EnumDescriptor deprecated 

func (RdpActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RdpActivity_CategoryUid.Descriptor instead.

func (RdpActivity_CategoryUid) Number 

func (x RdpActivity_CategoryUid) Number() protoreflect.EnumNumber

func (RdpActivity_CategoryUid) String 

func (x RdpActivity_CategoryUid) String() string

func (RdpActivity_CategoryUid) Type 

func (RdpActivity_CategoryUid) Type() protoreflect.EnumType

type RdpActivity_ClassUid 

type RdpActivity_ClassUid int32
const (
	RdpActivity_CLASS_UID_UNKNOWN      RdpActivity_ClassUid = 0
	RdpActivity_CLASS_UID_RDP_ACTIVITY RdpActivity_ClassUid = 4005
)

func (RdpActivity_ClassUid) Descriptor 

func (RdpActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (RdpActivity_ClassUid) Enum 

func (x RdpActivity_ClassUid) Enum() *RdpActivity_ClassUid

func (RdpActivity_ClassUid) EnumDescriptor deprecated 

func (RdpActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RdpActivity_ClassUid.Descriptor instead.

func (RdpActivity_ClassUid) Number 

func (x RdpActivity_ClassUid) Number() protoreflect.EnumNumber

func (RdpActivity_ClassUid) String 

func (x RdpActivity_ClassUid) String() string

func (RdpActivity_ClassUid) Type 

func (RdpActivity_ClassUid) Type() protoreflect.EnumType

type RdpActivity_DispositionId 

type RdpActivity_DispositionId int32
const (
	RdpActivity_DISPOSITION_ID_UNKNOWN RdpActivity_DispositionId = 0 // The disposition was not known.
	RdpActivity_DISPOSITION_ID_ALLOWED RdpActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	RdpActivity_DISPOSITION_ID_BLOCKED RdpActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	RdpActivity_DISPOSITION_ID_QUARANTINED RdpActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	RdpActivity_DISPOSITION_ID_ISOLATED RdpActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	RdpActivity_DISPOSITION_ID_DELETED RdpActivity_DispositionId = 5 // A file or other content was deleted.
	RdpActivity_DISPOSITION_ID_DROPPED RdpActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	RdpActivity_DISPOSITION_ID_CUSTOM_ACTION RdpActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	RdpActivity_DISPOSITION_ID_APPROVED RdpActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	RdpActivity_DISPOSITION_ID_RESTORED RdpActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	RdpActivity_DISPOSITION_ID_EXONERATED RdpActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	RdpActivity_DISPOSITION_ID_CORRECTED RdpActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	RdpActivity_DISPOSITION_ID_PARTIALLY_CORRECTED RdpActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	RdpActivity_DISPOSITION_ID_UNCORRECTED RdpActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	RdpActivity_DISPOSITION_ID_DELAYED RdpActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	RdpActivity_DISPOSITION_ID_DETECTED RdpActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	RdpActivity_DISPOSITION_ID_NO_ACTION RdpActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	RdpActivity_DISPOSITION_ID_LOGGED RdpActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	RdpActivity_DISPOSITION_ID_TAGGED RdpActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	RdpActivity_DISPOSITION_ID_ALERT RdpActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	RdpActivity_DISPOSITION_ID_COUNT RdpActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	RdpActivity_DISPOSITION_ID_RESET RdpActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	RdpActivity_DISPOSITION_ID_CAPTCHA RdpActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	RdpActivity_DISPOSITION_ID_CHALLENGE RdpActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	RdpActivity_DISPOSITION_ID_ACCESS_REVOKED RdpActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	RdpActivity_DISPOSITION_ID_REJECTED RdpActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	RdpActivity_DISPOSITION_ID_UNAUTHORIZED RdpActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	RdpActivity_DISPOSITION_ID_ERROR RdpActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	RdpActivity_DISPOSITION_ID_OTHER RdpActivity_DispositionId = 99 // The disposition is not listed. The
)

func (RdpActivity_DispositionId) Descriptor 

func (RdpActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (RdpActivity_DispositionId) Enum 

func (x RdpActivity_DispositionId) Enum() *RdpActivity_DispositionId

func (RdpActivity_DispositionId) EnumDescriptor deprecated 

func (RdpActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RdpActivity_DispositionId.Descriptor instead.

func (RdpActivity_DispositionId) Number 

func (x RdpActivity_DispositionId) Number() protoreflect.EnumNumber

func (RdpActivity_DispositionId) String 

func (x RdpActivity_DispositionId) String() string

func (RdpActivity_DispositionId) Type 

func (RdpActivity_DispositionId) Type() protoreflect.EnumType

type RdpActivity_SeverityId 

type RdpActivity_SeverityId int32
const (
	RdpActivity_SEVERITY_ID_UNKNOWN       RdpActivity_SeverityId = 0 // The event/finding severity is unknown.
	RdpActivity_SEVERITY_ID_INFORMATIONAL RdpActivity_SeverityId = 1 // Informational message. No action required.
	RdpActivity_SEVERITY_ID_LOW           RdpActivity_SeverityId = 2 // The user decides if action is needed.
	RdpActivity_SEVERITY_ID_MEDIUM        RdpActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	RdpActivity_SEVERITY_ID_HIGH     RdpActivity_SeverityId = 4 // Action is required immediately.
	RdpActivity_SEVERITY_ID_CRITICAL RdpActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	RdpActivity_SEVERITY_ID_FATAL RdpActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	RdpActivity_SEVERITY_ID_OTHER RdpActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (RdpActivity_SeverityId) Descriptor 

func (RdpActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (RdpActivity_SeverityId) Enum 

func (x RdpActivity_SeverityId) Enum() *RdpActivity_SeverityId

func (RdpActivity_SeverityId) EnumDescriptor deprecated 

func (RdpActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RdpActivity_SeverityId.Descriptor instead.

func (RdpActivity_SeverityId) Number 

func (x RdpActivity_SeverityId) Number() protoreflect.EnumNumber

func (RdpActivity_SeverityId) String 

func (x RdpActivity_SeverityId) String() string

func (RdpActivity_SeverityId) Type 

func (RdpActivity_SeverityId) Type() protoreflect.EnumType

type RdpActivity_StatusId 

type RdpActivity_StatusId int32
const (
	RdpActivity_STATUS_ID_UNKNOWN RdpActivity_StatusId = 0 // The status is unknown.
	RdpActivity_STATUS_ID_SUCCESS RdpActivity_StatusId = 1
	RdpActivity_STATUS_ID_FAILURE RdpActivity_StatusId = 2
	RdpActivity_STATUS_ID_OTHER   RdpActivity_StatusId = 99 // The event status is not mapped. See the
)

func (RdpActivity_StatusId) Descriptor 

func (RdpActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (RdpActivity_StatusId) Enum 

func (x RdpActivity_StatusId) Enum() *RdpActivity_StatusId

func (RdpActivity_StatusId) EnumDescriptor deprecated 

func (RdpActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RdpActivity_StatusId.Descriptor instead.

func (RdpActivity_StatusId) Number 

func (x RdpActivity_StatusId) Number() protoreflect.EnumNumber

func (RdpActivity_StatusId) String 

func (x RdpActivity_StatusId) String() string

func (RdpActivity_StatusId) Type 

func (RdpActivity_StatusId) Type() protoreflect.EnumType

type RegKey 

type RegKey struct {
	IsSystem           *bool                  `protobuf:"varint,1,opt,name=is_system,json=isSystem,proto3,oneof" json:"is_system,omitempty"`
	ModifiedTime       *int64                 `protobuf:"varint,2,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt     *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	Path               string                 `protobuf:"bytes,4,opt,name=path,proto3" json:"path,omitempty"`
	SecurityDescriptor *string                `protobuf:"bytes,5,opt,name=security_descriptor,json=securityDescriptor,proto3,oneof" json:"security_descriptor,omitempty"`
	// contains filtered or unexported fields
}

RegKey is an OSF object defined in win objects/registry_key.json

The registry key object describes a Windows registry key. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:WindowsRegistryKey/'>d3f:WindowsRegistryKey</a>.

func (*RegKey) Descriptor deprecated 

func (*RegKey) Descriptor() ([]byte, []int)

Deprecated: Use RegKey.ProtoReflect.Descriptor instead.

func (*RegKey) GetIsSystem 

func (x *RegKey) GetIsSystem() bool

func (*RegKey) GetModifiedTime 

func (x *RegKey) GetModifiedTime() int64

func (*RegKey) GetModifiedTimeDt 

func (x *RegKey) GetModifiedTimeDt() *timestamppb.Timestamp

func (*RegKey) GetPath 

func (x *RegKey) GetPath() string

func (*RegKey) GetSecurityDescriptor 

func (x *RegKey) GetSecurityDescriptor() string

func (*RegKey) ProtoMessage 

func (*RegKey) ProtoMessage()

func (*RegKey) ProtoReflect 

func (x *RegKey) ProtoReflect() protoreflect.Message

func (*RegKey) Reset 

func (x *RegKey) Reset()

func (*RegKey) String 

func (x *RegKey) String() string

type RegValue 

type RegValue struct {
	Data           *structpb.Value        `protobuf:"bytes,1,opt,name=data,proto3,oneof" json:"data,omitempty"`
	IsDefault      *bool                  `protobuf:"varint,2,opt,name=is_default,json=isDefault,proto3,oneof" json:"is_default,omitempty"`
	IsSystem       *bool                  `protobuf:"varint,3,opt,name=is_system,json=isSystem,proto3,oneof" json:"is_system,omitempty"`
	ModifiedTime   *int64                 `protobuf:"varint,4,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	Name           string                 `protobuf:"bytes,6,opt,name=name,proto3" json:"name,omitempty"`
	Path           string                 `protobuf:"bytes,7,opt,name=path,proto3" json:"path,omitempty"`
	Type           *string                `protobuf:"bytes,8,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId         *RegValue_TypeId       `protobuf:"varint,9,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.RegValue_TypeId,oneof" json:"type_id,omitempty"`
	// contains filtered or unexported fields
}

RegValue is an OSF object defined in win objects/registry_value.json

The registry value object describes a Windows registry value.

func (*RegValue) Descriptor deprecated 

func (*RegValue) Descriptor() ([]byte, []int)

Deprecated: Use RegValue.ProtoReflect.Descriptor instead.

func (*RegValue) GetData 

func (x *RegValue) GetData() *structpb.Value

func (*RegValue) GetIsDefault 

func (x *RegValue) GetIsDefault() bool

func (*RegValue) GetIsSystem 

func (x *RegValue) GetIsSystem() bool

func (*RegValue) GetModifiedTime 

func (x *RegValue) GetModifiedTime() int64

func (*RegValue) GetModifiedTimeDt 

func (x *RegValue) GetModifiedTimeDt() *timestamppb.Timestamp

func (*RegValue) GetName 

func (x *RegValue) GetName() string

func (*RegValue) GetPath 

func (x *RegValue) GetPath() string

func (*RegValue) GetType 

func (x *RegValue) GetType() string

func (*RegValue) GetTypeId 

func (x *RegValue) GetTypeId() RegValue_TypeId

func (*RegValue) ProtoMessage 

func (*RegValue) ProtoMessage()

func (*RegValue) ProtoReflect 

func (x *RegValue) ProtoReflect() protoreflect.Message

func (*RegValue) Reset 

func (x *RegValue) Reset()

func (*RegValue) String 

func (x *RegValue) String() string

type RegValue_TypeId 

type RegValue_TypeId int32
const (
	RegValue_TYPE_ID_UNKNOWN                 RegValue_TypeId = 0 // The type is unknown.
	RegValue_TYPE_ID_REG_BINARY              RegValue_TypeId = 1
	RegValue_TYPE_ID_REG_DWORD               RegValue_TypeId = 2
	RegValue_TYPE_ID_REG_DWORD_BIG_ENDIAN    RegValue_TypeId = 3
	RegValue_TYPE_ID_REG_EXPAND_SZ           RegValue_TypeId = 4
	RegValue_TYPE_ID_REG_LINK                RegValue_TypeId = 5
	RegValue_TYPE_ID_REG_MULTI_SZ            RegValue_TypeId = 6
	RegValue_TYPE_ID_REG_NONE                RegValue_TypeId = 7
	RegValue_TYPE_ID_REG_QWORD               RegValue_TypeId = 8
	RegValue_TYPE_ID_REG_QWORD_LITTLE_ENDIAN RegValue_TypeId = 9
	RegValue_TYPE_ID_REG_SZ                  RegValue_TypeId = 10
	RegValue_TYPE_ID_OTHER                   RegValue_TypeId = 99 // The type is not mapped. See the
)

func (RegValue_TypeId) Descriptor 

func (RegValue_TypeId) Descriptor() protoreflect.EnumDescriptor

func (RegValue_TypeId) Enum 

func (x RegValue_TypeId) Enum() *RegValue_TypeId

func (RegValue_TypeId) EnumDescriptor deprecated 

func (RegValue_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegValue_TypeId.Descriptor instead.

func (RegValue_TypeId) Number 

func (x RegValue_TypeId) Number() protoreflect.EnumNumber

func (RegValue_TypeId) String 

func (x RegValue_TypeId) String() string

func (RegValue_TypeId) Type 

func (RegValue_TypeId) Type() protoreflect.EnumType

type RegistryKeyActivity 

type RegistryKeyActivity struct {
	AccessMask     *int32                             `protobuf:"varint,1,opt,name=access_mask,json=accessMask,proto3,oneof" json:"access_mask,omitempty"`
	Action         *string                            `protobuf:"bytes,2,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       RegistryKeyActivity_ActionId       `` /* 135-byte string literal not displayed */
	ActivityId     RegistryKeyActivity_ActivityId     `` /* 143-byte string literal not displayed */
	ActivityName   *string                            `protobuf:"bytes,5,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                             `protobuf:"bytes,6,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                               `protobuf:"bytes,7,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                          `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization                   `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                            `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    RegistryKeyActivity_CategoryUid    `` /* 148-byte string literal not displayed */
	ClassName      *string                            `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       RegistryKeyActivity_ClassUid       `` /* 136-byte string literal not displayed */
	Cloud          *Cloud                             `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                             `protobuf:"varint,15,opt,name=count,proto3,oneof" json:"count,omitempty"`
	CreateMask     *string                            `protobuf:"bytes,16,opt,name=create_mask,json=createMask,proto3,oneof" json:"create_mask,omitempty"`
	Device         *Device                            `protobuf:"bytes,17,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                            `protobuf:"bytes,18,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *RegistryKeyActivity_DispositionId `` /* 162-byte string literal not displayed */
	Duration       *int32                             `protobuf:"varint,20,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                             `protobuf:"varint,21,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp             `protobuf:"bytes,22,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                      `protobuf:"bytes,23,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                      `protobuf:"bytes,24,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                         `protobuf:"bytes,25,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                            `protobuf:"bytes,26,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                          `protobuf:"bytes,27,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                      `protobuf:"bytes,28,rep,name=observables,proto3" json:"observables,omitempty"`
	OpenMask       *int32                             `protobuf:"varint,29,opt,name=open_mask,json=openMask,proto3,oneof" json:"open_mask,omitempty"`
	RawData        *string                            `protobuf:"bytes,30,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                            `protobuf:"bytes,31,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     RegistryKeyActivity_SeverityId     `` /* 144-byte string literal not displayed */
	StartTime      *int64                             `protobuf:"varint,33,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp             `protobuf:"bytes,34,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                            `protobuf:"bytes,35,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                            `protobuf:"bytes,36,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                            `protobuf:"bytes,37,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *RegistryKeyActivity_StatusId      `` /* 142-byte string literal not displayed */
	Time           int64                              `protobuf:"varint,39,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp             `protobuf:"bytes,40,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                             `protobuf:"varint,41,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                            `protobuf:"bytes,42,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                              `protobuf:"varint,43,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                   `protobuf:"bytes,44,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	PrevRegKey     *RegKey                            `protobuf:"bytes,2001,opt,name=prev_reg_key,json=prevRegKey,proto3" json:"prev_reg_key,omitempty"`
	RegKey         *RegKey                            `protobuf:"bytes,2002,opt,name=reg_key,json=regKey,proto3" json:"reg_key,omitempty"`
	// contains filtered or unexported fields
}

RegistryKeyActivity is an OSF event in category "System Activity" called Registry Key Activity defined in win events/registry_key.json

Registry Key Activity events report when a process performs an action on a Windows registry key.

func (*RegistryKeyActivity) Descriptor deprecated 

func (*RegistryKeyActivity) Descriptor() ([]byte, []int)

Deprecated: Use RegistryKeyActivity.ProtoReflect.Descriptor instead.

func (*RegistryKeyActivity) GetAccessMask 

func (x *RegistryKeyActivity) GetAccessMask() int32

func (*RegistryKeyActivity) GetAction 

func (x *RegistryKeyActivity) GetAction() string

func (*RegistryKeyActivity) GetActionId 

func (x *RegistryKeyActivity) GetActionId() RegistryKeyActivity_ActionId

func (*RegistryKeyActivity) GetActivityId 

func (x *RegistryKeyActivity) GetActivityId() RegistryKeyActivity_ActivityId

func (*RegistryKeyActivity) GetActivityName 

func (x *RegistryKeyActivity) GetActivityName() string

func (*RegistryKeyActivity) GetActor 

func (x *RegistryKeyActivity) GetActor() *Actor

func (*RegistryKeyActivity) GetApi 

func (x *RegistryKeyActivity) GetApi() *Api

func (*RegistryKeyActivity) GetAttacks 

func (x *RegistryKeyActivity) GetAttacks() []*Attack

func (*RegistryKeyActivity) GetAuthorizations 

func (x *RegistryKeyActivity) GetAuthorizations() []*Authorization

func (*RegistryKeyActivity) GetCategoryName 

func (x *RegistryKeyActivity) GetCategoryName() string

func (*RegistryKeyActivity) GetCategoryUid 

func (x *RegistryKeyActivity) GetCategoryUid() RegistryKeyActivity_CategoryUid

func (*RegistryKeyActivity) GetClassName 

func (x *RegistryKeyActivity) GetClassName() string

func (*RegistryKeyActivity) GetClassUid 

func (x *RegistryKeyActivity) GetClassUid() RegistryKeyActivity_ClassUid

func (*RegistryKeyActivity) GetCloud 

func (x *RegistryKeyActivity) GetCloud() *Cloud

func (*RegistryKeyActivity) GetCount 

func (x *RegistryKeyActivity) GetCount() int32

func (*RegistryKeyActivity) GetCreateMask 

func (x *RegistryKeyActivity) GetCreateMask() string

func (*RegistryKeyActivity) GetDevice 

func (x *RegistryKeyActivity) GetDevice() *Device

func (*RegistryKeyActivity) GetDisposition 

func (x *RegistryKeyActivity) GetDisposition() string

func (*RegistryKeyActivity) GetDispositionId 

func (x *RegistryKeyActivity) GetDispositionId() RegistryKeyActivity_DispositionId

func (*RegistryKeyActivity) GetDuration 

func (x *RegistryKeyActivity) GetDuration() int32

func (*RegistryKeyActivity) GetEndTime 

func (x *RegistryKeyActivity) GetEndTime() int64

func (*RegistryKeyActivity) GetEndTimeDt 

func (x *RegistryKeyActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*RegistryKeyActivity) GetEnrichments 

func (x *RegistryKeyActivity) GetEnrichments() []*Enrichment

func (*RegistryKeyActivity) GetFirewallRule 

func (x *RegistryKeyActivity) GetFirewallRule() *FirewallRule

func (*RegistryKeyActivity) GetMalware 

func (x *RegistryKeyActivity) GetMalware() []*Malware

func (*RegistryKeyActivity) GetMessage 

func (x *RegistryKeyActivity) GetMessage() string

func (*RegistryKeyActivity) GetMetadata 

func (x *RegistryKeyActivity) GetMetadata() *Metadata

func (*RegistryKeyActivity) GetObservables 

func (x *RegistryKeyActivity) GetObservables() []*Observable

func (*RegistryKeyActivity) GetOpenMask 

func (x *RegistryKeyActivity) GetOpenMask() int32

func (*RegistryKeyActivity) GetPrevRegKey 

func (x *RegistryKeyActivity) GetPrevRegKey() *RegKey

func (*RegistryKeyActivity) GetRawData 

func (x *RegistryKeyActivity) GetRawData() string

func (*RegistryKeyActivity) GetRegKey 

func (x *RegistryKeyActivity) GetRegKey() *RegKey

func (*RegistryKeyActivity) GetSeverity 

func (x *RegistryKeyActivity) GetSeverity() string

func (*RegistryKeyActivity) GetSeverityId 

func (x *RegistryKeyActivity) GetSeverityId() RegistryKeyActivity_SeverityId

func (*RegistryKeyActivity) GetStartTime 

func (x *RegistryKeyActivity) GetStartTime() int64

func (*RegistryKeyActivity) GetStartTimeDt 

func (x *RegistryKeyActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*RegistryKeyActivity) GetStatus 

func (x *RegistryKeyActivity) GetStatus() string

func (*RegistryKeyActivity) GetStatusCode 

func (x *RegistryKeyActivity) GetStatusCode() string

func (*RegistryKeyActivity) GetStatusDetail 

func (x *RegistryKeyActivity) GetStatusDetail() string

func (*RegistryKeyActivity) GetStatusId 

func (x *RegistryKeyActivity) GetStatusId() RegistryKeyActivity_StatusId

func (*RegistryKeyActivity) GetTime 

func (x *RegistryKeyActivity) GetTime() int64

func (*RegistryKeyActivity) GetTimeDt 

func (x *RegistryKeyActivity) GetTimeDt() *timestamppb.Timestamp

func (*RegistryKeyActivity) GetTimezoneOffset 

func (x *RegistryKeyActivity) GetTimezoneOffset() int32

func (*RegistryKeyActivity) GetTypeName 

func (x *RegistryKeyActivity) GetTypeName() string

func (*RegistryKeyActivity) GetTypeUid 

func (x *RegistryKeyActivity) GetTypeUid() int64

func (*RegistryKeyActivity) GetUnmapped 

func (x *RegistryKeyActivity) GetUnmapped() *structpb.Struct

func (*RegistryKeyActivity) ProtoMessage 

func (*RegistryKeyActivity) ProtoMessage()

func (*RegistryKeyActivity) ProtoReflect 

func (x *RegistryKeyActivity) ProtoReflect() protoreflect.Message

func (*RegistryKeyActivity) Reset 

func (x *RegistryKeyActivity) Reset()

func (*RegistryKeyActivity) String 

func (x *RegistryKeyActivity) String() string

type RegistryKeyActivity_ActionId 

type RegistryKeyActivity_ActionId int32
const (
	RegistryKeyActivity_ACTION_ID_UNKNOWN RegistryKeyActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	RegistryKeyActivity_ACTION_ID_ALLOWED RegistryKeyActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	RegistryKeyActivity_ACTION_ID_DENIED RegistryKeyActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	RegistryKeyActivity_ACTION_ID_OTHER RegistryKeyActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (RegistryKeyActivity_ActionId) Descriptor 

func (RegistryKeyActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyActivity_ActionId) Enum 

func (x RegistryKeyActivity_ActionId) Enum() *RegistryKeyActivity_ActionId

func (RegistryKeyActivity_ActionId) EnumDescriptor deprecated 

func (RegistryKeyActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyActivity_ActionId.Descriptor instead.

func (RegistryKeyActivity_ActionId) Number 

func (x RegistryKeyActivity_ActionId) Number() protoreflect.EnumNumber

func (RegistryKeyActivity_ActionId) String 

func (x RegistryKeyActivity_ActionId) String() string

func (RegistryKeyActivity_ActionId) Type 

func (RegistryKeyActivity_ActionId) Type() protoreflect.EnumType

type RegistryKeyActivity_ActivityId 

type RegistryKeyActivity_ActivityId int32
const (
	RegistryKeyActivity_ACTIVITY_ID_UNKNOWN      RegistryKeyActivity_ActivityId = 0
	RegistryKeyActivity_ACTIVITY_ID_CREATE       RegistryKeyActivity_ActivityId = 1
	RegistryKeyActivity_ACTIVITY_ID_READ         RegistryKeyActivity_ActivityId = 2
	RegistryKeyActivity_ACTIVITY_ID_MODIFY       RegistryKeyActivity_ActivityId = 3
	RegistryKeyActivity_ACTIVITY_ID_DELETE       RegistryKeyActivity_ActivityId = 4
	RegistryKeyActivity_ACTIVITY_ID_RENAME       RegistryKeyActivity_ActivityId = 5
	RegistryKeyActivity_ACTIVITY_ID_SET_SECURITY RegistryKeyActivity_ActivityId = 6
	RegistryKeyActivity_ACTIVITY_ID_RESTORE      RegistryKeyActivity_ActivityId = 7
	RegistryKeyActivity_ACTIVITY_ID_IMPORT       RegistryKeyActivity_ActivityId = 8
	RegistryKeyActivity_ACTIVITY_ID_EXPORT       RegistryKeyActivity_ActivityId = 9
	RegistryKeyActivity_ACTIVITY_ID_OTHER        RegistryKeyActivity_ActivityId = 99
)

func (RegistryKeyActivity_ActivityId) Descriptor 

func (RegistryKeyActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyActivity_ActivityId) Enum 

func (x RegistryKeyActivity_ActivityId) Enum() *RegistryKeyActivity_ActivityId

func (RegistryKeyActivity_ActivityId) EnumDescriptor deprecated 

func (RegistryKeyActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyActivity_ActivityId.Descriptor instead.

func (RegistryKeyActivity_ActivityId) Number 

func (x RegistryKeyActivity_ActivityId) Number() protoreflect.EnumNumber

func (RegistryKeyActivity_ActivityId) String 

func (x RegistryKeyActivity_ActivityId) String() string

func (RegistryKeyActivity_ActivityId) Type 

func (RegistryKeyActivity_ActivityId) Type() protoreflect.EnumType

type RegistryKeyActivity_CategoryUid 

type RegistryKeyActivity_CategoryUid int32
const (
	RegistryKeyActivity_CATEGORY_UID_UNKNOWN         RegistryKeyActivity_CategoryUid = 0
	RegistryKeyActivity_CATEGORY_UID_SYSTEM_ACTIVITY RegistryKeyActivity_CategoryUid = 1
)

func (RegistryKeyActivity_CategoryUid) Descriptor 

func (RegistryKeyActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyActivity_CategoryUid) Enum 

func (x RegistryKeyActivity_CategoryUid) Enum() *RegistryKeyActivity_CategoryUid

func (RegistryKeyActivity_CategoryUid) EnumDescriptor deprecated 

func (RegistryKeyActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyActivity_CategoryUid.Descriptor instead.

func (RegistryKeyActivity_CategoryUid) Number 

func (x RegistryKeyActivity_CategoryUid) Number() protoreflect.EnumNumber

func (RegistryKeyActivity_CategoryUid) String 

func (x RegistryKeyActivity_CategoryUid) String() string

func (RegistryKeyActivity_CategoryUid) Type 

func (RegistryKeyActivity_CategoryUid) Type() protoreflect.EnumType

type RegistryKeyActivity_ClassUid 

type RegistryKeyActivity_ClassUid int32
const (
	RegistryKeyActivity_CLASS_UID_UNKNOWN               RegistryKeyActivity_ClassUid = 0
	RegistryKeyActivity_CLASS_UID_REGISTRY_KEY_ACTIVITY RegistryKeyActivity_ClassUid = 201001
)

func (RegistryKeyActivity_ClassUid) Descriptor 

func (RegistryKeyActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyActivity_ClassUid) Enum 

func (x RegistryKeyActivity_ClassUid) Enum() *RegistryKeyActivity_ClassUid

func (RegistryKeyActivity_ClassUid) EnumDescriptor deprecated 

func (RegistryKeyActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyActivity_ClassUid.Descriptor instead.

func (RegistryKeyActivity_ClassUid) Number 

func (x RegistryKeyActivity_ClassUid) Number() protoreflect.EnumNumber

func (RegistryKeyActivity_ClassUid) String 

func (x RegistryKeyActivity_ClassUid) String() string

func (RegistryKeyActivity_ClassUid) Type 

func (RegistryKeyActivity_ClassUid) Type() protoreflect.EnumType

type RegistryKeyActivity_DispositionId 

type RegistryKeyActivity_DispositionId int32
const (
	RegistryKeyActivity_DISPOSITION_ID_UNKNOWN RegistryKeyActivity_DispositionId = 0 // The disposition was not known.
	RegistryKeyActivity_DISPOSITION_ID_ALLOWED RegistryKeyActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	RegistryKeyActivity_DISPOSITION_ID_BLOCKED RegistryKeyActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	RegistryKeyActivity_DISPOSITION_ID_QUARANTINED RegistryKeyActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	RegistryKeyActivity_DISPOSITION_ID_ISOLATED RegistryKeyActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	RegistryKeyActivity_DISPOSITION_ID_DELETED RegistryKeyActivity_DispositionId = 5 // A file or other content was deleted.
	RegistryKeyActivity_DISPOSITION_ID_DROPPED RegistryKeyActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	RegistryKeyActivity_DISPOSITION_ID_CUSTOM_ACTION RegistryKeyActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	RegistryKeyActivity_DISPOSITION_ID_APPROVED RegistryKeyActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	RegistryKeyActivity_DISPOSITION_ID_RESTORED RegistryKeyActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	RegistryKeyActivity_DISPOSITION_ID_EXONERATED RegistryKeyActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	RegistryKeyActivity_DISPOSITION_ID_CORRECTED RegistryKeyActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	RegistryKeyActivity_DISPOSITION_ID_PARTIALLY_CORRECTED RegistryKeyActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	RegistryKeyActivity_DISPOSITION_ID_UNCORRECTED RegistryKeyActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	RegistryKeyActivity_DISPOSITION_ID_DELAYED RegistryKeyActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	RegistryKeyActivity_DISPOSITION_ID_DETECTED RegistryKeyActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	RegistryKeyActivity_DISPOSITION_ID_NO_ACTION RegistryKeyActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	RegistryKeyActivity_DISPOSITION_ID_LOGGED RegistryKeyActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	RegistryKeyActivity_DISPOSITION_ID_TAGGED RegistryKeyActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	RegistryKeyActivity_DISPOSITION_ID_ALERT RegistryKeyActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	RegistryKeyActivity_DISPOSITION_ID_COUNT RegistryKeyActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	RegistryKeyActivity_DISPOSITION_ID_RESET RegistryKeyActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	RegistryKeyActivity_DISPOSITION_ID_CAPTCHA RegistryKeyActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	RegistryKeyActivity_DISPOSITION_ID_CHALLENGE RegistryKeyActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	RegistryKeyActivity_DISPOSITION_ID_ACCESS_REVOKED RegistryKeyActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	RegistryKeyActivity_DISPOSITION_ID_REJECTED RegistryKeyActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	RegistryKeyActivity_DISPOSITION_ID_UNAUTHORIZED RegistryKeyActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	RegistryKeyActivity_DISPOSITION_ID_ERROR RegistryKeyActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	RegistryKeyActivity_DISPOSITION_ID_OTHER RegistryKeyActivity_DispositionId = 99 // The disposition is not listed. The
)

func (RegistryKeyActivity_DispositionId) Descriptor 

func (RegistryKeyActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyActivity_DispositionId) Enum 

func (x RegistryKeyActivity_DispositionId) Enum() *RegistryKeyActivity_DispositionId

func (RegistryKeyActivity_DispositionId) EnumDescriptor deprecated 

func (RegistryKeyActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyActivity_DispositionId.Descriptor instead.

func (RegistryKeyActivity_DispositionId) Number 

func (x RegistryKeyActivity_DispositionId) Number() protoreflect.EnumNumber

func (RegistryKeyActivity_DispositionId) String 

func (x RegistryKeyActivity_DispositionId) String() string

func (RegistryKeyActivity_DispositionId) Type 

func (RegistryKeyActivity_DispositionId) Type() protoreflect.EnumType

type RegistryKeyActivity_SeverityId 

type RegistryKeyActivity_SeverityId int32
const (
	RegistryKeyActivity_SEVERITY_ID_UNKNOWN       RegistryKeyActivity_SeverityId = 0 // The event/finding severity is unknown.
	RegistryKeyActivity_SEVERITY_ID_INFORMATIONAL RegistryKeyActivity_SeverityId = 1 // Informational message. No action required.
	RegistryKeyActivity_SEVERITY_ID_LOW           RegistryKeyActivity_SeverityId = 2 // The user decides if action is needed.
	RegistryKeyActivity_SEVERITY_ID_MEDIUM        RegistryKeyActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	RegistryKeyActivity_SEVERITY_ID_HIGH     RegistryKeyActivity_SeverityId = 4 // Action is required immediately.
	RegistryKeyActivity_SEVERITY_ID_CRITICAL RegistryKeyActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	RegistryKeyActivity_SEVERITY_ID_FATAL RegistryKeyActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	RegistryKeyActivity_SEVERITY_ID_OTHER RegistryKeyActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (RegistryKeyActivity_SeverityId) Descriptor 

func (RegistryKeyActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyActivity_SeverityId) Enum 

func (x RegistryKeyActivity_SeverityId) Enum() *RegistryKeyActivity_SeverityId

func (RegistryKeyActivity_SeverityId) EnumDescriptor deprecated 

func (RegistryKeyActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyActivity_SeverityId.Descriptor instead.

func (RegistryKeyActivity_SeverityId) Number 

func (x RegistryKeyActivity_SeverityId) Number() protoreflect.EnumNumber

func (RegistryKeyActivity_SeverityId) String 

func (x RegistryKeyActivity_SeverityId) String() string

func (RegistryKeyActivity_SeverityId) Type 

func (RegistryKeyActivity_SeverityId) Type() protoreflect.EnumType

type RegistryKeyActivity_StatusId 

type RegistryKeyActivity_StatusId int32
const (
	RegistryKeyActivity_STATUS_ID_UNKNOWN RegistryKeyActivity_StatusId = 0 // The status is unknown.
	RegistryKeyActivity_STATUS_ID_SUCCESS RegistryKeyActivity_StatusId = 1
	RegistryKeyActivity_STATUS_ID_FAILURE RegistryKeyActivity_StatusId = 2
	RegistryKeyActivity_STATUS_ID_OTHER   RegistryKeyActivity_StatusId = 99 // The event status is not mapped. See the
)

func (RegistryKeyActivity_StatusId) Descriptor 

func (RegistryKeyActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyActivity_StatusId) Enum 

func (x RegistryKeyActivity_StatusId) Enum() *RegistryKeyActivity_StatusId

func (RegistryKeyActivity_StatusId) EnumDescriptor deprecated 

func (RegistryKeyActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyActivity_StatusId.Descriptor instead.

func (RegistryKeyActivity_StatusId) Number 

func (x RegistryKeyActivity_StatusId) Number() protoreflect.EnumNumber

func (RegistryKeyActivity_StatusId) String 

func (x RegistryKeyActivity_StatusId) String() string

func (RegistryKeyActivity_StatusId) Type 

func (RegistryKeyActivity_StatusId) Type() protoreflect.EnumType

type RegistryKeyQuery 

type RegistryKeyQuery struct {
	ActivityId     RegistryKeyQuery_ActivityId    `` /* 140-byte string literal not displayed */
	ActivityName   *string                        `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                         `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                           `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                        `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    RegistryKeyQuery_CategoryUid   `` /* 144-byte string literal not displayed */
	ClassName      *string                        `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       RegistryKeyQuery_ClassUid      `` /* 132-byte string literal not displayed */
	Cloud          *Cloud                         `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                         `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                        `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                         `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                         `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp         `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                  `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                        `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                      `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                  `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                     `protobuf:"bytes,19,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                        `protobuf:"bytes,20,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  RegistryKeyQuery_QueryResultId `` /* 155-byte string literal not displayed */
	RawData        *string                        `protobuf:"bytes,22,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                        `protobuf:"bytes,23,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     RegistryKeyQuery_SeverityId    `` /* 141-byte string literal not displayed */
	StartTime      *int64                         `protobuf:"varint,25,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp         `protobuf:"bytes,26,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                        `protobuf:"bytes,27,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                        `protobuf:"bytes,28,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                        `protobuf:"bytes,29,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *RegistryKeyQuery_StatusId     `` /* 139-byte string literal not displayed */
	Time           int64                          `protobuf:"varint,31,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp         `protobuf:"bytes,32,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                         `protobuf:"varint,33,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                        `protobuf:"bytes,34,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                          `protobuf:"varint,35,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct               `protobuf:"bytes,36,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	RegKey         *RegKey                        `protobuf:"bytes,2001,opt,name=reg_key,json=regKey,proto3" json:"reg_key,omitempty"`
	// contains filtered or unexported fields
}

RegistryKeyQuery is an OSF event in category "Discovery" called Registry Key Query defined in win events/registry_key_query.json

Registry Key Query events report information about discovered Windows registry keys.

func (*RegistryKeyQuery) Descriptor deprecated 

func (*RegistryKeyQuery) Descriptor() ([]byte, []int)

Deprecated: Use RegistryKeyQuery.ProtoReflect.Descriptor instead.

func (*RegistryKeyQuery) GetActivityId 

func (x *RegistryKeyQuery) GetActivityId() RegistryKeyQuery_ActivityId

func (*RegistryKeyQuery) GetActivityName 

func (x *RegistryKeyQuery) GetActivityName() string

func (*RegistryKeyQuery) GetActor 

func (x *RegistryKeyQuery) GetActor() *Actor

func (*RegistryKeyQuery) GetApi 

func (x *RegistryKeyQuery) GetApi() *Api

func (*RegistryKeyQuery) GetCategoryName 

func (x *RegistryKeyQuery) GetCategoryName() string

func (*RegistryKeyQuery) GetCategoryUid 

func (x *RegistryKeyQuery) GetCategoryUid() RegistryKeyQuery_CategoryUid

func (*RegistryKeyQuery) GetClassName 

func (x *RegistryKeyQuery) GetClassName() string

func (*RegistryKeyQuery) GetClassUid 

func (x *RegistryKeyQuery) GetClassUid() RegistryKeyQuery_ClassUid

func (*RegistryKeyQuery) GetCloud 

func (x *RegistryKeyQuery) GetCloud() *Cloud

func (*RegistryKeyQuery) GetCount 

func (x *RegistryKeyQuery) GetCount() int32

func (*RegistryKeyQuery) GetDevice 

func (x *RegistryKeyQuery) GetDevice() *Device

func (*RegistryKeyQuery) GetDuration 

func (x *RegistryKeyQuery) GetDuration() int32

func (*RegistryKeyQuery) GetEndTime 

func (x *RegistryKeyQuery) GetEndTime() int64

func (*RegistryKeyQuery) GetEndTimeDt 

func (x *RegistryKeyQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*RegistryKeyQuery) GetEnrichments 

func (x *RegistryKeyQuery) GetEnrichments() []*Enrichment

func (*RegistryKeyQuery) GetMessage 

func (x *RegistryKeyQuery) GetMessage() string

func (*RegistryKeyQuery) GetMetadata 

func (x *RegistryKeyQuery) GetMetadata() *Metadata

func (*RegistryKeyQuery) GetObservables 

func (x *RegistryKeyQuery) GetObservables() []*Observable

func (*RegistryKeyQuery) GetQueryInfo 

func (x *RegistryKeyQuery) GetQueryInfo() *QueryInfo

func (*RegistryKeyQuery) GetQueryResult 

func (x *RegistryKeyQuery) GetQueryResult() string

func (*RegistryKeyQuery) GetQueryResultId 

func (x *RegistryKeyQuery) GetQueryResultId() RegistryKeyQuery_QueryResultId

func (*RegistryKeyQuery) GetRawData 

func (x *RegistryKeyQuery) GetRawData() string

func (*RegistryKeyQuery) GetRegKey 

func (x *RegistryKeyQuery) GetRegKey() *RegKey

func (*RegistryKeyQuery) GetSeverity 

func (x *RegistryKeyQuery) GetSeverity() string

func (*RegistryKeyQuery) GetSeverityId 

func (x *RegistryKeyQuery) GetSeverityId() RegistryKeyQuery_SeverityId

func (*RegistryKeyQuery) GetStartTime 

func (x *RegistryKeyQuery) GetStartTime() int64

func (*RegistryKeyQuery) GetStartTimeDt 

func (x *RegistryKeyQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*RegistryKeyQuery) GetStatus 

func (x *RegistryKeyQuery) GetStatus() string

func (*RegistryKeyQuery) GetStatusCode 

func (x *RegistryKeyQuery) GetStatusCode() string

func (*RegistryKeyQuery) GetStatusDetail 

func (x *RegistryKeyQuery) GetStatusDetail() string

func (*RegistryKeyQuery) GetStatusId 

func (x *RegistryKeyQuery) GetStatusId() RegistryKeyQuery_StatusId

func (*RegistryKeyQuery) GetTime 

func (x *RegistryKeyQuery) GetTime() int64

func (*RegistryKeyQuery) GetTimeDt 

func (x *RegistryKeyQuery) GetTimeDt() *timestamppb.Timestamp

func (*RegistryKeyQuery) GetTimezoneOffset 

func (x *RegistryKeyQuery) GetTimezoneOffset() int32

func (*RegistryKeyQuery) GetTypeName 

func (x *RegistryKeyQuery) GetTypeName() string

func (*RegistryKeyQuery) GetTypeUid 

func (x *RegistryKeyQuery) GetTypeUid() int64

func (*RegistryKeyQuery) GetUnmapped 

func (x *RegistryKeyQuery) GetUnmapped() *structpb.Struct

func (*RegistryKeyQuery) ProtoMessage 

func (*RegistryKeyQuery) ProtoMessage()

func (*RegistryKeyQuery) ProtoReflect 

func (x *RegistryKeyQuery) ProtoReflect() protoreflect.Message

func (*RegistryKeyQuery) Reset 

func (x *RegistryKeyQuery) Reset()

func (*RegistryKeyQuery) String 

func (x *RegistryKeyQuery) String() string

type RegistryKeyQuery_ActivityId 

type RegistryKeyQuery_ActivityId int32
const (
	RegistryKeyQuery_ACTIVITY_ID_UNKNOWN RegistryKeyQuery_ActivityId = 0
	RegistryKeyQuery_ACTIVITY_ID_QUERY   RegistryKeyQuery_ActivityId = 1 // The discovered results are via a query request.
	RegistryKeyQuery_ACTIVITY_ID_OTHER   RegistryKeyQuery_ActivityId = 99
)

func (RegistryKeyQuery_ActivityId) Descriptor 

func (RegistryKeyQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyQuery_ActivityId) Enum 

func (x RegistryKeyQuery_ActivityId) Enum() *RegistryKeyQuery_ActivityId

func (RegistryKeyQuery_ActivityId) EnumDescriptor deprecated 

func (RegistryKeyQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyQuery_ActivityId.Descriptor instead.

func (RegistryKeyQuery_ActivityId) Number 

func (x RegistryKeyQuery_ActivityId) Number() protoreflect.EnumNumber

func (RegistryKeyQuery_ActivityId) String 

func (x RegistryKeyQuery_ActivityId) String() string

func (RegistryKeyQuery_ActivityId) Type 

func (RegistryKeyQuery_ActivityId) Type() protoreflect.EnumType

type RegistryKeyQuery_CategoryUid 

type RegistryKeyQuery_CategoryUid int32
const (
	RegistryKeyQuery_CATEGORY_UID_UNKNOWN   RegistryKeyQuery_CategoryUid = 0
	RegistryKeyQuery_CATEGORY_UID_DISCOVERY RegistryKeyQuery_CategoryUid = 5
)

func (RegistryKeyQuery_CategoryUid) Descriptor 

func (RegistryKeyQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyQuery_CategoryUid) Enum 

func (x RegistryKeyQuery_CategoryUid) Enum() *RegistryKeyQuery_CategoryUid

func (RegistryKeyQuery_CategoryUid) EnumDescriptor deprecated 

func (RegistryKeyQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyQuery_CategoryUid.Descriptor instead.

func (RegistryKeyQuery_CategoryUid) Number 

func (x RegistryKeyQuery_CategoryUid) Number() protoreflect.EnumNumber

func (RegistryKeyQuery_CategoryUid) String 

func (x RegistryKeyQuery_CategoryUid) String() string

func (RegistryKeyQuery_CategoryUid) Type 

func (RegistryKeyQuery_CategoryUid) Type() protoreflect.EnumType

type RegistryKeyQuery_ClassUid 

type RegistryKeyQuery_ClassUid int32
const (
	RegistryKeyQuery_CLASS_UID_UNKNOWN            RegistryKeyQuery_ClassUid = 0
	RegistryKeyQuery_CLASS_UID_REGISTRY_KEY_QUERY RegistryKeyQuery_ClassUid = 205004
)

func (RegistryKeyQuery_ClassUid) Descriptor 

func (RegistryKeyQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyQuery_ClassUid) Enum 

func (x RegistryKeyQuery_ClassUid) Enum() *RegistryKeyQuery_ClassUid

func (RegistryKeyQuery_ClassUid) EnumDescriptor deprecated 

func (RegistryKeyQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyQuery_ClassUid.Descriptor instead.

func (RegistryKeyQuery_ClassUid) Number 

func (x RegistryKeyQuery_ClassUid) Number() protoreflect.EnumNumber

func (RegistryKeyQuery_ClassUid) String 

func (x RegistryKeyQuery_ClassUid) String() string

func (RegistryKeyQuery_ClassUid) Type 

func (RegistryKeyQuery_ClassUid) Type() protoreflect.EnumType

type RegistryKeyQuery_QueryResultId 

type RegistryKeyQuery_QueryResultId int32
const (
	RegistryKeyQuery_QUERY_RESULT_ID_UNKNOWN        RegistryKeyQuery_QueryResultId = 0  // The query result is unknown.
	RegistryKeyQuery_QUERY_RESULT_ID_EXISTS         RegistryKeyQuery_QueryResultId = 1  // The target was found.
	RegistryKeyQuery_QUERY_RESULT_ID_PARTIAL        RegistryKeyQuery_QueryResultId = 2  // The target was partially found.
	RegistryKeyQuery_QUERY_RESULT_ID_DOES_NOT_EXIST RegistryKeyQuery_QueryResultId = 3  // The target was not found.
	RegistryKeyQuery_QUERY_RESULT_ID_ERROR          RegistryKeyQuery_QueryResultId = 4  // The discovery attempt failed.
	RegistryKeyQuery_QUERY_RESULT_ID_UNSUPPORTED    RegistryKeyQuery_QueryResultId = 5  // Discovery of the target was not supported.
	RegistryKeyQuery_QUERY_RESULT_ID_OTHER          RegistryKeyQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (RegistryKeyQuery_QueryResultId) Descriptor 

func (RegistryKeyQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyQuery_QueryResultId) Enum 

func (x RegistryKeyQuery_QueryResultId) Enum() *RegistryKeyQuery_QueryResultId

func (RegistryKeyQuery_QueryResultId) EnumDescriptor deprecated 

func (RegistryKeyQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyQuery_QueryResultId.Descriptor instead.

func (RegistryKeyQuery_QueryResultId) Number 

func (x RegistryKeyQuery_QueryResultId) Number() protoreflect.EnumNumber

func (RegistryKeyQuery_QueryResultId) String 

func (x RegistryKeyQuery_QueryResultId) String() string

func (RegistryKeyQuery_QueryResultId) Type 

func (RegistryKeyQuery_QueryResultId) Type() protoreflect.EnumType

type RegistryKeyQuery_SeverityId 

type RegistryKeyQuery_SeverityId int32
const (
	RegistryKeyQuery_SEVERITY_ID_UNKNOWN       RegistryKeyQuery_SeverityId = 0 // The event/finding severity is unknown.
	RegistryKeyQuery_SEVERITY_ID_INFORMATIONAL RegistryKeyQuery_SeverityId = 1 // Informational message. No action required.
	RegistryKeyQuery_SEVERITY_ID_LOW           RegistryKeyQuery_SeverityId = 2 // The user decides if action is needed.
	RegistryKeyQuery_SEVERITY_ID_MEDIUM        RegistryKeyQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	RegistryKeyQuery_SEVERITY_ID_HIGH     RegistryKeyQuery_SeverityId = 4 // Action is required immediately.
	RegistryKeyQuery_SEVERITY_ID_CRITICAL RegistryKeyQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	RegistryKeyQuery_SEVERITY_ID_FATAL RegistryKeyQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	RegistryKeyQuery_SEVERITY_ID_OTHER RegistryKeyQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (RegistryKeyQuery_SeverityId) Descriptor 

func (RegistryKeyQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyQuery_SeverityId) Enum 

func (x RegistryKeyQuery_SeverityId) Enum() *RegistryKeyQuery_SeverityId

func (RegistryKeyQuery_SeverityId) EnumDescriptor deprecated 

func (RegistryKeyQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyQuery_SeverityId.Descriptor instead.

func (RegistryKeyQuery_SeverityId) Number 

func (x RegistryKeyQuery_SeverityId) Number() protoreflect.EnumNumber

func (RegistryKeyQuery_SeverityId) String 

func (x RegistryKeyQuery_SeverityId) String() string

func (RegistryKeyQuery_SeverityId) Type 

func (RegistryKeyQuery_SeverityId) Type() protoreflect.EnumType

type RegistryKeyQuery_StatusId 

type RegistryKeyQuery_StatusId int32
const (
	RegistryKeyQuery_STATUS_ID_UNKNOWN RegistryKeyQuery_StatusId = 0 // The status is unknown.
	RegistryKeyQuery_STATUS_ID_SUCCESS RegistryKeyQuery_StatusId = 1
	RegistryKeyQuery_STATUS_ID_FAILURE RegistryKeyQuery_StatusId = 2
	RegistryKeyQuery_STATUS_ID_OTHER   RegistryKeyQuery_StatusId = 99 // The event status is not mapped. See the
)

func (RegistryKeyQuery_StatusId) Descriptor 

func (RegistryKeyQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (RegistryKeyQuery_StatusId) Enum 

func (x RegistryKeyQuery_StatusId) Enum() *RegistryKeyQuery_StatusId

func (RegistryKeyQuery_StatusId) EnumDescriptor deprecated 

func (RegistryKeyQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryKeyQuery_StatusId.Descriptor instead.

func (RegistryKeyQuery_StatusId) Number 

func (x RegistryKeyQuery_StatusId) Number() protoreflect.EnumNumber

func (RegistryKeyQuery_StatusId) String 

func (x RegistryKeyQuery_StatusId) String() string

func (RegistryKeyQuery_StatusId) Type 

func (RegistryKeyQuery_StatusId) Type() protoreflect.EnumType

type RegistryValueActivity 

type RegistryValueActivity struct {
	Action         *string                              `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       RegistryValueActivity_ActionId       `` /* 137-byte string literal not displayed */
	ActivityId     RegistryValueActivity_ActivityId     `` /* 145-byte string literal not displayed */
	ActivityName   *string                              `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                               `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                                 `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                            `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization                     `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                              `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    RegistryValueActivity_CategoryUid    `` /* 150-byte string literal not displayed */
	ClassName      *string                              `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       RegistryValueActivity_ClassUid       `` /* 138-byte string literal not displayed */
	Cloud          *Cloud                               `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                               `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                              `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                              `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *RegistryValueActivity_DispositionId `` /* 164-byte string literal not displayed */
	Duration       *int32                               `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                               `protobuf:"varint,19,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp               `protobuf:"bytes,20,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                        `protobuf:"bytes,21,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                        `protobuf:"bytes,22,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                           `protobuf:"bytes,23,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                              `protobuf:"bytes,24,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                            `protobuf:"bytes,25,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                        `protobuf:"bytes,26,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                              `protobuf:"bytes,27,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                              `protobuf:"bytes,28,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     RegistryValueActivity_SeverityId     `` /* 146-byte string literal not displayed */
	StartTime      *int64                               `protobuf:"varint,30,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp               `protobuf:"bytes,31,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                              `protobuf:"bytes,32,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                              `protobuf:"bytes,33,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                              `protobuf:"bytes,34,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *RegistryValueActivity_StatusId      `` /* 144-byte string literal not displayed */
	Time           int64                                `protobuf:"varint,36,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp               `protobuf:"bytes,37,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                               `protobuf:"varint,38,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                              `protobuf:"bytes,39,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                                `protobuf:"varint,40,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                     `protobuf:"bytes,41,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	PrevRegValue   *RegValue                            `protobuf:"bytes,2001,opt,name=prev_reg_value,json=prevRegValue,proto3" json:"prev_reg_value,omitempty"`
	RegValue       *RegValue                            `protobuf:"bytes,2002,opt,name=reg_value,json=regValue,proto3" json:"reg_value,omitempty"`
	// contains filtered or unexported fields
}

RegistryValueActivity is an OSF event in category "System Activity" called Registry Value Activity defined in win events/registry_value.json

Registry Value Activity events reports when a process performs an action on a Windows registry value.

func (*RegistryValueActivity) Descriptor deprecated 

func (*RegistryValueActivity) Descriptor() ([]byte, []int)

Deprecated: Use RegistryValueActivity.ProtoReflect.Descriptor instead.

func (*RegistryValueActivity) GetAction 

func (x *RegistryValueActivity) GetAction() string

func (*RegistryValueActivity) GetActionId 

func (x *RegistryValueActivity) GetActionId() RegistryValueActivity_ActionId

func (*RegistryValueActivity) GetActivityId 

func (x *RegistryValueActivity) GetActivityId() RegistryValueActivity_ActivityId

func (*RegistryValueActivity) GetActivityName 

func (x *RegistryValueActivity) GetActivityName() string

func (*RegistryValueActivity) GetActor 

func (x *RegistryValueActivity) GetActor() *Actor

func (*RegistryValueActivity) GetApi 

func (x *RegistryValueActivity) GetApi() *Api

func (*RegistryValueActivity) GetAttacks 

func (x *RegistryValueActivity) GetAttacks() []*Attack

func (*RegistryValueActivity) GetAuthorizations 

func (x *RegistryValueActivity) GetAuthorizations() []*Authorization

func (*RegistryValueActivity) GetCategoryName 

func (x *RegistryValueActivity) GetCategoryName() string

func (*RegistryValueActivity) GetCategoryUid 

func (x *RegistryValueActivity) GetCategoryUid() RegistryValueActivity_CategoryUid

func (*RegistryValueActivity) GetClassName 

func (x *RegistryValueActivity) GetClassName() string

func (*RegistryValueActivity) GetClassUid 

func (x *RegistryValueActivity) GetClassUid() RegistryValueActivity_ClassUid

func (*RegistryValueActivity) GetCloud 

func (x *RegistryValueActivity) GetCloud() *Cloud

func (*RegistryValueActivity) GetCount 

func (x *RegistryValueActivity) GetCount() int32

func (*RegistryValueActivity) GetDevice 

func (x *RegistryValueActivity) GetDevice() *Device

func (*RegistryValueActivity) GetDisposition 

func (x *RegistryValueActivity) GetDisposition() string

func (*RegistryValueActivity) GetDispositionId 

func (x *RegistryValueActivity) GetDispositionId() RegistryValueActivity_DispositionId

func (*RegistryValueActivity) GetDuration 

func (x *RegistryValueActivity) GetDuration() int32

func (*RegistryValueActivity) GetEndTime 

func (x *RegistryValueActivity) GetEndTime() int64

func (*RegistryValueActivity) GetEndTimeDt 

func (x *RegistryValueActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*RegistryValueActivity) GetEnrichments 

func (x *RegistryValueActivity) GetEnrichments() []*Enrichment

func (*RegistryValueActivity) GetFirewallRule 

func (x *RegistryValueActivity) GetFirewallRule() *FirewallRule

func (*RegistryValueActivity) GetMalware 

func (x *RegistryValueActivity) GetMalware() []*Malware

func (*RegistryValueActivity) GetMessage 

func (x *RegistryValueActivity) GetMessage() string

func (*RegistryValueActivity) GetMetadata 

func (x *RegistryValueActivity) GetMetadata() *Metadata

func (*RegistryValueActivity) GetObservables 

func (x *RegistryValueActivity) GetObservables() []*Observable

func (*RegistryValueActivity) GetPrevRegValue 

func (x *RegistryValueActivity) GetPrevRegValue() *RegValue

func (*RegistryValueActivity) GetRawData 

func (x *RegistryValueActivity) GetRawData() string

func (*RegistryValueActivity) GetRegValue 

func (x *RegistryValueActivity) GetRegValue() *RegValue

func (*RegistryValueActivity) GetSeverity 

func (x *RegistryValueActivity) GetSeverity() string

func (*RegistryValueActivity) GetSeverityId 

func (x *RegistryValueActivity) GetSeverityId() RegistryValueActivity_SeverityId

func (*RegistryValueActivity) GetStartTime 

func (x *RegistryValueActivity) GetStartTime() int64

func (*RegistryValueActivity) GetStartTimeDt 

func (x *RegistryValueActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*RegistryValueActivity) GetStatus 

func (x *RegistryValueActivity) GetStatus() string

func (*RegistryValueActivity) GetStatusCode 

func (x *RegistryValueActivity) GetStatusCode() string

func (*RegistryValueActivity) GetStatusDetail 

func (x *RegistryValueActivity) GetStatusDetail() string

func (*RegistryValueActivity) GetStatusId 

func (x *RegistryValueActivity) GetStatusId() RegistryValueActivity_StatusId

func (*RegistryValueActivity) GetTime 

func (x *RegistryValueActivity) GetTime() int64

func (*RegistryValueActivity) GetTimeDt 

func (x *RegistryValueActivity) GetTimeDt() *timestamppb.Timestamp

func (*RegistryValueActivity) GetTimezoneOffset 

func (x *RegistryValueActivity) GetTimezoneOffset() int32

func (*RegistryValueActivity) GetTypeName 

func (x *RegistryValueActivity) GetTypeName() string

func (*RegistryValueActivity) GetTypeUid 

func (x *RegistryValueActivity) GetTypeUid() int64

func (*RegistryValueActivity) GetUnmapped 

func (x *RegistryValueActivity) GetUnmapped() *structpb.Struct

func (*RegistryValueActivity) ProtoMessage 

func (*RegistryValueActivity) ProtoMessage()

func (*RegistryValueActivity) ProtoReflect 

func (x *RegistryValueActivity) ProtoReflect() protoreflect.Message

func (*RegistryValueActivity) Reset 

func (x *RegistryValueActivity) Reset()

func (*RegistryValueActivity) String 

func (x *RegistryValueActivity) String() string

type RegistryValueActivity_ActionId 

type RegistryValueActivity_ActionId int32
const (
	RegistryValueActivity_ACTION_ID_UNKNOWN RegistryValueActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	RegistryValueActivity_ACTION_ID_ALLOWED RegistryValueActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	RegistryValueActivity_ACTION_ID_DENIED RegistryValueActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	RegistryValueActivity_ACTION_ID_OTHER RegistryValueActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (RegistryValueActivity_ActionId) Descriptor 

func (RegistryValueActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueActivity_ActionId) Enum 

func (x RegistryValueActivity_ActionId) Enum() *RegistryValueActivity_ActionId

func (RegistryValueActivity_ActionId) EnumDescriptor deprecated 

func (RegistryValueActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueActivity_ActionId.Descriptor instead.

func (RegistryValueActivity_ActionId) Number 

func (x RegistryValueActivity_ActionId) Number() protoreflect.EnumNumber

func (RegistryValueActivity_ActionId) String 

func (x RegistryValueActivity_ActionId) String() string

func (RegistryValueActivity_ActionId) Type 

func (RegistryValueActivity_ActionId) Type() protoreflect.EnumType

type RegistryValueActivity_ActivityId 

type RegistryValueActivity_ActivityId int32
const (
	RegistryValueActivity_ACTIVITY_ID_UNKNOWN RegistryValueActivity_ActivityId = 0
	RegistryValueActivity_ACTIVITY_ID_GET     RegistryValueActivity_ActivityId = 1
	RegistryValueActivity_ACTIVITY_ID_SET     RegistryValueActivity_ActivityId = 2
	RegistryValueActivity_ACTIVITY_ID_MODIFY  RegistryValueActivity_ActivityId = 3
	RegistryValueActivity_ACTIVITY_ID_DELETE  RegistryValueActivity_ActivityId = 4
	RegistryValueActivity_ACTIVITY_ID_OTHER   RegistryValueActivity_ActivityId = 99
)

func (RegistryValueActivity_ActivityId) Descriptor 

func (RegistryValueActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueActivity_ActivityId) Enum 

func (x RegistryValueActivity_ActivityId) Enum() *RegistryValueActivity_ActivityId

func (RegistryValueActivity_ActivityId) EnumDescriptor deprecated 

func (RegistryValueActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueActivity_ActivityId.Descriptor instead.

func (RegistryValueActivity_ActivityId) Number 

func (x RegistryValueActivity_ActivityId) Number() protoreflect.EnumNumber

func (RegistryValueActivity_ActivityId) String 

func (x RegistryValueActivity_ActivityId) String() string

func (RegistryValueActivity_ActivityId) Type 

func (RegistryValueActivity_ActivityId) Type() protoreflect.EnumType

type RegistryValueActivity_CategoryUid 

type RegistryValueActivity_CategoryUid int32
const (
	RegistryValueActivity_CATEGORY_UID_UNKNOWN         RegistryValueActivity_CategoryUid = 0
	RegistryValueActivity_CATEGORY_UID_SYSTEM_ACTIVITY RegistryValueActivity_CategoryUid = 1
)

func (RegistryValueActivity_CategoryUid) Descriptor 

func (RegistryValueActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueActivity_CategoryUid) Enum 

func (x RegistryValueActivity_CategoryUid) Enum() *RegistryValueActivity_CategoryUid

func (RegistryValueActivity_CategoryUid) EnumDescriptor deprecated 

func (RegistryValueActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueActivity_CategoryUid.Descriptor instead.

func (RegistryValueActivity_CategoryUid) Number 

func (x RegistryValueActivity_CategoryUid) Number() protoreflect.EnumNumber

func (RegistryValueActivity_CategoryUid) String 

func (x RegistryValueActivity_CategoryUid) String() string

func (RegistryValueActivity_CategoryUid) Type 

func (RegistryValueActivity_CategoryUid) Type() protoreflect.EnumType

type RegistryValueActivity_ClassUid 

type RegistryValueActivity_ClassUid int32
const (
	RegistryValueActivity_CLASS_UID_UNKNOWN                 RegistryValueActivity_ClassUid = 0
	RegistryValueActivity_CLASS_UID_REGISTRY_VALUE_ACTIVITY RegistryValueActivity_ClassUid = 201002
)

func (RegistryValueActivity_ClassUid) Descriptor 

func (RegistryValueActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueActivity_ClassUid) Enum 

func (x RegistryValueActivity_ClassUid) Enum() *RegistryValueActivity_ClassUid

func (RegistryValueActivity_ClassUid) EnumDescriptor deprecated 

func (RegistryValueActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueActivity_ClassUid.Descriptor instead.

func (RegistryValueActivity_ClassUid) Number 

func (x RegistryValueActivity_ClassUid) Number() protoreflect.EnumNumber

func (RegistryValueActivity_ClassUid) String 

func (x RegistryValueActivity_ClassUid) String() string

func (RegistryValueActivity_ClassUid) Type 

func (RegistryValueActivity_ClassUid) Type() protoreflect.EnumType

type RegistryValueActivity_DispositionId 

type RegistryValueActivity_DispositionId int32
const (
	RegistryValueActivity_DISPOSITION_ID_UNKNOWN RegistryValueActivity_DispositionId = 0 // The disposition was not known.
	RegistryValueActivity_DISPOSITION_ID_ALLOWED RegistryValueActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	RegistryValueActivity_DISPOSITION_ID_BLOCKED RegistryValueActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	RegistryValueActivity_DISPOSITION_ID_QUARANTINED RegistryValueActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	RegistryValueActivity_DISPOSITION_ID_ISOLATED RegistryValueActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	RegistryValueActivity_DISPOSITION_ID_DELETED RegistryValueActivity_DispositionId = 5 // A file or other content was deleted.
	RegistryValueActivity_DISPOSITION_ID_DROPPED RegistryValueActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	RegistryValueActivity_DISPOSITION_ID_CUSTOM_ACTION RegistryValueActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	RegistryValueActivity_DISPOSITION_ID_APPROVED RegistryValueActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	RegistryValueActivity_DISPOSITION_ID_RESTORED RegistryValueActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	RegistryValueActivity_DISPOSITION_ID_EXONERATED RegistryValueActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	RegistryValueActivity_DISPOSITION_ID_CORRECTED RegistryValueActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	RegistryValueActivity_DISPOSITION_ID_PARTIALLY_CORRECTED RegistryValueActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	RegistryValueActivity_DISPOSITION_ID_UNCORRECTED RegistryValueActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	RegistryValueActivity_DISPOSITION_ID_DELAYED RegistryValueActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	RegistryValueActivity_DISPOSITION_ID_DETECTED RegistryValueActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	RegistryValueActivity_DISPOSITION_ID_NO_ACTION RegistryValueActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	RegistryValueActivity_DISPOSITION_ID_LOGGED RegistryValueActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	RegistryValueActivity_DISPOSITION_ID_TAGGED RegistryValueActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	RegistryValueActivity_DISPOSITION_ID_ALERT RegistryValueActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	RegistryValueActivity_DISPOSITION_ID_COUNT RegistryValueActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	RegistryValueActivity_DISPOSITION_ID_RESET RegistryValueActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	RegistryValueActivity_DISPOSITION_ID_CAPTCHA RegistryValueActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	RegistryValueActivity_DISPOSITION_ID_CHALLENGE RegistryValueActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	RegistryValueActivity_DISPOSITION_ID_ACCESS_REVOKED RegistryValueActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	RegistryValueActivity_DISPOSITION_ID_REJECTED RegistryValueActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	RegistryValueActivity_DISPOSITION_ID_UNAUTHORIZED RegistryValueActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	RegistryValueActivity_DISPOSITION_ID_ERROR RegistryValueActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	RegistryValueActivity_DISPOSITION_ID_OTHER RegistryValueActivity_DispositionId = 99 // The disposition is not listed. The
)

func (RegistryValueActivity_DispositionId) Descriptor 

func (RegistryValueActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueActivity_DispositionId) Enum 

func (x RegistryValueActivity_DispositionId) Enum() *RegistryValueActivity_DispositionId

func (RegistryValueActivity_DispositionId) EnumDescriptor deprecated 

func (RegistryValueActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueActivity_DispositionId.Descriptor instead.

func (RegistryValueActivity_DispositionId) Number 

func (x RegistryValueActivity_DispositionId) Number() protoreflect.EnumNumber

func (RegistryValueActivity_DispositionId) String 

func (x RegistryValueActivity_DispositionId) String() string

func (RegistryValueActivity_DispositionId) Type 

func (RegistryValueActivity_DispositionId) Type() protoreflect.EnumType

type RegistryValueActivity_SeverityId 

type RegistryValueActivity_SeverityId int32
const (
	RegistryValueActivity_SEVERITY_ID_UNKNOWN       RegistryValueActivity_SeverityId = 0 // The event/finding severity is unknown.
	RegistryValueActivity_SEVERITY_ID_INFORMATIONAL RegistryValueActivity_SeverityId = 1 // Informational message. No action required.
	RegistryValueActivity_SEVERITY_ID_LOW           RegistryValueActivity_SeverityId = 2 // The user decides if action is needed.
	RegistryValueActivity_SEVERITY_ID_MEDIUM        RegistryValueActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	RegistryValueActivity_SEVERITY_ID_HIGH     RegistryValueActivity_SeverityId = 4 // Action is required immediately.
	RegistryValueActivity_SEVERITY_ID_CRITICAL RegistryValueActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	RegistryValueActivity_SEVERITY_ID_FATAL RegistryValueActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	RegistryValueActivity_SEVERITY_ID_OTHER RegistryValueActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (RegistryValueActivity_SeverityId) Descriptor 

func (RegistryValueActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueActivity_SeverityId) Enum 

func (x RegistryValueActivity_SeverityId) Enum() *RegistryValueActivity_SeverityId

func (RegistryValueActivity_SeverityId) EnumDescriptor deprecated 

func (RegistryValueActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueActivity_SeverityId.Descriptor instead.

func (RegistryValueActivity_SeverityId) Number 

func (x RegistryValueActivity_SeverityId) Number() protoreflect.EnumNumber

func (RegistryValueActivity_SeverityId) String 

func (x RegistryValueActivity_SeverityId) String() string

func (RegistryValueActivity_SeverityId) Type 

func (RegistryValueActivity_SeverityId) Type() protoreflect.EnumType

type RegistryValueActivity_StatusId 

type RegistryValueActivity_StatusId int32
const (
	RegistryValueActivity_STATUS_ID_UNKNOWN RegistryValueActivity_StatusId = 0 // The status is unknown.
	RegistryValueActivity_STATUS_ID_SUCCESS RegistryValueActivity_StatusId = 1
	RegistryValueActivity_STATUS_ID_FAILURE RegistryValueActivity_StatusId = 2
	RegistryValueActivity_STATUS_ID_OTHER   RegistryValueActivity_StatusId = 99 // The event status is not mapped. See the
)

func (RegistryValueActivity_StatusId) Descriptor 

func (RegistryValueActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueActivity_StatusId) Enum 

func (x RegistryValueActivity_StatusId) Enum() *RegistryValueActivity_StatusId

func (RegistryValueActivity_StatusId) EnumDescriptor deprecated 

func (RegistryValueActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueActivity_StatusId.Descriptor instead.

func (RegistryValueActivity_StatusId) Number 

func (x RegistryValueActivity_StatusId) Number() protoreflect.EnumNumber

func (RegistryValueActivity_StatusId) String 

func (x RegistryValueActivity_StatusId) String() string

func (RegistryValueActivity_StatusId) Type 

func (RegistryValueActivity_StatusId) Type() protoreflect.EnumType

type RegistryValueQuery 

type RegistryValueQuery struct {
	ActivityId     RegistryValueQuery_ActivityId    `` /* 142-byte string literal not displayed */
	ActivityName   *string                          `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                           `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                             `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                          `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    RegistryValueQuery_CategoryUid   `` /* 146-byte string literal not displayed */
	ClassName      *string                          `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       RegistryValueQuery_ClassUid      `` /* 134-byte string literal not displayed */
	Cloud          *Cloud                           `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                           `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                          `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                           `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                           `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp           `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                    `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                          `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                        `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                    `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                       `protobuf:"bytes,19,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                          `protobuf:"bytes,20,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  RegistryValueQuery_QueryResultId `` /* 157-byte string literal not displayed */
	RawData        *string                          `protobuf:"bytes,22,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                          `protobuf:"bytes,23,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     RegistryValueQuery_SeverityId    `` /* 143-byte string literal not displayed */
	StartTime      *int64                           `protobuf:"varint,25,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp           `protobuf:"bytes,26,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                          `protobuf:"bytes,27,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                          `protobuf:"bytes,28,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                          `protobuf:"bytes,29,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *RegistryValueQuery_StatusId     `` /* 141-byte string literal not displayed */
	Time           int64                            `protobuf:"varint,31,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp           `protobuf:"bytes,32,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                           `protobuf:"varint,33,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                          `protobuf:"bytes,34,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                            `protobuf:"varint,35,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                 `protobuf:"bytes,36,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	RegValue       *RegValue                        `protobuf:"bytes,2001,opt,name=reg_value,json=regValue,proto3" json:"reg_value,omitempty"`
	// contains filtered or unexported fields
}

RegistryValueQuery is an OSF event in category "Discovery" called Registry Value Query defined in win events/registry_value_query.json

Registry Value Query events report information about discovered Windows registry values.

func (*RegistryValueQuery) Descriptor deprecated 

func (*RegistryValueQuery) Descriptor() ([]byte, []int)

Deprecated: Use RegistryValueQuery.ProtoReflect.Descriptor instead.

func (*RegistryValueQuery) GetActivityId 

func (x *RegistryValueQuery) GetActivityId() RegistryValueQuery_ActivityId

func (*RegistryValueQuery) GetActivityName 

func (x *RegistryValueQuery) GetActivityName() string

func (*RegistryValueQuery) GetActor 

func (x *RegistryValueQuery) GetActor() *Actor

func (*RegistryValueQuery) GetApi 

func (x *RegistryValueQuery) GetApi() *Api

func (*RegistryValueQuery) GetCategoryName 

func (x *RegistryValueQuery) GetCategoryName() string

func (*RegistryValueQuery) GetCategoryUid 

func (x *RegistryValueQuery) GetCategoryUid() RegistryValueQuery_CategoryUid

func (*RegistryValueQuery) GetClassName 

func (x *RegistryValueQuery) GetClassName() string

func (*RegistryValueQuery) GetClassUid 

func (x *RegistryValueQuery) GetClassUid() RegistryValueQuery_ClassUid

func (*RegistryValueQuery) GetCloud 

func (x *RegistryValueQuery) GetCloud() *Cloud

func (*RegistryValueQuery) GetCount 

func (x *RegistryValueQuery) GetCount() int32

func (*RegistryValueQuery) GetDevice 

func (x *RegistryValueQuery) GetDevice() *Device

func (*RegistryValueQuery) GetDuration 

func (x *RegistryValueQuery) GetDuration() int32

func (*RegistryValueQuery) GetEndTime 

func (x *RegistryValueQuery) GetEndTime() int64

func (*RegistryValueQuery) GetEndTimeDt 

func (x *RegistryValueQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*RegistryValueQuery) GetEnrichments 

func (x *RegistryValueQuery) GetEnrichments() []*Enrichment

func (*RegistryValueQuery) GetMessage 

func (x *RegistryValueQuery) GetMessage() string

func (*RegistryValueQuery) GetMetadata 

func (x *RegistryValueQuery) GetMetadata() *Metadata

func (*RegistryValueQuery) GetObservables 

func (x *RegistryValueQuery) GetObservables() []*Observable

func (*RegistryValueQuery) GetQueryInfo 

func (x *RegistryValueQuery) GetQueryInfo() *QueryInfo

func (*RegistryValueQuery) GetQueryResult 

func (x *RegistryValueQuery) GetQueryResult() string

func (*RegistryValueQuery) GetQueryResultId 

func (x *RegistryValueQuery) GetQueryResultId() RegistryValueQuery_QueryResultId

func (*RegistryValueQuery) GetRawData 

func (x *RegistryValueQuery) GetRawData() string

func (*RegistryValueQuery) GetRegValue 

func (x *RegistryValueQuery) GetRegValue() *RegValue

func (*RegistryValueQuery) GetSeverity 

func (x *RegistryValueQuery) GetSeverity() string

func (*RegistryValueQuery) GetSeverityId 

func (x *RegistryValueQuery) GetSeverityId() RegistryValueQuery_SeverityId

func (*RegistryValueQuery) GetStartTime 

func (x *RegistryValueQuery) GetStartTime() int64

func (*RegistryValueQuery) GetStartTimeDt 

func (x *RegistryValueQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*RegistryValueQuery) GetStatus 

func (x *RegistryValueQuery) GetStatus() string

func (*RegistryValueQuery) GetStatusCode 

func (x *RegistryValueQuery) GetStatusCode() string

func (*RegistryValueQuery) GetStatusDetail 

func (x *RegistryValueQuery) GetStatusDetail() string

func (*RegistryValueQuery) GetStatusId 

func (x *RegistryValueQuery) GetStatusId() RegistryValueQuery_StatusId

func (*RegistryValueQuery) GetTime 

func (x *RegistryValueQuery) GetTime() int64

func (*RegistryValueQuery) GetTimeDt 

func (x *RegistryValueQuery) GetTimeDt() *timestamppb.Timestamp

func (*RegistryValueQuery) GetTimezoneOffset 

func (x *RegistryValueQuery) GetTimezoneOffset() int32

func (*RegistryValueQuery) GetTypeName 

func (x *RegistryValueQuery) GetTypeName() string

func (*RegistryValueQuery) GetTypeUid 

func (x *RegistryValueQuery) GetTypeUid() int64

func (*RegistryValueQuery) GetUnmapped 

func (x *RegistryValueQuery) GetUnmapped() *structpb.Struct

func (*RegistryValueQuery) ProtoMessage 

func (*RegistryValueQuery) ProtoMessage()

func (*RegistryValueQuery) ProtoReflect 

func (x *RegistryValueQuery) ProtoReflect() protoreflect.Message

func (*RegistryValueQuery) Reset 

func (x *RegistryValueQuery) Reset()

func (*RegistryValueQuery) String 

func (x *RegistryValueQuery) String() string

type RegistryValueQuery_ActivityId 

type RegistryValueQuery_ActivityId int32
const (
	RegistryValueQuery_ACTIVITY_ID_UNKNOWN RegistryValueQuery_ActivityId = 0
	RegistryValueQuery_ACTIVITY_ID_QUERY   RegistryValueQuery_ActivityId = 1 // The discovered results are via a query request.
	RegistryValueQuery_ACTIVITY_ID_OTHER   RegistryValueQuery_ActivityId = 99
)

func (RegistryValueQuery_ActivityId) Descriptor 

func (RegistryValueQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueQuery_ActivityId) Enum 

func (x RegistryValueQuery_ActivityId) Enum() *RegistryValueQuery_ActivityId

func (RegistryValueQuery_ActivityId) EnumDescriptor deprecated 

func (RegistryValueQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueQuery_ActivityId.Descriptor instead.

func (RegistryValueQuery_ActivityId) Number 

func (x RegistryValueQuery_ActivityId) Number() protoreflect.EnumNumber

func (RegistryValueQuery_ActivityId) String 

func (x RegistryValueQuery_ActivityId) String() string

func (RegistryValueQuery_ActivityId) Type 

func (RegistryValueQuery_ActivityId) Type() protoreflect.EnumType

type RegistryValueQuery_CategoryUid 

type RegistryValueQuery_CategoryUid int32
const (
	RegistryValueQuery_CATEGORY_UID_UNKNOWN   RegistryValueQuery_CategoryUid = 0
	RegistryValueQuery_CATEGORY_UID_DISCOVERY RegistryValueQuery_CategoryUid = 5
)

func (RegistryValueQuery_CategoryUid) Descriptor 

func (RegistryValueQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueQuery_CategoryUid) Enum 

func (x RegistryValueQuery_CategoryUid) Enum() *RegistryValueQuery_CategoryUid

func (RegistryValueQuery_CategoryUid) EnumDescriptor deprecated 

func (RegistryValueQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueQuery_CategoryUid.Descriptor instead.

func (RegistryValueQuery_CategoryUid) Number 

func (x RegistryValueQuery_CategoryUid) Number() protoreflect.EnumNumber

func (RegistryValueQuery_CategoryUid) String 

func (x RegistryValueQuery_CategoryUid) String() string

func (RegistryValueQuery_CategoryUid) Type 

func (RegistryValueQuery_CategoryUid) Type() protoreflect.EnumType

type RegistryValueQuery_ClassUid 

type RegistryValueQuery_ClassUid int32
const (
	RegistryValueQuery_CLASS_UID_UNKNOWN              RegistryValueQuery_ClassUid = 0
	RegistryValueQuery_CLASS_UID_REGISTRY_VALUE_QUERY RegistryValueQuery_ClassUid = 205005
)

func (RegistryValueQuery_ClassUid) Descriptor 

func (RegistryValueQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueQuery_ClassUid) Enum 

func (x RegistryValueQuery_ClassUid) Enum() *RegistryValueQuery_ClassUid

func (RegistryValueQuery_ClassUid) EnumDescriptor deprecated 

func (RegistryValueQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueQuery_ClassUid.Descriptor instead.

func (RegistryValueQuery_ClassUid) Number 

func (x RegistryValueQuery_ClassUid) Number() protoreflect.EnumNumber

func (RegistryValueQuery_ClassUid) String 

func (x RegistryValueQuery_ClassUid) String() string

func (RegistryValueQuery_ClassUid) Type 

func (RegistryValueQuery_ClassUid) Type() protoreflect.EnumType

type RegistryValueQuery_QueryResultId 

type RegistryValueQuery_QueryResultId int32
const (
	RegistryValueQuery_QUERY_RESULT_ID_UNKNOWN        RegistryValueQuery_QueryResultId = 0  // The query result is unknown.
	RegistryValueQuery_QUERY_RESULT_ID_EXISTS         RegistryValueQuery_QueryResultId = 1  // The target was found.
	RegistryValueQuery_QUERY_RESULT_ID_PARTIAL        RegistryValueQuery_QueryResultId = 2  // The target was partially found.
	RegistryValueQuery_QUERY_RESULT_ID_DOES_NOT_EXIST RegistryValueQuery_QueryResultId = 3  // The target was not found.
	RegistryValueQuery_QUERY_RESULT_ID_ERROR          RegistryValueQuery_QueryResultId = 4  // The discovery attempt failed.
	RegistryValueQuery_QUERY_RESULT_ID_UNSUPPORTED    RegistryValueQuery_QueryResultId = 5  // Discovery of the target was not supported.
	RegistryValueQuery_QUERY_RESULT_ID_OTHER          RegistryValueQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (RegistryValueQuery_QueryResultId) Descriptor 

func (RegistryValueQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueQuery_QueryResultId) Enum 

func (x RegistryValueQuery_QueryResultId) Enum() *RegistryValueQuery_QueryResultId

func (RegistryValueQuery_QueryResultId) EnumDescriptor deprecated 

func (RegistryValueQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueQuery_QueryResultId.Descriptor instead.

func (RegistryValueQuery_QueryResultId) Number 

func (x RegistryValueQuery_QueryResultId) Number() protoreflect.EnumNumber

func (RegistryValueQuery_QueryResultId) String 

func (x RegistryValueQuery_QueryResultId) String() string

func (RegistryValueQuery_QueryResultId) Type 

func (RegistryValueQuery_QueryResultId) Type() protoreflect.EnumType

type RegistryValueQuery_SeverityId 

type RegistryValueQuery_SeverityId int32
const (
	RegistryValueQuery_SEVERITY_ID_UNKNOWN       RegistryValueQuery_SeverityId = 0 // The event/finding severity is unknown.
	RegistryValueQuery_SEVERITY_ID_INFORMATIONAL RegistryValueQuery_SeverityId = 1 // Informational message. No action required.
	RegistryValueQuery_SEVERITY_ID_LOW           RegistryValueQuery_SeverityId = 2 // The user decides if action is needed.
	RegistryValueQuery_SEVERITY_ID_MEDIUM        RegistryValueQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	RegistryValueQuery_SEVERITY_ID_HIGH     RegistryValueQuery_SeverityId = 4 // Action is required immediately.
	RegistryValueQuery_SEVERITY_ID_CRITICAL RegistryValueQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	RegistryValueQuery_SEVERITY_ID_FATAL RegistryValueQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	RegistryValueQuery_SEVERITY_ID_OTHER RegistryValueQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (RegistryValueQuery_SeverityId) Descriptor 

func (RegistryValueQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueQuery_SeverityId) Enum 

func (x RegistryValueQuery_SeverityId) Enum() *RegistryValueQuery_SeverityId

func (RegistryValueQuery_SeverityId) EnumDescriptor deprecated 

func (RegistryValueQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueQuery_SeverityId.Descriptor instead.

func (RegistryValueQuery_SeverityId) Number 

func (x RegistryValueQuery_SeverityId) Number() protoreflect.EnumNumber

func (RegistryValueQuery_SeverityId) String 

func (x RegistryValueQuery_SeverityId) String() string

func (RegistryValueQuery_SeverityId) Type 

func (RegistryValueQuery_SeverityId) Type() protoreflect.EnumType

type RegistryValueQuery_StatusId 

type RegistryValueQuery_StatusId int32
const (
	RegistryValueQuery_STATUS_ID_UNKNOWN RegistryValueQuery_StatusId = 0 // The status is unknown.
	RegistryValueQuery_STATUS_ID_SUCCESS RegistryValueQuery_StatusId = 1
	RegistryValueQuery_STATUS_ID_FAILURE RegistryValueQuery_StatusId = 2
	RegistryValueQuery_STATUS_ID_OTHER   RegistryValueQuery_StatusId = 99 // The event status is not mapped. See the
)

func (RegistryValueQuery_StatusId) Descriptor 

func (RegistryValueQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (RegistryValueQuery_StatusId) Enum 

func (x RegistryValueQuery_StatusId) Enum() *RegistryValueQuery_StatusId

func (RegistryValueQuery_StatusId) EnumDescriptor deprecated 

func (RegistryValueQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use RegistryValueQuery_StatusId.Descriptor instead.

func (RegistryValueQuery_StatusId) Number 

func (x RegistryValueQuery_StatusId) Number() protoreflect.EnumNumber

func (RegistryValueQuery_StatusId) String 

func (x RegistryValueQuery_StatusId) String() string

func (RegistryValueQuery_StatusId) Type 

func (RegistryValueQuery_StatusId) Type() protoreflect.EnumType

type RelatedEvent 

type RelatedEvent struct {
	Attacks     []*Attack         `protobuf:"bytes,1,rep,name=attacks,proto3" json:"attacks,omitempty"`
	KillChain   []*KillChainPhase `protobuf:"bytes,2,rep,name=kill_chain,json=killChain,proto3" json:"kill_chain,omitempty"`
	Observables []*Observable     `protobuf:"bytes,3,rep,name=observables,proto3" json:"observables,omitempty"`
	ProductUid  *string           `protobuf:"bytes,4,opt,name=product_uid,json=productUid,proto3,oneof" json:"product_uid,omitempty"`
	Type        *string           `protobuf:"bytes,5,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeName    *string           `protobuf:"bytes,6,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid     *int64            `protobuf:"varint,7,opt,name=type_uid,json=typeUid,proto3,oneof" json:"type_uid,omitempty"`
	Uid         string            `protobuf:"bytes,8,opt,name=uid,proto3" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

RelatedEvent is an OSF object defined in ocsf objects/related_event.json

The Related Event object describes an OCSF event related to a finding.

func (*RelatedEvent) Descriptor deprecated 

func (*RelatedEvent) Descriptor() ([]byte, []int)

Deprecated: Use RelatedEvent.ProtoReflect.Descriptor instead.

func (*RelatedEvent) GetAttacks 

func (x *RelatedEvent) GetAttacks() []*Attack

func (*RelatedEvent) GetKillChain 

func (x *RelatedEvent) GetKillChain() []*KillChainPhase

func (*RelatedEvent) GetObservables 

func (x *RelatedEvent) GetObservables() []*Observable

func (*RelatedEvent) GetProductUid 

func (x *RelatedEvent) GetProductUid() string

func (*RelatedEvent) GetType 

func (x *RelatedEvent) GetType() string

func (*RelatedEvent) GetTypeName 

func (x *RelatedEvent) GetTypeName() string

func (*RelatedEvent) GetTypeUid 

func (x *RelatedEvent) GetTypeUid() int64

func (*RelatedEvent) GetUid 

func (x *RelatedEvent) GetUid() string

func (*RelatedEvent) ProtoMessage 

func (*RelatedEvent) ProtoMessage()

func (*RelatedEvent) ProtoReflect 

func (x *RelatedEvent) ProtoReflect() protoreflect.Message

func (*RelatedEvent) Reset 

func (x *RelatedEvent) Reset()

func (*RelatedEvent) String 

func (x *RelatedEvent) String() string

type Remediation 

type Remediation struct {
	Desc          string       `protobuf:"bytes,1,opt,name=desc,proto3" json:"desc,omitempty"`
	KbArticleList []*KbArticle `protobuf:"bytes,2,rep,name=kb_article_list,json=kbArticleList,proto3" json:"kb_article_list,omitempty"`
	KbArticles    []string     `protobuf:"bytes,3,rep,name=kb_articles,json=kbArticles,proto3" json:"kb_articles,omitempty"`
	References    []string     `protobuf:"bytes,4,rep,name=references,proto3" json:"references,omitempty"`
	// contains filtered or unexported fields
}

Remediation is an OSF object defined in ocsf objects/remediation.json

The Remediation object describes the recommended remediation steps to address identified issue(s).

func (*Remediation) Descriptor deprecated 

func (*Remediation) Descriptor() ([]byte, []int)

Deprecated: Use Remediation.ProtoReflect.Descriptor instead.

func (*Remediation) GetDesc 

func (x *Remediation) GetDesc() string

func (*Remediation) GetKbArticleList 

func (x *Remediation) GetKbArticleList() []*KbArticle

func (*Remediation) GetKbArticles 

func (x *Remediation) GetKbArticles() []string

func (*Remediation) GetReferences 

func (x *Remediation) GetReferences() []string

func (*Remediation) ProtoMessage 

func (*Remediation) ProtoMessage()

func (*Remediation) ProtoReflect 

func (x *Remediation) ProtoReflect() protoreflect.Message

func (*Remediation) Reset 

func (x *Remediation) Reset()

func (*Remediation) String 

func (x *Remediation) String() string

type Reputation 

type Reputation struct {
	BaseScore float64            `protobuf:"fixed64,1,opt,name=base_score,json=baseScore,proto3" json:"base_score,omitempty"`
	Provider  *string            `protobuf:"bytes,2,opt,name=provider,proto3,oneof" json:"provider,omitempty"`
	Score     *string            `protobuf:"bytes,3,opt,name=score,proto3,oneof" json:"score,omitempty"`
	ScoreId   Reputation_ScoreId `protobuf:"varint,4,opt,name=score_id,json=scoreId,proto3,enum=ocsf_schema.v1.Reputation_ScoreId" json:"score_id,omitempty"`
	// contains filtered or unexported fields
}

Reputation is an OSF object defined in ocsf objects/reputation.json

The Reputation object describes the reputation/risk score of an entity (e.g. device, user, domain).

func (*Reputation) Descriptor deprecated 

func (*Reputation) Descriptor() ([]byte, []int)

Deprecated: Use Reputation.ProtoReflect.Descriptor instead.

func (*Reputation) GetBaseScore 

func (x *Reputation) GetBaseScore() float64

func (*Reputation) GetProvider 

func (x *Reputation) GetProvider() string

func (*Reputation) GetScore 

func (x *Reputation) GetScore() string

func (*Reputation) GetScoreId 

func (x *Reputation) GetScoreId() Reputation_ScoreId

func (*Reputation) ProtoMessage 

func (*Reputation) ProtoMessage()

func (*Reputation) ProtoReflect 

func (x *Reputation) ProtoReflect() protoreflect.Message

func (*Reputation) Reset 

func (x *Reputation) Reset()

func (*Reputation) String 

func (x *Reputation) String() string

type Reputation_ScoreId 

type Reputation_ScoreId int32
const (
	Reputation_SCORE_ID_UNKNOWN       Reputation_ScoreId = 0 // The reputation score is unknown.
	Reputation_SCORE_ID_VERY_SAFE     Reputation_ScoreId = 1 // Long history of good behavior.
	Reputation_SCORE_ID_SAFE          Reputation_ScoreId = 2 // Consistently good behavior.
	Reputation_SCORE_ID_PROBABLY_SAFE Reputation_ScoreId = 3 // Reasonable history of good behavior.
	Reputation_SCORE_ID_LEANS_SAFE    Reputation_ScoreId = 4 // Starting to establish a history of normal
	// behavior.
	Reputation_SCORE_ID_MAY_NOT_BE_SAFE  Reputation_ScoreId = 5 // No established history of normal behavior.
	Reputation_SCORE_ID_EXERCISE_CAUTION Reputation_ScoreId = 6 // Starting to establish a history of suspicious
	// or risky behavior.
	Reputation_SCORE_ID_SUSPICIOUS_RISKY Reputation_ScoreId = 7 // A site with a history of suspicious or risky
	// behavior. (spam, scam, potentially unwanted
	// software, potentially malicious).
	Reputation_SCORE_ID_POSSIBLY_MALICIOUS Reputation_ScoreId = 8  // Strong possibility of maliciousness.
	Reputation_SCORE_ID_PROBABLY_MALICIOUS Reputation_ScoreId = 9  // Indicators of maliciousness.
	Reputation_SCORE_ID_MALICIOUS          Reputation_ScoreId = 10 // Proven evidence of maliciousness.
	Reputation_SCORE_ID_OTHER              Reputation_ScoreId = 99 // The reputation score is not mapped. See the
)

func (Reputation_ScoreId) Descriptor 

func (Reputation_ScoreId) Descriptor() protoreflect.EnumDescriptor

func (Reputation_ScoreId) Enum 

func (x Reputation_ScoreId) Enum() *Reputation_ScoreId

func (Reputation_ScoreId) EnumDescriptor deprecated 

func (Reputation_ScoreId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Reputation_ScoreId.Descriptor instead.

func (Reputation_ScoreId) Number 

func (x Reputation_ScoreId) Number() protoreflect.EnumNumber

func (Reputation_ScoreId) String 

func (x Reputation_ScoreId) String() string

func (Reputation_ScoreId) Type 

func (Reputation_ScoreId) Type() protoreflect.EnumType

type Request 

type Request struct {
	Containers []*Container    `protobuf:"bytes,1,rep,name=containers,proto3" json:"containers,omitempty"`
	Data       *structpb.Value `protobuf:"bytes,2,opt,name=data,proto3,oneof" json:"data,omitempty"`
	Flags      []string        `protobuf:"bytes,3,rep,name=flags,proto3" json:"flags,omitempty"`
	Uid        string          `protobuf:"bytes,4,opt,name=uid,proto3" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Request is an OSF object defined in ocsf objects/request.json

The Request Elements object describes characteristics of an API request.

func (*Request) Descriptor deprecated 

func (*Request) Descriptor() ([]byte, []int)

Deprecated: Use Request.ProtoReflect.Descriptor instead.

func (*Request) GetContainers 

func (x *Request) GetContainers() []*Container

func (*Request) GetData 

func (x *Request) GetData() *structpb.Value

func (*Request) GetFlags 

func (x *Request) GetFlags() []string

func (*Request) GetUid 

func (x *Request) GetUid() string

func (*Request) ProtoMessage 

func (*Request) ProtoMessage()

func (*Request) ProtoReflect 

func (x *Request) ProtoReflect() protoreflect.Message

func (*Request) Reset 

func (x *Request) Reset()

func (*Request) String 

func (x *Request) String() string

type ResourceActivity 

type ResourceActivity struct {
	Action         *string                         `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       ResourceActivity_ActionId       `` /* 132-byte string literal not displayed */
	ActivityId     ResourceActivity_ActivityId     `` /* 140-byte string literal not displayed */
	ActivityName   *string                         `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                          `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                            `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                       `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization                `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                         `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    ResourceActivity_CategoryUid    `` /* 145-byte string literal not displayed */
	ClassName      *string                         `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       ResourceActivity_ClassUid       `` /* 133-byte string literal not displayed */
	Cloud          *Cloud                          `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                          `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                         `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                         `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *ResourceActivity_DispositionId `` /* 159-byte string literal not displayed */
	Duration       *int32                          `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                          `protobuf:"varint,19,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp          `protobuf:"bytes,20,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                   `protobuf:"bytes,21,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                   `protobuf:"bytes,22,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Malware        []*Malware                      `protobuf:"bytes,23,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                         `protobuf:"bytes,24,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                       `protobuf:"bytes,25,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                   `protobuf:"bytes,26,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                         `protobuf:"bytes,27,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                         `protobuf:"bytes,28,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     ResourceActivity_SeverityId     `` /* 141-byte string literal not displayed */
	StartTime      *int64                          `protobuf:"varint,30,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp          `protobuf:"bytes,31,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                         `protobuf:"bytes,32,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                         `protobuf:"bytes,33,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                         `protobuf:"bytes,34,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *ResourceActivity_StatusId      `` /* 139-byte string literal not displayed */
	Time           int64                           `protobuf:"varint,36,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp          `protobuf:"bytes,37,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                          `protobuf:"varint,38,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                         `protobuf:"bytes,39,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                           `protobuf:"varint,40,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                `protobuf:"bytes,41,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	WinResource    *WinResource                    `protobuf:"bytes,2001,opt,name=win_resource,json=winResource,proto3" json:"win_resource,omitempty"`
	// contains filtered or unexported fields
}

ResourceActivity is an OSF event in category "System Activity" called Windows Resource Activity defined in win events/resource.json

Windows Resource Activity events report when a process accesses a Windows managed resource object, successful or otherwise.

func (*ResourceActivity) Descriptor deprecated 

func (*ResourceActivity) Descriptor() ([]byte, []int)

Deprecated: Use ResourceActivity.ProtoReflect.Descriptor instead.

func (*ResourceActivity) GetAction 

func (x *ResourceActivity) GetAction() string

func (*ResourceActivity) GetActionId 

func (x *ResourceActivity) GetActionId() ResourceActivity_ActionId

func (*ResourceActivity) GetActivityId 

func (x *ResourceActivity) GetActivityId() ResourceActivity_ActivityId

func (*ResourceActivity) GetActivityName 

func (x *ResourceActivity) GetActivityName() string

func (*ResourceActivity) GetActor 

func (x *ResourceActivity) GetActor() *Actor

func (*ResourceActivity) GetApi 

func (x *ResourceActivity) GetApi() *Api

func (*ResourceActivity) GetAttacks 

func (x *ResourceActivity) GetAttacks() []*Attack

func (*ResourceActivity) GetAuthorizations 

func (x *ResourceActivity) GetAuthorizations() []*Authorization

func (*ResourceActivity) GetCategoryName 

func (x *ResourceActivity) GetCategoryName() string

func (*ResourceActivity) GetCategoryUid 

func (x *ResourceActivity) GetCategoryUid() ResourceActivity_CategoryUid

func (*ResourceActivity) GetClassName 

func (x *ResourceActivity) GetClassName() string

func (*ResourceActivity) GetClassUid 

func (x *ResourceActivity) GetClassUid() ResourceActivity_ClassUid

func (*ResourceActivity) GetCloud 

func (x *ResourceActivity) GetCloud() *Cloud

func (*ResourceActivity) GetCount 

func (x *ResourceActivity) GetCount() int32

func (*ResourceActivity) GetDevice 

func (x *ResourceActivity) GetDevice() *Device

func (*ResourceActivity) GetDisposition 

func (x *ResourceActivity) GetDisposition() string

func (*ResourceActivity) GetDispositionId 

func (x *ResourceActivity) GetDispositionId() ResourceActivity_DispositionId

func (*ResourceActivity) GetDuration 

func (x *ResourceActivity) GetDuration() int32

func (*ResourceActivity) GetEndTime 

func (x *ResourceActivity) GetEndTime() int64

func (*ResourceActivity) GetEndTimeDt 

func (x *ResourceActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*ResourceActivity) GetEnrichments 

func (x *ResourceActivity) GetEnrichments() []*Enrichment

func (*ResourceActivity) GetFirewallRule 

func (x *ResourceActivity) GetFirewallRule() *FirewallRule

func (*ResourceActivity) GetMalware 

func (x *ResourceActivity) GetMalware() []*Malware

func (*ResourceActivity) GetMessage 

func (x *ResourceActivity) GetMessage() string

func (*ResourceActivity) GetMetadata 

func (x *ResourceActivity) GetMetadata() *Metadata

func (*ResourceActivity) GetObservables 

func (x *ResourceActivity) GetObservables() []*Observable

func (*ResourceActivity) GetRawData 

func (x *ResourceActivity) GetRawData() string

func (*ResourceActivity) GetSeverity 

func (x *ResourceActivity) GetSeverity() string

func (*ResourceActivity) GetSeverityId 

func (x *ResourceActivity) GetSeverityId() ResourceActivity_SeverityId

func (*ResourceActivity) GetStartTime 

func (x *ResourceActivity) GetStartTime() int64

func (*ResourceActivity) GetStartTimeDt 

func (x *ResourceActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*ResourceActivity) GetStatus 

func (x *ResourceActivity) GetStatus() string

func (*ResourceActivity) GetStatusCode 

func (x *ResourceActivity) GetStatusCode() string

func (*ResourceActivity) GetStatusDetail 

func (x *ResourceActivity) GetStatusDetail() string

func (*ResourceActivity) GetStatusId 

func (x *ResourceActivity) GetStatusId() ResourceActivity_StatusId

func (*ResourceActivity) GetTime 

func (x *ResourceActivity) GetTime() int64

func (*ResourceActivity) GetTimeDt 

func (x *ResourceActivity) GetTimeDt() *timestamppb.Timestamp

func (*ResourceActivity) GetTimezoneOffset 

func (x *ResourceActivity) GetTimezoneOffset() int32

func (*ResourceActivity) GetTypeName 

func (x *ResourceActivity) GetTypeName() string

func (*ResourceActivity) GetTypeUid 

func (x *ResourceActivity) GetTypeUid() int64

func (*ResourceActivity) GetUnmapped 

func (x *ResourceActivity) GetUnmapped() *structpb.Struct

func (*ResourceActivity) GetWinResource 

func (x *ResourceActivity) GetWinResource() *WinResource

func (*ResourceActivity) ProtoMessage 

func (*ResourceActivity) ProtoMessage()

func (*ResourceActivity) ProtoReflect 

func (x *ResourceActivity) ProtoReflect() protoreflect.Message

func (*ResourceActivity) Reset 

func (x *ResourceActivity) Reset()

func (*ResourceActivity) String 

func (x *ResourceActivity) String() string

type ResourceActivity_ActionId 

type ResourceActivity_ActionId int32
const (
	ResourceActivity_ACTION_ID_UNKNOWN ResourceActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	ResourceActivity_ACTION_ID_ALLOWED ResourceActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	ResourceActivity_ACTION_ID_DENIED ResourceActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	ResourceActivity_ACTION_ID_OTHER ResourceActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (ResourceActivity_ActionId) Descriptor 

func (ResourceActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (ResourceActivity_ActionId) Enum 

func (x ResourceActivity_ActionId) Enum() *ResourceActivity_ActionId

func (ResourceActivity_ActionId) EnumDescriptor deprecated 

func (ResourceActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ResourceActivity_ActionId.Descriptor instead.

func (ResourceActivity_ActionId) Number 

func (x ResourceActivity_ActionId) Number() protoreflect.EnumNumber

func (ResourceActivity_ActionId) String 

func (x ResourceActivity_ActionId) String() string

func (ResourceActivity_ActionId) Type 

func (ResourceActivity_ActionId) Type() protoreflect.EnumType

type ResourceActivity_ActivityId 

type ResourceActivity_ActivityId int32
const (
	ResourceActivity_ACTIVITY_ID_UNKNOWN ResourceActivity_ActivityId = 0
	ResourceActivity_ACTIVITY_ID_ACCESS  ResourceActivity_ActivityId = 1
	ResourceActivity_ACTIVITY_ID_OTHER   ResourceActivity_ActivityId = 99
)

func (ResourceActivity_ActivityId) Descriptor 

func (ResourceActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ResourceActivity_ActivityId) Enum 

func (x ResourceActivity_ActivityId) Enum() *ResourceActivity_ActivityId

func (ResourceActivity_ActivityId) EnumDescriptor deprecated 

func (ResourceActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ResourceActivity_ActivityId.Descriptor instead.

func (ResourceActivity_ActivityId) Number 

func (x ResourceActivity_ActivityId) Number() protoreflect.EnumNumber

func (ResourceActivity_ActivityId) String 

func (x ResourceActivity_ActivityId) String() string

func (ResourceActivity_ActivityId) Type 

func (ResourceActivity_ActivityId) Type() protoreflect.EnumType

type ResourceActivity_CategoryUid 

type ResourceActivity_CategoryUid int32
const (
	ResourceActivity_CATEGORY_UID_UNKNOWN         ResourceActivity_CategoryUid = 0
	ResourceActivity_CATEGORY_UID_SYSTEM_ACTIVITY ResourceActivity_CategoryUid = 1
)

func (ResourceActivity_CategoryUid) Descriptor 

func (ResourceActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ResourceActivity_CategoryUid) Enum 

func (x ResourceActivity_CategoryUid) Enum() *ResourceActivity_CategoryUid

func (ResourceActivity_CategoryUid) EnumDescriptor deprecated 

func (ResourceActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ResourceActivity_CategoryUid.Descriptor instead.

func (ResourceActivity_CategoryUid) Number 

func (x ResourceActivity_CategoryUid) Number() protoreflect.EnumNumber

func (ResourceActivity_CategoryUid) String 

func (x ResourceActivity_CategoryUid) String() string

func (ResourceActivity_CategoryUid) Type 

func (ResourceActivity_CategoryUid) Type() protoreflect.EnumType

type ResourceActivity_ClassUid 

type ResourceActivity_ClassUid int32
const (
	ResourceActivity_CLASS_UID_UNKNOWN                   ResourceActivity_ClassUid = 0
	ResourceActivity_CLASS_UID_WINDOWS_RESOURCE_ACTIVITY ResourceActivity_ClassUid = 201003
)

func (ResourceActivity_ClassUid) Descriptor 

func (ResourceActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ResourceActivity_ClassUid) Enum 

func (x ResourceActivity_ClassUid) Enum() *ResourceActivity_ClassUid

func (ResourceActivity_ClassUid) EnumDescriptor deprecated 

func (ResourceActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ResourceActivity_ClassUid.Descriptor instead.

func (ResourceActivity_ClassUid) Number 

func (x ResourceActivity_ClassUid) Number() protoreflect.EnumNumber

func (ResourceActivity_ClassUid) String 

func (x ResourceActivity_ClassUid) String() string

func (ResourceActivity_ClassUid) Type 

func (ResourceActivity_ClassUid) Type() protoreflect.EnumType

type ResourceActivity_DispositionId 

type ResourceActivity_DispositionId int32
const (
	ResourceActivity_DISPOSITION_ID_UNKNOWN ResourceActivity_DispositionId = 0 // The disposition was not known.
	ResourceActivity_DISPOSITION_ID_ALLOWED ResourceActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	ResourceActivity_DISPOSITION_ID_BLOCKED ResourceActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	ResourceActivity_DISPOSITION_ID_QUARANTINED ResourceActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	ResourceActivity_DISPOSITION_ID_ISOLATED ResourceActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	ResourceActivity_DISPOSITION_ID_DELETED ResourceActivity_DispositionId = 5 // A file or other content was deleted.
	ResourceActivity_DISPOSITION_ID_DROPPED ResourceActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	ResourceActivity_DISPOSITION_ID_CUSTOM_ACTION ResourceActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	ResourceActivity_DISPOSITION_ID_APPROVED ResourceActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	ResourceActivity_DISPOSITION_ID_RESTORED ResourceActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	ResourceActivity_DISPOSITION_ID_EXONERATED ResourceActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	ResourceActivity_DISPOSITION_ID_CORRECTED ResourceActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	ResourceActivity_DISPOSITION_ID_PARTIALLY_CORRECTED ResourceActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	ResourceActivity_DISPOSITION_ID_UNCORRECTED ResourceActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	ResourceActivity_DISPOSITION_ID_DELAYED ResourceActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	ResourceActivity_DISPOSITION_ID_DETECTED ResourceActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	ResourceActivity_DISPOSITION_ID_NO_ACTION ResourceActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	ResourceActivity_DISPOSITION_ID_LOGGED ResourceActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	ResourceActivity_DISPOSITION_ID_TAGGED ResourceActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	ResourceActivity_DISPOSITION_ID_ALERT ResourceActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	ResourceActivity_DISPOSITION_ID_COUNT ResourceActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	ResourceActivity_DISPOSITION_ID_RESET ResourceActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	ResourceActivity_DISPOSITION_ID_CAPTCHA ResourceActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	ResourceActivity_DISPOSITION_ID_CHALLENGE ResourceActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	ResourceActivity_DISPOSITION_ID_ACCESS_REVOKED ResourceActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	ResourceActivity_DISPOSITION_ID_REJECTED ResourceActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	ResourceActivity_DISPOSITION_ID_UNAUTHORIZED ResourceActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	ResourceActivity_DISPOSITION_ID_ERROR ResourceActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	ResourceActivity_DISPOSITION_ID_OTHER ResourceActivity_DispositionId = 99 // The disposition is not listed. The
)

func (ResourceActivity_DispositionId) Descriptor 

func (ResourceActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (ResourceActivity_DispositionId) Enum 

func (x ResourceActivity_DispositionId) Enum() *ResourceActivity_DispositionId

func (ResourceActivity_DispositionId) EnumDescriptor deprecated 

func (ResourceActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ResourceActivity_DispositionId.Descriptor instead.

func (ResourceActivity_DispositionId) Number 

func (x ResourceActivity_DispositionId) Number() protoreflect.EnumNumber

func (ResourceActivity_DispositionId) String 

func (x ResourceActivity_DispositionId) String() string

func (ResourceActivity_DispositionId) Type 

func (ResourceActivity_DispositionId) Type() protoreflect.EnumType

type ResourceActivity_SeverityId 

type ResourceActivity_SeverityId int32
const (
	ResourceActivity_SEVERITY_ID_UNKNOWN       ResourceActivity_SeverityId = 0 // The event/finding severity is unknown.
	ResourceActivity_SEVERITY_ID_INFORMATIONAL ResourceActivity_SeverityId = 1 // Informational message. No action required.
	ResourceActivity_SEVERITY_ID_LOW           ResourceActivity_SeverityId = 2 // The user decides if action is needed.
	ResourceActivity_SEVERITY_ID_MEDIUM        ResourceActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ResourceActivity_SEVERITY_ID_HIGH     ResourceActivity_SeverityId = 4 // Action is required immediately.
	ResourceActivity_SEVERITY_ID_CRITICAL ResourceActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ResourceActivity_SEVERITY_ID_FATAL ResourceActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ResourceActivity_SEVERITY_ID_OTHER ResourceActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ResourceActivity_SeverityId) Descriptor 

func (ResourceActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ResourceActivity_SeverityId) Enum 

func (x ResourceActivity_SeverityId) Enum() *ResourceActivity_SeverityId

func (ResourceActivity_SeverityId) EnumDescriptor deprecated 

func (ResourceActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ResourceActivity_SeverityId.Descriptor instead.

func (ResourceActivity_SeverityId) Number 

func (x ResourceActivity_SeverityId) Number() protoreflect.EnumNumber

func (ResourceActivity_SeverityId) String 

func (x ResourceActivity_SeverityId) String() string

func (ResourceActivity_SeverityId) Type 

func (ResourceActivity_SeverityId) Type() protoreflect.EnumType

type ResourceActivity_StatusId 

type ResourceActivity_StatusId int32
const (
	ResourceActivity_STATUS_ID_UNKNOWN ResourceActivity_StatusId = 0 // The status is unknown.
	ResourceActivity_STATUS_ID_SUCCESS ResourceActivity_StatusId = 1
	ResourceActivity_STATUS_ID_FAILURE ResourceActivity_StatusId = 2
	ResourceActivity_STATUS_ID_OTHER   ResourceActivity_StatusId = 99 // The event status is not mapped. See the
)

func (ResourceActivity_StatusId) Descriptor 

func (ResourceActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ResourceActivity_StatusId) Enum 

func (x ResourceActivity_StatusId) Enum() *ResourceActivity_StatusId

func (ResourceActivity_StatusId) EnumDescriptor deprecated 

func (ResourceActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ResourceActivity_StatusId.Descriptor instead.

func (ResourceActivity_StatusId) Number 

func (x ResourceActivity_StatusId) Number() protoreflect.EnumNumber

func (ResourceActivity_StatusId) String 

func (x ResourceActivity_StatusId) String() string

func (ResourceActivity_StatusId) Type 

func (ResourceActivity_StatusId) Type() protoreflect.EnumType

type ResourceDetails 

type ResourceDetails struct {
	AgentList          []*Agent            `protobuf:"bytes,1,rep,name=agent_list,json=agentList,proto3" json:"agent_list,omitempty"`
	CloudPartition     *string             `protobuf:"bytes,2,opt,name=cloud_partition,json=cloudPartition,proto3,oneof" json:"cloud_partition,omitempty"`
	Criticality        *string             `protobuf:"bytes,3,opt,name=criticality,proto3,oneof" json:"criticality,omitempty"`
	Data               *structpb.Value     `protobuf:"bytes,4,opt,name=data,proto3,oneof" json:"data,omitempty"`
	DataClassification *DataClassification `protobuf:"bytes,5,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	Group              *Group              `protobuf:"bytes,6,opt,name=group,proto3" json:"group,omitempty"`
	Labels             []string            `protobuf:"bytes,7,rep,name=labels,proto3" json:"labels,omitempty"`
	Name               *string             `protobuf:"bytes,8,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Namespace          *string             `protobuf:"bytes,9,opt,name=namespace,proto3,oneof" json:"namespace,omitempty"`
	Owner              *User               `protobuf:"bytes,10,opt,name=owner,proto3" json:"owner,omitempty"`
	Region             *string             `protobuf:"bytes,11,opt,name=region,proto3,oneof" json:"region,omitempty"`
	Type               *string             `protobuf:"bytes,12,opt,name=type,proto3,oneof" json:"type,omitempty"`
	Uid                *string             `protobuf:"bytes,13,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version            *string             `protobuf:"bytes,14,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

ResourceDetails is an OSF object defined in ocsf objects/resource_details.json

The Resource Details object describes details about resources that were affected by the activity/event.

func (*ResourceDetails) Descriptor deprecated 

func (*ResourceDetails) Descriptor() ([]byte, []int)

Deprecated: Use ResourceDetails.ProtoReflect.Descriptor instead.

func (*ResourceDetails) GetAgentList 

func (x *ResourceDetails) GetAgentList() []*Agent

func (*ResourceDetails) GetCloudPartition 

func (x *ResourceDetails) GetCloudPartition() string

func (*ResourceDetails) GetCriticality 

func (x *ResourceDetails) GetCriticality() string

func (*ResourceDetails) GetData 

func (x *ResourceDetails) GetData() *structpb.Value

func (*ResourceDetails) GetDataClassification 

func (x *ResourceDetails) GetDataClassification() *DataClassification

func (*ResourceDetails) GetGroup 

func (x *ResourceDetails) GetGroup() *Group

func (*ResourceDetails) GetLabels 

func (x *ResourceDetails) GetLabels() []string

func (*ResourceDetails) GetName 

func (x *ResourceDetails) GetName() string

func (*ResourceDetails) GetNamespace 

func (x *ResourceDetails) GetNamespace() string

func (*ResourceDetails) GetOwner 

func (x *ResourceDetails) GetOwner() *User

func (*ResourceDetails) GetRegion 

func (x *ResourceDetails) GetRegion() string

func (*ResourceDetails) GetType 

func (x *ResourceDetails) GetType() string

func (*ResourceDetails) GetUid 

func (x *ResourceDetails) GetUid() string

func (*ResourceDetails) GetVersion 

func (x *ResourceDetails) GetVersion() string

func (*ResourceDetails) ProtoMessage 

func (*ResourceDetails) ProtoMessage()

func (*ResourceDetails) ProtoReflect 

func (x *ResourceDetails) ProtoReflect() protoreflect.Message

func (*ResourceDetails) Reset 

func (x *ResourceDetails) Reset()

func (*ResourceDetails) String 

func (x *ResourceDetails) String() string

type Response 

type Response struct {
	Code         *int32          `protobuf:"varint,1,opt,name=code,proto3,oneof" json:"code,omitempty"`
	Containers   []*Container    `protobuf:"bytes,2,rep,name=containers,proto3" json:"containers,omitempty"`
	Data         *structpb.Value `protobuf:"bytes,3,opt,name=data,proto3,oneof" json:"data,omitempty"`
	Error        *string         `protobuf:"bytes,4,opt,name=error,proto3,oneof" json:"error,omitempty"`
	ErrorMessage *string         `protobuf:"bytes,5,opt,name=error_message,json=errorMessage,proto3,oneof" json:"error_message,omitempty"`
	Flags        []string        `protobuf:"bytes,6,rep,name=flags,proto3" json:"flags,omitempty"`
	Message      *string         `protobuf:"bytes,7,opt,name=message,proto3,oneof" json:"message,omitempty"`
	// contains filtered or unexported fields
}

Response is an OSF object defined in ocsf objects/response.json

The Response Elements object describes characteristics of an API response.

func (*Response) Descriptor deprecated 

func (*Response) Descriptor() ([]byte, []int)

Deprecated: Use Response.ProtoReflect.Descriptor instead.

func (*Response) GetCode 

func (x *Response) GetCode() int32

func (*Response) GetContainers 

func (x *Response) GetContainers() []*Container

func (*Response) GetData 

func (x *Response) GetData() *structpb.Value

func (*Response) GetError 

func (x *Response) GetError() string

func (*Response) GetErrorMessage 

func (x *Response) GetErrorMessage() string

func (*Response) GetFlags 

func (x *Response) GetFlags() []string

func (*Response) GetMessage 

func (x *Response) GetMessage() string

func (*Response) ProtoMessage 

func (*Response) ProtoMessage()

func (*Response) ProtoReflect 

func (x *Response) ProtoReflect() protoreflect.Message

func (*Response) Reset 

func (x *Response) Reset()

func (*Response) String 

func (x *Response) String() string

type RpcInterface 

type RpcInterface struct {
	AckReason *int32 `protobuf:"varint,1,opt,name=ack_reason,json=ackReason,proto3,oneof" json:"ack_reason,omitempty"`
	AckResult *int32 `protobuf:"varint,2,opt,name=ack_result,json=ackResult,proto3,oneof" json:"ack_result,omitempty"`
	Uuid      string `protobuf:"bytes,3,opt,name=uuid,proto3" json:"uuid,omitempty"`
	Version   string `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

RpcInterface is an OSF object defined in ocsf objects/rpc_interface.json

The RPC Interface represents the remote procedure call interface used in the DCE/RPC session.

func (*RpcInterface) Descriptor deprecated 

func (*RpcInterface) Descriptor() ([]byte, []int)

Deprecated: Use RpcInterface.ProtoReflect.Descriptor instead.

func (*RpcInterface) GetAckReason 

func (x *RpcInterface) GetAckReason() int32

func (*RpcInterface) GetAckResult 

func (x *RpcInterface) GetAckResult() int32

func (*RpcInterface) GetUuid 

func (x *RpcInterface) GetUuid() string

func (*RpcInterface) GetVersion 

func (x *RpcInterface) GetVersion() string

func (*RpcInterface) ProtoMessage 

func (*RpcInterface) ProtoMessage()

func (*RpcInterface) ProtoReflect 

func (x *RpcInterface) ProtoReflect() protoreflect.Message

func (*RpcInterface) Reset 

func (x *RpcInterface) Reset()

func (*RpcInterface) String 

func (x *RpcInterface) String() string

type Rule 

type Rule struct {
	Category *string `protobuf:"bytes,1,opt,name=category,proto3,oneof" json:"category,omitempty"`
	Desc     *string `protobuf:"bytes,2,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Name     *string `protobuf:"bytes,3,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Type     *string `protobuf:"bytes,4,opt,name=type,proto3,oneof" json:"type,omitempty"`
	Uid      *string `protobuf:"bytes,5,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version  *string `protobuf:"bytes,6,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Rule is an OSF object defined in ocsf objects/rule.json

The Rule object describes characteristics of a rule associated with a policy or an event.

func (*Rule) Descriptor deprecated 

func (*Rule) Descriptor() ([]byte, []int)

Deprecated: Use Rule.ProtoReflect.Descriptor instead.

func (*Rule) GetCategory 

func (x *Rule) GetCategory() string

func (*Rule) GetDesc 

func (x *Rule) GetDesc() string

func (*Rule) GetName 

func (x *Rule) GetName() string

func (*Rule) GetType 

func (x *Rule) GetType() string

func (*Rule) GetUid 

func (x *Rule) GetUid() string

func (*Rule) GetVersion 

func (x *Rule) GetVersion() string

func (*Rule) ProtoMessage 

func (*Rule) ProtoMessage()

func (*Rule) ProtoReflect 

func (x *Rule) ProtoReflect() protoreflect.Message

func (*Rule) Reset 

func (x *Rule) Reset()

func (*Rule) String 

func (x *Rule) String() string

type San 

type San struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	Type string `protobuf:"bytes,2,opt,name=type,proto3" json:"type,omitempty"`
	// contains filtered or unexported fields
}

San is an OSF object defined in ocsf objects/san.json

The Subject Alternative name (SAN) object describes a SAN secured by a digital certificate

func (*San) Descriptor deprecated 

func (*San) Descriptor() ([]byte, []int)

Deprecated: Use San.ProtoReflect.Descriptor instead.

func (*San) GetName 

func (x *San) GetName() string

func (*San) GetType 

func (x *San) GetType() string

func (*San) ProtoMessage 

func (*San) ProtoMessage()

func (*San) ProtoReflect 

func (x *San) ProtoReflect() protoreflect.Message

func (*San) Reset 

func (x *San) Reset()

func (*San) String 

func (x *San) String() string

type Scan 

type Scan struct {
	Name   *string     `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Type   *string     `protobuf:"bytes,2,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId Scan_TypeId `protobuf:"varint,3,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.Scan_TypeId" json:"type_id,omitempty"`
	Uid    *string     `protobuf:"bytes,4,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Scan is an OSF object defined in ocsf objects/scan.json

The Scan object describes characteristics of a proactive scan.

func (*Scan) Descriptor deprecated 

func (*Scan) Descriptor() ([]byte, []int)

Deprecated: Use Scan.ProtoReflect.Descriptor instead.

func (*Scan) GetName 

func (x *Scan) GetName() string

func (*Scan) GetType 

func (x *Scan) GetType() string

func (*Scan) GetTypeId 

func (x *Scan) GetTypeId() Scan_TypeId

func (*Scan) GetUid 

func (x *Scan) GetUid() string

func (*Scan) ProtoMessage 

func (*Scan) ProtoMessage()

func (*Scan) ProtoReflect 

func (x *Scan) ProtoReflect() protoreflect.Message

func (*Scan) Reset 

func (x *Scan) Reset()

func (*Scan) String 

func (x *Scan) String() string

type ScanActivity 

type ScanActivity struct {
	ActivityId       ScanActivity_ActivityId  `` /* 136-byte string literal not displayed */
	ActivityName     *string                  `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor            *Actor                   `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api              *Api                     `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName     *string                  `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid      ScanActivity_CategoryUid `` /* 140-byte string literal not displayed */
	ClassName        *string                  `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid         ScanActivity_ClassUid    `` /* 128-byte string literal not displayed */
	Cloud            *Cloud                   `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	CommandUid       *string                  `protobuf:"bytes,10,opt,name=command_uid,json=commandUid,proto3,oneof" json:"command_uid,omitempty"`
	Count            *int32                   `protobuf:"varint,11,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device           *Device                  `protobuf:"bytes,12,opt,name=device,proto3" json:"device,omitempty"`
	Duration         *int32                   `protobuf:"varint,13,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime          *int64                   `protobuf:"varint,14,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt        *timestamppb.Timestamp   `protobuf:"bytes,15,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments      []*Enrichment            `protobuf:"bytes,16,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message          *string                  `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata         *Metadata                `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	NumDetections    *int32                   `protobuf:"varint,19,opt,name=num_detections,json=numDetections,proto3,oneof" json:"num_detections,omitempty"`
	NumFiles         *int32                   `protobuf:"varint,20,opt,name=num_files,json=numFiles,proto3,oneof" json:"num_files,omitempty"`
	NumFolders       *int32                   `protobuf:"varint,21,opt,name=num_folders,json=numFolders,proto3,oneof" json:"num_folders,omitempty"`
	NumNetworkItems  *int32                   `protobuf:"varint,22,opt,name=num_network_items,json=numNetworkItems,proto3,oneof" json:"num_network_items,omitempty"`
	NumProcesses     *int32                   `protobuf:"varint,23,opt,name=num_processes,json=numProcesses,proto3,oneof" json:"num_processes,omitempty"`
	NumRegistryItems *int32                   `protobuf:"varint,24,opt,name=num_registry_items,json=numRegistryItems,proto3,oneof" json:"num_registry_items,omitempty"`
	NumResolutions   *int32                   `protobuf:"varint,25,opt,name=num_resolutions,json=numResolutions,proto3,oneof" json:"num_resolutions,omitempty"`
	NumSkippedItems  *int32                   `protobuf:"varint,26,opt,name=num_skipped_items,json=numSkippedItems,proto3,oneof" json:"num_skipped_items,omitempty"`
	NumTrustedItems  *int32                   `protobuf:"varint,27,opt,name=num_trusted_items,json=numTrustedItems,proto3,oneof" json:"num_trusted_items,omitempty"`
	Observables      []*Observable            `protobuf:"bytes,28,rep,name=observables,proto3" json:"observables,omitempty"`
	Policy           *Policy                  `protobuf:"bytes,29,opt,name=policy,proto3" json:"policy,omitempty"`
	RawData          *string                  `protobuf:"bytes,30,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Scan             *Scan                    `protobuf:"bytes,31,opt,name=scan,proto3" json:"scan,omitempty"`
	ScheduleUid      *string                  `protobuf:"bytes,32,opt,name=schedule_uid,json=scheduleUid,proto3,oneof" json:"schedule_uid,omitempty"`
	Severity         *string                  `protobuf:"bytes,33,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId       ScanActivity_SeverityId  `` /* 137-byte string literal not displayed */
	StartTime        *int64                   `protobuf:"varint,35,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt      *timestamppb.Timestamp   `protobuf:"bytes,36,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status           *string                  `protobuf:"bytes,37,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode       *string                  `protobuf:"bytes,38,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail     *string                  `protobuf:"bytes,39,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId         *ScanActivity_StatusId   `` /* 135-byte string literal not displayed */
	Time             int64                    `protobuf:"varint,41,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt           *timestamppb.Timestamp   `protobuf:"bytes,42,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset   *int32                   `protobuf:"varint,43,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Total            *int32                   `protobuf:"varint,44,opt,name=total,proto3,oneof" json:"total,omitempty"`
	TypeName         *string                  `protobuf:"bytes,45,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid          int64                    `protobuf:"varint,46,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped         *structpb.Struct         `protobuf:"bytes,47,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ScanActivity is an OSF event in category "Application Activity" called Scan Activity defined in ocsf events/application/scan_activity.json

Scan events report the start, completion, and results of a scan job. The scan event includes the number of items that were scanned and the number of detections that were resolved.

func (*ScanActivity) Descriptor deprecated 

func (*ScanActivity) Descriptor() ([]byte, []int)

Deprecated: Use ScanActivity.ProtoReflect.Descriptor instead.

func (*ScanActivity) GetActivityId 

func (x *ScanActivity) GetActivityId() ScanActivity_ActivityId

func (*ScanActivity) GetActivityName 

func (x *ScanActivity) GetActivityName() string

func (*ScanActivity) GetActor 

func (x *ScanActivity) GetActor() *Actor

func (*ScanActivity) GetApi 

func (x *ScanActivity) GetApi() *Api

func (*ScanActivity) GetCategoryName 

func (x *ScanActivity) GetCategoryName() string

func (*ScanActivity) GetCategoryUid 

func (x *ScanActivity) GetCategoryUid() ScanActivity_CategoryUid

func (*ScanActivity) GetClassName 

func (x *ScanActivity) GetClassName() string

func (*ScanActivity) GetClassUid 

func (x *ScanActivity) GetClassUid() ScanActivity_ClassUid

func (*ScanActivity) GetCloud 

func (x *ScanActivity) GetCloud() *Cloud

func (*ScanActivity) GetCommandUid 

func (x *ScanActivity) GetCommandUid() string

func (*ScanActivity) GetCount 

func (x *ScanActivity) GetCount() int32

func (*ScanActivity) GetDevice 

func (x *ScanActivity) GetDevice() *Device

func (*ScanActivity) GetDuration 

func (x *ScanActivity) GetDuration() int32

func (*ScanActivity) GetEndTime 

func (x *ScanActivity) GetEndTime() int64

func (*ScanActivity) GetEndTimeDt 

func (x *ScanActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*ScanActivity) GetEnrichments 

func (x *ScanActivity) GetEnrichments() []*Enrichment

func (*ScanActivity) GetMessage 

func (x *ScanActivity) GetMessage() string

func (*ScanActivity) GetMetadata 

func (x *ScanActivity) GetMetadata() *Metadata

func (*ScanActivity) GetNumDetections 

func (x *ScanActivity) GetNumDetections() int32

func (*ScanActivity) GetNumFiles 

func (x *ScanActivity) GetNumFiles() int32

func (*ScanActivity) GetNumFolders 

func (x *ScanActivity) GetNumFolders() int32

func (*ScanActivity) GetNumNetworkItems 

func (x *ScanActivity) GetNumNetworkItems() int32

func (*ScanActivity) GetNumProcesses 

func (x *ScanActivity) GetNumProcesses() int32

func (*ScanActivity) GetNumRegistryItems 

func (x *ScanActivity) GetNumRegistryItems() int32

func (*ScanActivity) GetNumResolutions 

func (x *ScanActivity) GetNumResolutions() int32

func (*ScanActivity) GetNumSkippedItems 

func (x *ScanActivity) GetNumSkippedItems() int32

func (*ScanActivity) GetNumTrustedItems 

func (x *ScanActivity) GetNumTrustedItems() int32

func (*ScanActivity) GetObservables 

func (x *ScanActivity) GetObservables() []*Observable

func (*ScanActivity) GetPolicy 

func (x *ScanActivity) GetPolicy() *Policy

func (*ScanActivity) GetRawData 

func (x *ScanActivity) GetRawData() string

func (*ScanActivity) GetScan 

func (x *ScanActivity) GetScan() *Scan

func (*ScanActivity) GetScheduleUid 

func (x *ScanActivity) GetScheduleUid() string

func (*ScanActivity) GetSeverity 

func (x *ScanActivity) GetSeverity() string

func (*ScanActivity) GetSeverityId 

func (x *ScanActivity) GetSeverityId() ScanActivity_SeverityId

func (*ScanActivity) GetStartTime 

func (x *ScanActivity) GetStartTime() int64

func (*ScanActivity) GetStartTimeDt 

func (x *ScanActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*ScanActivity) GetStatus 

func (x *ScanActivity) GetStatus() string

func (*ScanActivity) GetStatusCode 

func (x *ScanActivity) GetStatusCode() string

func (*ScanActivity) GetStatusDetail 

func (x *ScanActivity) GetStatusDetail() string

func (*ScanActivity) GetStatusId 

func (x *ScanActivity) GetStatusId() ScanActivity_StatusId

func (*ScanActivity) GetTime 

func (x *ScanActivity) GetTime() int64

func (*ScanActivity) GetTimeDt 

func (x *ScanActivity) GetTimeDt() *timestamppb.Timestamp

func (*ScanActivity) GetTimezoneOffset 

func (x *ScanActivity) GetTimezoneOffset() int32

func (*ScanActivity) GetTotal 

func (x *ScanActivity) GetTotal() int32

func (*ScanActivity) GetTypeName 

func (x *ScanActivity) GetTypeName() string

func (*ScanActivity) GetTypeUid 

func (x *ScanActivity) GetTypeUid() int64

func (*ScanActivity) GetUnmapped 

func (x *ScanActivity) GetUnmapped() *structpb.Struct

func (*ScanActivity) ProtoMessage 

func (*ScanActivity) ProtoMessage()

func (*ScanActivity) ProtoReflect 

func (x *ScanActivity) ProtoReflect() protoreflect.Message

func (*ScanActivity) Reset 

func (x *ScanActivity) Reset()

func (*ScanActivity) String 

func (x *ScanActivity) String() string

type ScanActivity_ActivityId 

type ScanActivity_ActivityId int32
const (
	ScanActivity_ACTIVITY_ID_UNKNOWN            ScanActivity_ActivityId = 0
	ScanActivity_ACTIVITY_ID_STARTED            ScanActivity_ActivityId = 1 // The scan was started.
	ScanActivity_ACTIVITY_ID_COMPLETED          ScanActivity_ActivityId = 2 // The scan was completed.
	ScanActivity_ACTIVITY_ID_CANCELLED          ScanActivity_ActivityId = 3 // The scan was cancelled.
	ScanActivity_ACTIVITY_ID_DURATION_VIOLATION ScanActivity_ActivityId = 4 // The allocated scan time was insufficient
	// to complete the requested scan.
	ScanActivity_ACTIVITY_ID_PAUSE_VIOLATION ScanActivity_ActivityId = 5 // The scan was paused, either by the user or
	// by program constraints (e.g. scans that
	// are suspended during certain time
	// intervals), and not resumed within the
	// allotted time.
	ScanActivity_ACTIVITY_ID_ERROR ScanActivity_ActivityId = 6 // The scan could not be completed due to an
	// internal error.
	ScanActivity_ACTIVITY_ID_PAUSED    ScanActivity_ActivityId = 7 // The scan was paused.
	ScanActivity_ACTIVITY_ID_RESUMED   ScanActivity_ActivityId = 8 // The scan was resumed from the pause point.
	ScanActivity_ACTIVITY_ID_RESTARTED ScanActivity_ActivityId = 9 // The scan restarted from the beginning of
	// the file enumeration.
	ScanActivity_ACTIVITY_ID_DELAYED ScanActivity_ActivityId = 10 // The user delayed the scan.
	ScanActivity_ACTIVITY_ID_OTHER   ScanActivity_ActivityId = 99
)

func (ScanActivity_ActivityId) Descriptor 

func (ScanActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ScanActivity_ActivityId) Enum 

func (x ScanActivity_ActivityId) Enum() *ScanActivity_ActivityId

func (ScanActivity_ActivityId) EnumDescriptor deprecated 

func (ScanActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScanActivity_ActivityId.Descriptor instead.

func (ScanActivity_ActivityId) Number 

func (x ScanActivity_ActivityId) Number() protoreflect.EnumNumber

func (ScanActivity_ActivityId) String 

func (x ScanActivity_ActivityId) String() string

func (ScanActivity_ActivityId) Type 

func (ScanActivity_ActivityId) Type() protoreflect.EnumType

type ScanActivity_CategoryUid 

type ScanActivity_CategoryUid int32
const (
	ScanActivity_CATEGORY_UID_UNKNOWN              ScanActivity_CategoryUid = 0
	ScanActivity_CATEGORY_UID_APPLICATION_ACTIVITY ScanActivity_CategoryUid = 6
)

func (ScanActivity_CategoryUid) Descriptor 

func (ScanActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ScanActivity_CategoryUid) Enum 

func (x ScanActivity_CategoryUid) Enum() *ScanActivity_CategoryUid

func (ScanActivity_CategoryUid) EnumDescriptor deprecated 

func (ScanActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScanActivity_CategoryUid.Descriptor instead.

func (ScanActivity_CategoryUid) Number 

func (x ScanActivity_CategoryUid) Number() protoreflect.EnumNumber

func (ScanActivity_CategoryUid) String 

func (x ScanActivity_CategoryUid) String() string

func (ScanActivity_CategoryUid) Type 

func (ScanActivity_CategoryUid) Type() protoreflect.EnumType

type ScanActivity_ClassUid 

type ScanActivity_ClassUid int32
const (
	ScanActivity_CLASS_UID_UNKNOWN       ScanActivity_ClassUid = 0
	ScanActivity_CLASS_UID_SCAN_ACTIVITY ScanActivity_ClassUid = 6007
)

func (ScanActivity_ClassUid) Descriptor 

func (ScanActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ScanActivity_ClassUid) Enum 

func (x ScanActivity_ClassUid) Enum() *ScanActivity_ClassUid

func (ScanActivity_ClassUid) EnumDescriptor deprecated 

func (ScanActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScanActivity_ClassUid.Descriptor instead.

func (ScanActivity_ClassUid) Number 

func (x ScanActivity_ClassUid) Number() protoreflect.EnumNumber

func (ScanActivity_ClassUid) String 

func (x ScanActivity_ClassUid) String() string

func (ScanActivity_ClassUid) Type 

func (ScanActivity_ClassUid) Type() protoreflect.EnumType

type ScanActivity_SeverityId 

type ScanActivity_SeverityId int32
const (
	ScanActivity_SEVERITY_ID_UNKNOWN       ScanActivity_SeverityId = 0 // The event/finding severity is unknown.
	ScanActivity_SEVERITY_ID_INFORMATIONAL ScanActivity_SeverityId = 1 // Informational message. No action required.
	ScanActivity_SEVERITY_ID_LOW           ScanActivity_SeverityId = 2 // The user decides if action is needed.
	ScanActivity_SEVERITY_ID_MEDIUM        ScanActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ScanActivity_SEVERITY_ID_HIGH     ScanActivity_SeverityId = 4 // Action is required immediately.
	ScanActivity_SEVERITY_ID_CRITICAL ScanActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ScanActivity_SEVERITY_ID_FATAL ScanActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ScanActivity_SEVERITY_ID_OTHER ScanActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ScanActivity_SeverityId) Descriptor 

func (ScanActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ScanActivity_SeverityId) Enum 

func (x ScanActivity_SeverityId) Enum() *ScanActivity_SeverityId

func (ScanActivity_SeverityId) EnumDescriptor deprecated 

func (ScanActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScanActivity_SeverityId.Descriptor instead.

func (ScanActivity_SeverityId) Number 

func (x ScanActivity_SeverityId) Number() protoreflect.EnumNumber

func (ScanActivity_SeverityId) String 

func (x ScanActivity_SeverityId) String() string

func (ScanActivity_SeverityId) Type 

func (ScanActivity_SeverityId) Type() protoreflect.EnumType

type ScanActivity_StatusId 

type ScanActivity_StatusId int32
const (
	ScanActivity_STATUS_ID_UNKNOWN ScanActivity_StatusId = 0 // The status is unknown.
	ScanActivity_STATUS_ID_SUCCESS ScanActivity_StatusId = 1
	ScanActivity_STATUS_ID_FAILURE ScanActivity_StatusId = 2
	ScanActivity_STATUS_ID_OTHER   ScanActivity_StatusId = 99 // The event status is not mapped. See the
)

func (ScanActivity_StatusId) Descriptor 

func (ScanActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ScanActivity_StatusId) Enum 

func (x ScanActivity_StatusId) Enum() *ScanActivity_StatusId

func (ScanActivity_StatusId) EnumDescriptor deprecated 

func (ScanActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScanActivity_StatusId.Descriptor instead.

func (ScanActivity_StatusId) Number 

func (x ScanActivity_StatusId) Number() protoreflect.EnumNumber

func (ScanActivity_StatusId) String 

func (x ScanActivity_StatusId) String() string

func (ScanActivity_StatusId) Type 

func (ScanActivity_StatusId) Type() protoreflect.EnumType

type Scan_TypeId 

type Scan_TypeId int32
const (
	Scan_TYPE_ID_UNKNOWN Scan_TypeId = 0
	Scan_TYPE_ID_MANUAL  Scan_TypeId = 1 // The scan was manually initiated by the user or
	// administrator.
	Scan_TYPE_ID_SCHEDULED         Scan_TypeId = 2 // The scan was started based on scheduler.
	Scan_TYPE_ID_UPDATED_CONTENT   Scan_TypeId = 3 // The scan was triggered by a content update.
	Scan_TYPE_ID_QUARANTINED_ITEMS Scan_TypeId = 4 // The scan was triggered by newly quarantined
	// items.
	Scan_TYPE_ID_ATTACHED_MEDIA Scan_TypeId = 5 // The scan was triggered by the attachment of
	// removable media.
	Scan_TYPE_ID_USER_LOGON Scan_TypeId = 6 // The scan was started due to a user logon.
	Scan_TYPE_ID_ELAM       Scan_TypeId = 7 // The scan was triggered by an Early Launch Anti-
	// Malware (ELAM) detection.
	Scan_TYPE_ID_OTHER Scan_TypeId = 99 // The scan type id is not mapped. See the
)

func (Scan_TypeId) Descriptor 

func (Scan_TypeId) Descriptor() protoreflect.EnumDescriptor

func (Scan_TypeId) Enum 

func (x Scan_TypeId) Enum() *Scan_TypeId

func (Scan_TypeId) EnumDescriptor deprecated 

func (Scan_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use Scan_TypeId.Descriptor instead.

func (Scan_TypeId) Number 

func (x Scan_TypeId) Number() protoreflect.EnumNumber

func (Scan_TypeId) String 

func (x Scan_TypeId) String() string

func (Scan_TypeId) Type 

func (Scan_TypeId) Type() protoreflect.EnumType

type ScheduledJobActivity 

type ScheduledJobActivity struct {
	Action         *string                             `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId       ScheduledJobActivity_ActionId       `` /* 136-byte string literal not displayed */
	ActivityId     ScheduledJobActivity_ActivityId     `` /* 144-byte string literal not displayed */
	ActivityName   *string                             `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                              `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                                `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks        []*Attack                           `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations []*Authorization                    `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName   *string                             `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    ScheduledJobActivity_CategoryUid    `` /* 149-byte string literal not displayed */
	ClassName      *string                             `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       ScheduledJobActivity_ClassUid       `` /* 137-byte string literal not displayed */
	Cloud          *Cloud                              `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                              `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                             `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition    *string                             `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId  *ScheduledJobActivity_DispositionId `` /* 163-byte string literal not displayed */
	Duration       *int32                              `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                              `protobuf:"varint,19,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp              `protobuf:"bytes,20,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment                       `protobuf:"bytes,21,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule   *FirewallRule                       `protobuf:"bytes,22,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	Job            *Job                                `protobuf:"bytes,23,opt,name=job,proto3" json:"job,omitempty"`
	Malware        []*Malware                          `protobuf:"bytes,24,rep,name=malware,proto3" json:"malware,omitempty"`
	Message        *string                             `protobuf:"bytes,25,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                           `protobuf:"bytes,26,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable                       `protobuf:"bytes,27,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                             `protobuf:"bytes,28,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                             `protobuf:"bytes,29,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     ScheduledJobActivity_SeverityId     `` /* 145-byte string literal not displayed */
	StartTime      *int64                              `protobuf:"varint,31,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp              `protobuf:"bytes,32,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                             `protobuf:"bytes,33,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                             `protobuf:"bytes,34,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                             `protobuf:"bytes,35,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *ScheduledJobActivity_StatusId      `` /* 143-byte string literal not displayed */
	Time           int64                               `protobuf:"varint,37,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp              `protobuf:"bytes,38,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                              `protobuf:"varint,39,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                             `protobuf:"bytes,40,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                               `protobuf:"varint,41,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct                    `protobuf:"bytes,42,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ScheduledJobActivity is an OSF event in category "System Activity" called Scheduled Job Activity defined in ocsf events/system/scheduled_job.json

Scheduled Job Activity events report activities related to scheduled jobs or tasks.

func (*ScheduledJobActivity) Descriptor deprecated 

func (*ScheduledJobActivity) Descriptor() ([]byte, []int)

Deprecated: Use ScheduledJobActivity.ProtoReflect.Descriptor instead.

func (*ScheduledJobActivity) GetAction 

func (x *ScheduledJobActivity) GetAction() string

func (*ScheduledJobActivity) GetActionId 

func (x *ScheduledJobActivity) GetActionId() ScheduledJobActivity_ActionId

func (*ScheduledJobActivity) GetActivityId 

func (x *ScheduledJobActivity) GetActivityId() ScheduledJobActivity_ActivityId

func (*ScheduledJobActivity) GetActivityName 

func (x *ScheduledJobActivity) GetActivityName() string

func (*ScheduledJobActivity) GetActor 

func (x *ScheduledJobActivity) GetActor() *Actor

func (*ScheduledJobActivity) GetApi 

func (x *ScheduledJobActivity) GetApi() *Api

func (*ScheduledJobActivity) GetAttacks 

func (x *ScheduledJobActivity) GetAttacks() []*Attack

func (*ScheduledJobActivity) GetAuthorizations 

func (x *ScheduledJobActivity) GetAuthorizations() []*Authorization

func (*ScheduledJobActivity) GetCategoryName 

func (x *ScheduledJobActivity) GetCategoryName() string

func (*ScheduledJobActivity) GetCategoryUid 

func (x *ScheduledJobActivity) GetCategoryUid() ScheduledJobActivity_CategoryUid

func (*ScheduledJobActivity) GetClassName 

func (x *ScheduledJobActivity) GetClassName() string

func (*ScheduledJobActivity) GetClassUid 

func (x *ScheduledJobActivity) GetClassUid() ScheduledJobActivity_ClassUid

func (*ScheduledJobActivity) GetCloud 

func (x *ScheduledJobActivity) GetCloud() *Cloud

func (*ScheduledJobActivity) GetCount 

func (x *ScheduledJobActivity) GetCount() int32

func (*ScheduledJobActivity) GetDevice 

func (x *ScheduledJobActivity) GetDevice() *Device

func (*ScheduledJobActivity) GetDisposition 

func (x *ScheduledJobActivity) GetDisposition() string

func (*ScheduledJobActivity) GetDispositionId 

func (x *ScheduledJobActivity) GetDispositionId() ScheduledJobActivity_DispositionId

func (*ScheduledJobActivity) GetDuration 

func (x *ScheduledJobActivity) GetDuration() int32

func (*ScheduledJobActivity) GetEndTime 

func (x *ScheduledJobActivity) GetEndTime() int64

func (*ScheduledJobActivity) GetEndTimeDt 

func (x *ScheduledJobActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*ScheduledJobActivity) GetEnrichments 

func (x *ScheduledJobActivity) GetEnrichments() []*Enrichment

func (*ScheduledJobActivity) GetFirewallRule 

func (x *ScheduledJobActivity) GetFirewallRule() *FirewallRule

func (*ScheduledJobActivity) GetJob 

func (x *ScheduledJobActivity) GetJob() *Job

func (*ScheduledJobActivity) GetMalware 

func (x *ScheduledJobActivity) GetMalware() []*Malware

func (*ScheduledJobActivity) GetMessage 

func (x *ScheduledJobActivity) GetMessage() string

func (*ScheduledJobActivity) GetMetadata 

func (x *ScheduledJobActivity) GetMetadata() *Metadata

func (*ScheduledJobActivity) GetObservables 

func (x *ScheduledJobActivity) GetObservables() []*Observable

func (*ScheduledJobActivity) GetRawData 

func (x *ScheduledJobActivity) GetRawData() string

func (*ScheduledJobActivity) GetSeverity 

func (x *ScheduledJobActivity) GetSeverity() string

func (*ScheduledJobActivity) GetSeverityId 

func (x *ScheduledJobActivity) GetSeverityId() ScheduledJobActivity_SeverityId

func (*ScheduledJobActivity) GetStartTime 

func (x *ScheduledJobActivity) GetStartTime() int64

func (*ScheduledJobActivity) GetStartTimeDt 

func (x *ScheduledJobActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*ScheduledJobActivity) GetStatus 

func (x *ScheduledJobActivity) GetStatus() string

func (*ScheduledJobActivity) GetStatusCode 

func (x *ScheduledJobActivity) GetStatusCode() string

func (*ScheduledJobActivity) GetStatusDetail 

func (x *ScheduledJobActivity) GetStatusDetail() string

func (*ScheduledJobActivity) GetStatusId 

func (x *ScheduledJobActivity) GetStatusId() ScheduledJobActivity_StatusId

func (*ScheduledJobActivity) GetTime 

func (x *ScheduledJobActivity) GetTime() int64

func (*ScheduledJobActivity) GetTimeDt 

func (x *ScheduledJobActivity) GetTimeDt() *timestamppb.Timestamp

func (*ScheduledJobActivity) GetTimezoneOffset 

func (x *ScheduledJobActivity) GetTimezoneOffset() int32

func (*ScheduledJobActivity) GetTypeName 

func (x *ScheduledJobActivity) GetTypeName() string

func (*ScheduledJobActivity) GetTypeUid 

func (x *ScheduledJobActivity) GetTypeUid() int64

func (*ScheduledJobActivity) GetUnmapped 

func (x *ScheduledJobActivity) GetUnmapped() *structpb.Struct

func (*ScheduledJobActivity) ProtoMessage 

func (*ScheduledJobActivity) ProtoMessage()

func (*ScheduledJobActivity) ProtoReflect 

func (x *ScheduledJobActivity) ProtoReflect() protoreflect.Message

func (*ScheduledJobActivity) Reset 

func (x *ScheduledJobActivity) Reset()

func (*ScheduledJobActivity) String 

func (x *ScheduledJobActivity) String() string

type ScheduledJobActivity_ActionId 

type ScheduledJobActivity_ActionId int32
const (
	ScheduledJobActivity_ACTION_ID_UNKNOWN ScheduledJobActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	ScheduledJobActivity_ACTION_ID_ALLOWED ScheduledJobActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	ScheduledJobActivity_ACTION_ID_DENIED ScheduledJobActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	ScheduledJobActivity_ACTION_ID_OTHER ScheduledJobActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (ScheduledJobActivity_ActionId) Descriptor 

func (ScheduledJobActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (ScheduledJobActivity_ActionId) Enum 

func (x ScheduledJobActivity_ActionId) Enum() *ScheduledJobActivity_ActionId

func (ScheduledJobActivity_ActionId) EnumDescriptor deprecated 

func (ScheduledJobActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScheduledJobActivity_ActionId.Descriptor instead.

func (ScheduledJobActivity_ActionId) Number 

func (x ScheduledJobActivity_ActionId) Number() protoreflect.EnumNumber

func (ScheduledJobActivity_ActionId) String 

func (x ScheduledJobActivity_ActionId) String() string

func (ScheduledJobActivity_ActionId) Type 

func (ScheduledJobActivity_ActionId) Type() protoreflect.EnumType

type ScheduledJobActivity_ActivityId 

type ScheduledJobActivity_ActivityId int32
const (
	ScheduledJobActivity_ACTIVITY_ID_UNKNOWN ScheduledJobActivity_ActivityId = 0
	ScheduledJobActivity_ACTIVITY_ID_CREATE  ScheduledJobActivity_ActivityId = 1
	ScheduledJobActivity_ACTIVITY_ID_UPDATE  ScheduledJobActivity_ActivityId = 2
	ScheduledJobActivity_ACTIVITY_ID_DELETE  ScheduledJobActivity_ActivityId = 3
	ScheduledJobActivity_ACTIVITY_ID_ENABLE  ScheduledJobActivity_ActivityId = 4
	ScheduledJobActivity_ACTIVITY_ID_DISABLE ScheduledJobActivity_ActivityId = 5
	ScheduledJobActivity_ACTIVITY_ID_START   ScheduledJobActivity_ActivityId = 6
	ScheduledJobActivity_ACTIVITY_ID_OTHER   ScheduledJobActivity_ActivityId = 99
)

func (ScheduledJobActivity_ActivityId) Descriptor 

func (ScheduledJobActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ScheduledJobActivity_ActivityId) Enum 

func (x ScheduledJobActivity_ActivityId) Enum() *ScheduledJobActivity_ActivityId

func (ScheduledJobActivity_ActivityId) EnumDescriptor deprecated 

func (ScheduledJobActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScheduledJobActivity_ActivityId.Descriptor instead.

func (ScheduledJobActivity_ActivityId) Number 

func (x ScheduledJobActivity_ActivityId) Number() protoreflect.EnumNumber

func (ScheduledJobActivity_ActivityId) String 

func (x ScheduledJobActivity_ActivityId) String() string

func (ScheduledJobActivity_ActivityId) Type 

func (ScheduledJobActivity_ActivityId) Type() protoreflect.EnumType

type ScheduledJobActivity_CategoryUid 

type ScheduledJobActivity_CategoryUid int32
const (
	ScheduledJobActivity_CATEGORY_UID_UNKNOWN         ScheduledJobActivity_CategoryUid = 0
	ScheduledJobActivity_CATEGORY_UID_SYSTEM_ACTIVITY ScheduledJobActivity_CategoryUid = 1
)

func (ScheduledJobActivity_CategoryUid) Descriptor 

func (ScheduledJobActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ScheduledJobActivity_CategoryUid) Enum 

func (x ScheduledJobActivity_CategoryUid) Enum() *ScheduledJobActivity_CategoryUid

func (ScheduledJobActivity_CategoryUid) EnumDescriptor deprecated 

func (ScheduledJobActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScheduledJobActivity_CategoryUid.Descriptor instead.

func (ScheduledJobActivity_CategoryUid) Number 

func (x ScheduledJobActivity_CategoryUid) Number() protoreflect.EnumNumber

func (ScheduledJobActivity_CategoryUid) String 

func (x ScheduledJobActivity_CategoryUid) String() string

func (ScheduledJobActivity_CategoryUid) Type 

func (ScheduledJobActivity_CategoryUid) Type() protoreflect.EnumType

type ScheduledJobActivity_ClassUid 

type ScheduledJobActivity_ClassUid int32
const (
	ScheduledJobActivity_CLASS_UID_UNKNOWN                ScheduledJobActivity_ClassUid = 0
	ScheduledJobActivity_CLASS_UID_SCHEDULED_JOB_ACTIVITY ScheduledJobActivity_ClassUid = 1006
)

func (ScheduledJobActivity_ClassUid) Descriptor 

func (ScheduledJobActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ScheduledJobActivity_ClassUid) Enum 

func (x ScheduledJobActivity_ClassUid) Enum() *ScheduledJobActivity_ClassUid

func (ScheduledJobActivity_ClassUid) EnumDescriptor deprecated 

func (ScheduledJobActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScheduledJobActivity_ClassUid.Descriptor instead.

func (ScheduledJobActivity_ClassUid) Number 

func (x ScheduledJobActivity_ClassUid) Number() protoreflect.EnumNumber

func (ScheduledJobActivity_ClassUid) String 

func (x ScheduledJobActivity_ClassUid) String() string

func (ScheduledJobActivity_ClassUid) Type 

func (ScheduledJobActivity_ClassUid) Type() protoreflect.EnumType

type ScheduledJobActivity_DispositionId 

type ScheduledJobActivity_DispositionId int32
const (
	ScheduledJobActivity_DISPOSITION_ID_UNKNOWN ScheduledJobActivity_DispositionId = 0 // The disposition was not known.
	ScheduledJobActivity_DISPOSITION_ID_ALLOWED ScheduledJobActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	ScheduledJobActivity_DISPOSITION_ID_BLOCKED ScheduledJobActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	ScheduledJobActivity_DISPOSITION_ID_QUARANTINED ScheduledJobActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	ScheduledJobActivity_DISPOSITION_ID_ISOLATED ScheduledJobActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	ScheduledJobActivity_DISPOSITION_ID_DELETED ScheduledJobActivity_DispositionId = 5 // A file or other content was deleted.
	ScheduledJobActivity_DISPOSITION_ID_DROPPED ScheduledJobActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	ScheduledJobActivity_DISPOSITION_ID_CUSTOM_ACTION ScheduledJobActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	ScheduledJobActivity_DISPOSITION_ID_APPROVED ScheduledJobActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	ScheduledJobActivity_DISPOSITION_ID_RESTORED ScheduledJobActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	ScheduledJobActivity_DISPOSITION_ID_EXONERATED ScheduledJobActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	ScheduledJobActivity_DISPOSITION_ID_CORRECTED ScheduledJobActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	ScheduledJobActivity_DISPOSITION_ID_PARTIALLY_CORRECTED ScheduledJobActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	ScheduledJobActivity_DISPOSITION_ID_UNCORRECTED ScheduledJobActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	ScheduledJobActivity_DISPOSITION_ID_DELAYED ScheduledJobActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	ScheduledJobActivity_DISPOSITION_ID_DETECTED ScheduledJobActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	ScheduledJobActivity_DISPOSITION_ID_NO_ACTION ScheduledJobActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	ScheduledJobActivity_DISPOSITION_ID_LOGGED ScheduledJobActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	ScheduledJobActivity_DISPOSITION_ID_TAGGED ScheduledJobActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	ScheduledJobActivity_DISPOSITION_ID_ALERT ScheduledJobActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	ScheduledJobActivity_DISPOSITION_ID_COUNT ScheduledJobActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	ScheduledJobActivity_DISPOSITION_ID_RESET ScheduledJobActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	ScheduledJobActivity_DISPOSITION_ID_CAPTCHA ScheduledJobActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	ScheduledJobActivity_DISPOSITION_ID_CHALLENGE ScheduledJobActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	ScheduledJobActivity_DISPOSITION_ID_ACCESS_REVOKED ScheduledJobActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	ScheduledJobActivity_DISPOSITION_ID_REJECTED ScheduledJobActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	ScheduledJobActivity_DISPOSITION_ID_UNAUTHORIZED ScheduledJobActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	ScheduledJobActivity_DISPOSITION_ID_ERROR ScheduledJobActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	ScheduledJobActivity_DISPOSITION_ID_OTHER ScheduledJobActivity_DispositionId = 99 // The disposition is not listed. The
)

func (ScheduledJobActivity_DispositionId) Descriptor 

func (ScheduledJobActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (ScheduledJobActivity_DispositionId) Enum 

func (x ScheduledJobActivity_DispositionId) Enum() *ScheduledJobActivity_DispositionId

func (ScheduledJobActivity_DispositionId) EnumDescriptor deprecated 

func (ScheduledJobActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScheduledJobActivity_DispositionId.Descriptor instead.

func (ScheduledJobActivity_DispositionId) Number 

func (x ScheduledJobActivity_DispositionId) Number() protoreflect.EnumNumber

func (ScheduledJobActivity_DispositionId) String 

func (x ScheduledJobActivity_DispositionId) String() string

func (ScheduledJobActivity_DispositionId) Type 

func (ScheduledJobActivity_DispositionId) Type() protoreflect.EnumType

type ScheduledJobActivity_SeverityId 

type ScheduledJobActivity_SeverityId int32
const (
	ScheduledJobActivity_SEVERITY_ID_UNKNOWN       ScheduledJobActivity_SeverityId = 0 // The event/finding severity is unknown.
	ScheduledJobActivity_SEVERITY_ID_INFORMATIONAL ScheduledJobActivity_SeverityId = 1 // Informational message. No action required.
	ScheduledJobActivity_SEVERITY_ID_LOW           ScheduledJobActivity_SeverityId = 2 // The user decides if action is needed.
	ScheduledJobActivity_SEVERITY_ID_MEDIUM        ScheduledJobActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ScheduledJobActivity_SEVERITY_ID_HIGH     ScheduledJobActivity_SeverityId = 4 // Action is required immediately.
	ScheduledJobActivity_SEVERITY_ID_CRITICAL ScheduledJobActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ScheduledJobActivity_SEVERITY_ID_FATAL ScheduledJobActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ScheduledJobActivity_SEVERITY_ID_OTHER ScheduledJobActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ScheduledJobActivity_SeverityId) Descriptor 

func (ScheduledJobActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ScheduledJobActivity_SeverityId) Enum 

func (x ScheduledJobActivity_SeverityId) Enum() *ScheduledJobActivity_SeverityId

func (ScheduledJobActivity_SeverityId) EnumDescriptor deprecated 

func (ScheduledJobActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScheduledJobActivity_SeverityId.Descriptor instead.

func (ScheduledJobActivity_SeverityId) Number 

func (x ScheduledJobActivity_SeverityId) Number() protoreflect.EnumNumber

func (ScheduledJobActivity_SeverityId) String 

func (x ScheduledJobActivity_SeverityId) String() string

func (ScheduledJobActivity_SeverityId) Type 

func (ScheduledJobActivity_SeverityId) Type() protoreflect.EnumType

type ScheduledJobActivity_StatusId 

type ScheduledJobActivity_StatusId int32
const (
	ScheduledJobActivity_STATUS_ID_UNKNOWN ScheduledJobActivity_StatusId = 0 // The status is unknown.
	ScheduledJobActivity_STATUS_ID_SUCCESS ScheduledJobActivity_StatusId = 1
	ScheduledJobActivity_STATUS_ID_FAILURE ScheduledJobActivity_StatusId = 2
	ScheduledJobActivity_STATUS_ID_OTHER   ScheduledJobActivity_StatusId = 99 // The event status is not mapped. See the
)

func (ScheduledJobActivity_StatusId) Descriptor 

func (ScheduledJobActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ScheduledJobActivity_StatusId) Enum 

func (x ScheduledJobActivity_StatusId) Enum() *ScheduledJobActivity_StatusId

func (ScheduledJobActivity_StatusId) EnumDescriptor deprecated 

func (ScheduledJobActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ScheduledJobActivity_StatusId.Descriptor instead.

func (ScheduledJobActivity_StatusId) Number 

func (x ScheduledJobActivity_StatusId) Number() protoreflect.EnumNumber

func (ScheduledJobActivity_StatusId) String 

func (x ScheduledJobActivity_StatusId) String() string

func (ScheduledJobActivity_StatusId) Type 

func (ScheduledJobActivity_StatusId) Type() protoreflect.EnumType

type SecurityFinding 

type SecurityFinding struct {
	ActivityId      SecurityFinding_ActivityId    `` /* 139-byte string literal not displayed */
	ActivityName    *string                       `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Analytic        *Analytic                     `protobuf:"bytes,3,opt,name=analytic,proto3" json:"analytic,omitempty"`
	Api             *Api                          `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	Attacks         []*Attack                     `protobuf:"bytes,5,rep,name=attacks,proto3" json:"attacks,omitempty"`
	CategoryName    *string                       `protobuf:"bytes,6,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid     SecurityFinding_CategoryUid   `` /* 143-byte string literal not displayed */
	CisCsc          []*CisCsc                     `protobuf:"bytes,8,rep,name=cis_csc,json=cisCsc,proto3" json:"cis_csc,omitempty"`
	ClassName       *string                       `protobuf:"bytes,9,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid        SecurityFinding_ClassUid      `` /* 132-byte string literal not displayed */
	Cloud           *Cloud                        `protobuf:"bytes,11,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Compliance      *Compliance                   `protobuf:"bytes,12,opt,name=compliance,proto3" json:"compliance,omitempty"`
	Confidence      *string                       `protobuf:"bytes,13,opt,name=confidence,proto3,oneof" json:"confidence,omitempty"`
	ConfidenceId    *SecurityFinding_ConfidenceId `` /* 154-byte string literal not displayed */
	ConfidenceScore *int32                        `protobuf:"varint,15,opt,name=confidence_score,json=confidenceScore,proto3,oneof" json:"confidence_score,omitempty"`
	Count           *int32                        `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	DataSources     []string                      `protobuf:"bytes,17,rep,name=data_sources,json=dataSources,proto3" json:"data_sources,omitempty"`
	Duration        *int32                        `protobuf:"varint,18,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime         *int64                        `protobuf:"varint,19,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt       *timestamppb.Timestamp        `protobuf:"bytes,20,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments     []*Enrichment                 `protobuf:"bytes,21,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Evidence        *structpb.Value               `protobuf:"bytes,22,opt,name=evidence,proto3,oneof" json:"evidence,omitempty"`
	Finding         *Finding                      `protobuf:"bytes,23,opt,name=finding,proto3" json:"finding,omitempty"`
	Impact          *string                       `protobuf:"bytes,24,opt,name=impact,proto3,oneof" json:"impact,omitempty"`
	ImpactId        *SecurityFinding_ImpactId     `` /* 138-byte string literal not displayed */
	ImpactScore     *int32                        `protobuf:"varint,26,opt,name=impact_score,json=impactScore,proto3,oneof" json:"impact_score,omitempty"`
	KillChain       []*KillChainPhase             `protobuf:"bytes,27,rep,name=kill_chain,json=killChain,proto3" json:"kill_chain,omitempty"`
	Malware         []*Malware                    `protobuf:"bytes,28,rep,name=malware,proto3" json:"malware,omitempty"`
	Message         *string                       `protobuf:"bytes,29,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata        *Metadata                     `protobuf:"bytes,30,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Nist            []string                      `protobuf:"bytes,31,rep,name=nist,proto3" json:"nist,omitempty"`
	Observables     []*Observable                 `protobuf:"bytes,32,rep,name=observables,proto3" json:"observables,omitempty"`
	Process         *Process                      `protobuf:"bytes,33,opt,name=process,proto3" json:"process,omitempty"`
	RawData         *string                       `protobuf:"bytes,34,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Resources       []*ResourceDetails            `protobuf:"bytes,35,rep,name=resources,proto3" json:"resources,omitempty"`
	RiskLevel       *string                       `protobuf:"bytes,36,opt,name=risk_level,json=riskLevel,proto3,oneof" json:"risk_level,omitempty"`
	RiskLevelId     *SecurityFinding_RiskLevelId  `` /* 152-byte string literal not displayed */
	RiskScore       *int32                        `protobuf:"varint,38,opt,name=risk_score,json=riskScore,proto3,oneof" json:"risk_score,omitempty"`
	Severity        *string                       `protobuf:"bytes,39,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId      SecurityFinding_SeverityId    `` /* 140-byte string literal not displayed */
	StartTime       *int64                        `protobuf:"varint,41,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt     *timestamppb.Timestamp        `protobuf:"bytes,42,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	State           *string                       `protobuf:"bytes,43,opt,name=state,proto3,oneof" json:"state,omitempty"`
	StateId         SecurityFinding_StateId       `` /* 128-byte string literal not displayed */
	Status          *string                       `protobuf:"bytes,45,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode      *string                       `protobuf:"bytes,46,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail    *string                       `protobuf:"bytes,47,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId        *SecurityFinding_StatusId     `` /* 138-byte string literal not displayed */
	Time            int64                         `protobuf:"varint,49,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt          *timestamppb.Timestamp        `protobuf:"bytes,50,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset  *int32                        `protobuf:"varint,51,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName        *string                       `protobuf:"bytes,52,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid         int64                         `protobuf:"varint,53,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped        *structpb.Struct              `protobuf:"bytes,54,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	Vulnerabilities []*Vulnerability              `protobuf:"bytes,55,rep,name=vulnerabilities,proto3" json:"vulnerabilities,omitempty"`
	// contains filtered or unexported fields
}

SecurityFinding is an OSF event in category "Findings" called Security Finding defined in ocsf events/findings/security_finding.json

Security Finding events describe findings, detections, anomalies, alerts and/or actions performed by security products

func (*SecurityFinding) Descriptor deprecated 

func (*SecurityFinding) Descriptor() ([]byte, []int)

Deprecated: Use SecurityFinding.ProtoReflect.Descriptor instead.

func (*SecurityFinding) GetActivityId 

func (x *SecurityFinding) GetActivityId() SecurityFinding_ActivityId

func (*SecurityFinding) GetActivityName 

func (x *SecurityFinding) GetActivityName() string

func (*SecurityFinding) GetAnalytic 

func (x *SecurityFinding) GetAnalytic() *Analytic

func (*SecurityFinding) GetApi 

func (x *SecurityFinding) GetApi() *Api

func (*SecurityFinding) GetAttacks 

func (x *SecurityFinding) GetAttacks() []*Attack

func (*SecurityFinding) GetCategoryName 

func (x *SecurityFinding) GetCategoryName() string

func (*SecurityFinding) GetCategoryUid 

func (x *SecurityFinding) GetCategoryUid() SecurityFinding_CategoryUid

func (*SecurityFinding) GetCisCsc 

func (x *SecurityFinding) GetCisCsc() []*CisCsc

func (*SecurityFinding) GetClassName 

func (x *SecurityFinding) GetClassName() string

func (*SecurityFinding) GetClassUid 

func (x *SecurityFinding) GetClassUid() SecurityFinding_ClassUid

func (*SecurityFinding) GetCloud 

func (x *SecurityFinding) GetCloud() *Cloud

func (*SecurityFinding) GetCompliance 

func (x *SecurityFinding) GetCompliance() *Compliance

func (*SecurityFinding) GetConfidence 

func (x *SecurityFinding) GetConfidence() string

func (*SecurityFinding) GetConfidenceId 

func (x *SecurityFinding) GetConfidenceId() SecurityFinding_ConfidenceId

func (*SecurityFinding) GetConfidenceScore 

func (x *SecurityFinding) GetConfidenceScore() int32

func (*SecurityFinding) GetCount 

func (x *SecurityFinding) GetCount() int32

func (*SecurityFinding) GetDataSources 

func (x *SecurityFinding) GetDataSources() []string

func (*SecurityFinding) GetDuration 

func (x *SecurityFinding) GetDuration() int32

func (*SecurityFinding) GetEndTime 

func (x *SecurityFinding) GetEndTime() int64

func (*SecurityFinding) GetEndTimeDt 

func (x *SecurityFinding) GetEndTimeDt() *timestamppb.Timestamp

func (*SecurityFinding) GetEnrichments 

func (x *SecurityFinding) GetEnrichments() []*Enrichment

func (*SecurityFinding) GetEvidence 

func (x *SecurityFinding) GetEvidence() *structpb.Value

func (*SecurityFinding) GetFinding 

func (x *SecurityFinding) GetFinding() *Finding

func (*SecurityFinding) GetImpact 

func (x *SecurityFinding) GetImpact() string

func (*SecurityFinding) GetImpactId 

func (x *SecurityFinding) GetImpactId() SecurityFinding_ImpactId

func (*SecurityFinding) GetImpactScore 

func (x *SecurityFinding) GetImpactScore() int32

func (*SecurityFinding) GetKillChain 

func (x *SecurityFinding) GetKillChain() []*KillChainPhase

func (*SecurityFinding) GetMalware 

func (x *SecurityFinding) GetMalware() []*Malware

func (*SecurityFinding) GetMessage 

func (x *SecurityFinding) GetMessage() string

func (*SecurityFinding) GetMetadata 

func (x *SecurityFinding) GetMetadata() *Metadata

func (*SecurityFinding) GetNist 

func (x *SecurityFinding) GetNist() []string

func (*SecurityFinding) GetObservables 

func (x *SecurityFinding) GetObservables() []*Observable

func (*SecurityFinding) GetProcess 

func (x *SecurityFinding) GetProcess() *Process

func (*SecurityFinding) GetRawData 

func (x *SecurityFinding) GetRawData() string

func (*SecurityFinding) GetResources 

func (x *SecurityFinding) GetResources() []*ResourceDetails

func (*SecurityFinding) GetRiskLevel 

func (x *SecurityFinding) GetRiskLevel() string

func (*SecurityFinding) GetRiskLevelId 

func (x *SecurityFinding) GetRiskLevelId() SecurityFinding_RiskLevelId

func (*SecurityFinding) GetRiskScore 

func (x *SecurityFinding) GetRiskScore() int32

func (*SecurityFinding) GetSeverity 

func (x *SecurityFinding) GetSeverity() string

func (*SecurityFinding) GetSeverityId 

func (x *SecurityFinding) GetSeverityId() SecurityFinding_SeverityId

func (*SecurityFinding) GetStartTime 

func (x *SecurityFinding) GetStartTime() int64

func (*SecurityFinding) GetStartTimeDt 

func (x *SecurityFinding) GetStartTimeDt() *timestamppb.Timestamp

func (*SecurityFinding) GetState 

func (x *SecurityFinding) GetState() string

func (*SecurityFinding) GetStateId 

func (x *SecurityFinding) GetStateId() SecurityFinding_StateId

func (*SecurityFinding) GetStatus 

func (x *SecurityFinding) GetStatus() string

func (*SecurityFinding) GetStatusCode 

func (x *SecurityFinding) GetStatusCode() string

func (*SecurityFinding) GetStatusDetail 

func (x *SecurityFinding) GetStatusDetail() string

func (*SecurityFinding) GetStatusId 

func (x *SecurityFinding) GetStatusId() SecurityFinding_StatusId

func (*SecurityFinding) GetTime 

func (x *SecurityFinding) GetTime() int64

func (*SecurityFinding) GetTimeDt 

func (x *SecurityFinding) GetTimeDt() *timestamppb.Timestamp

func (*SecurityFinding) GetTimezoneOffset 

func (x *SecurityFinding) GetTimezoneOffset() int32

func (*SecurityFinding) GetTypeName 

func (x *SecurityFinding) GetTypeName() string

func (*SecurityFinding) GetTypeUid 

func (x *SecurityFinding) GetTypeUid() int64

func (*SecurityFinding) GetUnmapped 

func (x *SecurityFinding) GetUnmapped() *structpb.Struct

func (*SecurityFinding) GetVulnerabilities 

func (x *SecurityFinding) GetVulnerabilities() []*Vulnerability

func (*SecurityFinding) ProtoMessage 

func (*SecurityFinding) ProtoMessage()

func (*SecurityFinding) ProtoReflect 

func (x *SecurityFinding) ProtoReflect() protoreflect.Message

func (*SecurityFinding) Reset 

func (x *SecurityFinding) Reset()

func (*SecurityFinding) String 

func (x *SecurityFinding) String() string

type SecurityFinding_ActivityId 

type SecurityFinding_ActivityId int32
const (
	SecurityFinding_ACTIVITY_ID_UNKNOWN SecurityFinding_ActivityId = 0
	SecurityFinding_ACTIVITY_ID_CREATE  SecurityFinding_ActivityId = 1 // A security finding was created.
	SecurityFinding_ACTIVITY_ID_UPDATE  SecurityFinding_ActivityId = 2 // A security finding was updated.
	SecurityFinding_ACTIVITY_ID_CLOSE   SecurityFinding_ActivityId = 3 // A security finding was closed.
	SecurityFinding_ACTIVITY_ID_OTHER   SecurityFinding_ActivityId = 99
)

func (SecurityFinding_ActivityId) Descriptor 

func (SecurityFinding_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_ActivityId) Enum 

func (x SecurityFinding_ActivityId) Enum() *SecurityFinding_ActivityId

func (SecurityFinding_ActivityId) EnumDescriptor deprecated 

func (SecurityFinding_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_ActivityId.Descriptor instead.

func (SecurityFinding_ActivityId) Number 

func (x SecurityFinding_ActivityId) Number() protoreflect.EnumNumber

func (SecurityFinding_ActivityId) String 

func (x SecurityFinding_ActivityId) String() string

func (SecurityFinding_ActivityId) Type 

func (SecurityFinding_ActivityId) Type() protoreflect.EnumType

type SecurityFinding_CategoryUid 

type SecurityFinding_CategoryUid int32
const (
	SecurityFinding_CATEGORY_UID_UNKNOWN  SecurityFinding_CategoryUid = 0
	SecurityFinding_CATEGORY_UID_FINDINGS SecurityFinding_CategoryUid = 2
)

func (SecurityFinding_CategoryUid) Descriptor 

func (SecurityFinding_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_CategoryUid) Enum 

func (x SecurityFinding_CategoryUid) Enum() *SecurityFinding_CategoryUid

func (SecurityFinding_CategoryUid) EnumDescriptor deprecated 

func (SecurityFinding_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_CategoryUid.Descriptor instead.

func (SecurityFinding_CategoryUid) Number 

func (x SecurityFinding_CategoryUid) Number() protoreflect.EnumNumber

func (SecurityFinding_CategoryUid) String 

func (x SecurityFinding_CategoryUid) String() string

func (SecurityFinding_CategoryUid) Type 

func (SecurityFinding_CategoryUid) Type() protoreflect.EnumType

type SecurityFinding_ClassUid 

type SecurityFinding_ClassUid int32
const (
	SecurityFinding_CLASS_UID_UNKNOWN          SecurityFinding_ClassUid = 0
	SecurityFinding_CLASS_UID_SECURITY_FINDING SecurityFinding_ClassUid = 2001
)

func (SecurityFinding_ClassUid) Descriptor 

func (SecurityFinding_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_ClassUid) Enum 

func (x SecurityFinding_ClassUid) Enum() *SecurityFinding_ClassUid

func (SecurityFinding_ClassUid) EnumDescriptor deprecated 

func (SecurityFinding_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_ClassUid.Descriptor instead.

func (SecurityFinding_ClassUid) Number 

func (x SecurityFinding_ClassUid) Number() protoreflect.EnumNumber

func (SecurityFinding_ClassUid) String 

func (x SecurityFinding_ClassUid) String() string

func (SecurityFinding_ClassUid) Type 

func (SecurityFinding_ClassUid) Type() protoreflect.EnumType

type SecurityFinding_ConfidenceId 

type SecurityFinding_ConfidenceId int32
const (
	SecurityFinding_CONFIDENCE_ID_UNKNOWN SecurityFinding_ConfidenceId = 0 // The normalized confidence is unknown.
	SecurityFinding_CONFIDENCE_ID_LOW     SecurityFinding_ConfidenceId = 1
	SecurityFinding_CONFIDENCE_ID_MEDIUM  SecurityFinding_ConfidenceId = 2
	SecurityFinding_CONFIDENCE_ID_HIGH    SecurityFinding_ConfidenceId = 3
	SecurityFinding_CONFIDENCE_ID_OTHER   SecurityFinding_ConfidenceId = 99 // The confidence is not mapped to the defined enum
)

func (SecurityFinding_ConfidenceId) Descriptor 

func (SecurityFinding_ConfidenceId) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_ConfidenceId) Enum 

func (x SecurityFinding_ConfidenceId) Enum() *SecurityFinding_ConfidenceId

func (SecurityFinding_ConfidenceId) EnumDescriptor deprecated 

func (SecurityFinding_ConfidenceId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_ConfidenceId.Descriptor instead.

func (SecurityFinding_ConfidenceId) Number 

func (x SecurityFinding_ConfidenceId) Number() protoreflect.EnumNumber

func (SecurityFinding_ConfidenceId) String 

func (x SecurityFinding_ConfidenceId) String() string

func (SecurityFinding_ConfidenceId) Type 

func (SecurityFinding_ConfidenceId) Type() protoreflect.EnumType

type SecurityFinding_ImpactId 

type SecurityFinding_ImpactId int32
const (
	SecurityFinding_IMPACT_ID_UNKNOWN  SecurityFinding_ImpactId = 0 // The normalized impact is unknown.
	SecurityFinding_IMPACT_ID_LOW      SecurityFinding_ImpactId = 1
	SecurityFinding_IMPACT_ID_MEDIUM   SecurityFinding_ImpactId = 2
	SecurityFinding_IMPACT_ID_HIGH     SecurityFinding_ImpactId = 3
	SecurityFinding_IMPACT_ID_CRITICAL SecurityFinding_ImpactId = 4
	SecurityFinding_IMPACT_ID_OTHER    SecurityFinding_ImpactId = 99 // The impact is not mapped. See the <code>impact</code>
)

func (SecurityFinding_ImpactId) Descriptor 

func (SecurityFinding_ImpactId) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_ImpactId) Enum 

func (x SecurityFinding_ImpactId) Enum() *SecurityFinding_ImpactId

func (SecurityFinding_ImpactId) EnumDescriptor deprecated 

func (SecurityFinding_ImpactId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_ImpactId.Descriptor instead.

func (SecurityFinding_ImpactId) Number 

func (x SecurityFinding_ImpactId) Number() protoreflect.EnumNumber

func (SecurityFinding_ImpactId) String 

func (x SecurityFinding_ImpactId) String() string

func (SecurityFinding_ImpactId) Type 

func (SecurityFinding_ImpactId) Type() protoreflect.EnumType

type SecurityFinding_RiskLevelId 

type SecurityFinding_RiskLevelId int32
const (
	SecurityFinding_RISK_LEVEL_ID_INFO     SecurityFinding_RiskLevelId = 0
	SecurityFinding_RISK_LEVEL_ID_LOW      SecurityFinding_RiskLevelId = 1
	SecurityFinding_RISK_LEVEL_ID_MEDIUM   SecurityFinding_RiskLevelId = 2
	SecurityFinding_RISK_LEVEL_ID_HIGH     SecurityFinding_RiskLevelId = 3
	SecurityFinding_RISK_LEVEL_ID_CRITICAL SecurityFinding_RiskLevelId = 4
)

func (SecurityFinding_RiskLevelId) Descriptor 

func (SecurityFinding_RiskLevelId) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_RiskLevelId) Enum 

func (x SecurityFinding_RiskLevelId) Enum() *SecurityFinding_RiskLevelId

func (SecurityFinding_RiskLevelId) EnumDescriptor deprecated 

func (SecurityFinding_RiskLevelId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_RiskLevelId.Descriptor instead.

func (SecurityFinding_RiskLevelId) Number 

func (x SecurityFinding_RiskLevelId) Number() protoreflect.EnumNumber

func (SecurityFinding_RiskLevelId) String 

func (x SecurityFinding_RiskLevelId) String() string

func (SecurityFinding_RiskLevelId) Type 

func (SecurityFinding_RiskLevelId) Type() protoreflect.EnumType

type SecurityFinding_SeverityId 

type SecurityFinding_SeverityId int32
const (
	SecurityFinding_SEVERITY_ID_UNKNOWN       SecurityFinding_SeverityId = 0 // The event/finding severity is unknown.
	SecurityFinding_SEVERITY_ID_INFORMATIONAL SecurityFinding_SeverityId = 1 // Informational message. No action required.
	SecurityFinding_SEVERITY_ID_LOW           SecurityFinding_SeverityId = 2 // The user decides if action is needed.
	SecurityFinding_SEVERITY_ID_MEDIUM        SecurityFinding_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	SecurityFinding_SEVERITY_ID_HIGH     SecurityFinding_SeverityId = 4 // Action is required immediately.
	SecurityFinding_SEVERITY_ID_CRITICAL SecurityFinding_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	SecurityFinding_SEVERITY_ID_FATAL SecurityFinding_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	SecurityFinding_SEVERITY_ID_OTHER SecurityFinding_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (SecurityFinding_SeverityId) Descriptor 

func (SecurityFinding_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_SeverityId) Enum 

func (x SecurityFinding_SeverityId) Enum() *SecurityFinding_SeverityId

func (SecurityFinding_SeverityId) EnumDescriptor deprecated 

func (SecurityFinding_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_SeverityId.Descriptor instead.

func (SecurityFinding_SeverityId) Number 

func (x SecurityFinding_SeverityId) Number() protoreflect.EnumNumber

func (SecurityFinding_SeverityId) String 

func (x SecurityFinding_SeverityId) String() string

func (SecurityFinding_SeverityId) Type 

func (SecurityFinding_SeverityId) Type() protoreflect.EnumType

type SecurityFinding_StateId 

type SecurityFinding_StateId int32
const (
	SecurityFinding_STATE_ID_UNKNOWN     SecurityFinding_StateId = 0 // The state is unknown.
	SecurityFinding_STATE_ID_NEW         SecurityFinding_StateId = 1 // The finding is new and yet to be reviewed.
	SecurityFinding_STATE_ID_IN_PROGRESS SecurityFinding_StateId = 2 // The finding is under review.
	SecurityFinding_STATE_ID_SUPPRESSED  SecurityFinding_StateId = 3 // The finding was reviewed, considered as a false
	// positive and is now suppressed.
	SecurityFinding_STATE_ID_RESOLVED SecurityFinding_StateId = 4 // The finding was reviewed and remediated and is now
	// considered resolved.
	SecurityFinding_STATE_ID_OTHER SecurityFinding_StateId = 99 // The state is not mapped. See the <code>state</code>
)

func (SecurityFinding_StateId) Descriptor 

func (SecurityFinding_StateId) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_StateId) Enum 

func (x SecurityFinding_StateId) Enum() *SecurityFinding_StateId

func (SecurityFinding_StateId) EnumDescriptor deprecated 

func (SecurityFinding_StateId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_StateId.Descriptor instead.

func (SecurityFinding_StateId) Number 

func (x SecurityFinding_StateId) Number() protoreflect.EnumNumber

func (SecurityFinding_StateId) String 

func (x SecurityFinding_StateId) String() string

func (SecurityFinding_StateId) Type 

func (SecurityFinding_StateId) Type() protoreflect.EnumType

type SecurityFinding_StatusId 

type SecurityFinding_StatusId int32
const (
	SecurityFinding_STATUS_ID_UNKNOWN SecurityFinding_StatusId = 0 // The status is unknown.
	SecurityFinding_STATUS_ID_SUCCESS SecurityFinding_StatusId = 1
	SecurityFinding_STATUS_ID_FAILURE SecurityFinding_StatusId = 2
	SecurityFinding_STATUS_ID_OTHER   SecurityFinding_StatusId = 99 // The event status is not mapped. See the
)

func (SecurityFinding_StatusId) Descriptor 

func (SecurityFinding_StatusId) Descriptor() protoreflect.EnumDescriptor

func (SecurityFinding_StatusId) Enum 

func (x SecurityFinding_StatusId) Enum() *SecurityFinding_StatusId

func (SecurityFinding_StatusId) EnumDescriptor deprecated 

func (SecurityFinding_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityFinding_StatusId.Descriptor instead.

func (SecurityFinding_StatusId) Number 

func (x SecurityFinding_StatusId) Number() protoreflect.EnumNumber

func (SecurityFinding_StatusId) String 

func (x SecurityFinding_StatusId) String() string

func (SecurityFinding_StatusId) Type 

func (SecurityFinding_StatusId) Type() protoreflect.EnumType

type SecurityState 

type SecurityState struct {
	State   *string                `protobuf:"bytes,1,opt,name=state,proto3,oneof" json:"state,omitempty"`
	StateId *SecurityState_StateId `` /* 131-byte string literal not displayed */
	// contains filtered or unexported fields
}

SecurityState is an OSF object defined in ocsf objects/security_state.json

The Security State object describes the security related state of a managed entity.

func (*SecurityState) Descriptor deprecated 

func (*SecurityState) Descriptor() ([]byte, []int)

Deprecated: Use SecurityState.ProtoReflect.Descriptor instead.

func (*SecurityState) GetState 

func (x *SecurityState) GetState() string

func (*SecurityState) GetStateId 

func (x *SecurityState) GetStateId() SecurityState_StateId

func (*SecurityState) ProtoMessage 

func (*SecurityState) ProtoMessage()

func (*SecurityState) ProtoReflect 

func (x *SecurityState) ProtoReflect() protoreflect.Message

func (*SecurityState) Reset 

func (x *SecurityState) Reset()

func (*SecurityState) String 

func (x *SecurityState) String() string

type SecurityState_StateId 

type SecurityState_StateId int32
const (
	SecurityState_STATE_ID_UNKNOWN                     SecurityState_StateId = 0 // The security state is unknown.
	SecurityState_STATE_ID_MISSING_OR_OUTDATED_CONTENT SecurityState_StateId = 1 // The content is missing or
	// outdated.
	SecurityState_STATE_ID_POLICY_MISMATCH SecurityState_StateId = 2 // Not in compliance with the
	// expected security policy.
	SecurityState_STATE_ID_IN_NETWORK_QUARANTINE SecurityState_StateId = 3 // Isolated from the network.
	SecurityState_STATE_ID_PROTECTION_OFF        SecurityState_StateId = 4 // Not protected by a security
	// solution.
	SecurityState_STATE_ID_PROTECTION_MALFUNCTION SecurityState_StateId = 5 // The security solution is not
	// functioning properly.
	SecurityState_STATE_ID_PROTECTION_NOT_LICENSED SecurityState_StateId = 6 // The security solution does not
	// have a valid license.
	SecurityState_STATE_ID_UNREMEDIATED_THREAT SecurityState_StateId = 7 // A detected threat has not been
	// remediated.
	SecurityState_STATE_ID_SUSPICIOUS_REPUTATION SecurityState_StateId = 8 // Reputation of the entity is
	// suspicious.
	SecurityState_STATE_ID_REBOOT_PENDING SecurityState_StateId = 9 // A reboot is required for one or
	// more pending actions.
	SecurityState_STATE_ID_CONTENT_IS_LOCKED SecurityState_StateId = 10 // The content is locked to a
	// specific version.
	SecurityState_STATE_ID_NOT_INSTALLED             SecurityState_StateId = 11 // The entity is not installed.
	SecurityState_STATE_ID_WRITABLE_SYSTEM_PARTITION SecurityState_StateId = 12 // The system partition is
	// writeable.
	SecurityState_STATE_ID_SAFETYNET_FAILURE SecurityState_StateId = 13 // The device has failed the
	// SafetyNet check.
	SecurityState_STATE_ID_FAILED_BOOT_VERIFY SecurityState_StateId = 14 // The device has failed the boot
	// verification process.
	SecurityState_STATE_ID_MODIFIED_EXECUTION_ENVIRONMENT SecurityState_StateId = 15 // The execution environment has
	// been modified.
	SecurityState_STATE_ID_SELINUX_DISABLED SecurityState_StateId = 16 // The SELinux security feature has
	// been disabled.
	SecurityState_STATE_ID_ELEVATED_PRIVILEGE_SHELL SecurityState_StateId = 17 // An elevated privilege shell has
	// been detected.
	SecurityState_STATE_ID_IOS_FILE_SYSTEM_ALTERED SecurityState_StateId = 18 // The file system has been altered
	// on an iOS device.
	SecurityState_STATE_ID_OPEN_REMOTE_ACCESS   SecurityState_StateId = 19 // Remote access is enabled.
	SecurityState_STATE_ID_OTA_UPDATES_DISABLED SecurityState_StateId = 20 // Mobile OTA (Over The Air) updates
	// have been disabled.
	SecurityState_STATE_ID_ROOTED SecurityState_StateId = 21 // The device has been modified to
	// allow root access.
	SecurityState_STATE_ID_ANDROID_PARTITION_MODIFIED SecurityState_StateId = 22 // The Android partition has been
	// modified.
	SecurityState_STATE_ID_COMPLIANCE_FAILURE SecurityState_StateId = 23 // The entity is not compliant with
	// the associated security policy.
	SecurityState_STATE_ID_OTHER SecurityState_StateId = 99 // The security state is not mapped.
)

func (SecurityState_StateId) Descriptor 

func (SecurityState_StateId) Descriptor() protoreflect.EnumDescriptor

func (SecurityState_StateId) Enum 

func (x SecurityState_StateId) Enum() *SecurityState_StateId

func (SecurityState_StateId) EnumDescriptor deprecated 

func (SecurityState_StateId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SecurityState_StateId.Descriptor instead.

func (SecurityState_StateId) Number 

func (x SecurityState_StateId) Number() protoreflect.EnumNumber

func (SecurityState_StateId) String 

func (x SecurityState_StateId) String() string

func (SecurityState_StateId) Type 

func (SecurityState_StateId) Type() protoreflect.EnumType

type Service 

type Service struct {
	Labels  []string `protobuf:"bytes,1,rep,name=labels,proto3" json:"labels,omitempty"`
	Name    *string  `protobuf:"bytes,2,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Uid     *string  `protobuf:"bytes,3,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	Version *string  `protobuf:"bytes,4,opt,name=version,proto3,oneof" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Service is an OSF object defined in ocsf objects/service.json

The Service object describes characteristics of a service, <code> e.g. AWS EC2. </code>

func (*Service) Descriptor deprecated 

func (*Service) Descriptor() ([]byte, []int)

Deprecated: Use Service.ProtoReflect.Descriptor instead.

func (*Service) GetLabels 

func (x *Service) GetLabels() []string

func (*Service) GetName 

func (x *Service) GetName() string

func (*Service) GetUid 

func (x *Service) GetUid() string

func (*Service) GetVersion 

func (x *Service) GetVersion() string

func (*Service) ProtoMessage 

func (*Service) ProtoMessage()

func (*Service) ProtoReflect 

func (x *Service) ProtoReflect() protoreflect.Message

func (*Service) Reset 

func (x *Service) Reset()

func (*Service) String 

func (x *Service) String() string

type ServiceQuery 

type ServiceQuery struct {
	ActivityId     ServiceQuery_ActivityId    `` /* 136-byte string literal not displayed */
	ActivityName   *string                    `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                     `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                       `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                    `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    ServiceQuery_CategoryUid   `` /* 140-byte string literal not displayed */
	ClassName      *string                    `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       ServiceQuery_ClassUid      `` /* 128-byte string literal not displayed */
	Cloud          *Cloud                     `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                     `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                    `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                     `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                     `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp     `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment              `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                    `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                  `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable              `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                 `protobuf:"bytes,19,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                    `protobuf:"bytes,20,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  ServiceQuery_QueryResultId `` /* 151-byte string literal not displayed */
	RawData        *string                    `protobuf:"bytes,22,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Service        *Service                   `protobuf:"bytes,23,opt,name=service,proto3" json:"service,omitempty"`
	Severity       *string                    `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     ServiceQuery_SeverityId    `` /* 137-byte string literal not displayed */
	StartTime      *int64                     `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp     `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                    `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                    `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                    `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *ServiceQuery_StatusId     `` /* 135-byte string literal not displayed */
	Time           int64                      `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp     `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                     `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                    `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                      `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct           `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

ServiceQuery is an OSF event in category "Discovery" called Service Query defined in ocsf events/discovery/service_query.json

Service Query events report information about running services.

func (*ServiceQuery) Descriptor deprecated 

func (*ServiceQuery) Descriptor() ([]byte, []int)

Deprecated: Use ServiceQuery.ProtoReflect.Descriptor instead.

func (*ServiceQuery) GetActivityId 

func (x *ServiceQuery) GetActivityId() ServiceQuery_ActivityId

func (*ServiceQuery) GetActivityName 

func (x *ServiceQuery) GetActivityName() string

func (*ServiceQuery) GetActor 

func (x *ServiceQuery) GetActor() *Actor

func (*ServiceQuery) GetApi 

func (x *ServiceQuery) GetApi() *Api

func (*ServiceQuery) GetCategoryName 

func (x *ServiceQuery) GetCategoryName() string

func (*ServiceQuery) GetCategoryUid 

func (x *ServiceQuery) GetCategoryUid() ServiceQuery_CategoryUid

func (*ServiceQuery) GetClassName 

func (x *ServiceQuery) GetClassName() string

func (*ServiceQuery) GetClassUid 

func (x *ServiceQuery) GetClassUid() ServiceQuery_ClassUid

func (*ServiceQuery) GetCloud 

func (x *ServiceQuery) GetCloud() *Cloud

func (*ServiceQuery) GetCount 

func (x *ServiceQuery) GetCount() int32

func (*ServiceQuery) GetDevice 

func (x *ServiceQuery) GetDevice() *Device

func (*ServiceQuery) GetDuration 

func (x *ServiceQuery) GetDuration() int32

func (*ServiceQuery) GetEndTime 

func (x *ServiceQuery) GetEndTime() int64

func (*ServiceQuery) GetEndTimeDt 

func (x *ServiceQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*ServiceQuery) GetEnrichments 

func (x *ServiceQuery) GetEnrichments() []*Enrichment

func (*ServiceQuery) GetMessage 

func (x *ServiceQuery) GetMessage() string

func (*ServiceQuery) GetMetadata 

func (x *ServiceQuery) GetMetadata() *Metadata

func (*ServiceQuery) GetObservables 

func (x *ServiceQuery) GetObservables() []*Observable

func (*ServiceQuery) GetQueryInfo 

func (x *ServiceQuery) GetQueryInfo() *QueryInfo

func (*ServiceQuery) GetQueryResult 

func (x *ServiceQuery) GetQueryResult() string

func (*ServiceQuery) GetQueryResultId 

func (x *ServiceQuery) GetQueryResultId() ServiceQuery_QueryResultId

func (*ServiceQuery) GetRawData 

func (x *ServiceQuery) GetRawData() string

func (*ServiceQuery) GetService 

func (x *ServiceQuery) GetService() *Service

func (*ServiceQuery) GetSeverity 

func (x *ServiceQuery) GetSeverity() string

func (*ServiceQuery) GetSeverityId 

func (x *ServiceQuery) GetSeverityId() ServiceQuery_SeverityId

func (*ServiceQuery) GetStartTime 

func (x *ServiceQuery) GetStartTime() int64

func (*ServiceQuery) GetStartTimeDt 

func (x *ServiceQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*ServiceQuery) GetStatus 

func (x *ServiceQuery) GetStatus() string

func (*ServiceQuery) GetStatusCode 

func (x *ServiceQuery) GetStatusCode() string

func (*ServiceQuery) GetStatusDetail 

func (x *ServiceQuery) GetStatusDetail() string

func (*ServiceQuery) GetStatusId 

func (x *ServiceQuery) GetStatusId() ServiceQuery_StatusId

func (*ServiceQuery) GetTime 

func (x *ServiceQuery) GetTime() int64

func (*ServiceQuery) GetTimeDt 

func (x *ServiceQuery) GetTimeDt() *timestamppb.Timestamp

func (*ServiceQuery) GetTimezoneOffset 

func (x *ServiceQuery) GetTimezoneOffset() int32

func (*ServiceQuery) GetTypeName 

func (x *ServiceQuery) GetTypeName() string

func (*ServiceQuery) GetTypeUid 

func (x *ServiceQuery) GetTypeUid() int64

func (*ServiceQuery) GetUnmapped 

func (x *ServiceQuery) GetUnmapped() *structpb.Struct

func (*ServiceQuery) ProtoMessage 

func (*ServiceQuery) ProtoMessage()

func (*ServiceQuery) ProtoReflect 

func (x *ServiceQuery) ProtoReflect() protoreflect.Message

func (*ServiceQuery) Reset 

func (x *ServiceQuery) Reset()

func (*ServiceQuery) String 

func (x *ServiceQuery) String() string

type ServiceQuery_ActivityId 

type ServiceQuery_ActivityId int32
const (
	ServiceQuery_ACTIVITY_ID_UNKNOWN ServiceQuery_ActivityId = 0
	ServiceQuery_ACTIVITY_ID_QUERY   ServiceQuery_ActivityId = 1 // The discovered results are via a query request.
	ServiceQuery_ACTIVITY_ID_OTHER   ServiceQuery_ActivityId = 99
)

func (ServiceQuery_ActivityId) Descriptor 

func (ServiceQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (ServiceQuery_ActivityId) Enum 

func (x ServiceQuery_ActivityId) Enum() *ServiceQuery_ActivityId

func (ServiceQuery_ActivityId) EnumDescriptor deprecated 

func (ServiceQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ServiceQuery_ActivityId.Descriptor instead.

func (ServiceQuery_ActivityId) Number 

func (x ServiceQuery_ActivityId) Number() protoreflect.EnumNumber

func (ServiceQuery_ActivityId) String 

func (x ServiceQuery_ActivityId) String() string

func (ServiceQuery_ActivityId) Type 

func (ServiceQuery_ActivityId) Type() protoreflect.EnumType

type ServiceQuery_CategoryUid 

type ServiceQuery_CategoryUid int32
const (
	ServiceQuery_CATEGORY_UID_UNKNOWN   ServiceQuery_CategoryUid = 0
	ServiceQuery_CATEGORY_UID_DISCOVERY ServiceQuery_CategoryUid = 5
)

func (ServiceQuery_CategoryUid) Descriptor 

func (ServiceQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (ServiceQuery_CategoryUid) Enum 

func (x ServiceQuery_CategoryUid) Enum() *ServiceQuery_CategoryUid

func (ServiceQuery_CategoryUid) EnumDescriptor deprecated 

func (ServiceQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ServiceQuery_CategoryUid.Descriptor instead.

func (ServiceQuery_CategoryUid) Number 

func (x ServiceQuery_CategoryUid) Number() protoreflect.EnumNumber

func (ServiceQuery_CategoryUid) String 

func (x ServiceQuery_CategoryUid) String() string

func (ServiceQuery_CategoryUid) Type 

func (ServiceQuery_CategoryUid) Type() protoreflect.EnumType

type ServiceQuery_ClassUid 

type ServiceQuery_ClassUid int32
const (
	ServiceQuery_CLASS_UID_UNKNOWN       ServiceQuery_ClassUid = 0
	ServiceQuery_CLASS_UID_SERVICE_QUERY ServiceQuery_ClassUid = 5016
)

func (ServiceQuery_ClassUid) Descriptor 

func (ServiceQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (ServiceQuery_ClassUid) Enum 

func (x ServiceQuery_ClassUid) Enum() *ServiceQuery_ClassUid

func (ServiceQuery_ClassUid) EnumDescriptor deprecated 

func (ServiceQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use ServiceQuery_ClassUid.Descriptor instead.

func (ServiceQuery_ClassUid) Number 

func (x ServiceQuery_ClassUid) Number() protoreflect.EnumNumber

func (ServiceQuery_ClassUid) String 

func (x ServiceQuery_ClassUid) String() string

func (ServiceQuery_ClassUid) Type 

func (ServiceQuery_ClassUid) Type() protoreflect.EnumType

type ServiceQuery_QueryResultId 

type ServiceQuery_QueryResultId int32
const (
	ServiceQuery_QUERY_RESULT_ID_UNKNOWN        ServiceQuery_QueryResultId = 0  // The query result is unknown.
	ServiceQuery_QUERY_RESULT_ID_EXISTS         ServiceQuery_QueryResultId = 1  // The target was found.
	ServiceQuery_QUERY_RESULT_ID_PARTIAL        ServiceQuery_QueryResultId = 2  // The target was partially found.
	ServiceQuery_QUERY_RESULT_ID_DOES_NOT_EXIST ServiceQuery_QueryResultId = 3  // The target was not found.
	ServiceQuery_QUERY_RESULT_ID_ERROR          ServiceQuery_QueryResultId = 4  // The discovery attempt failed.
	ServiceQuery_QUERY_RESULT_ID_UNSUPPORTED    ServiceQuery_QueryResultId = 5  // Discovery of the target was not supported.
	ServiceQuery_QUERY_RESULT_ID_OTHER          ServiceQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (ServiceQuery_QueryResultId) Descriptor 

func (ServiceQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (ServiceQuery_QueryResultId) Enum 

func (x ServiceQuery_QueryResultId) Enum() *ServiceQuery_QueryResultId

func (ServiceQuery_QueryResultId) EnumDescriptor deprecated 

func (ServiceQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ServiceQuery_QueryResultId.Descriptor instead.

func (ServiceQuery_QueryResultId) Number 

func (x ServiceQuery_QueryResultId) Number() protoreflect.EnumNumber

func (ServiceQuery_QueryResultId) String 

func (x ServiceQuery_QueryResultId) String() string

func (ServiceQuery_QueryResultId) Type 

func (ServiceQuery_QueryResultId) Type() protoreflect.EnumType

type ServiceQuery_SeverityId 

type ServiceQuery_SeverityId int32
const (
	ServiceQuery_SEVERITY_ID_UNKNOWN       ServiceQuery_SeverityId = 0 // The event/finding severity is unknown.
	ServiceQuery_SEVERITY_ID_INFORMATIONAL ServiceQuery_SeverityId = 1 // Informational message. No action required.
	ServiceQuery_SEVERITY_ID_LOW           ServiceQuery_SeverityId = 2 // The user decides if action is needed.
	ServiceQuery_SEVERITY_ID_MEDIUM        ServiceQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	ServiceQuery_SEVERITY_ID_HIGH     ServiceQuery_SeverityId = 4 // Action is required immediately.
	ServiceQuery_SEVERITY_ID_CRITICAL ServiceQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	ServiceQuery_SEVERITY_ID_FATAL ServiceQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	ServiceQuery_SEVERITY_ID_OTHER ServiceQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (ServiceQuery_SeverityId) Descriptor 

func (ServiceQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (ServiceQuery_SeverityId) Enum 

func (x ServiceQuery_SeverityId) Enum() *ServiceQuery_SeverityId

func (ServiceQuery_SeverityId) EnumDescriptor deprecated 

func (ServiceQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ServiceQuery_SeverityId.Descriptor instead.

func (ServiceQuery_SeverityId) Number 

func (x ServiceQuery_SeverityId) Number() protoreflect.EnumNumber

func (ServiceQuery_SeverityId) String 

func (x ServiceQuery_SeverityId) String() string

func (ServiceQuery_SeverityId) Type 

func (ServiceQuery_SeverityId) Type() protoreflect.EnumType

type ServiceQuery_StatusId 

type ServiceQuery_StatusId int32
const (
	ServiceQuery_STATUS_ID_UNKNOWN ServiceQuery_StatusId = 0 // The status is unknown.
	ServiceQuery_STATUS_ID_SUCCESS ServiceQuery_StatusId = 1
	ServiceQuery_STATUS_ID_FAILURE ServiceQuery_StatusId = 2
	ServiceQuery_STATUS_ID_OTHER   ServiceQuery_StatusId = 99 // The event status is not mapped. See the
)

func (ServiceQuery_StatusId) Descriptor 

func (ServiceQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (ServiceQuery_StatusId) Enum 

func (x ServiceQuery_StatusId) Enum() *ServiceQuery_StatusId

func (ServiceQuery_StatusId) EnumDescriptor deprecated 

func (ServiceQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use ServiceQuery_StatusId.Descriptor instead.

func (ServiceQuery_StatusId) Number 

func (x ServiceQuery_StatusId) Number() protoreflect.EnumNumber

func (ServiceQuery_StatusId) String 

func (x ServiceQuery_StatusId) String() string

func (ServiceQuery_StatusId) Type 

func (ServiceQuery_StatusId) Type() protoreflect.EnumType

type Session 

type Session struct {
	Count            *int32                 `protobuf:"varint,1,opt,name=count,proto3,oneof" json:"count,omitempty"`
	CreatedTime      *int64                 `protobuf:"varint,2,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt    *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	CredentialUid    *string                `protobuf:"bytes,4,opt,name=credential_uid,json=credentialUid,proto3,oneof" json:"credential_uid,omitempty"`
	ExpirationReason *string                `protobuf:"bytes,5,opt,name=expiration_reason,json=expirationReason,proto3,oneof" json:"expiration_reason,omitempty"`
	ExpirationTime   *int64                 `protobuf:"varint,6,opt,name=expiration_time,json=expirationTime,proto3,oneof" json:"expiration_time,omitempty"`
	ExpirationTimeDt *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=expiration_time_dt,json=expirationTimeDt,proto3,oneof" json:"expiration_time_dt,omitempty"`
	IsMfa            *bool                  `protobuf:"varint,8,opt,name=is_mfa,json=isMfa,proto3,oneof" json:"is_mfa,omitempty"`
	IsRemote         *bool                  `protobuf:"varint,9,opt,name=is_remote,json=isRemote,proto3,oneof" json:"is_remote,omitempty"`
	IsVpn            *bool                  `protobuf:"varint,10,opt,name=is_vpn,json=isVpn,proto3,oneof" json:"is_vpn,omitempty"`
	Issuer           *string                `protobuf:"bytes,11,opt,name=issuer,proto3,oneof" json:"issuer,omitempty"`
	Terminal         *string                `protobuf:"bytes,12,opt,name=terminal,proto3,oneof" json:"terminal,omitempty"`
	Uid              *string                `protobuf:"bytes,13,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	UidAlt           *string                `protobuf:"bytes,14,opt,name=uid_alt,json=uidAlt,proto3,oneof" json:"uid_alt,omitempty"`
	Uuid             *string                `protobuf:"bytes,15,opt,name=uuid,proto3,oneof" json:"uuid,omitempty"`
	// contains filtered or unexported fields
}

Session is an OSF object defined in ocsf objects/session.json

The Session object describes details about an authenticated session. e.g. Session Creation Time, Session Issuer. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:Session/'>d3f:Session</a>.

func (*Session) Descriptor deprecated 

func (*Session) Descriptor() ([]byte, []int)

Deprecated: Use Session.ProtoReflect.Descriptor instead.

func (*Session) GetCount 

func (x *Session) GetCount() int32

func (*Session) GetCreatedTime 

func (x *Session) GetCreatedTime() int64

func (*Session) GetCreatedTimeDt 

func (x *Session) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Session) GetCredentialUid 

func (x *Session) GetCredentialUid() string

func (*Session) GetExpirationReason 

func (x *Session) GetExpirationReason() string

func (*Session) GetExpirationTime 

func (x *Session) GetExpirationTime() int64

func (*Session) GetExpirationTimeDt 

func (x *Session) GetExpirationTimeDt() *timestamppb.Timestamp

func (*Session) GetIsMfa 

func (x *Session) GetIsMfa() bool

func (*Session) GetIsRemote 

func (x *Session) GetIsRemote() bool

func (*Session) GetIsVpn 

func (x *Session) GetIsVpn() bool

func (*Session) GetIssuer 

func (x *Session) GetIssuer() string

func (*Session) GetTerminal 

func (x *Session) GetTerminal() string

func (*Session) GetUid 

func (x *Session) GetUid() string

func (*Session) GetUidAlt 

func (x *Session) GetUidAlt() string

func (*Session) GetUuid 

func (x *Session) GetUuid() string

func (*Session) ProtoMessage 

func (*Session) ProtoMessage()

func (*Session) ProtoReflect 

func (x *Session) ProtoReflect() protoreflect.Message

func (*Session) Reset 

func (x *Session) Reset()

func (*Session) String 

func (x *Session) String() string

type SessionQuery 

type SessionQuery struct {
	ActivityId     SessionQuery_ActivityId    `` /* 136-byte string literal not displayed */
	ActivityName   *string                    `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                     `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                       `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                    `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    SessionQuery_CategoryUid   `` /* 140-byte string literal not displayed */
	ClassName      *string                    `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       SessionQuery_ClassUid      `` /* 128-byte string literal not displayed */
	Cloud          *Cloud                     `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                     `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                    `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                     `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                     `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp     `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment              `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                    `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                  `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable              `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo                 `protobuf:"bytes,19,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                    `protobuf:"bytes,20,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  SessionQuery_QueryResultId `` /* 151-byte string literal not displayed */
	RawData        *string                    `protobuf:"bytes,22,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Session        *Session                   `protobuf:"bytes,23,opt,name=session,proto3" json:"session,omitempty"`
	Severity       *string                    `protobuf:"bytes,24,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     SessionQuery_SeverityId    `` /* 137-byte string literal not displayed */
	StartTime      *int64                     `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp     `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                    `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                    `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                    `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *SessionQuery_StatusId     `` /* 135-byte string literal not displayed */
	Time           int64                      `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp     `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                     `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                    `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                      `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct           `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

SessionQuery is an OSF event in category "Discovery" called User Session Query defined in ocsf events/discovery/session_query.json

User Session Query events report information about existing user sessions.

func (*SessionQuery) Descriptor deprecated 

func (*SessionQuery) Descriptor() ([]byte, []int)

Deprecated: Use SessionQuery.ProtoReflect.Descriptor instead.

func (*SessionQuery) GetActivityId 

func (x *SessionQuery) GetActivityId() SessionQuery_ActivityId

func (*SessionQuery) GetActivityName 

func (x *SessionQuery) GetActivityName() string

func (*SessionQuery) GetActor 

func (x *SessionQuery) GetActor() *Actor

func (*SessionQuery) GetApi 

func (x *SessionQuery) GetApi() *Api

func (*SessionQuery) GetCategoryName 

func (x *SessionQuery) GetCategoryName() string

func (*SessionQuery) GetCategoryUid 

func (x *SessionQuery) GetCategoryUid() SessionQuery_CategoryUid

func (*SessionQuery) GetClassName 

func (x *SessionQuery) GetClassName() string

func (*SessionQuery) GetClassUid 

func (x *SessionQuery) GetClassUid() SessionQuery_ClassUid

func (*SessionQuery) GetCloud 

func (x *SessionQuery) GetCloud() *Cloud

func (*SessionQuery) GetCount 

func (x *SessionQuery) GetCount() int32

func (*SessionQuery) GetDevice 

func (x *SessionQuery) GetDevice() *Device

func (*SessionQuery) GetDuration 

func (x *SessionQuery) GetDuration() int32

func (*SessionQuery) GetEndTime 

func (x *SessionQuery) GetEndTime() int64

func (*SessionQuery) GetEndTimeDt 

func (x *SessionQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*SessionQuery) GetEnrichments 

func (x *SessionQuery) GetEnrichments() []*Enrichment

func (*SessionQuery) GetMessage 

func (x *SessionQuery) GetMessage() string

func (*SessionQuery) GetMetadata 

func (x *SessionQuery) GetMetadata() *Metadata

func (*SessionQuery) GetObservables 

func (x *SessionQuery) GetObservables() []*Observable

func (*SessionQuery) GetQueryInfo 

func (x *SessionQuery) GetQueryInfo() *QueryInfo

func (*SessionQuery) GetQueryResult 

func (x *SessionQuery) GetQueryResult() string

func (*SessionQuery) GetQueryResultId 

func (x *SessionQuery) GetQueryResultId() SessionQuery_QueryResultId

func (*SessionQuery) GetRawData 

func (x *SessionQuery) GetRawData() string

func (*SessionQuery) GetSession 

func (x *SessionQuery) GetSession() *Session

func (*SessionQuery) GetSeverity 

func (x *SessionQuery) GetSeverity() string

func (*SessionQuery) GetSeverityId 

func (x *SessionQuery) GetSeverityId() SessionQuery_SeverityId

func (*SessionQuery) GetStartTime 

func (x *SessionQuery) GetStartTime() int64

func (*SessionQuery) GetStartTimeDt 

func (x *SessionQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*SessionQuery) GetStatus 

func (x *SessionQuery) GetStatus() string

func (*SessionQuery) GetStatusCode 

func (x *SessionQuery) GetStatusCode() string

func (*SessionQuery) GetStatusDetail 

func (x *SessionQuery) GetStatusDetail() string

func (*SessionQuery) GetStatusId 

func (x *SessionQuery) GetStatusId() SessionQuery_StatusId

func (*SessionQuery) GetTime 

func (x *SessionQuery) GetTime() int64

func (*SessionQuery) GetTimeDt 

func (x *SessionQuery) GetTimeDt() *timestamppb.Timestamp

func (*SessionQuery) GetTimezoneOffset 

func (x *SessionQuery) GetTimezoneOffset() int32

func (*SessionQuery) GetTypeName 

func (x *SessionQuery) GetTypeName() string

func (*SessionQuery) GetTypeUid 

func (x *SessionQuery) GetTypeUid() int64

func (*SessionQuery) GetUnmapped 

func (x *SessionQuery) GetUnmapped() *structpb.Struct

func (*SessionQuery) ProtoMessage 

func (*SessionQuery) ProtoMessage()

func (*SessionQuery) ProtoReflect 

func (x *SessionQuery) ProtoReflect() protoreflect.Message

func (*SessionQuery) Reset 

func (x *SessionQuery) Reset()

func (*SessionQuery) String 

func (x *SessionQuery) String() string

type SessionQuery_ActivityId 

type SessionQuery_ActivityId int32
const (
	SessionQuery_ACTIVITY_ID_UNKNOWN SessionQuery_ActivityId = 0
	SessionQuery_ACTIVITY_ID_QUERY   SessionQuery_ActivityId = 1 // The discovered results are via a query request.
	SessionQuery_ACTIVITY_ID_OTHER   SessionQuery_ActivityId = 99
)

func (SessionQuery_ActivityId) Descriptor 

func (SessionQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (SessionQuery_ActivityId) Enum 

func (x SessionQuery_ActivityId) Enum() *SessionQuery_ActivityId

func (SessionQuery_ActivityId) EnumDescriptor deprecated 

func (SessionQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SessionQuery_ActivityId.Descriptor instead.

func (SessionQuery_ActivityId) Number 

func (x SessionQuery_ActivityId) Number() protoreflect.EnumNumber

func (SessionQuery_ActivityId) String 

func (x SessionQuery_ActivityId) String() string

func (SessionQuery_ActivityId) Type 

func (SessionQuery_ActivityId) Type() protoreflect.EnumType

type SessionQuery_CategoryUid 

type SessionQuery_CategoryUid int32
const (
	SessionQuery_CATEGORY_UID_UNKNOWN   SessionQuery_CategoryUid = 0
	SessionQuery_CATEGORY_UID_DISCOVERY SessionQuery_CategoryUid = 5
)

func (SessionQuery_CategoryUid) Descriptor 

func (SessionQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (SessionQuery_CategoryUid) Enum 

func (x SessionQuery_CategoryUid) Enum() *SessionQuery_CategoryUid

func (SessionQuery_CategoryUid) EnumDescriptor deprecated 

func (SessionQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use SessionQuery_CategoryUid.Descriptor instead.

func (SessionQuery_CategoryUid) Number 

func (x SessionQuery_CategoryUid) Number() protoreflect.EnumNumber

func (SessionQuery_CategoryUid) String 

func (x SessionQuery_CategoryUid) String() string

func (SessionQuery_CategoryUid) Type 

func (SessionQuery_CategoryUid) Type() protoreflect.EnumType

type SessionQuery_ClassUid 

type SessionQuery_ClassUid int32
const (
	SessionQuery_CLASS_UID_UNKNOWN            SessionQuery_ClassUid = 0
	SessionQuery_CLASS_UID_USER_SESSION_QUERY SessionQuery_ClassUid = 5017
)

func (SessionQuery_ClassUid) Descriptor 

func (SessionQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (SessionQuery_ClassUid) Enum 

func (x SessionQuery_ClassUid) Enum() *SessionQuery_ClassUid

func (SessionQuery_ClassUid) EnumDescriptor deprecated 

func (SessionQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use SessionQuery_ClassUid.Descriptor instead.

func (SessionQuery_ClassUid) Number 

func (x SessionQuery_ClassUid) Number() protoreflect.EnumNumber

func (SessionQuery_ClassUid) String 

func (x SessionQuery_ClassUid) String() string

func (SessionQuery_ClassUid) Type 

func (SessionQuery_ClassUid) Type() protoreflect.EnumType

type SessionQuery_QueryResultId 

type SessionQuery_QueryResultId int32
const (
	SessionQuery_QUERY_RESULT_ID_UNKNOWN        SessionQuery_QueryResultId = 0  // The query result is unknown.
	SessionQuery_QUERY_RESULT_ID_EXISTS         SessionQuery_QueryResultId = 1  // The target was found.
	SessionQuery_QUERY_RESULT_ID_PARTIAL        SessionQuery_QueryResultId = 2  // The target was partially found.
	SessionQuery_QUERY_RESULT_ID_DOES_NOT_EXIST SessionQuery_QueryResultId = 3  // The target was not found.
	SessionQuery_QUERY_RESULT_ID_ERROR          SessionQuery_QueryResultId = 4  // The discovery attempt failed.
	SessionQuery_QUERY_RESULT_ID_UNSUPPORTED    SessionQuery_QueryResultId = 5  // Discovery of the target was not supported.
	SessionQuery_QUERY_RESULT_ID_OTHER          SessionQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (SessionQuery_QueryResultId) Descriptor 

func (SessionQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (SessionQuery_QueryResultId) Enum 

func (x SessionQuery_QueryResultId) Enum() *SessionQuery_QueryResultId

func (SessionQuery_QueryResultId) EnumDescriptor deprecated 

func (SessionQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SessionQuery_QueryResultId.Descriptor instead.

func (SessionQuery_QueryResultId) Number 

func (x SessionQuery_QueryResultId) Number() protoreflect.EnumNumber

func (SessionQuery_QueryResultId) String 

func (x SessionQuery_QueryResultId) String() string

func (SessionQuery_QueryResultId) Type 

func (SessionQuery_QueryResultId) Type() protoreflect.EnumType

type SessionQuery_SeverityId 

type SessionQuery_SeverityId int32
const (
	SessionQuery_SEVERITY_ID_UNKNOWN       SessionQuery_SeverityId = 0 // The event/finding severity is unknown.
	SessionQuery_SEVERITY_ID_INFORMATIONAL SessionQuery_SeverityId = 1 // Informational message. No action required.
	SessionQuery_SEVERITY_ID_LOW           SessionQuery_SeverityId = 2 // The user decides if action is needed.
	SessionQuery_SEVERITY_ID_MEDIUM        SessionQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	SessionQuery_SEVERITY_ID_HIGH     SessionQuery_SeverityId = 4 // Action is required immediately.
	SessionQuery_SEVERITY_ID_CRITICAL SessionQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	SessionQuery_SEVERITY_ID_FATAL SessionQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	SessionQuery_SEVERITY_ID_OTHER SessionQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (SessionQuery_SeverityId) Descriptor 

func (SessionQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (SessionQuery_SeverityId) Enum 

func (x SessionQuery_SeverityId) Enum() *SessionQuery_SeverityId

func (SessionQuery_SeverityId) EnumDescriptor deprecated 

func (SessionQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SessionQuery_SeverityId.Descriptor instead.

func (SessionQuery_SeverityId) Number 

func (x SessionQuery_SeverityId) Number() protoreflect.EnumNumber

func (SessionQuery_SeverityId) String 

func (x SessionQuery_SeverityId) String() string

func (SessionQuery_SeverityId) Type 

func (SessionQuery_SeverityId) Type() protoreflect.EnumType

type SessionQuery_StatusId 

type SessionQuery_StatusId int32
const (
	SessionQuery_STATUS_ID_UNKNOWN SessionQuery_StatusId = 0 // The status is unknown.
	SessionQuery_STATUS_ID_SUCCESS SessionQuery_StatusId = 1
	SessionQuery_STATUS_ID_FAILURE SessionQuery_StatusId = 2
	SessionQuery_STATUS_ID_OTHER   SessionQuery_StatusId = 99 // The event status is not mapped. See the
)

func (SessionQuery_StatusId) Descriptor 

func (SessionQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (SessionQuery_StatusId) Enum 

func (x SessionQuery_StatusId) Enum() *SessionQuery_StatusId

func (SessionQuery_StatusId) EnumDescriptor deprecated 

func (SessionQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SessionQuery_StatusId.Descriptor instead.

func (SessionQuery_StatusId) Number 

func (x SessionQuery_StatusId) Number() protoreflect.EnumNumber

func (SessionQuery_StatusId) String 

func (x SessionQuery_StatusId) String() string

func (SessionQuery_StatusId) Type 

func (SessionQuery_StatusId) Type() protoreflect.EnumType

type SmbActivity 

type SmbActivity struct {
	Action              *string                    `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            SmbActivity_ActionId       `` /* 127-byte string literal not displayed */
	ActivityId          SmbActivity_ActivityId     `` /* 135-byte string literal not displayed */
	ActivityName        *string                    `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                     `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                       `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                    `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                  `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization           `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                    `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         SmbActivity_CategoryUid    `` /* 140-byte string literal not displayed */
	ClassName           *string                    `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            SmbActivity_ClassUid       `` /* 128-byte string literal not displayed */
	ClientDialects      []string                   `protobuf:"bytes,14,rep,name=client_dialects,json=clientDialects,proto3" json:"client_dialects,omitempty"`
	Cloud               *Cloud                     `protobuf:"bytes,15,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Command             *string                    `protobuf:"bytes,16,opt,name=command,proto3,oneof" json:"command,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo     `protobuf:"bytes,17,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                     `protobuf:"varint,18,opt,name=count,proto3,oneof" json:"count,omitempty"`
	DceRpc              *DceRpc                    `protobuf:"bytes,19,opt,name=dce_rpc,json=dceRpc,proto3" json:"dce_rpc,omitempty"`
	Device              *Device                    `protobuf:"bytes,20,opt,name=device,proto3" json:"device,omitempty"`
	Dialect             *string                    `protobuf:"bytes,21,opt,name=dialect,proto3,oneof" json:"dialect,omitempty"`
	Disposition         *string                    `protobuf:"bytes,22,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *SmbActivity_DispositionId `` /* 154-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint           `protobuf:"bytes,24,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                     `protobuf:"varint,25,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                     `protobuf:"varint,26,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp     `protobuf:"bytes,27,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment              `protobuf:"bytes,28,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File                *File                      `protobuf:"bytes,29,opt,name=file,proto3" json:"file,omitempty"`
	FirewallRule        *FirewallRule              `protobuf:"bytes,30,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	LoadBalancer        *LoadBalancer              `protobuf:"bytes,31,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                 `protobuf:"bytes,32,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                    `protobuf:"bytes,33,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                  `protobuf:"bytes,34,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable              `protobuf:"bytes,35,rep,name=observables,proto3" json:"observables,omitempty"`
	OpenType            *string                    `protobuf:"bytes,36,opt,name=open_type,json=openType,proto3,oneof" json:"open_type,omitempty"`
	Proxy               *NetworkProxy              `protobuf:"bytes,37,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo     `protobuf:"bytes,38,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy              `protobuf:"bytes,39,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest               `protobuf:"bytes,40,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse              `protobuf:"bytes,41,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                       `protobuf:"bytes,42,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic            `protobuf:"bytes,43,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                    `protobuf:"bytes,44,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Response            *Response                  `protobuf:"bytes,45,opt,name=response,proto3" json:"response,omitempty"`
	Severity            *string                    `protobuf:"bytes,46,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          SmbActivity_SeverityId     `` /* 136-byte string literal not displayed */
	Share               *string                    `protobuf:"bytes,48,opt,name=share,proto3,oneof" json:"share,omitempty"`
	ShareType           *string                    `protobuf:"bytes,49,opt,name=share_type,json=shareType,proto3,oneof" json:"share_type,omitempty"`
	ShareTypeId         *SmbActivity_ShareTypeId   `` /* 148-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint           `protobuf:"bytes,51,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                     `protobuf:"varint,52,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp     `protobuf:"bytes,53,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                    `protobuf:"bytes,54,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                    `protobuf:"bytes,55,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                    `protobuf:"bytes,56,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *SmbActivity_StatusId      `` /* 134-byte string literal not displayed */
	Time                int64                      `protobuf:"varint,58,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp     `protobuf:"bytes,59,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                     `protobuf:"varint,60,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                       `protobuf:"bytes,61,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic            `protobuf:"bytes,62,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TreeUid             *string                    `protobuf:"bytes,63,opt,name=tree_uid,json=treeUid,proto3,oneof" json:"tree_uid,omitempty"`
	TypeName            *string                    `protobuf:"bytes,64,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                      `protobuf:"varint,65,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct           `protobuf:"bytes,66,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

SmbActivity is an OSF event in category "Network Activity" called SMB Activity defined in ocsf events/network/smb.json

Server Message Block (SMB) Protocol Activity events report client/server connections sharing resources within the network.

func (*SmbActivity) Descriptor deprecated 

func (*SmbActivity) Descriptor() ([]byte, []int)

Deprecated: Use SmbActivity.ProtoReflect.Descriptor instead.

func (*SmbActivity) GetAction 

func (x *SmbActivity) GetAction() string

func (*SmbActivity) GetActionId 

func (x *SmbActivity) GetActionId() SmbActivity_ActionId

func (*SmbActivity) GetActivityId 

func (x *SmbActivity) GetActivityId() SmbActivity_ActivityId

func (*SmbActivity) GetActivityName 

func (x *SmbActivity) GetActivityName() string

func (*SmbActivity) GetActor 

func (x *SmbActivity) GetActor() *Actor

func (*SmbActivity) GetApi 

func (x *SmbActivity) GetApi() *Api

func (*SmbActivity) GetAppName 

func (x *SmbActivity) GetAppName() string

func (*SmbActivity) GetAttacks 

func (x *SmbActivity) GetAttacks() []*Attack

func (*SmbActivity) GetAuthorizations 

func (x *SmbActivity) GetAuthorizations() []*Authorization

func (*SmbActivity) GetCategoryName 

func (x *SmbActivity) GetCategoryName() string

func (*SmbActivity) GetCategoryUid 

func (x *SmbActivity) GetCategoryUid() SmbActivity_CategoryUid

func (*SmbActivity) GetClassName 

func (x *SmbActivity) GetClassName() string

func (*SmbActivity) GetClassUid 

func (x *SmbActivity) GetClassUid() SmbActivity_ClassUid

func (*SmbActivity) GetClientDialects 

func (x *SmbActivity) GetClientDialects() []string

func (*SmbActivity) GetCloud 

func (x *SmbActivity) GetCloud() *Cloud

func (*SmbActivity) GetCommand 

func (x *SmbActivity) GetCommand() string

func (*SmbActivity) GetConnectionInfo 

func (x *SmbActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*SmbActivity) GetCount 

func (x *SmbActivity) GetCount() int32

func (*SmbActivity) GetDceRpc 

func (x *SmbActivity) GetDceRpc() *DceRpc

func (*SmbActivity) GetDevice 

func (x *SmbActivity) GetDevice() *Device

func (*SmbActivity) GetDialect 

func (x *SmbActivity) GetDialect() string

func (*SmbActivity) GetDisposition 

func (x *SmbActivity) GetDisposition() string

func (*SmbActivity) GetDispositionId 

func (x *SmbActivity) GetDispositionId() SmbActivity_DispositionId

func (*SmbActivity) GetDstEndpoint 

func (x *SmbActivity) GetDstEndpoint() *NetworkEndpoint

func (*SmbActivity) GetDuration 

func (x *SmbActivity) GetDuration() int32

func (*SmbActivity) GetEndTime 

func (x *SmbActivity) GetEndTime() int64

func (*SmbActivity) GetEndTimeDt 

func (x *SmbActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*SmbActivity) GetEnrichments 

func (x *SmbActivity) GetEnrichments() []*Enrichment

func (*SmbActivity) GetFile 

func (x *SmbActivity) GetFile() *File

func (*SmbActivity) GetFirewallRule 

func (x *SmbActivity) GetFirewallRule() *FirewallRule

func (*SmbActivity) GetLoadBalancer 

func (x *SmbActivity) GetLoadBalancer() *LoadBalancer

func (*SmbActivity) GetMalware 

func (x *SmbActivity) GetMalware() []*Malware

func (*SmbActivity) GetMessage 

func (x *SmbActivity) GetMessage() string

func (*SmbActivity) GetMetadata 

func (x *SmbActivity) GetMetadata() *Metadata

func (*SmbActivity) GetObservables 

func (x *SmbActivity) GetObservables() []*Observable

func (*SmbActivity) GetOpenType 

func (x *SmbActivity) GetOpenType() string

func (*SmbActivity) GetProxy 

func (x *SmbActivity) GetProxy() *NetworkProxy

func (*SmbActivity) GetProxyConnectionInfo 

func (x *SmbActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*SmbActivity) GetProxyEndpoint 

func (x *SmbActivity) GetProxyEndpoint() *NetworkProxy

func (*SmbActivity) GetProxyHttpRequest 

func (x *SmbActivity) GetProxyHttpRequest() *HttpRequest

func (*SmbActivity) GetProxyHttpResponse 

func (x *SmbActivity) GetProxyHttpResponse() *HttpResponse

func (*SmbActivity) GetProxyTls 

func (x *SmbActivity) GetProxyTls() *Tls

func (*SmbActivity) GetProxyTraffic 

func (x *SmbActivity) GetProxyTraffic() *NetworkTraffic

func (*SmbActivity) GetRawData 

func (x *SmbActivity) GetRawData() string

func (*SmbActivity) GetResponse 

func (x *SmbActivity) GetResponse() *Response

func (*SmbActivity) GetSeverity 

func (x *SmbActivity) GetSeverity() string

func (*SmbActivity) GetSeverityId 

func (x *SmbActivity) GetSeverityId() SmbActivity_SeverityId

func (*SmbActivity) GetShare 

func (x *SmbActivity) GetShare() string

func (*SmbActivity) GetShareType 

func (x *SmbActivity) GetShareType() string

func (*SmbActivity) GetShareTypeId 

func (x *SmbActivity) GetShareTypeId() SmbActivity_ShareTypeId

func (*SmbActivity) GetSrcEndpoint 

func (x *SmbActivity) GetSrcEndpoint() *NetworkEndpoint

func (*SmbActivity) GetStartTime 

func (x *SmbActivity) GetStartTime() int64

func (*SmbActivity) GetStartTimeDt 

func (x *SmbActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*SmbActivity) GetStatus 

func (x *SmbActivity) GetStatus() string

func (*SmbActivity) GetStatusCode 

func (x *SmbActivity) GetStatusCode() string

func (*SmbActivity) GetStatusDetail 

func (x *SmbActivity) GetStatusDetail() string

func (*SmbActivity) GetStatusId 

func (x *SmbActivity) GetStatusId() SmbActivity_StatusId

func (*SmbActivity) GetTime 

func (x *SmbActivity) GetTime() int64

func (*SmbActivity) GetTimeDt 

func (x *SmbActivity) GetTimeDt() *timestamppb.Timestamp

func (*SmbActivity) GetTimezoneOffset 

func (x *SmbActivity) GetTimezoneOffset() int32

func (*SmbActivity) GetTls 

func (x *SmbActivity) GetTls() *Tls

func (*SmbActivity) GetTraffic 

func (x *SmbActivity) GetTraffic() *NetworkTraffic

func (*SmbActivity) GetTreeUid 

func (x *SmbActivity) GetTreeUid() string

func (*SmbActivity) GetTypeName 

func (x *SmbActivity) GetTypeName() string

func (*SmbActivity) GetTypeUid 

func (x *SmbActivity) GetTypeUid() int64

func (*SmbActivity) GetUnmapped 

func (x *SmbActivity) GetUnmapped() *structpb.Struct

func (*SmbActivity) ProtoMessage 

func (*SmbActivity) ProtoMessage()

func (*SmbActivity) ProtoReflect 

func (x *SmbActivity) ProtoReflect() protoreflect.Message

func (*SmbActivity) Reset 

func (x *SmbActivity) Reset()

func (*SmbActivity) String 

func (x *SmbActivity) String() string

type SmbActivity_ActionId 

type SmbActivity_ActionId int32
const (
	SmbActivity_ACTION_ID_UNKNOWN SmbActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	SmbActivity_ACTION_ID_ALLOWED SmbActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	SmbActivity_ACTION_ID_DENIED SmbActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	SmbActivity_ACTION_ID_OTHER SmbActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (SmbActivity_ActionId) Descriptor 

func (SmbActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (SmbActivity_ActionId) Enum 

func (x SmbActivity_ActionId) Enum() *SmbActivity_ActionId

func (SmbActivity_ActionId) EnumDescriptor deprecated 

func (SmbActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SmbActivity_ActionId.Descriptor instead.

func (SmbActivity_ActionId) Number 

func (x SmbActivity_ActionId) Number() protoreflect.EnumNumber

func (SmbActivity_ActionId) String 

func (x SmbActivity_ActionId) String() string

func (SmbActivity_ActionId) Type 

func (SmbActivity_ActionId) Type() protoreflect.EnumType

type SmbActivity_ActivityId 

type SmbActivity_ActivityId int32
const (
	SmbActivity_ACTIVITY_ID_UNKNOWN        SmbActivity_ActivityId = 0
	SmbActivity_ACTIVITY_ID_FILE_SUPERSEDE SmbActivity_ActivityId = 1 // The event pertains to file superseded
	// activity (overwritten if it exists and
	// created if not).
	SmbActivity_ACTIVITY_ID_FILE_OPEN SmbActivity_ActivityId = 2 // The event pertains to file open activity
	// (the file is opened if it exists and fails
	// to open if it doesn't).
	SmbActivity_ACTIVITY_ID_FILE_CREATE SmbActivity_ActivityId = 3 // The event pertains to file creation
	// activity (a file is created if it does not
	// exist and fails if it does).
	SmbActivity_ACTIVITY_ID_FILE_OPEN_IF SmbActivity_ActivityId = 4 // The event pertains to file open activity
	// (the file is opened if it exists and is
	// created if it doesn't).
	SmbActivity_ACTIVITY_ID_FILE_OVERWRITE SmbActivity_ActivityId = 5 // The event pertains to file overwrite
	// activity (the file is opened in a truncated
	// form if it exists and fails if it doesn't).
	SmbActivity_ACTIVITY_ID_FILE_OVERWRITE_IF SmbActivity_ActivityId = 6 // The event pertains to file overwrite
	// activity (the file is opened in a truncated
	// form if it exists and created otherwise)
	SmbActivity_ACTIVITY_ID_OTHER SmbActivity_ActivityId = 99
)

func (SmbActivity_ActivityId) Descriptor 

func (SmbActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (SmbActivity_ActivityId) Enum 

func (x SmbActivity_ActivityId) Enum() *SmbActivity_ActivityId

func (SmbActivity_ActivityId) EnumDescriptor deprecated 

func (SmbActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SmbActivity_ActivityId.Descriptor instead.

func (SmbActivity_ActivityId) Number 

func (x SmbActivity_ActivityId) Number() protoreflect.EnumNumber

func (SmbActivity_ActivityId) String 

func (x SmbActivity_ActivityId) String() string

func (SmbActivity_ActivityId) Type 

func (SmbActivity_ActivityId) Type() protoreflect.EnumType

type SmbActivity_CategoryUid 

type SmbActivity_CategoryUid int32
const (
	SmbActivity_CATEGORY_UID_UNKNOWN          SmbActivity_CategoryUid = 0
	SmbActivity_CATEGORY_UID_NETWORK_ACTIVITY SmbActivity_CategoryUid = 4
)

func (SmbActivity_CategoryUid) Descriptor 

func (SmbActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (SmbActivity_CategoryUid) Enum 

func (x SmbActivity_CategoryUid) Enum() *SmbActivity_CategoryUid

func (SmbActivity_CategoryUid) EnumDescriptor deprecated 

func (SmbActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use SmbActivity_CategoryUid.Descriptor instead.

func (SmbActivity_CategoryUid) Number 

func (x SmbActivity_CategoryUid) Number() protoreflect.EnumNumber

func (SmbActivity_CategoryUid) String 

func (x SmbActivity_CategoryUid) String() string

func (SmbActivity_CategoryUid) Type 

func (SmbActivity_CategoryUid) Type() protoreflect.EnumType

type SmbActivity_ClassUid 

type SmbActivity_ClassUid int32
const (
	SmbActivity_CLASS_UID_UNKNOWN      SmbActivity_ClassUid = 0
	SmbActivity_CLASS_UID_SMB_ACTIVITY SmbActivity_ClassUid = 4006
)

func (SmbActivity_ClassUid) Descriptor 

func (SmbActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (SmbActivity_ClassUid) Enum 

func (x SmbActivity_ClassUid) Enum() *SmbActivity_ClassUid

func (SmbActivity_ClassUid) EnumDescriptor deprecated 

func (SmbActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use SmbActivity_ClassUid.Descriptor instead.

func (SmbActivity_ClassUid) Number 

func (x SmbActivity_ClassUid) Number() protoreflect.EnumNumber

func (SmbActivity_ClassUid) String 

func (x SmbActivity_ClassUid) String() string

func (SmbActivity_ClassUid) Type 

func (SmbActivity_ClassUid) Type() protoreflect.EnumType

type SmbActivity_DispositionId 

type SmbActivity_DispositionId int32
const (
	SmbActivity_DISPOSITION_ID_UNKNOWN SmbActivity_DispositionId = 0 // The disposition was not known.
	SmbActivity_DISPOSITION_ID_ALLOWED SmbActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	SmbActivity_DISPOSITION_ID_BLOCKED SmbActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	SmbActivity_DISPOSITION_ID_QUARANTINED SmbActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	SmbActivity_DISPOSITION_ID_ISOLATED SmbActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	SmbActivity_DISPOSITION_ID_DELETED SmbActivity_DispositionId = 5 // A file or other content was deleted.
	SmbActivity_DISPOSITION_ID_DROPPED SmbActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	SmbActivity_DISPOSITION_ID_CUSTOM_ACTION SmbActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	SmbActivity_DISPOSITION_ID_APPROVED SmbActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	SmbActivity_DISPOSITION_ID_RESTORED SmbActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	SmbActivity_DISPOSITION_ID_EXONERATED SmbActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	SmbActivity_DISPOSITION_ID_CORRECTED SmbActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	SmbActivity_DISPOSITION_ID_PARTIALLY_CORRECTED SmbActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	SmbActivity_DISPOSITION_ID_UNCORRECTED SmbActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	SmbActivity_DISPOSITION_ID_DELAYED SmbActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	SmbActivity_DISPOSITION_ID_DETECTED SmbActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	SmbActivity_DISPOSITION_ID_NO_ACTION SmbActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	SmbActivity_DISPOSITION_ID_LOGGED SmbActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	SmbActivity_DISPOSITION_ID_TAGGED SmbActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	SmbActivity_DISPOSITION_ID_ALERT SmbActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	SmbActivity_DISPOSITION_ID_COUNT SmbActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	SmbActivity_DISPOSITION_ID_RESET SmbActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	SmbActivity_DISPOSITION_ID_CAPTCHA SmbActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	SmbActivity_DISPOSITION_ID_CHALLENGE SmbActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	SmbActivity_DISPOSITION_ID_ACCESS_REVOKED SmbActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	SmbActivity_DISPOSITION_ID_REJECTED SmbActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	SmbActivity_DISPOSITION_ID_UNAUTHORIZED SmbActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	SmbActivity_DISPOSITION_ID_ERROR SmbActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	SmbActivity_DISPOSITION_ID_OTHER SmbActivity_DispositionId = 99 // The disposition is not listed. The
)

func (SmbActivity_DispositionId) Descriptor 

func (SmbActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (SmbActivity_DispositionId) Enum 

func (x SmbActivity_DispositionId) Enum() *SmbActivity_DispositionId

func (SmbActivity_DispositionId) EnumDescriptor deprecated 

func (SmbActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SmbActivity_DispositionId.Descriptor instead.

func (SmbActivity_DispositionId) Number 

func (x SmbActivity_DispositionId) Number() protoreflect.EnumNumber

func (SmbActivity_DispositionId) String 

func (x SmbActivity_DispositionId) String() string

func (SmbActivity_DispositionId) Type 

func (SmbActivity_DispositionId) Type() protoreflect.EnumType

type SmbActivity_SeverityId 

type SmbActivity_SeverityId int32
const (
	SmbActivity_SEVERITY_ID_UNKNOWN       SmbActivity_SeverityId = 0 // The event/finding severity is unknown.
	SmbActivity_SEVERITY_ID_INFORMATIONAL SmbActivity_SeverityId = 1 // Informational message. No action required.
	SmbActivity_SEVERITY_ID_LOW           SmbActivity_SeverityId = 2 // The user decides if action is needed.
	SmbActivity_SEVERITY_ID_MEDIUM        SmbActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	SmbActivity_SEVERITY_ID_HIGH     SmbActivity_SeverityId = 4 // Action is required immediately.
	SmbActivity_SEVERITY_ID_CRITICAL SmbActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	SmbActivity_SEVERITY_ID_FATAL SmbActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	SmbActivity_SEVERITY_ID_OTHER SmbActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (SmbActivity_SeverityId) Descriptor 

func (SmbActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (SmbActivity_SeverityId) Enum 

func (x SmbActivity_SeverityId) Enum() *SmbActivity_SeverityId

func (SmbActivity_SeverityId) EnumDescriptor deprecated 

func (SmbActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SmbActivity_SeverityId.Descriptor instead.

func (SmbActivity_SeverityId) Number 

func (x SmbActivity_SeverityId) Number() protoreflect.EnumNumber

func (SmbActivity_SeverityId) String 

func (x SmbActivity_SeverityId) String() string

func (SmbActivity_SeverityId) Type 

func (SmbActivity_SeverityId) Type() protoreflect.EnumType

type SmbActivity_ShareTypeId 

type SmbActivity_ShareTypeId int32
const (
	SmbActivity_SHARE_TYPE_ID_UNKNOWN SmbActivity_ShareTypeId = 0 // The share type is unknown.
	SmbActivity_SHARE_TYPE_ID_FILE    SmbActivity_ShareTypeId = 1
	SmbActivity_SHARE_TYPE_ID_PIPE    SmbActivity_ShareTypeId = 2
	SmbActivity_SHARE_TYPE_ID_PRINT   SmbActivity_ShareTypeId = 3
	SmbActivity_SHARE_TYPE_ID_OTHER   SmbActivity_ShareTypeId = 99 // The share type is not mapped. See the
)

func (SmbActivity_ShareTypeId) Descriptor 

func (SmbActivity_ShareTypeId) Descriptor() protoreflect.EnumDescriptor

func (SmbActivity_ShareTypeId) Enum 

func (x SmbActivity_ShareTypeId) Enum() *SmbActivity_ShareTypeId

func (SmbActivity_ShareTypeId) EnumDescriptor deprecated 

func (SmbActivity_ShareTypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SmbActivity_ShareTypeId.Descriptor instead.

func (SmbActivity_ShareTypeId) Number 

func (x SmbActivity_ShareTypeId) Number() protoreflect.EnumNumber

func (SmbActivity_ShareTypeId) String 

func (x SmbActivity_ShareTypeId) String() string

func (SmbActivity_ShareTypeId) Type 

func (SmbActivity_ShareTypeId) Type() protoreflect.EnumType

type SmbActivity_StatusId 

type SmbActivity_StatusId int32
const (
	SmbActivity_STATUS_ID_UNKNOWN SmbActivity_StatusId = 0 // The status is unknown.
	SmbActivity_STATUS_ID_SUCCESS SmbActivity_StatusId = 1
	SmbActivity_STATUS_ID_FAILURE SmbActivity_StatusId = 2
	SmbActivity_STATUS_ID_OTHER   SmbActivity_StatusId = 99 // The event status is not mapped. See the
)

func (SmbActivity_StatusId) Descriptor 

func (SmbActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (SmbActivity_StatusId) Enum 

func (x SmbActivity_StatusId) Enum() *SmbActivity_StatusId

func (SmbActivity_StatusId) EnumDescriptor deprecated 

func (SmbActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SmbActivity_StatusId.Descriptor instead.

func (SmbActivity_StatusId) Number 

func (x SmbActivity_StatusId) Number() protoreflect.EnumNumber

func (SmbActivity_StatusId) String 

func (x SmbActivity_StatusId) String() string

func (SmbActivity_StatusId) Type 

func (SmbActivity_StatusId) Type() protoreflect.EnumType

type SshActivity 

type SshActivity struct {
	Action              *string                    `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            SshActivity_ActionId       `` /* 127-byte string literal not displayed */
	ActivityId          SshActivity_ActivityId     `` /* 135-byte string literal not displayed */
	ActivityName        *string                    `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                     `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                       `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                    `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                  `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	AuthType            *string                    `protobuf:"bytes,9,opt,name=auth_type,json=authType,proto3,oneof" json:"auth_type,omitempty"`
	AuthTypeId          *SshActivity_AuthTypeId    `` /* 144-byte string literal not displayed */
	Authorizations      []*Authorization           `protobuf:"bytes,11,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                    `protobuf:"bytes,12,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         SshActivity_CategoryUid    `` /* 140-byte string literal not displayed */
	ClassName           *string                    `protobuf:"bytes,14,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            SshActivity_ClassUid       `` /* 128-byte string literal not displayed */
	ClientHassh         *Hassh                     `protobuf:"bytes,16,opt,name=client_hassh,json=clientHassh,proto3" json:"client_hassh,omitempty"`
	Cloud               *Cloud                     `protobuf:"bytes,17,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo     `protobuf:"bytes,18,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                     `protobuf:"varint,19,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                    `protobuf:"bytes,20,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                    `protobuf:"bytes,21,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *SshActivity_DispositionId `` /* 154-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint           `protobuf:"bytes,23,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                     `protobuf:"varint,24,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                     `protobuf:"varint,25,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp     `protobuf:"bytes,26,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment              `protobuf:"bytes,27,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	File                *File                      `protobuf:"bytes,28,opt,name=file,proto3" json:"file,omitempty"`
	FirewallRule        *FirewallRule              `protobuf:"bytes,29,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	LoadBalancer        *LoadBalancer              `protobuf:"bytes,30,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                 `protobuf:"bytes,31,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                    `protobuf:"bytes,32,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                  `protobuf:"bytes,33,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable              `protobuf:"bytes,34,rep,name=observables,proto3" json:"observables,omitempty"`
	ProtocolVer         *string                    `protobuf:"bytes,35,opt,name=protocol_ver,json=protocolVer,proto3,oneof" json:"protocol_ver,omitempty"`
	Proxy               *NetworkProxy              `protobuf:"bytes,36,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo     `protobuf:"bytes,37,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy              `protobuf:"bytes,38,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest               `protobuf:"bytes,39,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse              `protobuf:"bytes,40,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                       `protobuf:"bytes,41,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic            `protobuf:"bytes,42,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                    `protobuf:"bytes,43,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	ServerHassh         *Hassh                     `protobuf:"bytes,44,opt,name=server_hassh,json=serverHassh,proto3" json:"server_hassh,omitempty"`
	Severity            *string                    `protobuf:"bytes,45,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          SshActivity_SeverityId     `` /* 136-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint           `protobuf:"bytes,47,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                     `protobuf:"varint,48,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp     `protobuf:"bytes,49,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                    `protobuf:"bytes,50,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                    `protobuf:"bytes,51,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                    `protobuf:"bytes,52,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *SshActivity_StatusId      `` /* 134-byte string literal not displayed */
	Time                int64                      `protobuf:"varint,54,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp     `protobuf:"bytes,55,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                     `protobuf:"varint,56,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                       `protobuf:"bytes,57,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic            `protobuf:"bytes,58,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TypeName            *string                    `protobuf:"bytes,59,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                      `protobuf:"varint,60,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct           `protobuf:"bytes,61,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	// contains filtered or unexported fields
}

SshActivity is an OSF event in category "Network Activity" called SSH Activity defined in ocsf events/network/ssh.json

SSH Activity events report remote client connections to a server using the Secure Shell (SSH) Protocol.

func (*SshActivity) Descriptor deprecated 

func (*SshActivity) Descriptor() ([]byte, []int)

Deprecated: Use SshActivity.ProtoReflect.Descriptor instead.

func (*SshActivity) GetAction 

func (x *SshActivity) GetAction() string

func (*SshActivity) GetActionId 

func (x *SshActivity) GetActionId() SshActivity_ActionId

func (*SshActivity) GetActivityId 

func (x *SshActivity) GetActivityId() SshActivity_ActivityId

func (*SshActivity) GetActivityName 

func (x *SshActivity) GetActivityName() string

func (*SshActivity) GetActor 

func (x *SshActivity) GetActor() *Actor

func (*SshActivity) GetApi 

func (x *SshActivity) GetApi() *Api

func (*SshActivity) GetAppName 

func (x *SshActivity) GetAppName() string

func (*SshActivity) GetAttacks 

func (x *SshActivity) GetAttacks() []*Attack

func (*SshActivity) GetAuthType 

func (x *SshActivity) GetAuthType() string

func (*SshActivity) GetAuthTypeId 

func (x *SshActivity) GetAuthTypeId() SshActivity_AuthTypeId

func (*SshActivity) GetAuthorizations 

func (x *SshActivity) GetAuthorizations() []*Authorization

func (*SshActivity) GetCategoryName 

func (x *SshActivity) GetCategoryName() string

func (*SshActivity) GetCategoryUid 

func (x *SshActivity) GetCategoryUid() SshActivity_CategoryUid

func (*SshActivity) GetClassName 

func (x *SshActivity) GetClassName() string

func (*SshActivity) GetClassUid 

func (x *SshActivity) GetClassUid() SshActivity_ClassUid

func (*SshActivity) GetClientHassh 

func (x *SshActivity) GetClientHassh() *Hassh

func (*SshActivity) GetCloud 

func (x *SshActivity) GetCloud() *Cloud

func (*SshActivity) GetConnectionInfo 

func (x *SshActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*SshActivity) GetCount 

func (x *SshActivity) GetCount() int32

func (*SshActivity) GetDevice 

func (x *SshActivity) GetDevice() *Device

func (*SshActivity) GetDisposition 

func (x *SshActivity) GetDisposition() string

func (*SshActivity) GetDispositionId 

func (x *SshActivity) GetDispositionId() SshActivity_DispositionId

func (*SshActivity) GetDstEndpoint 

func (x *SshActivity) GetDstEndpoint() *NetworkEndpoint

func (*SshActivity) GetDuration 

func (x *SshActivity) GetDuration() int32

func (*SshActivity) GetEndTime 

func (x *SshActivity) GetEndTime() int64

func (*SshActivity) GetEndTimeDt 

func (x *SshActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*SshActivity) GetEnrichments 

func (x *SshActivity) GetEnrichments() []*Enrichment

func (*SshActivity) GetFile 

func (x *SshActivity) GetFile() *File

func (*SshActivity) GetFirewallRule 

func (x *SshActivity) GetFirewallRule() *FirewallRule

func (*SshActivity) GetLoadBalancer 

func (x *SshActivity) GetLoadBalancer() *LoadBalancer

func (*SshActivity) GetMalware 

func (x *SshActivity) GetMalware() []*Malware

func (*SshActivity) GetMessage 

func (x *SshActivity) GetMessage() string

func (*SshActivity) GetMetadata 

func (x *SshActivity) GetMetadata() *Metadata

func (*SshActivity) GetObservables 

func (x *SshActivity) GetObservables() []*Observable

func (*SshActivity) GetProtocolVer 

func (x *SshActivity) GetProtocolVer() string

func (*SshActivity) GetProxy 

func (x *SshActivity) GetProxy() *NetworkProxy

func (*SshActivity) GetProxyConnectionInfo 

func (x *SshActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*SshActivity) GetProxyEndpoint 

func (x *SshActivity) GetProxyEndpoint() *NetworkProxy

func (*SshActivity) GetProxyHttpRequest 

func (x *SshActivity) GetProxyHttpRequest() *HttpRequest

func (*SshActivity) GetProxyHttpResponse 

func (x *SshActivity) GetProxyHttpResponse() *HttpResponse

func (*SshActivity) GetProxyTls 

func (x *SshActivity) GetProxyTls() *Tls

func (*SshActivity) GetProxyTraffic 

func (x *SshActivity) GetProxyTraffic() *NetworkTraffic

func (*SshActivity) GetRawData 

func (x *SshActivity) GetRawData() string

func (*SshActivity) GetServerHassh 

func (x *SshActivity) GetServerHassh() *Hassh

func (*SshActivity) GetSeverity 

func (x *SshActivity) GetSeverity() string

func (*SshActivity) GetSeverityId 

func (x *SshActivity) GetSeverityId() SshActivity_SeverityId

func (*SshActivity) GetSrcEndpoint 

func (x *SshActivity) GetSrcEndpoint() *NetworkEndpoint

func (*SshActivity) GetStartTime 

func (x *SshActivity) GetStartTime() int64

func (*SshActivity) GetStartTimeDt 

func (x *SshActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*SshActivity) GetStatus 

func (x *SshActivity) GetStatus() string

func (*SshActivity) GetStatusCode 

func (x *SshActivity) GetStatusCode() string

func (*SshActivity) GetStatusDetail 

func (x *SshActivity) GetStatusDetail() string

func (*SshActivity) GetStatusId 

func (x *SshActivity) GetStatusId() SshActivity_StatusId

func (*SshActivity) GetTime 

func (x *SshActivity) GetTime() int64

func (*SshActivity) GetTimeDt 

func (x *SshActivity) GetTimeDt() *timestamppb.Timestamp

func (*SshActivity) GetTimezoneOffset 

func (x *SshActivity) GetTimezoneOffset() int32

func (*SshActivity) GetTls 

func (x *SshActivity) GetTls() *Tls

func (*SshActivity) GetTraffic 

func (x *SshActivity) GetTraffic() *NetworkTraffic

func (*SshActivity) GetTypeName 

func (x *SshActivity) GetTypeName() string

func (*SshActivity) GetTypeUid 

func (x *SshActivity) GetTypeUid() int64

func (*SshActivity) GetUnmapped 

func (x *SshActivity) GetUnmapped() *structpb.Struct

func (*SshActivity) ProtoMessage 

func (*SshActivity) ProtoMessage()

func (*SshActivity) ProtoReflect 

func (x *SshActivity) ProtoReflect() protoreflect.Message

func (*SshActivity) Reset 

func (x *SshActivity) Reset()

func (*SshActivity) String 

func (x *SshActivity) String() string

type SshActivity_ActionId 

type SshActivity_ActionId int32
const (
	SshActivity_ACTION_ID_UNKNOWN SshActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	SshActivity_ACTION_ID_ALLOWED SshActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	SshActivity_ACTION_ID_DENIED SshActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	SshActivity_ACTION_ID_OTHER SshActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (SshActivity_ActionId) Descriptor 

func (SshActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (SshActivity_ActionId) Enum 

func (x SshActivity_ActionId) Enum() *SshActivity_ActionId

func (SshActivity_ActionId) EnumDescriptor deprecated 

func (SshActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SshActivity_ActionId.Descriptor instead.

func (SshActivity_ActionId) Number 

func (x SshActivity_ActionId) Number() protoreflect.EnumNumber

func (SshActivity_ActionId) String 

func (x SshActivity_ActionId) String() string

func (SshActivity_ActionId) Type 

func (SshActivity_ActionId) Type() protoreflect.EnumType

type SshActivity_ActivityId 

type SshActivity_ActivityId int32
const (
	SshActivity_ACTIVITY_ID_UNKNOWN SshActivity_ActivityId = 0
	SshActivity_ACTIVITY_ID_OPEN    SshActivity_ActivityId = 1 // A new network connection was opened.
	SshActivity_ACTIVITY_ID_CLOSE   SshActivity_ActivityId = 2 // The network connection was closed.
	SshActivity_ACTIVITY_ID_RESET   SshActivity_ActivityId = 3 // The network connection was abnormally terminated or
	// closed by a middle device like firewalls.
	SshActivity_ACTIVITY_ID_FAIL SshActivity_ActivityId = 4 // The network connection failed. For example a
	// connection timeout or no route to host.
	SshActivity_ACTIVITY_ID_REFUSE SshActivity_ActivityId = 5 // The network connection was refused. For example an
	// attempt to connect to a server port which is not
	// open.
	SshActivity_ACTIVITY_ID_TRAFFIC SshActivity_ActivityId = 6 // Network traffic report.
	SshActivity_ACTIVITY_ID_OTHER   SshActivity_ActivityId = 99
)

func (SshActivity_ActivityId) Descriptor 

func (SshActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (SshActivity_ActivityId) Enum 

func (x SshActivity_ActivityId) Enum() *SshActivity_ActivityId

func (SshActivity_ActivityId) EnumDescriptor deprecated 

func (SshActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SshActivity_ActivityId.Descriptor instead.

func (SshActivity_ActivityId) Number 

func (x SshActivity_ActivityId) Number() protoreflect.EnumNumber

func (SshActivity_ActivityId) String 

func (x SshActivity_ActivityId) String() string

func (SshActivity_ActivityId) Type 

func (SshActivity_ActivityId) Type() protoreflect.EnumType

type SshActivity_AuthTypeId 

type SshActivity_AuthTypeId int32
const (
	SshActivity_AUTH_TYPE_ID_UNKNOWN           SshActivity_AuthTypeId = 0
	SshActivity_AUTH_TYPE_ID_CERTIFICATE_BASED SshActivity_AuthTypeId = 1 // Authentication using digital
	// certificates.
	SshActivity_AUTH_TYPE_ID_GSSAPI     SshActivity_AuthTypeId = 2 // GSSAPI for centralized authentication.
	SshActivity_AUTH_TYPE_ID_HOST_BASED SshActivity_AuthTypeId = 3 // Authentication based on the client
	// host's identity.
	SshActivity_AUTH_TYPE_ID_KEYBOARD_INTERACTIVE SshActivity_AuthTypeId = 4 // Multi-step, interactive authentication.
	SshActivity_AUTH_TYPE_ID_PASSWORD             SshActivity_AuthTypeId = 5 // Password Authentication.
	SshActivity_AUTH_TYPE_ID_PUBLIC_KEY           SshActivity_AuthTypeId = 6 // Paired public key authentication.
	SshActivity_AUTH_TYPE_ID_OTHER                SshActivity_AuthTypeId = 99
)

func (SshActivity_AuthTypeId) Descriptor 

func (SshActivity_AuthTypeId) Descriptor() protoreflect.EnumDescriptor

func (SshActivity_AuthTypeId) Enum 

func (x SshActivity_AuthTypeId) Enum() *SshActivity_AuthTypeId

func (SshActivity_AuthTypeId) EnumDescriptor deprecated 

func (SshActivity_AuthTypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SshActivity_AuthTypeId.Descriptor instead.

func (SshActivity_AuthTypeId) Number 

func (x SshActivity_AuthTypeId) Number() protoreflect.EnumNumber

func (SshActivity_AuthTypeId) String 

func (x SshActivity_AuthTypeId) String() string

func (SshActivity_AuthTypeId) Type 

func (SshActivity_AuthTypeId) Type() protoreflect.EnumType

type SshActivity_CategoryUid 

type SshActivity_CategoryUid int32
const (
	SshActivity_CATEGORY_UID_UNKNOWN          SshActivity_CategoryUid = 0
	SshActivity_CATEGORY_UID_NETWORK_ACTIVITY SshActivity_CategoryUid = 4
)

func (SshActivity_CategoryUid) Descriptor 

func (SshActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (SshActivity_CategoryUid) Enum 

func (x SshActivity_CategoryUid) Enum() *SshActivity_CategoryUid

func (SshActivity_CategoryUid) EnumDescriptor deprecated 

func (SshActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use SshActivity_CategoryUid.Descriptor instead.

func (SshActivity_CategoryUid) Number 

func (x SshActivity_CategoryUid) Number() protoreflect.EnumNumber

func (SshActivity_CategoryUid) String 

func (x SshActivity_CategoryUid) String() string

func (SshActivity_CategoryUid) Type 

func (SshActivity_CategoryUid) Type() protoreflect.EnumType

type SshActivity_ClassUid 

type SshActivity_ClassUid int32
const (
	SshActivity_CLASS_UID_UNKNOWN      SshActivity_ClassUid = 0
	SshActivity_CLASS_UID_SSH_ACTIVITY SshActivity_ClassUid = 4007
)

func (SshActivity_ClassUid) Descriptor 

func (SshActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (SshActivity_ClassUid) Enum 

func (x SshActivity_ClassUid) Enum() *SshActivity_ClassUid

func (SshActivity_ClassUid) EnumDescriptor deprecated 

func (SshActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use SshActivity_ClassUid.Descriptor instead.

func (SshActivity_ClassUid) Number 

func (x SshActivity_ClassUid) Number() protoreflect.EnumNumber

func (SshActivity_ClassUid) String 

func (x SshActivity_ClassUid) String() string

func (SshActivity_ClassUid) Type 

func (SshActivity_ClassUid) Type() protoreflect.EnumType

type SshActivity_DispositionId 

type SshActivity_DispositionId int32
const (
	SshActivity_DISPOSITION_ID_UNKNOWN SshActivity_DispositionId = 0 // The disposition was not known.
	SshActivity_DISPOSITION_ID_ALLOWED SshActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	SshActivity_DISPOSITION_ID_BLOCKED SshActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	SshActivity_DISPOSITION_ID_QUARANTINED SshActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	SshActivity_DISPOSITION_ID_ISOLATED SshActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	SshActivity_DISPOSITION_ID_DELETED SshActivity_DispositionId = 5 // A file or other content was deleted.
	SshActivity_DISPOSITION_ID_DROPPED SshActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	SshActivity_DISPOSITION_ID_CUSTOM_ACTION SshActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	SshActivity_DISPOSITION_ID_APPROVED SshActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	SshActivity_DISPOSITION_ID_RESTORED SshActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	SshActivity_DISPOSITION_ID_EXONERATED SshActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	SshActivity_DISPOSITION_ID_CORRECTED SshActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	SshActivity_DISPOSITION_ID_PARTIALLY_CORRECTED SshActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	SshActivity_DISPOSITION_ID_UNCORRECTED SshActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	SshActivity_DISPOSITION_ID_DELAYED SshActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	SshActivity_DISPOSITION_ID_DETECTED SshActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	SshActivity_DISPOSITION_ID_NO_ACTION SshActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	SshActivity_DISPOSITION_ID_LOGGED SshActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	SshActivity_DISPOSITION_ID_TAGGED SshActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	SshActivity_DISPOSITION_ID_ALERT SshActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	SshActivity_DISPOSITION_ID_COUNT SshActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	SshActivity_DISPOSITION_ID_RESET SshActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	SshActivity_DISPOSITION_ID_CAPTCHA SshActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	SshActivity_DISPOSITION_ID_CHALLENGE SshActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	SshActivity_DISPOSITION_ID_ACCESS_REVOKED SshActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	SshActivity_DISPOSITION_ID_REJECTED SshActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	SshActivity_DISPOSITION_ID_UNAUTHORIZED SshActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	SshActivity_DISPOSITION_ID_ERROR SshActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	SshActivity_DISPOSITION_ID_OTHER SshActivity_DispositionId = 99 // The disposition is not listed. The
)

func (SshActivity_DispositionId) Descriptor 

func (SshActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (SshActivity_DispositionId) Enum 

func (x SshActivity_DispositionId) Enum() *SshActivity_DispositionId

func (SshActivity_DispositionId) EnumDescriptor deprecated 

func (SshActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SshActivity_DispositionId.Descriptor instead.

func (SshActivity_DispositionId) Number 

func (x SshActivity_DispositionId) Number() protoreflect.EnumNumber

func (SshActivity_DispositionId) String 

func (x SshActivity_DispositionId) String() string

func (SshActivity_DispositionId) Type 

func (SshActivity_DispositionId) Type() protoreflect.EnumType

type SshActivity_SeverityId 

type SshActivity_SeverityId int32
const (
	SshActivity_SEVERITY_ID_UNKNOWN       SshActivity_SeverityId = 0 // The event/finding severity is unknown.
	SshActivity_SEVERITY_ID_INFORMATIONAL SshActivity_SeverityId = 1 // Informational message. No action required.
	SshActivity_SEVERITY_ID_LOW           SshActivity_SeverityId = 2 // The user decides if action is needed.
	SshActivity_SEVERITY_ID_MEDIUM        SshActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	SshActivity_SEVERITY_ID_HIGH     SshActivity_SeverityId = 4 // Action is required immediately.
	SshActivity_SEVERITY_ID_CRITICAL SshActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	SshActivity_SEVERITY_ID_FATAL SshActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	SshActivity_SEVERITY_ID_OTHER SshActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (SshActivity_SeverityId) Descriptor 

func (SshActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (SshActivity_SeverityId) Enum 

func (x SshActivity_SeverityId) Enum() *SshActivity_SeverityId

func (SshActivity_SeverityId) EnumDescriptor deprecated 

func (SshActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SshActivity_SeverityId.Descriptor instead.

func (SshActivity_SeverityId) Number 

func (x SshActivity_SeverityId) Number() protoreflect.EnumNumber

func (SshActivity_SeverityId) String 

func (x SshActivity_SeverityId) String() string

func (SshActivity_SeverityId) Type 

func (SshActivity_SeverityId) Type() protoreflect.EnumType

type SshActivity_StatusId 

type SshActivity_StatusId int32
const (
	SshActivity_STATUS_ID_UNKNOWN SshActivity_StatusId = 0 // The status is unknown.
	SshActivity_STATUS_ID_SUCCESS SshActivity_StatusId = 1
	SshActivity_STATUS_ID_FAILURE SshActivity_StatusId = 2
	SshActivity_STATUS_ID_OTHER   SshActivity_StatusId = 99 // The event status is not mapped. See the
)

func (SshActivity_StatusId) Descriptor 

func (SshActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (SshActivity_StatusId) Enum 

func (x SshActivity_StatusId) Enum() *SshActivity_StatusId

func (SshActivity_StatusId) EnumDescriptor deprecated 

func (SshActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use SshActivity_StatusId.Descriptor instead.

func (SshActivity_StatusId) Number 

func (x SshActivity_StatusId) Number() protoreflect.EnumNumber

func (SshActivity_StatusId) String 

func (x SshActivity_StatusId) String() string

func (SshActivity_StatusId) Type 

func (SshActivity_StatusId) Type() protoreflect.EnumType

type SubTechnique 

type SubTechnique struct {
	Name   *string `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	SrcUrl *string `protobuf:"bytes,2,opt,name=src_url,json=srcUrl,proto3,oneof" json:"src_url,omitempty"`
	Uid    *string `protobuf:"bytes,3,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

SubTechnique is an OSF object defined in ocsf objects/sub_technique.json

The Sub Technique object describes the sub technique ID and/or name associated to an attack, as defined by <a target='_blank' href='https://attack.mitre.org/wiki/ATT&CK_Matrix'>ATT&CK Matrix<sup>TM</sup></a>.

func (*SubTechnique) Descriptor deprecated 

func (*SubTechnique) Descriptor() ([]byte, []int)

Deprecated: Use SubTechnique.ProtoReflect.Descriptor instead.

func (*SubTechnique) GetName 

func (x *SubTechnique) GetName() string

func (*SubTechnique) GetSrcUrl 

func (x *SubTechnique) GetSrcUrl() string

func (*SubTechnique) GetUid 

func (x *SubTechnique) GetUid() string

func (*SubTechnique) ProtoMessage 

func (*SubTechnique) ProtoMessage()

func (*SubTechnique) ProtoReflect 

func (x *SubTechnique) ProtoReflect() protoreflect.Message

func (*SubTechnique) Reset 

func (x *SubTechnique) Reset()

func (*SubTechnique) String 

func (x *SubTechnique) String() string

type Table 

type Table struct {
	CreatedTime    *int64                 `protobuf:"varint,1,opt,name=created_time,json=createdTime,proto3,oneof" json:"created_time,omitempty"`
	CreatedTimeDt  *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=created_time_dt,json=createdTimeDt,proto3,oneof" json:"created_time_dt,omitempty"`
	Desc           *string                `protobuf:"bytes,3,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Groups         []*Group               `protobuf:"bytes,4,rep,name=groups,proto3" json:"groups,omitempty"`
	ModifiedTime   *int64                 `protobuf:"varint,5,opt,name=modified_time,json=modifiedTime,proto3,oneof" json:"modified_time,omitempty"`
	ModifiedTimeDt *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=modified_time_dt,json=modifiedTimeDt,proto3,oneof" json:"modified_time_dt,omitempty"`
	Name           *string                `protobuf:"bytes,7,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Size           *int64                 `protobuf:"varint,8,opt,name=size,proto3,oneof" json:"size,omitempty"`
	Uid            *string                `protobuf:"bytes,9,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Table is an OSF object defined in ocsf objects/table.json

The table object represents a table within a structured relational database or datastore, which contains columns and rows of data that are able to be create, updated, deleted and queried.

func (*Table) Descriptor deprecated 

func (*Table) Descriptor() ([]byte, []int)

Deprecated: Use Table.ProtoReflect.Descriptor instead.

func (*Table) GetCreatedTime 

func (x *Table) GetCreatedTime() int64

func (*Table) GetCreatedTimeDt 

func (x *Table) GetCreatedTimeDt() *timestamppb.Timestamp

func (*Table) GetDesc 

func (x *Table) GetDesc() string

func (*Table) GetGroups 

func (x *Table) GetGroups() []*Group

func (*Table) GetModifiedTime 

func (x *Table) GetModifiedTime() int64

func (*Table) GetModifiedTimeDt 

func (x *Table) GetModifiedTimeDt() *timestamppb.Timestamp

func (*Table) GetName 

func (x *Table) GetName() string

func (*Table) GetSize 

func (x *Table) GetSize() int64

func (*Table) GetUid 

func (x *Table) GetUid() string

func (*Table) ProtoMessage 

func (*Table) ProtoMessage()

func (*Table) ProtoReflect 

func (x *Table) ProtoReflect() protoreflect.Message

func (*Table) Reset 

func (x *Table) Reset()

func (*Table) String 

func (x *Table) String() string

type Tactic 

type Tactic struct {
	Name   *string `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	SrcUrl *string `protobuf:"bytes,2,opt,name=src_url,json=srcUrl,proto3,oneof" json:"src_url,omitempty"`
	Uid    *string `protobuf:"bytes,3,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Tactic is an OSF object defined in ocsf objects/tactic.json

The Tactic object describes the tactic ID and/or name that is associated to an attack, as defined by <a target='_blank' href='https://attack.mitre.org/wiki/ATT&CK_Matrix'>ATT&CK Matrix<sup>TM</sup></a>.

func (*Tactic) Descriptor deprecated 

func (*Tactic) Descriptor() ([]byte, []int)

Deprecated: Use Tactic.ProtoReflect.Descriptor instead.

func (*Tactic) GetName 

func (x *Tactic) GetName() string

func (*Tactic) GetSrcUrl 

func (x *Tactic) GetSrcUrl() string

func (*Tactic) GetUid 

func (x *Tactic) GetUid() string

func (*Tactic) ProtoMessage 

func (*Tactic) ProtoMessage()

func (*Tactic) ProtoReflect 

func (x *Tactic) ProtoReflect() protoreflect.Message

func (*Tactic) Reset 

func (x *Tactic) Reset()

func (*Tactic) String 

func (x *Tactic) String() string

type Technique 

type Technique struct {
	Name   *string `protobuf:"bytes,1,opt,name=name,proto3,oneof" json:"name,omitempty"`
	SrcUrl *string `protobuf:"bytes,2,opt,name=src_url,json=srcUrl,proto3,oneof" json:"src_url,omitempty"`
	Uid    *string `protobuf:"bytes,3,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

Technique is an OSF object defined in ocsf objects/technique.json

The Technique object describes the technique ID and/or name associated to an attack, as defined by <a target='_blank' href='https://attack.mitre.org/wiki/ATT&CK_Matrix'>ATT&CK Matrix<sup>TM</sup></a>.

func (*Technique) Descriptor deprecated 

func (*Technique) Descriptor() ([]byte, []int)

Deprecated: Use Technique.ProtoReflect.Descriptor instead.

func (*Technique) GetName 

func (x *Technique) GetName() string

func (*Technique) GetSrcUrl 

func (x *Technique) GetSrcUrl() string

func (*Technique) GetUid 

func (x *Technique) GetUid() string

func (*Technique) ProtoMessage 

func (*Technique) ProtoMessage()

func (*Technique) ProtoReflect 

func (x *Technique) ProtoReflect() protoreflect.Message

func (*Technique) Reset 

func (x *Technique) Reset()

func (*Technique) String 

func (x *Technique) String() string

type Tls 

type Tls struct {
	Alert            *int32          `protobuf:"varint,1,opt,name=alert,proto3,oneof" json:"alert,omitempty"`
	Certificate      *Certificate    `protobuf:"bytes,2,opt,name=certificate,proto3" json:"certificate,omitempty"`
	CertificateChain []string        `protobuf:"bytes,3,rep,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
	Cipher           *string         `protobuf:"bytes,4,opt,name=cipher,proto3,oneof" json:"cipher,omitempty"`
	ClientCiphers    []string        `protobuf:"bytes,5,rep,name=client_ciphers,json=clientCiphers,proto3" json:"client_ciphers,omitempty"`
	ExtensionList    []*TlsExtension `protobuf:"bytes,6,rep,name=extension_list,json=extensionList,proto3" json:"extension_list,omitempty"`
	HandshakeDur     *int32          `protobuf:"varint,7,opt,name=handshake_dur,json=handshakeDur,proto3,oneof" json:"handshake_dur,omitempty"`
	Ja3Hash          *Fingerprint    `protobuf:"bytes,8,opt,name=ja3_hash,json=ja3Hash,proto3" json:"ja3_hash,omitempty"`
	Ja3SHash         *Fingerprint    `protobuf:"bytes,9,opt,name=ja3s_hash,json=ja3sHash,proto3" json:"ja3s_hash,omitempty"`
	KeyLength        *int32          `protobuf:"varint,10,opt,name=key_length,json=keyLength,proto3,oneof" json:"key_length,omitempty"`
	Sans             []*San          `protobuf:"bytes,11,rep,name=sans,proto3" json:"sans,omitempty"`
	ServerCiphers    []string        `protobuf:"bytes,12,rep,name=server_ciphers,json=serverCiphers,proto3" json:"server_ciphers,omitempty"`
	Sni              *string         `protobuf:"bytes,13,opt,name=sni,proto3,oneof" json:"sni,omitempty"`
	TlsExtensionList []*TlsExtension `protobuf:"bytes,14,rep,name=tls_extension_list,json=tlsExtensionList,proto3" json:"tls_extension_list,omitempty"`
	Version          string          `protobuf:"bytes,15,opt,name=version,proto3" json:"version,omitempty"`
	// contains filtered or unexported fields
}

Tls is an OSF object defined in ocsf objects/tls.json

The Transport Layer Security (TLS) object describes the negotiated TLS protocol used for secure communications over an establish network connection.

func (*Tls) Descriptor deprecated 

func (*Tls) Descriptor() ([]byte, []int)

Deprecated: Use Tls.ProtoReflect.Descriptor instead.

func (*Tls) GetAlert 

func (x *Tls) GetAlert() int32

func (*Tls) GetCertificate 

func (x *Tls) GetCertificate() *Certificate

func (*Tls) GetCertificateChain 

func (x *Tls) GetCertificateChain() []string

func (*Tls) GetCipher 

func (x *Tls) GetCipher() string

func (*Tls) GetClientCiphers 

func (x *Tls) GetClientCiphers() []string

func (*Tls) GetExtensionList 

func (x *Tls) GetExtensionList() []*TlsExtension

func (*Tls) GetHandshakeDur 

func (x *Tls) GetHandshakeDur() int32

func (*Tls) GetJa3Hash 

func (x *Tls) GetJa3Hash() *Fingerprint

func (*Tls) GetJa3SHash 

func (x *Tls) GetJa3SHash() *Fingerprint

func (*Tls) GetKeyLength 

func (x *Tls) GetKeyLength() int32

func (*Tls) GetSans 

func (x *Tls) GetSans() []*San

func (*Tls) GetServerCiphers 

func (x *Tls) GetServerCiphers() []string

func (*Tls) GetSni 

func (x *Tls) GetSni() string

func (*Tls) GetTlsExtensionList 

func (x *Tls) GetTlsExtensionList() []*TlsExtension

func (*Tls) GetVersion 

func (x *Tls) GetVersion() string

func (*Tls) ProtoMessage 

func (*Tls) ProtoMessage()

func (*Tls) ProtoReflect 

func (x *Tls) ProtoReflect() protoreflect.Message

func (*Tls) Reset 

func (x *Tls) Reset()

func (*Tls) String 

func (x *Tls) String() string

type TlsExtension 

type TlsExtension struct {
	Data   *structpb.Value     `protobuf:"bytes,1,opt,name=data,proto3,oneof" json:"data,omitempty"`
	Type   *string             `protobuf:"bytes,2,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId TlsExtension_TypeId `protobuf:"varint,3,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.TlsExtension_TypeId" json:"type_id,omitempty"`
	// contains filtered or unexported fields
}

TlsExtension is an OSF object defined in ocsf objects/tls_extension.json

The TLS Extension object describes additional attributes that extend the base Transport Layer Security (TLS) object.

func (*TlsExtension) Descriptor deprecated 

func (*TlsExtension) Descriptor() ([]byte, []int)

Deprecated: Use TlsExtension.ProtoReflect.Descriptor instead.

func (*TlsExtension) GetData 

func (x *TlsExtension) GetData() *structpb.Value

func (*TlsExtension) GetType 

func (x *TlsExtension) GetType() string

func (*TlsExtension) GetTypeId 

func (x *TlsExtension) GetTypeId() TlsExtension_TypeId

func (*TlsExtension) ProtoMessage 

func (*TlsExtension) ProtoMessage()

func (*TlsExtension) ProtoReflect 

func (x *TlsExtension) ProtoReflect() protoreflect.Message

func (*TlsExtension) Reset 

func (x *TlsExtension) Reset()

func (*TlsExtension) String 

func (x *TlsExtension) String() string

type TlsExtension_TypeId 

type TlsExtension_TypeId int32
const (
	TlsExtension_TYPE_ID_SERVER_NAME TlsExtension_TypeId = 0 // The Server Name Indication
	// extension.
	TlsExtension_TYPE_ID_MAXIMUM_FRAGMENT_LENGTH TlsExtension_TypeId = 1 // The Maximum Fragment
	// Length Negotiation
	// extension.
	TlsExtension_TYPE_ID_STATUS_REQUEST TlsExtension_TypeId = 5 // The Certificate Status
	// Request extension.
	TlsExtension_TYPE_ID_SUPPORTED_GROUPS TlsExtension_TypeId = 10 // The Supported Groups
	// extension.
	TlsExtension_TYPE_ID_SIGNATURE_ALGORITHMS TlsExtension_TypeId = 13 // The Signature Algorithms
	// extension.
	TlsExtension_TYPE_ID_USE_SRTP TlsExtension_TypeId = 14 // The Use SRTP data
	// protection extension.
	TlsExtension_TYPE_ID_HEARTBEAT                              TlsExtension_TypeId = 15 // The Heartbeat extension.
	TlsExtension_TYPE_ID_APPLICATION_LAYER_PROTOCOL_NEGOTIATION TlsExtension_TypeId = 16 // The Application-Layer
	// Protocol Negotiation
	// extension.
	TlsExtension_TYPE_ID_SIGNED_CERTIFICATE_TIMESTAMP TlsExtension_TypeId = 18 // The Signed Certificate
	// Timestamp extension.
	TlsExtension_TYPE_ID_CLIENT_CERTIFICATE_TYPE TlsExtension_TypeId = 19 // The Client Certificate
	// Type extension.
	TlsExtension_TYPE_ID_SERVER_CERTIFICATE_TYPE TlsExtension_TypeId = 20 // The Server Certificate
	// Type extension.
	TlsExtension_TYPE_ID_PADDING        TlsExtension_TypeId = 21 // The Padding extension.
	TlsExtension_TYPE_ID_PRE_SHARED_KEY TlsExtension_TypeId = 41 // The Pre Shared Key
	// extension.
	TlsExtension_TYPE_ID_EARLY_DATA         TlsExtension_TypeId = 42 // The Early Data extension.
	TlsExtension_TYPE_ID_SUPPORTED_VERSIONS TlsExtension_TypeId = 43 // The Supported Versions
	// extension.
	TlsExtension_TYPE_ID_COOKIE                 TlsExtension_TypeId = 44 // The Cookie extension.
	TlsExtension_TYPE_ID_PSK_KEY_EXCHANGE_MODES TlsExtension_TypeId = 45 // The Pre-Shared Key Exchange
	// Modes extension.
	TlsExtension_TYPE_ID_CERTIFICATE_AUTHORITIES TlsExtension_TypeId = 47 // The Certificate
	// Authorities extension.
	TlsExtension_TYPE_ID_OID_FILTERS         TlsExtension_TypeId = 48 // The OID Filters extension.
	TlsExtension_TYPE_ID_POST_HANDSHAKE_AUTH TlsExtension_TypeId = 49 // The Post-Handshake Client
	// Authentication extension.
	TlsExtension_TYPE_ID_SIGNATURE_ALGORITHMS_CERT TlsExtension_TypeId = 50 // The Signature Algorithms
	// extension.
	TlsExtension_TYPE_ID_KEY_SHARE TlsExtension_TypeId = 51 // The Key Share extension.
	TlsExtension_TYPE_ID_OTHER     TlsExtension_TypeId = 99 // The type is not mapped.
)

func (TlsExtension_TypeId) Descriptor 

func (TlsExtension_TypeId) Descriptor() protoreflect.EnumDescriptor

func (TlsExtension_TypeId) Enum 

func (x TlsExtension_TypeId) Enum() *TlsExtension_TypeId

func (TlsExtension_TypeId) EnumDescriptor deprecated 

func (TlsExtension_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use TlsExtension_TypeId.Descriptor instead.

func (TlsExtension_TypeId) Number 

func (x TlsExtension_TypeId) Number() protoreflect.EnumNumber

func (TlsExtension_TypeId) String 

func (x TlsExtension_TypeId) String() string

func (TlsExtension_TypeId) Type 

func (TlsExtension_TypeId) Type() protoreflect.EnumType

type TunnelActivity 

type TunnelActivity struct {
	Action              *string                       `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            TunnelActivity_ActionId       `` /* 130-byte string literal not displayed */
	ActivityId          TunnelActivity_ActivityId     `` /* 138-byte string literal not displayed */
	ActivityName        *string                       `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                        `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                          `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	AppName             *string                       `protobuf:"bytes,7,opt,name=app_name,json=appName,proto3,oneof" json:"app_name,omitempty"`
	Attacks             []*Attack                     `protobuf:"bytes,8,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization              `protobuf:"bytes,9,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                       `protobuf:"bytes,10,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         TunnelActivity_CategoryUid    `` /* 143-byte string literal not displayed */
	ClassName           *string                       `protobuf:"bytes,12,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            TunnelActivity_ClassUid       `` /* 131-byte string literal not displayed */
	Cloud               *Cloud                        `protobuf:"bytes,14,opt,name=cloud,proto3" json:"cloud,omitempty"`
	ConnectionInfo      *NetworkConnectionInfo        `protobuf:"bytes,15,opt,name=connection_info,json=connectionInfo,proto3" json:"connection_info,omitempty"`
	Count               *int32                        `protobuf:"varint,16,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                       `protobuf:"bytes,17,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                       `protobuf:"bytes,18,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *TunnelActivity_DispositionId `` /* 157-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint              `protobuf:"bytes,20,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                        `protobuf:"varint,21,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                        `protobuf:"varint,22,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp        `protobuf:"bytes,23,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment                 `protobuf:"bytes,24,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule        *FirewallRule                 `protobuf:"bytes,25,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	LoadBalancer        *LoadBalancer                 `protobuf:"bytes,26,opt,name=load_balancer,json=loadBalancer,proto3" json:"load_balancer,omitempty"`
	Malware             []*Malware                    `protobuf:"bytes,27,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                       `protobuf:"bytes,28,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                     `protobuf:"bytes,29,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable                 `protobuf:"bytes,30,rep,name=observables,proto3" json:"observables,omitempty"`
	ProtocolName        *string                       `protobuf:"bytes,31,opt,name=protocol_name,json=protocolName,proto3,oneof" json:"protocol_name,omitempty"`
	Proxy               *NetworkProxy                 `protobuf:"bytes,32,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo        `protobuf:"bytes,33,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy                 `protobuf:"bytes,34,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest                  `protobuf:"bytes,35,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse                 `protobuf:"bytes,36,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                          `protobuf:"bytes,37,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic               `protobuf:"bytes,38,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                       `protobuf:"bytes,39,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Session             *Session                      `protobuf:"bytes,40,opt,name=session,proto3" json:"session,omitempty"`
	Severity            *string                       `protobuf:"bytes,41,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          TunnelActivity_SeverityId     `` /* 139-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint              `protobuf:"bytes,43,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                        `protobuf:"varint,44,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp        `protobuf:"bytes,45,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                       `protobuf:"bytes,46,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                       `protobuf:"bytes,47,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                       `protobuf:"bytes,48,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *TunnelActivity_StatusId      `` /* 137-byte string literal not displayed */
	Time                int64                         `protobuf:"varint,50,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp        `protobuf:"bytes,51,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                        `protobuf:"varint,52,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                          `protobuf:"bytes,53,opt,name=tls,proto3" json:"tls,omitempty"`
	Traffic             *NetworkTraffic               `protobuf:"bytes,54,opt,name=traffic,proto3" json:"traffic,omitempty"`
	TunnelInterface     *NetworkInterface             `protobuf:"bytes,55,opt,name=tunnel_interface,json=tunnelInterface,proto3" json:"tunnel_interface,omitempty"`
	TunnelType          *string                       `protobuf:"bytes,56,opt,name=tunnel_type,json=tunnelType,proto3,oneof" json:"tunnel_type,omitempty"`
	TunnelTypeId        *TunnelActivity_TunnelTypeId  `` /* 155-byte string literal not displayed */
	TypeName            *string                       `protobuf:"bytes,58,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                         `protobuf:"varint,59,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct              `protobuf:"bytes,60,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	User                *User                         `protobuf:"bytes,61,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

TunnelActivity is an OSF event in category "Network Activity" called Tunnel Activity defined in ocsf events/network/tunnel_activity.json

Tunnel Activity events report secure tunnel establishment (such as VPN), teardowns, renewals, and other network tunnel specific actions.

func (*TunnelActivity) Descriptor deprecated 

func (*TunnelActivity) Descriptor() ([]byte, []int)

Deprecated: Use TunnelActivity.ProtoReflect.Descriptor instead.

func (*TunnelActivity) GetAction 

func (x *TunnelActivity) GetAction() string

func (*TunnelActivity) GetActionId 

func (x *TunnelActivity) GetActionId() TunnelActivity_ActionId

func (*TunnelActivity) GetActivityId 

func (x *TunnelActivity) GetActivityId() TunnelActivity_ActivityId

func (*TunnelActivity) GetActivityName 

func (x *TunnelActivity) GetActivityName() string

func (*TunnelActivity) GetActor 

func (x *TunnelActivity) GetActor() *Actor

func (*TunnelActivity) GetApi 

func (x *TunnelActivity) GetApi() *Api

func (*TunnelActivity) GetAppName 

func (x *TunnelActivity) GetAppName() string

func (*TunnelActivity) GetAttacks 

func (x *TunnelActivity) GetAttacks() []*Attack

func (*TunnelActivity) GetAuthorizations 

func (x *TunnelActivity) GetAuthorizations() []*Authorization

func (*TunnelActivity) GetCategoryName 

func (x *TunnelActivity) GetCategoryName() string

func (*TunnelActivity) GetCategoryUid 

func (x *TunnelActivity) GetCategoryUid() TunnelActivity_CategoryUid

func (*TunnelActivity) GetClassName 

func (x *TunnelActivity) GetClassName() string

func (*TunnelActivity) GetClassUid 

func (x *TunnelActivity) GetClassUid() TunnelActivity_ClassUid

func (*TunnelActivity) GetCloud 

func (x *TunnelActivity) GetCloud() *Cloud

func (*TunnelActivity) GetConnectionInfo 

func (x *TunnelActivity) GetConnectionInfo() *NetworkConnectionInfo

func (*TunnelActivity) GetCount 

func (x *TunnelActivity) GetCount() int32

func (*TunnelActivity) GetDevice 

func (x *TunnelActivity) GetDevice() *Device

func (*TunnelActivity) GetDisposition 

func (x *TunnelActivity) GetDisposition() string

func (*TunnelActivity) GetDispositionId 

func (x *TunnelActivity) GetDispositionId() TunnelActivity_DispositionId

func (*TunnelActivity) GetDstEndpoint 

func (x *TunnelActivity) GetDstEndpoint() *NetworkEndpoint

func (*TunnelActivity) GetDuration 

func (x *TunnelActivity) GetDuration() int32

func (*TunnelActivity) GetEndTime 

func (x *TunnelActivity) GetEndTime() int64

func (*TunnelActivity) GetEndTimeDt 

func (x *TunnelActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*TunnelActivity) GetEnrichments 

func (x *TunnelActivity) GetEnrichments() []*Enrichment

func (*TunnelActivity) GetFirewallRule 

func (x *TunnelActivity) GetFirewallRule() *FirewallRule

func (*TunnelActivity) GetLoadBalancer 

func (x *TunnelActivity) GetLoadBalancer() *LoadBalancer

func (*TunnelActivity) GetMalware 

func (x *TunnelActivity) GetMalware() []*Malware

func (*TunnelActivity) GetMessage 

func (x *TunnelActivity) GetMessage() string

func (*TunnelActivity) GetMetadata 

func (x *TunnelActivity) GetMetadata() *Metadata

func (*TunnelActivity) GetObservables 

func (x *TunnelActivity) GetObservables() []*Observable

func (*TunnelActivity) GetProtocolName 

func (x *TunnelActivity) GetProtocolName() string

func (*TunnelActivity) GetProxy 

func (x *TunnelActivity) GetProxy() *NetworkProxy

func (*TunnelActivity) GetProxyConnectionInfo 

func (x *TunnelActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*TunnelActivity) GetProxyEndpoint 

func (x *TunnelActivity) GetProxyEndpoint() *NetworkProxy

func (*TunnelActivity) GetProxyHttpRequest 

func (x *TunnelActivity) GetProxyHttpRequest() *HttpRequest

func (*TunnelActivity) GetProxyHttpResponse 

func (x *TunnelActivity) GetProxyHttpResponse() *HttpResponse

func (*TunnelActivity) GetProxyTls 

func (x *TunnelActivity) GetProxyTls() *Tls

func (*TunnelActivity) GetProxyTraffic 

func (x *TunnelActivity) GetProxyTraffic() *NetworkTraffic

func (*TunnelActivity) GetRawData 

func (x *TunnelActivity) GetRawData() string

func (*TunnelActivity) GetSession 

func (x *TunnelActivity) GetSession() *Session

func (*TunnelActivity) GetSeverity 

func (x *TunnelActivity) GetSeverity() string

func (*TunnelActivity) GetSeverityId 

func (x *TunnelActivity) GetSeverityId() TunnelActivity_SeverityId

func (*TunnelActivity) GetSrcEndpoint 

func (x *TunnelActivity) GetSrcEndpoint() *NetworkEndpoint

func (*TunnelActivity) GetStartTime 

func (x *TunnelActivity) GetStartTime() int64

func (*TunnelActivity) GetStartTimeDt 

func (x *TunnelActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*TunnelActivity) GetStatus 

func (x *TunnelActivity) GetStatus() string

func (*TunnelActivity) GetStatusCode 

func (x *TunnelActivity) GetStatusCode() string

func (*TunnelActivity) GetStatusDetail 

func (x *TunnelActivity) GetStatusDetail() string

func (*TunnelActivity) GetStatusId 

func (x *TunnelActivity) GetStatusId() TunnelActivity_StatusId

func (*TunnelActivity) GetTime 

func (x *TunnelActivity) GetTime() int64

func (*TunnelActivity) GetTimeDt 

func (x *TunnelActivity) GetTimeDt() *timestamppb.Timestamp

func (*TunnelActivity) GetTimezoneOffset 

func (x *TunnelActivity) GetTimezoneOffset() int32

func (*TunnelActivity) GetTls 

func (x *TunnelActivity) GetTls() *Tls

func (*TunnelActivity) GetTraffic 

func (x *TunnelActivity) GetTraffic() *NetworkTraffic

func (*TunnelActivity) GetTunnelInterface 

func (x *TunnelActivity) GetTunnelInterface() *NetworkInterface

func (*TunnelActivity) GetTunnelType 

func (x *TunnelActivity) GetTunnelType() string

func (*TunnelActivity) GetTunnelTypeId 

func (x *TunnelActivity) GetTunnelTypeId() TunnelActivity_TunnelTypeId

func (*TunnelActivity) GetTypeName 

func (x *TunnelActivity) GetTypeName() string

func (*TunnelActivity) GetTypeUid 

func (x *TunnelActivity) GetTypeUid() int64

func (*TunnelActivity) GetUnmapped 

func (x *TunnelActivity) GetUnmapped() *structpb.Struct

func (*TunnelActivity) GetUser 

func (x *TunnelActivity) GetUser() *User

func (*TunnelActivity) ProtoMessage 

func (*TunnelActivity) ProtoMessage()

func (*TunnelActivity) ProtoReflect 

func (x *TunnelActivity) ProtoReflect() protoreflect.Message

func (*TunnelActivity) Reset 

func (x *TunnelActivity) Reset()

func (*TunnelActivity) String 

func (x *TunnelActivity) String() string

type TunnelActivity_ActionId 

type TunnelActivity_ActionId int32
const (
	TunnelActivity_ACTION_ID_UNKNOWN TunnelActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	TunnelActivity_ACTION_ID_ALLOWED TunnelActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	TunnelActivity_ACTION_ID_DENIED TunnelActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	TunnelActivity_ACTION_ID_OTHER TunnelActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (TunnelActivity_ActionId) Descriptor 

func (TunnelActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (TunnelActivity_ActionId) Enum 

func (x TunnelActivity_ActionId) Enum() *TunnelActivity_ActionId

func (TunnelActivity_ActionId) EnumDescriptor deprecated 

func (TunnelActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use TunnelActivity_ActionId.Descriptor instead.

func (TunnelActivity_ActionId) Number 

func (x TunnelActivity_ActionId) Number() protoreflect.EnumNumber

func (TunnelActivity_ActionId) String 

func (x TunnelActivity_ActionId) String() string

func (TunnelActivity_ActionId) Type 

func (TunnelActivity_ActionId) Type() protoreflect.EnumType

type TunnelActivity_ActivityId 

type TunnelActivity_ActivityId int32
const (
	TunnelActivity_ACTIVITY_ID_UNKNOWN TunnelActivity_ActivityId = 0  // The event activity is unknown.
	TunnelActivity_ACTIVITY_ID_OPEN    TunnelActivity_ActivityId = 1  // Open a tunnel.
	TunnelActivity_ACTIVITY_ID_CLOSE   TunnelActivity_ActivityId = 2  // Close a tunnel.
	TunnelActivity_ACTIVITY_ID_RENEW   TunnelActivity_ActivityId = 3  // Renew a tunnel.
	TunnelActivity_ACTIVITY_ID_OTHER   TunnelActivity_ActivityId = 99 // The event activity is not mapped. See the
)

func (TunnelActivity_ActivityId) Descriptor 

func (TunnelActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (TunnelActivity_ActivityId) Enum 

func (x TunnelActivity_ActivityId) Enum() *TunnelActivity_ActivityId

func (TunnelActivity_ActivityId) EnumDescriptor deprecated 

func (TunnelActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use TunnelActivity_ActivityId.Descriptor instead.

func (TunnelActivity_ActivityId) Number 

func (x TunnelActivity_ActivityId) Number() protoreflect.EnumNumber

func (TunnelActivity_ActivityId) String 

func (x TunnelActivity_ActivityId) String() string

func (TunnelActivity_ActivityId) Type 

func (TunnelActivity_ActivityId) Type() protoreflect.EnumType

type TunnelActivity_CategoryUid 

type TunnelActivity_CategoryUid int32
const (
	TunnelActivity_CATEGORY_UID_UNKNOWN          TunnelActivity_CategoryUid = 0
	TunnelActivity_CATEGORY_UID_NETWORK_ACTIVITY TunnelActivity_CategoryUid = 4
)

func (TunnelActivity_CategoryUid) Descriptor 

func (TunnelActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (TunnelActivity_CategoryUid) Enum 

func (x TunnelActivity_CategoryUid) Enum() *TunnelActivity_CategoryUid

func (TunnelActivity_CategoryUid) EnumDescriptor deprecated 

func (TunnelActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use TunnelActivity_CategoryUid.Descriptor instead.

func (TunnelActivity_CategoryUid) Number 

func (x TunnelActivity_CategoryUid) Number() protoreflect.EnumNumber

func (TunnelActivity_CategoryUid) String 

func (x TunnelActivity_CategoryUid) String() string

func (TunnelActivity_CategoryUid) Type 

func (TunnelActivity_CategoryUid) Type() protoreflect.EnumType

type TunnelActivity_ClassUid 

type TunnelActivity_ClassUid int32
const (
	TunnelActivity_CLASS_UID_UNKNOWN         TunnelActivity_ClassUid = 0
	TunnelActivity_CLASS_UID_TUNNEL_ACTIVITY TunnelActivity_ClassUid = 4014
)

func (TunnelActivity_ClassUid) Descriptor 

func (TunnelActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (TunnelActivity_ClassUid) Enum 

func (x TunnelActivity_ClassUid) Enum() *TunnelActivity_ClassUid

func (TunnelActivity_ClassUid) EnumDescriptor deprecated 

func (TunnelActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use TunnelActivity_ClassUid.Descriptor instead.

func (TunnelActivity_ClassUid) Number 

func (x TunnelActivity_ClassUid) Number() protoreflect.EnumNumber

func (TunnelActivity_ClassUid) String 

func (x TunnelActivity_ClassUid) String() string

func (TunnelActivity_ClassUid) Type 

func (TunnelActivity_ClassUid) Type() protoreflect.EnumType

type TunnelActivity_DispositionId 

type TunnelActivity_DispositionId int32
const (
	TunnelActivity_DISPOSITION_ID_UNKNOWN TunnelActivity_DispositionId = 0 // The disposition was not known.
	TunnelActivity_DISPOSITION_ID_ALLOWED TunnelActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	TunnelActivity_DISPOSITION_ID_BLOCKED TunnelActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	TunnelActivity_DISPOSITION_ID_QUARANTINED TunnelActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	TunnelActivity_DISPOSITION_ID_ISOLATED TunnelActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	TunnelActivity_DISPOSITION_ID_DELETED TunnelActivity_DispositionId = 5 // A file or other content was deleted.
	TunnelActivity_DISPOSITION_ID_DROPPED TunnelActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	TunnelActivity_DISPOSITION_ID_CUSTOM_ACTION TunnelActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	TunnelActivity_DISPOSITION_ID_APPROVED TunnelActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	TunnelActivity_DISPOSITION_ID_RESTORED TunnelActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	TunnelActivity_DISPOSITION_ID_EXONERATED TunnelActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	TunnelActivity_DISPOSITION_ID_CORRECTED TunnelActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	TunnelActivity_DISPOSITION_ID_PARTIALLY_CORRECTED TunnelActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	TunnelActivity_DISPOSITION_ID_UNCORRECTED TunnelActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	TunnelActivity_DISPOSITION_ID_DELAYED TunnelActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	TunnelActivity_DISPOSITION_ID_DETECTED TunnelActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	TunnelActivity_DISPOSITION_ID_NO_ACTION TunnelActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	TunnelActivity_DISPOSITION_ID_LOGGED TunnelActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	TunnelActivity_DISPOSITION_ID_TAGGED TunnelActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	TunnelActivity_DISPOSITION_ID_ALERT TunnelActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	TunnelActivity_DISPOSITION_ID_COUNT TunnelActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	TunnelActivity_DISPOSITION_ID_RESET TunnelActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	TunnelActivity_DISPOSITION_ID_CAPTCHA TunnelActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	TunnelActivity_DISPOSITION_ID_CHALLENGE TunnelActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	TunnelActivity_DISPOSITION_ID_ACCESS_REVOKED TunnelActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	TunnelActivity_DISPOSITION_ID_REJECTED TunnelActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	TunnelActivity_DISPOSITION_ID_UNAUTHORIZED TunnelActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	TunnelActivity_DISPOSITION_ID_ERROR TunnelActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	TunnelActivity_DISPOSITION_ID_OTHER TunnelActivity_DispositionId = 99 // The disposition is not listed. The
)

func (TunnelActivity_DispositionId) Descriptor 

func (TunnelActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (TunnelActivity_DispositionId) Enum 

func (x TunnelActivity_DispositionId) Enum() *TunnelActivity_DispositionId

func (TunnelActivity_DispositionId) EnumDescriptor deprecated 

func (TunnelActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use TunnelActivity_DispositionId.Descriptor instead.

func (TunnelActivity_DispositionId) Number 

func (x TunnelActivity_DispositionId) Number() protoreflect.EnumNumber

func (TunnelActivity_DispositionId) String 

func (x TunnelActivity_DispositionId) String() string

func (TunnelActivity_DispositionId) Type 

func (TunnelActivity_DispositionId) Type() protoreflect.EnumType

type TunnelActivity_SeverityId 

type TunnelActivity_SeverityId int32
const (
	TunnelActivity_SEVERITY_ID_UNKNOWN       TunnelActivity_SeverityId = 0 // The event/finding severity is unknown.
	TunnelActivity_SEVERITY_ID_INFORMATIONAL TunnelActivity_SeverityId = 1 // Informational message. No action required.
	TunnelActivity_SEVERITY_ID_LOW           TunnelActivity_SeverityId = 2 // The user decides if action is needed.
	TunnelActivity_SEVERITY_ID_MEDIUM        TunnelActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	TunnelActivity_SEVERITY_ID_HIGH     TunnelActivity_SeverityId = 4 // Action is required immediately.
	TunnelActivity_SEVERITY_ID_CRITICAL TunnelActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	TunnelActivity_SEVERITY_ID_FATAL TunnelActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	TunnelActivity_SEVERITY_ID_OTHER TunnelActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (TunnelActivity_SeverityId) Descriptor 

func (TunnelActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (TunnelActivity_SeverityId) Enum 

func (x TunnelActivity_SeverityId) Enum() *TunnelActivity_SeverityId

func (TunnelActivity_SeverityId) EnumDescriptor deprecated 

func (TunnelActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use TunnelActivity_SeverityId.Descriptor instead.

func (TunnelActivity_SeverityId) Number 

func (x TunnelActivity_SeverityId) Number() protoreflect.EnumNumber

func (TunnelActivity_SeverityId) String 

func (x TunnelActivity_SeverityId) String() string

func (TunnelActivity_SeverityId) Type 

func (TunnelActivity_SeverityId) Type() protoreflect.EnumType

type TunnelActivity_StatusId 

type TunnelActivity_StatusId int32
const (
	TunnelActivity_STATUS_ID_UNKNOWN TunnelActivity_StatusId = 0 // The status is unknown.
	TunnelActivity_STATUS_ID_SUCCESS TunnelActivity_StatusId = 1
	TunnelActivity_STATUS_ID_FAILURE TunnelActivity_StatusId = 2
	TunnelActivity_STATUS_ID_OTHER   TunnelActivity_StatusId = 99 // The event status is not mapped. See the
)

func (TunnelActivity_StatusId) Descriptor 

func (TunnelActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (TunnelActivity_StatusId) Enum 

func (x TunnelActivity_StatusId) Enum() *TunnelActivity_StatusId

func (TunnelActivity_StatusId) EnumDescriptor deprecated 

func (TunnelActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use TunnelActivity_StatusId.Descriptor instead.

func (TunnelActivity_StatusId) Number 

func (x TunnelActivity_StatusId) Number() protoreflect.EnumNumber

func (TunnelActivity_StatusId) String 

func (x TunnelActivity_StatusId) String() string

func (TunnelActivity_StatusId) Type 

func (TunnelActivity_StatusId) Type() protoreflect.EnumType

type TunnelActivity_TunnelTypeId 

type TunnelActivity_TunnelTypeId int32
const (
	TunnelActivity_TUNNEL_TYPE_ID_UNKNOWN      TunnelActivity_TunnelTypeId = 0
	TunnelActivity_TUNNEL_TYPE_ID_SPLIT_TUNNEL TunnelActivity_TunnelTypeId = 1
	TunnelActivity_TUNNEL_TYPE_ID_FULL_TUNNEL  TunnelActivity_TunnelTypeId = 2
	TunnelActivity_TUNNEL_TYPE_ID_OTHER        TunnelActivity_TunnelTypeId = 99
)

func (TunnelActivity_TunnelTypeId) Descriptor 

func (TunnelActivity_TunnelTypeId) Descriptor() protoreflect.EnumDescriptor

func (TunnelActivity_TunnelTypeId) Enum 

func (x TunnelActivity_TunnelTypeId) Enum() *TunnelActivity_TunnelTypeId

func (TunnelActivity_TunnelTypeId) EnumDescriptor deprecated 

func (TunnelActivity_TunnelTypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use TunnelActivity_TunnelTypeId.Descriptor instead.

func (TunnelActivity_TunnelTypeId) Number 

func (x TunnelActivity_TunnelTypeId) Number() protoreflect.EnumNumber

func (TunnelActivity_TunnelTypeId) String 

func (x TunnelActivity_TunnelTypeId) String() string

func (TunnelActivity_TunnelTypeId) Type 

func (TunnelActivity_TunnelTypeId) Type() protoreflect.EnumType

type Url 

type Url struct {
	Categories   []string          `protobuf:"bytes,1,rep,name=categories,proto3" json:"categories,omitempty"`
	CategoryIds  []Url_CategoryIds `` /* 138-byte string literal not displayed */
	Hostname     *string           `protobuf:"bytes,3,opt,name=hostname,proto3,oneof" json:"hostname,omitempty"`
	Path         *string           `protobuf:"bytes,4,opt,name=path,proto3,oneof" json:"path,omitempty"`
	Port         *int32            `protobuf:"varint,5,opt,name=port,proto3,oneof" json:"port,omitempty"`
	QueryString  *string           `protobuf:"bytes,6,opt,name=query_string,json=queryString,proto3,oneof" json:"query_string,omitempty"`
	ResourceType *string           `protobuf:"bytes,7,opt,name=resource_type,json=resourceType,proto3,oneof" json:"resource_type,omitempty"`
	Scheme       *string           `protobuf:"bytes,8,opt,name=scheme,proto3,oneof" json:"scheme,omitempty"`
	Subdomain    *string           `protobuf:"bytes,9,opt,name=subdomain,proto3,oneof" json:"subdomain,omitempty"`
	UrlString    *string           `protobuf:"bytes,10,opt,name=url_string,json=urlString,proto3,oneof" json:"url_string,omitempty"`
	// contains filtered or unexported fields
}

Url is an OSF object defined in ocsf objects/url.json

The Uniform Resource Locator(URL) object describes the characteristics of a URL. Defined in <a target='_blank' href='https://datatracker.ietf.org/doc/html/rfc1738'>RFC 1738</a> and by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:URL/'>d3f:URL</a>.

func (*Url) Descriptor deprecated 

func (*Url) Descriptor() ([]byte, []int)

Deprecated: Use Url.ProtoReflect.Descriptor instead.

func (*Url) GetCategories 

func (x *Url) GetCategories() []string

func (*Url) GetCategoryIds 

func (x *Url) GetCategoryIds() []Url_CategoryIds

func (*Url) GetHostname 

func (x *Url) GetHostname() string

func (*Url) GetPath 

func (x *Url) GetPath() string

func (*Url) GetPort 

func (x *Url) GetPort() int32

func (*Url) GetQueryString 

func (x *Url) GetQueryString() string

func (*Url) GetResourceType 

func (x *Url) GetResourceType() string

func (*Url) GetScheme 

func (x *Url) GetScheme() string

func (*Url) GetSubdomain 

func (x *Url) GetSubdomain() string

func (*Url) GetUrlString 

func (x *Url) GetUrlString() string

func (*Url) ProtoMessage 

func (*Url) ProtoMessage()

func (*Url) ProtoReflect 

func (x *Url) ProtoReflect() protoreflect.Message

func (*Url) Reset 

func (x *Url) Reset()

func (*Url) String 

func (x *Url) String() string

type Url_CategoryIds 

type Url_CategoryIds int32
const (
	Url_CATEGORY_IDS_UNKNOWN Url_CategoryIds = 0 // The Domain/URL category is
	// unknown.
	Url_CATEGORY_IDS_ADULT_MATURE_CONTENT            Url_CategoryIds = 1
	Url_CATEGORY_IDS_PORNOGRAPHY                     Url_CategoryIds = 3
	Url_CATEGORY_IDS_SEX_EDUCATION                   Url_CategoryIds = 4
	Url_CATEGORY_IDS_INTIMATE_APPAREL_SWIMSUIT       Url_CategoryIds = 5
	Url_CATEGORY_IDS_NUDITY                          Url_CategoryIds = 6
	Url_CATEGORY_IDS_EXTREME                         Url_CategoryIds = 7
	Url_CATEGORY_IDS_SCAM_QUESTIONABLE_ILLEGAL       Url_CategoryIds = 9
	Url_CATEGORY_IDS_GAMBLING                        Url_CategoryIds = 11
	Url_CATEGORY_IDS_VIOLENCE_HATE_RACISM            Url_CategoryIds = 14
	Url_CATEGORY_IDS_WEAPONS                         Url_CategoryIds = 15
	Url_CATEGORY_IDS_ABORTION                        Url_CategoryIds = 16
	Url_CATEGORY_IDS_HACKING                         Url_CategoryIds = 17
	Url_CATEGORY_IDS_PHISHING                        Url_CategoryIds = 18
	Url_CATEGORY_IDS_ENTERTAINMENT                   Url_CategoryIds = 20
	Url_CATEGORY_IDS_BUSINESS_ECONOMY                Url_CategoryIds = 21
	Url_CATEGORY_IDS_ALTERNATIVE_SPIRITUALITY_BELIEF Url_CategoryIds = 22
	Url_CATEGORY_IDS_ALCOHOL                         Url_CategoryIds = 23
	Url_CATEGORY_IDS_TOBACCO                         Url_CategoryIds = 24
	Url_CATEGORY_IDS_CONTROLLED_SUBSTANCES           Url_CategoryIds = 25
	Url_CATEGORY_IDS_CHILD_PORNOGRAPHY               Url_CategoryIds = 26
	Url_CATEGORY_IDS_EDUCATION                       Url_CategoryIds = 27
	Url_CATEGORY_IDS_CHARITABLE_ORGANIZATIONS        Url_CategoryIds = 29
	Url_CATEGORY_IDS_ART_CULTURE                     Url_CategoryIds = 30
	Url_CATEGORY_IDS_FINANCIAL_SERVICES              Url_CategoryIds = 31
	Url_CATEGORY_IDS_BROKERAGE_TRADING               Url_CategoryIds = 32
	Url_CATEGORY_IDS_GAMES                           Url_CategoryIds = 33
	Url_CATEGORY_IDS_GOVERNMENT_LEGAL                Url_CategoryIds = 34
	Url_CATEGORY_IDS_MILITARY                        Url_CategoryIds = 35
	Url_CATEGORY_IDS_POLITICAL_SOCIAL_ADVOCACY       Url_CategoryIds = 36
	Url_CATEGORY_IDS_HEALTH                          Url_CategoryIds = 37
	Url_CATEGORY_IDS_TECHNOLOGY_INTERNET             Url_CategoryIds = 38
	Url_CATEGORY_IDS_SEARCH_ENGINES_PORTALS          Url_CategoryIds = 40
	Url_CATEGORY_IDS_MALICIOUS_SOURCES_MALNETS       Url_CategoryIds = 43
	Url_CATEGORY_IDS_MALICIOUS_OUTBOUND_DATA_BOTNETS Url_CategoryIds = 44
	Url_CATEGORY_IDS_JOB_SEARCH_CAREERS              Url_CategoryIds = 45
	Url_CATEGORY_IDS_NEWS_MEDIA                      Url_CategoryIds = 46
	Url_CATEGORY_IDS_PERSONALS_DATING                Url_CategoryIds = 47
	Url_CATEGORY_IDS_REFERENCE                       Url_CategoryIds = 49
	Url_CATEGORY_IDS_MIXED_CONTENT_POTENTIALLY_ADULT Url_CategoryIds = 50
	Url_CATEGORY_IDS_CHAT_IM_SMS                     Url_CategoryIds = 51
	Url_CATEGORY_IDS_EMAIL                           Url_CategoryIds = 52
	Url_CATEGORY_IDS_NEWSGROUPS_FORUMS               Url_CategoryIds = 53
	Url_CATEGORY_IDS_RELIGION                        Url_CategoryIds = 54
	Url_CATEGORY_IDS_SOCIAL_NETWORKING               Url_CategoryIds = 55
	Url_CATEGORY_IDS_FILE_STORAGE_SHARING            Url_CategoryIds = 56
	Url_CATEGORY_IDS_REMOTE_ACCESS_TOOLS             Url_CategoryIds = 57
	Url_CATEGORY_IDS_SHOPPING                        Url_CategoryIds = 58
	Url_CATEGORY_IDS_AUCTIONS                        Url_CategoryIds = 59
	Url_CATEGORY_IDS_REAL_ESTATE                     Url_CategoryIds = 60
	Url_CATEGORY_IDS_SOCIETY_DAILY_LIVING            Url_CategoryIds = 61
	Url_CATEGORY_IDS_PERSONAL_SITES                  Url_CategoryIds = 63
	Url_CATEGORY_IDS_RESTAURANTS_DINING_FOOD         Url_CategoryIds = 64
	Url_CATEGORY_IDS_SPORTS_RECREATION               Url_CategoryIds = 65
	Url_CATEGORY_IDS_TRAVEL                          Url_CategoryIds = 66
	Url_CATEGORY_IDS_VEHICLES                        Url_CategoryIds = 67
	Url_CATEGORY_IDS_HUMOR_JOKES                     Url_CategoryIds = 68
	Url_CATEGORY_IDS_SOFTWARE_DOWNLOADS              Url_CategoryIds = 71
	Url_CATEGORY_IDS_PEER_TO_PEER_P2P                Url_CategoryIds = 83
	Url_CATEGORY_IDS_AUDIO_VIDEO_CLIPS               Url_CategoryIds = 84
	Url_CATEGORY_IDS_OFFICE_BUSINESS_APPLICATIONS    Url_CategoryIds = 85
	Url_CATEGORY_IDS_PROXY_AVOIDANCE                 Url_CategoryIds = 86
	Url_CATEGORY_IDS_FOR_KIDS                        Url_CategoryIds = 87
	Url_CATEGORY_IDS_WEB_ADS_ANALYTICS               Url_CategoryIds = 88
	Url_CATEGORY_IDS_WEB_HOSTING                     Url_CategoryIds = 89
	Url_CATEGORY_IDS_UNCATEGORIZED                   Url_CategoryIds = 90
	Url_CATEGORY_IDS_SUSPICIOUS                      Url_CategoryIds = 92
	Url_CATEGORY_IDS_SEXUAL_EXPRESSION               Url_CategoryIds = 93
	Url_CATEGORY_IDS_TRANSLATION                     Url_CategoryIds = 95
	Url_CATEGORY_IDS_NON_VIEWABLE_INFRASTRUCTURE     Url_CategoryIds = 96
	Url_CATEGORY_IDS_CONTENT_SERVERS                 Url_CategoryIds = 97
	Url_CATEGORY_IDS_PLACEHOLDERS                    Url_CategoryIds = 98
	Url_CATEGORY_IDS_OTHER                           Url_CategoryIds = 99 // The Domain/URL category is
	// not mapped. See the
	// <code>categories</code>
	// attribute, which contains a
	// data source specific value.
	Url_CATEGORY_IDS_SPAM                          Url_CategoryIds = 101
	Url_CATEGORY_IDS_POTENTIALLY_UNWANTED_SOFTWARE Url_CategoryIds = 102
	Url_CATEGORY_IDS_DYNAMIC_DNS_HOST              Url_CategoryIds = 103
	Url_CATEGORY_IDS_E_CARD_INVITATIONS            Url_CategoryIds = 106
	Url_CATEGORY_IDS_INFORMATIONAL                 Url_CategoryIds = 107
	Url_CATEGORY_IDS_COMPUTER_INFORMATION_SECURITY Url_CategoryIds = 108
	Url_CATEGORY_IDS_INTERNET_CONNECTED_DEVICES    Url_CategoryIds = 109
	Url_CATEGORY_IDS_INTERNET_TELEPHONY            Url_CategoryIds = 110
	Url_CATEGORY_IDS_ONLINE_MEETINGS               Url_CategoryIds = 111
	Url_CATEGORY_IDS_MEDIA_SHARING                 Url_CategoryIds = 112
	Url_CATEGORY_IDS_RADIO_AUDIO_STREAMS           Url_CategoryIds = 113
	Url_CATEGORY_IDS_TV_VIDEO_STREAMS              Url_CategoryIds = 114
	Url_CATEGORY_IDS_PIRACY_COPYRIGHT_CONCERNS     Url_CategoryIds = 118
	Url_CATEGORY_IDS_MARIJUANA                     Url_CategoryIds = 121
)

func (Url_CategoryIds) Descriptor 

func (Url_CategoryIds) Descriptor() protoreflect.EnumDescriptor

func (Url_CategoryIds) Enum 

func (x Url_CategoryIds) Enum() *Url_CategoryIds

func (Url_CategoryIds) EnumDescriptor deprecated 

func (Url_CategoryIds) EnumDescriptor() ([]byte, []int)

Deprecated: Use Url_CategoryIds.Descriptor instead.

func (Url_CategoryIds) Number 

func (x Url_CategoryIds) Number() protoreflect.EnumNumber

func (Url_CategoryIds) String 

func (x Url_CategoryIds) String() string

func (Url_CategoryIds) Type 

func (Url_CategoryIds) Type() protoreflect.EnumType

type User 

type User struct {
	Account       *Account          `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
	CredentialUid *string           `protobuf:"bytes,2,opt,name=credential_uid,json=credentialUid,proto3,oneof" json:"credential_uid,omitempty"`
	Domain        *string           `protobuf:"bytes,3,opt,name=domain,proto3,oneof" json:"domain,omitempty"`
	EmailAddr     *string           `protobuf:"bytes,4,opt,name=email_addr,json=emailAddr,proto3,oneof" json:"email_addr,omitempty"`
	FullName      *string           `protobuf:"bytes,5,opt,name=full_name,json=fullName,proto3,oneof" json:"full_name,omitempty"`
	Groups        []*Group          `protobuf:"bytes,6,rep,name=groups,proto3" json:"groups,omitempty"`
	LdapPerson    *LdapPerson       `protobuf:"bytes,7,opt,name=ldap_person,json=ldapPerson,proto3" json:"ldap_person,omitempty"`
	Name          *string           `protobuf:"bytes,8,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Org           *Organization     `protobuf:"bytes,9,opt,name=org,proto3" json:"org,omitempty"`
	RiskLevel     *string           `protobuf:"bytes,10,opt,name=risk_level,json=riskLevel,proto3,oneof" json:"risk_level,omitempty"`
	RiskLevelId   *User_RiskLevelId `` /* 141-byte string literal not displayed */
	RiskScore     *int32            `protobuf:"varint,12,opt,name=risk_score,json=riskScore,proto3,oneof" json:"risk_score,omitempty"`
	Type          *string           `protobuf:"bytes,13,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId        *User_TypeId      `protobuf:"varint,14,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.User_TypeId,oneof" json:"type_id,omitempty"`
	Uid           *string           `protobuf:"bytes,15,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	UidAlt        *string           `protobuf:"bytes,16,opt,name=uid_alt,json=uidAlt,proto3,oneof" json:"uid_alt,omitempty"`
	// contains filtered or unexported fields
}

User is an OSF object defined in ocsf objects/user.json

The User object describes the characteristics of a user/person or a security principal. Defined by D3FEND <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:UserAccount/'>d3f:UserAccount</a>.

func (*User) Descriptor deprecated 

func (*User) Descriptor() ([]byte, []int)

Deprecated: Use User.ProtoReflect.Descriptor instead.

func (*User) GetAccount 

func (x *User) GetAccount() *Account

func (*User) GetCredentialUid 

func (x *User) GetCredentialUid() string

func (*User) GetDomain 

func (x *User) GetDomain() string

func (*User) GetEmailAddr 

func (x *User) GetEmailAddr() string

func (*User) GetFullName 

func (x *User) GetFullName() string

func (*User) GetGroups 

func (x *User) GetGroups() []*Group

func (*User) GetLdapPerson 

func (x *User) GetLdapPerson() *LdapPerson

func (*User) GetName 

func (x *User) GetName() string

func (*User) GetOrg 

func (x *User) GetOrg() *Organization

func (*User) GetRiskLevel 

func (x *User) GetRiskLevel() string

func (*User) GetRiskLevelId 

func (x *User) GetRiskLevelId() User_RiskLevelId

func (*User) GetRiskScore 

func (x *User) GetRiskScore() int32

func (*User) GetType 

func (x *User) GetType() string

func (*User) GetTypeId 

func (x *User) GetTypeId() User_TypeId

func (*User) GetUid 

func (x *User) GetUid() string

func (*User) GetUidAlt 

func (x *User) GetUidAlt() string

func (*User) ProtoMessage 

func (*User) ProtoMessage()

func (*User) ProtoReflect 

func (x *User) ProtoReflect() protoreflect.Message

func (*User) Reset 

func (x *User) Reset()

func (*User) String 

func (x *User) String() string

type UserAccess 

type UserAccess struct {
	ActivityId     UserAccess_ActivityId  `` /* 134-byte string literal not displayed */
	ActivityName   *string                `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                 `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                   `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    UserAccess_CategoryUid `` /* 138-byte string literal not displayed */
	ClassName      *string                `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       UserAccess_ClassUid    `` /* 126-byte string literal not displayed */
	Cloud          *Cloud                 `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                 `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                 `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                 `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment          `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	HttpRequest    *HttpRequest           `protobuf:"bytes,16,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	Message        *string                `protobuf:"bytes,17,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata              `protobuf:"bytes,18,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable          `protobuf:"bytes,19,rep,name=observables,proto3" json:"observables,omitempty"`
	Privileges     []string               `protobuf:"bytes,20,rep,name=privileges,proto3" json:"privileges,omitempty"`
	RawData        *string                `protobuf:"bytes,21,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Resource       *ResourceDetails       `protobuf:"bytes,22,opt,name=resource,proto3" json:"resource,omitempty"`
	Severity       *string                `protobuf:"bytes,23,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     UserAccess_SeverityId  `` /* 135-byte string literal not displayed */
	SrcEndpoint    *NetworkEndpoint       `protobuf:"bytes,25,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime      *int64                 `protobuf:"varint,26,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp `protobuf:"bytes,27,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                `protobuf:"bytes,28,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                `protobuf:"bytes,29,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                `protobuf:"bytes,30,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *UserAccess_StatusId   `` /* 133-byte string literal not displayed */
	Time           int64                  `protobuf:"varint,32,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp `protobuf:"bytes,33,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                 `protobuf:"varint,34,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                `protobuf:"bytes,35,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                  `protobuf:"varint,36,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct       `protobuf:"bytes,37,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	User           *User                  `protobuf:"bytes,38,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

UserAccess is an OSF event in category "Identity & Access Management" called User Access Management defined in ocsf events/iam/user_access.json

User Access Management events report management updates to a user's privileges.

func (*UserAccess) Descriptor deprecated 

func (*UserAccess) Descriptor() ([]byte, []int)

Deprecated: Use UserAccess.ProtoReflect.Descriptor instead.

func (*UserAccess) GetActivityId 

func (x *UserAccess) GetActivityId() UserAccess_ActivityId

func (*UserAccess) GetActivityName 

func (x *UserAccess) GetActivityName() string

func (*UserAccess) GetActor 

func (x *UserAccess) GetActor() *Actor

func (*UserAccess) GetApi 

func (x *UserAccess) GetApi() *Api

func (*UserAccess) GetCategoryName 

func (x *UserAccess) GetCategoryName() string

func (*UserAccess) GetCategoryUid 

func (x *UserAccess) GetCategoryUid() UserAccess_CategoryUid

func (*UserAccess) GetClassName 

func (x *UserAccess) GetClassName() string

func (*UserAccess) GetClassUid 

func (x *UserAccess) GetClassUid() UserAccess_ClassUid

func (*UserAccess) GetCloud 

func (x *UserAccess) GetCloud() *Cloud

func (*UserAccess) GetCount 

func (x *UserAccess) GetCount() int32

func (*UserAccess) GetDevice 

func (x *UserAccess) GetDevice() *Device

func (*UserAccess) GetDuration 

func (x *UserAccess) GetDuration() int32

func (*UserAccess) GetEndTime 

func (x *UserAccess) GetEndTime() int64

func (*UserAccess) GetEndTimeDt 

func (x *UserAccess) GetEndTimeDt() *timestamppb.Timestamp

func (*UserAccess) GetEnrichments 

func (x *UserAccess) GetEnrichments() []*Enrichment

func (*UserAccess) GetHttpRequest 

func (x *UserAccess) GetHttpRequest() *HttpRequest

func (*UserAccess) GetMessage 

func (x *UserAccess) GetMessage() string

func (*UserAccess) GetMetadata 

func (x *UserAccess) GetMetadata() *Metadata

func (*UserAccess) GetObservables 

func (x *UserAccess) GetObservables() []*Observable

func (*UserAccess) GetPrivileges 

func (x *UserAccess) GetPrivileges() []string

func (*UserAccess) GetRawData 

func (x *UserAccess) GetRawData() string

func (*UserAccess) GetResource 

func (x *UserAccess) GetResource() *ResourceDetails

func (*UserAccess) GetSeverity 

func (x *UserAccess) GetSeverity() string

func (*UserAccess) GetSeverityId 

func (x *UserAccess) GetSeverityId() UserAccess_SeverityId

func (*UserAccess) GetSrcEndpoint 

func (x *UserAccess) GetSrcEndpoint() *NetworkEndpoint

func (*UserAccess) GetStartTime 

func (x *UserAccess) GetStartTime() int64

func (*UserAccess) GetStartTimeDt 

func (x *UserAccess) GetStartTimeDt() *timestamppb.Timestamp

func (*UserAccess) GetStatus 

func (x *UserAccess) GetStatus() string

func (*UserAccess) GetStatusCode 

func (x *UserAccess) GetStatusCode() string

func (*UserAccess) GetStatusDetail 

func (x *UserAccess) GetStatusDetail() string

func (*UserAccess) GetStatusId 

func (x *UserAccess) GetStatusId() UserAccess_StatusId

func (*UserAccess) GetTime 

func (x *UserAccess) GetTime() int64

func (*UserAccess) GetTimeDt 

func (x *UserAccess) GetTimeDt() *timestamppb.Timestamp

func (*UserAccess) GetTimezoneOffset 

func (x *UserAccess) GetTimezoneOffset() int32

func (*UserAccess) GetTypeName 

func (x *UserAccess) GetTypeName() string

func (*UserAccess) GetTypeUid 

func (x *UserAccess) GetTypeUid() int64

func (*UserAccess) GetUnmapped 

func (x *UserAccess) GetUnmapped() *structpb.Struct

func (*UserAccess) GetUser 

func (x *UserAccess) GetUser() *User

func (*UserAccess) ProtoMessage 

func (*UserAccess) ProtoMessage()

func (*UserAccess) ProtoReflect 

func (x *UserAccess) ProtoReflect() protoreflect.Message

func (*UserAccess) Reset 

func (x *UserAccess) Reset()

func (*UserAccess) String 

func (x *UserAccess) String() string

type UserAccess_ActivityId 

type UserAccess_ActivityId int32
const (
	UserAccess_ACTIVITY_ID_UNKNOWN           UserAccess_ActivityId = 0
	UserAccess_ACTIVITY_ID_ASSIGN_PRIVILEGES UserAccess_ActivityId = 1 // Assign privileges to a user.
	UserAccess_ACTIVITY_ID_REVOKE_PRIVILEGES UserAccess_ActivityId = 2 // Revoke privileges from a user.
	UserAccess_ACTIVITY_ID_OTHER             UserAccess_ActivityId = 99
)

func (UserAccess_ActivityId) Descriptor 

func (UserAccess_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (UserAccess_ActivityId) Enum 

func (x UserAccess_ActivityId) Enum() *UserAccess_ActivityId

func (UserAccess_ActivityId) EnumDescriptor deprecated 

func (UserAccess_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserAccess_ActivityId.Descriptor instead.

func (UserAccess_ActivityId) Number 

func (x UserAccess_ActivityId) Number() protoreflect.EnumNumber

func (UserAccess_ActivityId) String 

func (x UserAccess_ActivityId) String() string

func (UserAccess_ActivityId) Type 

func (UserAccess_ActivityId) Type() protoreflect.EnumType

type UserAccess_CategoryUid 

type UserAccess_CategoryUid int32
const (
	UserAccess_CATEGORY_UID_UNKNOWN                    UserAccess_CategoryUid = 0
	UserAccess_CATEGORY_UID_IDENTITY_ACCESS_MANAGEMENT UserAccess_CategoryUid = 3
)

func (UserAccess_CategoryUid) Descriptor 

func (UserAccess_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (UserAccess_CategoryUid) Enum 

func (x UserAccess_CategoryUid) Enum() *UserAccess_CategoryUid

func (UserAccess_CategoryUid) EnumDescriptor deprecated 

func (UserAccess_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserAccess_CategoryUid.Descriptor instead.

func (UserAccess_CategoryUid) Number 

func (x UserAccess_CategoryUid) Number() protoreflect.EnumNumber

func (UserAccess_CategoryUid) String 

func (x UserAccess_CategoryUid) String() string

func (UserAccess_CategoryUid) Type 

func (UserAccess_CategoryUid) Type() protoreflect.EnumType

type UserAccess_ClassUid 

type UserAccess_ClassUid int32
const (
	UserAccess_CLASS_UID_UNKNOWN                UserAccess_ClassUid = 0
	UserAccess_CLASS_UID_USER_ACCESS_MANAGEMENT UserAccess_ClassUid = 3005
)

func (UserAccess_ClassUid) Descriptor 

func (UserAccess_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (UserAccess_ClassUid) Enum 

func (x UserAccess_ClassUid) Enum() *UserAccess_ClassUid

func (UserAccess_ClassUid) EnumDescriptor deprecated 

func (UserAccess_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserAccess_ClassUid.Descriptor instead.

func (UserAccess_ClassUid) Number 

func (x UserAccess_ClassUid) Number() protoreflect.EnumNumber

func (UserAccess_ClassUid) String 

func (x UserAccess_ClassUid) String() string

func (UserAccess_ClassUid) Type 

func (UserAccess_ClassUid) Type() protoreflect.EnumType

type UserAccess_SeverityId 

type UserAccess_SeverityId int32
const (
	UserAccess_SEVERITY_ID_UNKNOWN       UserAccess_SeverityId = 0 // The event/finding severity is unknown.
	UserAccess_SEVERITY_ID_INFORMATIONAL UserAccess_SeverityId = 1 // Informational message. No action required.
	UserAccess_SEVERITY_ID_LOW           UserAccess_SeverityId = 2 // The user decides if action is needed.
	UserAccess_SEVERITY_ID_MEDIUM        UserAccess_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	UserAccess_SEVERITY_ID_HIGH     UserAccess_SeverityId = 4 // Action is required immediately.
	UserAccess_SEVERITY_ID_CRITICAL UserAccess_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	UserAccess_SEVERITY_ID_FATAL UserAccess_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	UserAccess_SEVERITY_ID_OTHER UserAccess_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (UserAccess_SeverityId) Descriptor 

func (UserAccess_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (UserAccess_SeverityId) Enum 

func (x UserAccess_SeverityId) Enum() *UserAccess_SeverityId

func (UserAccess_SeverityId) EnumDescriptor deprecated 

func (UserAccess_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserAccess_SeverityId.Descriptor instead.

func (UserAccess_SeverityId) Number 

func (x UserAccess_SeverityId) Number() protoreflect.EnumNumber

func (UserAccess_SeverityId) String 

func (x UserAccess_SeverityId) String() string

func (UserAccess_SeverityId) Type 

func (UserAccess_SeverityId) Type() protoreflect.EnumType

type UserAccess_StatusId 

type UserAccess_StatusId int32
const (
	UserAccess_STATUS_ID_UNKNOWN UserAccess_StatusId = 0 // The status is unknown.
	UserAccess_STATUS_ID_SUCCESS UserAccess_StatusId = 1
	UserAccess_STATUS_ID_FAILURE UserAccess_StatusId = 2
	UserAccess_STATUS_ID_OTHER   UserAccess_StatusId = 99 // The event status is not mapped. See the
)

func (UserAccess_StatusId) Descriptor 

func (UserAccess_StatusId) Descriptor() protoreflect.EnumDescriptor

func (UserAccess_StatusId) Enum 

func (x UserAccess_StatusId) Enum() *UserAccess_StatusId

func (UserAccess_StatusId) EnumDescriptor deprecated 

func (UserAccess_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserAccess_StatusId.Descriptor instead.

func (UserAccess_StatusId) Number 

func (x UserAccess_StatusId) Number() protoreflect.EnumNumber

func (UserAccess_StatusId) String 

func (x UserAccess_StatusId) String() string

func (UserAccess_StatusId) Type 

func (UserAccess_StatusId) Type() protoreflect.EnumType

type UserInventory 

type UserInventory struct {
	ActivityId     UserInventory_ActivityId  `` /* 137-byte string literal not displayed */
	ActivityName   *string                   `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                    `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                      `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                   `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    UserInventory_CategoryUid `` /* 141-byte string literal not displayed */
	ClassName      *string                   `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       UserInventory_ClassUid    `` /* 129-byte string literal not displayed */
	Cloud          *Cloud                    `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                    `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Duration       *int32                    `protobuf:"varint,11,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                    `protobuf:"varint,12,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp    `protobuf:"bytes,13,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment             `protobuf:"bytes,14,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                   `protobuf:"bytes,15,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata                 `protobuf:"bytes,16,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable             `protobuf:"bytes,17,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData        *string                   `protobuf:"bytes,18,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                   `protobuf:"bytes,19,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     UserInventory_SeverityId  `` /* 138-byte string literal not displayed */
	StartTime      *int64                    `protobuf:"varint,21,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp    `protobuf:"bytes,22,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                   `protobuf:"bytes,23,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                   `protobuf:"bytes,24,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                   `protobuf:"bytes,25,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *UserInventory_StatusId   `` /* 136-byte string literal not displayed */
	Time           int64                     `protobuf:"varint,27,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp    `protobuf:"bytes,28,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                    `protobuf:"varint,29,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                   `protobuf:"bytes,30,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                     `protobuf:"varint,31,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct          `protobuf:"bytes,32,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	User           *User                     `protobuf:"bytes,33,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

UserInventory is an OSF event in category "Discovery" called User Inventory Info defined in ocsf events/discovery/user_inventory.json

User Inventory Info events report user inventory data that is either logged or proactively collected. For example, when collecting user information from Active Directory entries.

func (*UserInventory) Descriptor deprecated 

func (*UserInventory) Descriptor() ([]byte, []int)

Deprecated: Use UserInventory.ProtoReflect.Descriptor instead.

func (*UserInventory) GetActivityId 

func (x *UserInventory) GetActivityId() UserInventory_ActivityId

func (*UserInventory) GetActivityName 

func (x *UserInventory) GetActivityName() string

func (*UserInventory) GetActor 

func (x *UserInventory) GetActor() *Actor

func (*UserInventory) GetApi 

func (x *UserInventory) GetApi() *Api

func (*UserInventory) GetCategoryName 

func (x *UserInventory) GetCategoryName() string

func (*UserInventory) GetCategoryUid 

func (x *UserInventory) GetCategoryUid() UserInventory_CategoryUid

func (*UserInventory) GetClassName 

func (x *UserInventory) GetClassName() string

func (*UserInventory) GetClassUid 

func (x *UserInventory) GetClassUid() UserInventory_ClassUid

func (*UserInventory) GetCloud 

func (x *UserInventory) GetCloud() *Cloud

func (*UserInventory) GetCount 

func (x *UserInventory) GetCount() int32

func (*UserInventory) GetDuration 

func (x *UserInventory) GetDuration() int32

func (*UserInventory) GetEndTime 

func (x *UserInventory) GetEndTime() int64

func (*UserInventory) GetEndTimeDt 

func (x *UserInventory) GetEndTimeDt() *timestamppb.Timestamp

func (*UserInventory) GetEnrichments 

func (x *UserInventory) GetEnrichments() []*Enrichment

func (*UserInventory) GetMessage 

func (x *UserInventory) GetMessage() string

func (*UserInventory) GetMetadata 

func (x *UserInventory) GetMetadata() *Metadata

func (*UserInventory) GetObservables 

func (x *UserInventory) GetObservables() []*Observable

func (*UserInventory) GetRawData 

func (x *UserInventory) GetRawData() string

func (*UserInventory) GetSeverity 

func (x *UserInventory) GetSeverity() string

func (*UserInventory) GetSeverityId 

func (x *UserInventory) GetSeverityId() UserInventory_SeverityId

func (*UserInventory) GetStartTime 

func (x *UserInventory) GetStartTime() int64

func (*UserInventory) GetStartTimeDt 

func (x *UserInventory) GetStartTimeDt() *timestamppb.Timestamp

func (*UserInventory) GetStatus 

func (x *UserInventory) GetStatus() string

func (*UserInventory) GetStatusCode 

func (x *UserInventory) GetStatusCode() string

func (*UserInventory) GetStatusDetail 

func (x *UserInventory) GetStatusDetail() string

func (*UserInventory) GetStatusId 

func (x *UserInventory) GetStatusId() UserInventory_StatusId

func (*UserInventory) GetTime 

func (x *UserInventory) GetTime() int64

func (*UserInventory) GetTimeDt 

func (x *UserInventory) GetTimeDt() *timestamppb.Timestamp

func (*UserInventory) GetTimezoneOffset 

func (x *UserInventory) GetTimezoneOffset() int32

func (*UserInventory) GetTypeName 

func (x *UserInventory) GetTypeName() string

func (*UserInventory) GetTypeUid 

func (x *UserInventory) GetTypeUid() int64

func (*UserInventory) GetUnmapped 

func (x *UserInventory) GetUnmapped() *structpb.Struct

func (*UserInventory) GetUser 

func (x *UserInventory) GetUser() *User

func (*UserInventory) ProtoMessage 

func (*UserInventory) ProtoMessage()

func (*UserInventory) ProtoReflect 

func (x *UserInventory) ProtoReflect() protoreflect.Message

func (*UserInventory) Reset 

func (x *UserInventory) Reset()

func (*UserInventory) String 

func (x *UserInventory) String() string

type UserInventory_ActivityId 

type UserInventory_ActivityId int32
const (
	UserInventory_ACTIVITY_ID_UNKNOWN UserInventory_ActivityId = 0
	UserInventory_ACTIVITY_ID_LOG     UserInventory_ActivityId = 1 // The discovered information is via a log.
	UserInventory_ACTIVITY_ID_COLLECT UserInventory_ActivityId = 2 // The discovered information is via a collection
	// process.
	UserInventory_ACTIVITY_ID_OTHER UserInventory_ActivityId = 99
)

func (UserInventory_ActivityId) Descriptor 

func (UserInventory_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (UserInventory_ActivityId) Enum 

func (x UserInventory_ActivityId) Enum() *UserInventory_ActivityId

func (UserInventory_ActivityId) EnumDescriptor deprecated 

func (UserInventory_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserInventory_ActivityId.Descriptor instead.

func (UserInventory_ActivityId) Number 

func (x UserInventory_ActivityId) Number() protoreflect.EnumNumber

func (UserInventory_ActivityId) String 

func (x UserInventory_ActivityId) String() string

func (UserInventory_ActivityId) Type 

func (UserInventory_ActivityId) Type() protoreflect.EnumType

type UserInventory_CategoryUid 

type UserInventory_CategoryUid int32
const (
	UserInventory_CATEGORY_UID_UNKNOWN   UserInventory_CategoryUid = 0
	UserInventory_CATEGORY_UID_DISCOVERY UserInventory_CategoryUid = 5
)

func (UserInventory_CategoryUid) Descriptor 

func (UserInventory_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (UserInventory_CategoryUid) Enum 

func (x UserInventory_CategoryUid) Enum() *UserInventory_CategoryUid

func (UserInventory_CategoryUid) EnumDescriptor deprecated 

func (UserInventory_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserInventory_CategoryUid.Descriptor instead.

func (UserInventory_CategoryUid) Number 

func (x UserInventory_CategoryUid) Number() protoreflect.EnumNumber

func (UserInventory_CategoryUid) String 

func (x UserInventory_CategoryUid) String() string

func (UserInventory_CategoryUid) Type 

func (UserInventory_CategoryUid) Type() protoreflect.EnumType

type UserInventory_ClassUid 

type UserInventory_ClassUid int32
const (
	UserInventory_CLASS_UID_UNKNOWN             UserInventory_ClassUid = 0
	UserInventory_CLASS_UID_USER_INVENTORY_INFO UserInventory_ClassUid = 5003
)

func (UserInventory_ClassUid) Descriptor 

func (UserInventory_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (UserInventory_ClassUid) Enum 

func (x UserInventory_ClassUid) Enum() *UserInventory_ClassUid

func (UserInventory_ClassUid) EnumDescriptor deprecated 

func (UserInventory_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserInventory_ClassUid.Descriptor instead.

func (UserInventory_ClassUid) Number 

func (x UserInventory_ClassUid) Number() protoreflect.EnumNumber

func (UserInventory_ClassUid) String 

func (x UserInventory_ClassUid) String() string

func (UserInventory_ClassUid) Type 

func (UserInventory_ClassUid) Type() protoreflect.EnumType

type UserInventory_SeverityId 

type UserInventory_SeverityId int32
const (
	UserInventory_SEVERITY_ID_UNKNOWN       UserInventory_SeverityId = 0 // The event/finding severity is unknown.
	UserInventory_SEVERITY_ID_INFORMATIONAL UserInventory_SeverityId = 1 // Informational message. No action required.
	UserInventory_SEVERITY_ID_LOW           UserInventory_SeverityId = 2 // The user decides if action is needed.
	UserInventory_SEVERITY_ID_MEDIUM        UserInventory_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	UserInventory_SEVERITY_ID_HIGH     UserInventory_SeverityId = 4 // Action is required immediately.
	UserInventory_SEVERITY_ID_CRITICAL UserInventory_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	UserInventory_SEVERITY_ID_FATAL UserInventory_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	UserInventory_SEVERITY_ID_OTHER UserInventory_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (UserInventory_SeverityId) Descriptor 

func (UserInventory_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (UserInventory_SeverityId) Enum 

func (x UserInventory_SeverityId) Enum() *UserInventory_SeverityId

func (UserInventory_SeverityId) EnumDescriptor deprecated 

func (UserInventory_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserInventory_SeverityId.Descriptor instead.

func (UserInventory_SeverityId) Number 

func (x UserInventory_SeverityId) Number() protoreflect.EnumNumber

func (UserInventory_SeverityId) String 

func (x UserInventory_SeverityId) String() string

func (UserInventory_SeverityId) Type 

func (UserInventory_SeverityId) Type() protoreflect.EnumType

type UserInventory_StatusId 

type UserInventory_StatusId int32
const (
	UserInventory_STATUS_ID_UNKNOWN UserInventory_StatusId = 0 // The status is unknown.
	UserInventory_STATUS_ID_SUCCESS UserInventory_StatusId = 1
	UserInventory_STATUS_ID_FAILURE UserInventory_StatusId = 2
	UserInventory_STATUS_ID_OTHER   UserInventory_StatusId = 99 // The event status is not mapped. See the
)

func (UserInventory_StatusId) Descriptor 

func (UserInventory_StatusId) Descriptor() protoreflect.EnumDescriptor

func (UserInventory_StatusId) Enum 

func (x UserInventory_StatusId) Enum() *UserInventory_StatusId

func (UserInventory_StatusId) EnumDescriptor deprecated 

func (UserInventory_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserInventory_StatusId.Descriptor instead.

func (UserInventory_StatusId) Number 

func (x UserInventory_StatusId) Number() protoreflect.EnumNumber

func (UserInventory_StatusId) String 

func (x UserInventory_StatusId) String() string

func (UserInventory_StatusId) Type 

func (UserInventory_StatusId) Type() protoreflect.EnumType

type UserQuery 

type UserQuery struct {
	ActivityId     UserQuery_ActivityId    `` /* 133-byte string literal not displayed */
	ActivityName   *string                 `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor          *Actor                  `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api            *Api                    `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName   *string                 `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid    UserQuery_CategoryUid   `` /* 137-byte string literal not displayed */
	ClassName      *string                 `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid       UserQuery_ClassUid      `protobuf:"varint,8,opt,name=class_uid,json=classUid,proto3,enum=ocsf_schema.v1.UserQuery_ClassUid" json:"class_uid,omitempty"`
	Cloud          *Cloud                  `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count          *int32                  `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device         *Device                 `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration       *int32                  `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime        *int64                  `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt      *timestamppb.Timestamp  `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments    []*Enrichment           `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	Message        *string                 `protobuf:"bytes,16,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata       *Metadata               `protobuf:"bytes,17,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables    []*Observable           `protobuf:"bytes,18,rep,name=observables,proto3" json:"observables,omitempty"`
	QueryInfo      *QueryInfo              `protobuf:"bytes,19,opt,name=query_info,json=queryInfo,proto3" json:"query_info,omitempty"`
	QueryResult    *string                 `protobuf:"bytes,20,opt,name=query_result,json=queryResult,proto3,oneof" json:"query_result,omitempty"`
	QueryResultId  UserQuery_QueryResultId `` /* 148-byte string literal not displayed */
	RawData        *string                 `protobuf:"bytes,22,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity       *string                 `protobuf:"bytes,23,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId     UserQuery_SeverityId    `` /* 134-byte string literal not displayed */
	StartTime      *int64                  `protobuf:"varint,25,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt    *timestamppb.Timestamp  `protobuf:"bytes,26,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status         *string                 `protobuf:"bytes,27,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode     *string                 `protobuf:"bytes,28,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail   *string                 `protobuf:"bytes,29,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId       *UserQuery_StatusId     `` /* 132-byte string literal not displayed */
	Time           int64                   `protobuf:"varint,31,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt         *timestamppb.Timestamp  `protobuf:"bytes,32,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset *int32                  `protobuf:"varint,33,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName       *string                 `protobuf:"bytes,34,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid        int64                   `protobuf:"varint,35,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped       *structpb.Struct        `protobuf:"bytes,36,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	User           *User                   `protobuf:"bytes,37,opt,name=user,proto3" json:"user,omitempty"`
	// contains filtered or unexported fields
}

UserQuery is an OSF event in category "Discovery" called User Query defined in ocsf events/discovery/user_query.json

User Query events report user data that have been discovered, queried, polled or searched. This event differs from User Inventory as it describes the result of a targeted search by filtering a subset of user attributes.

func (*UserQuery) Descriptor deprecated 

func (*UserQuery) Descriptor() ([]byte, []int)

Deprecated: Use UserQuery.ProtoReflect.Descriptor instead.

func (*UserQuery) GetActivityId 

func (x *UserQuery) GetActivityId() UserQuery_ActivityId

func (*UserQuery) GetActivityName 

func (x *UserQuery) GetActivityName() string

func (*UserQuery) GetActor 

func (x *UserQuery) GetActor() *Actor

func (*UserQuery) GetApi 

func (x *UserQuery) GetApi() *Api

func (*UserQuery) GetCategoryName 

func (x *UserQuery) GetCategoryName() string

func (*UserQuery) GetCategoryUid 

func (x *UserQuery) GetCategoryUid() UserQuery_CategoryUid

func (*UserQuery) GetClassName 

func (x *UserQuery) GetClassName() string

func (*UserQuery) GetClassUid 

func (x *UserQuery) GetClassUid() UserQuery_ClassUid

func (*UserQuery) GetCloud 

func (x *UserQuery) GetCloud() *Cloud

func (*UserQuery) GetCount 

func (x *UserQuery) GetCount() int32

func (*UserQuery) GetDevice 

func (x *UserQuery) GetDevice() *Device

func (*UserQuery) GetDuration 

func (x *UserQuery) GetDuration() int32

func (*UserQuery) GetEndTime 

func (x *UserQuery) GetEndTime() int64

func (*UserQuery) GetEndTimeDt 

func (x *UserQuery) GetEndTimeDt() *timestamppb.Timestamp

func (*UserQuery) GetEnrichments 

func (x *UserQuery) GetEnrichments() []*Enrichment

func (*UserQuery) GetMessage 

func (x *UserQuery) GetMessage() string

func (*UserQuery) GetMetadata 

func (x *UserQuery) GetMetadata() *Metadata

func (*UserQuery) GetObservables 

func (x *UserQuery) GetObservables() []*Observable

func (*UserQuery) GetQueryInfo 

func (x *UserQuery) GetQueryInfo() *QueryInfo

func (*UserQuery) GetQueryResult 

func (x *UserQuery) GetQueryResult() string

func (*UserQuery) GetQueryResultId 

func (x *UserQuery) GetQueryResultId() UserQuery_QueryResultId

func (*UserQuery) GetRawData 

func (x *UserQuery) GetRawData() string

func (*UserQuery) GetSeverity 

func (x *UserQuery) GetSeverity() string

func (*UserQuery) GetSeverityId 

func (x *UserQuery) GetSeverityId() UserQuery_SeverityId

func (*UserQuery) GetStartTime 

func (x *UserQuery) GetStartTime() int64

func (*UserQuery) GetStartTimeDt 

func (x *UserQuery) GetStartTimeDt() *timestamppb.Timestamp

func (*UserQuery) GetStatus 

func (x *UserQuery) GetStatus() string

func (*UserQuery) GetStatusCode 

func (x *UserQuery) GetStatusCode() string

func (*UserQuery) GetStatusDetail 

func (x *UserQuery) GetStatusDetail() string

func (*UserQuery) GetStatusId 

func (x *UserQuery) GetStatusId() UserQuery_StatusId

func (*UserQuery) GetTime 

func (x *UserQuery) GetTime() int64

func (*UserQuery) GetTimeDt 

func (x *UserQuery) GetTimeDt() *timestamppb.Timestamp

func (*UserQuery) GetTimezoneOffset 

func (x *UserQuery) GetTimezoneOffset() int32

func (*UserQuery) GetTypeName 

func (x *UserQuery) GetTypeName() string

func (*UserQuery) GetTypeUid 

func (x *UserQuery) GetTypeUid() int64

func (*UserQuery) GetUnmapped 

func (x *UserQuery) GetUnmapped() *structpb.Struct

func (*UserQuery) GetUser 

func (x *UserQuery) GetUser() *User

func (*UserQuery) ProtoMessage 

func (*UserQuery) ProtoMessage()

func (*UserQuery) ProtoReflect 

func (x *UserQuery) ProtoReflect() protoreflect.Message

func (*UserQuery) Reset 

func (x *UserQuery) Reset()

func (*UserQuery) String 

func (x *UserQuery) String() string

type UserQuery_ActivityId 

type UserQuery_ActivityId int32
const (
	UserQuery_ACTIVITY_ID_UNKNOWN UserQuery_ActivityId = 0
	UserQuery_ACTIVITY_ID_QUERY   UserQuery_ActivityId = 1 // The discovered results are via a query request.
	UserQuery_ACTIVITY_ID_OTHER   UserQuery_ActivityId = 99
)

func (UserQuery_ActivityId) Descriptor 

func (UserQuery_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (UserQuery_ActivityId) Enum 

func (x UserQuery_ActivityId) Enum() *UserQuery_ActivityId

func (UserQuery_ActivityId) EnumDescriptor deprecated 

func (UserQuery_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserQuery_ActivityId.Descriptor instead.

func (UserQuery_ActivityId) Number 

func (x UserQuery_ActivityId) Number() protoreflect.EnumNumber

func (UserQuery_ActivityId) String 

func (x UserQuery_ActivityId) String() string

func (UserQuery_ActivityId) Type 

func (UserQuery_ActivityId) Type() protoreflect.EnumType

type UserQuery_CategoryUid 

type UserQuery_CategoryUid int32
const (
	UserQuery_CATEGORY_UID_UNKNOWN   UserQuery_CategoryUid = 0
	UserQuery_CATEGORY_UID_DISCOVERY UserQuery_CategoryUid = 5
)

func (UserQuery_CategoryUid) Descriptor 

func (UserQuery_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (UserQuery_CategoryUid) Enum 

func (x UserQuery_CategoryUid) Enum() *UserQuery_CategoryUid

func (UserQuery_CategoryUid) EnumDescriptor deprecated 

func (UserQuery_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserQuery_CategoryUid.Descriptor instead.

func (UserQuery_CategoryUid) Number 

func (x UserQuery_CategoryUid) Number() protoreflect.EnumNumber

func (UserQuery_CategoryUid) String 

func (x UserQuery_CategoryUid) String() string

func (UserQuery_CategoryUid) Type 

func (UserQuery_CategoryUid) Type() protoreflect.EnumType

type UserQuery_ClassUid 

type UserQuery_ClassUid int32
const (
	UserQuery_CLASS_UID_UNKNOWN    UserQuery_ClassUid = 0
	UserQuery_CLASS_UID_USER_QUERY UserQuery_ClassUid = 5018
)

func (UserQuery_ClassUid) Descriptor 

func (UserQuery_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (UserQuery_ClassUid) Enum 

func (x UserQuery_ClassUid) Enum() *UserQuery_ClassUid

func (UserQuery_ClassUid) EnumDescriptor deprecated 

func (UserQuery_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserQuery_ClassUid.Descriptor instead.

func (UserQuery_ClassUid) Number 

func (x UserQuery_ClassUid) Number() protoreflect.EnumNumber

func (UserQuery_ClassUid) String 

func (x UserQuery_ClassUid) String() string

func (UserQuery_ClassUid) Type 

func (UserQuery_ClassUid) Type() protoreflect.EnumType

type UserQuery_QueryResultId 

type UserQuery_QueryResultId int32
const (
	UserQuery_QUERY_RESULT_ID_UNKNOWN        UserQuery_QueryResultId = 0  // The query result is unknown.
	UserQuery_QUERY_RESULT_ID_EXISTS         UserQuery_QueryResultId = 1  // The target was found.
	UserQuery_QUERY_RESULT_ID_PARTIAL        UserQuery_QueryResultId = 2  // The target was partially found.
	UserQuery_QUERY_RESULT_ID_DOES_NOT_EXIST UserQuery_QueryResultId = 3  // The target was not found.
	UserQuery_QUERY_RESULT_ID_ERROR          UserQuery_QueryResultId = 4  // The discovery attempt failed.
	UserQuery_QUERY_RESULT_ID_UNSUPPORTED    UserQuery_QueryResultId = 5  // Discovery of the target was not supported.
	UserQuery_QUERY_RESULT_ID_OTHER          UserQuery_QueryResultId = 99 // The query result is not mapped. See the
)

func (UserQuery_QueryResultId) Descriptor 

func (UserQuery_QueryResultId) Descriptor() protoreflect.EnumDescriptor

func (UserQuery_QueryResultId) Enum 

func (x UserQuery_QueryResultId) Enum() *UserQuery_QueryResultId

func (UserQuery_QueryResultId) EnumDescriptor deprecated 

func (UserQuery_QueryResultId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserQuery_QueryResultId.Descriptor instead.

func (UserQuery_QueryResultId) Number 

func (x UserQuery_QueryResultId) Number() protoreflect.EnumNumber

func (UserQuery_QueryResultId) String 

func (x UserQuery_QueryResultId) String() string

func (UserQuery_QueryResultId) Type 

func (UserQuery_QueryResultId) Type() protoreflect.EnumType

type UserQuery_SeverityId 

type UserQuery_SeverityId int32
const (
	UserQuery_SEVERITY_ID_UNKNOWN       UserQuery_SeverityId = 0 // The event/finding severity is unknown.
	UserQuery_SEVERITY_ID_INFORMATIONAL UserQuery_SeverityId = 1 // Informational message. No action required.
	UserQuery_SEVERITY_ID_LOW           UserQuery_SeverityId = 2 // The user decides if action is needed.
	UserQuery_SEVERITY_ID_MEDIUM        UserQuery_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	UserQuery_SEVERITY_ID_HIGH     UserQuery_SeverityId = 4 // Action is required immediately.
	UserQuery_SEVERITY_ID_CRITICAL UserQuery_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	UserQuery_SEVERITY_ID_FATAL UserQuery_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	UserQuery_SEVERITY_ID_OTHER UserQuery_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (UserQuery_SeverityId) Descriptor 

func (UserQuery_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (UserQuery_SeverityId) Enum 

func (x UserQuery_SeverityId) Enum() *UserQuery_SeverityId

func (UserQuery_SeverityId) EnumDescriptor deprecated 

func (UserQuery_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserQuery_SeverityId.Descriptor instead.

func (UserQuery_SeverityId) Number 

func (x UserQuery_SeverityId) Number() protoreflect.EnumNumber

func (UserQuery_SeverityId) String 

func (x UserQuery_SeverityId) String() string

func (UserQuery_SeverityId) Type 

func (UserQuery_SeverityId) Type() protoreflect.EnumType

type UserQuery_StatusId 

type UserQuery_StatusId int32
const (
	UserQuery_STATUS_ID_UNKNOWN UserQuery_StatusId = 0 // The status is unknown.
	UserQuery_STATUS_ID_SUCCESS UserQuery_StatusId = 1
	UserQuery_STATUS_ID_FAILURE UserQuery_StatusId = 2
	UserQuery_STATUS_ID_OTHER   UserQuery_StatusId = 99 // The event status is not mapped. See the
)

func (UserQuery_StatusId) Descriptor 

func (UserQuery_StatusId) Descriptor() protoreflect.EnumDescriptor

func (UserQuery_StatusId) Enum 

func (x UserQuery_StatusId) Enum() *UserQuery_StatusId

func (UserQuery_StatusId) EnumDescriptor deprecated 

func (UserQuery_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserQuery_StatusId.Descriptor instead.

func (UserQuery_StatusId) Number 

func (x UserQuery_StatusId) Number() protoreflect.EnumNumber

func (UserQuery_StatusId) String 

func (x UserQuery_StatusId) String() string

func (UserQuery_StatusId) Type 

func (UserQuery_StatusId) Type() protoreflect.EnumType

type User_RiskLevelId 

type User_RiskLevelId int32
const (
	User_RISK_LEVEL_ID_INFO     User_RiskLevelId = 0
	User_RISK_LEVEL_ID_LOW      User_RiskLevelId = 1
	User_RISK_LEVEL_ID_MEDIUM   User_RiskLevelId = 2
	User_RISK_LEVEL_ID_HIGH     User_RiskLevelId = 3
	User_RISK_LEVEL_ID_CRITICAL User_RiskLevelId = 4
)

func (User_RiskLevelId) Descriptor 

func (User_RiskLevelId) Descriptor() protoreflect.EnumDescriptor

func (User_RiskLevelId) Enum 

func (x User_RiskLevelId) Enum() *User_RiskLevelId

func (User_RiskLevelId) EnumDescriptor deprecated 

func (User_RiskLevelId) EnumDescriptor() ([]byte, []int)

Deprecated: Use User_RiskLevelId.Descriptor instead.

func (User_RiskLevelId) Number 

func (x User_RiskLevelId) Number() protoreflect.EnumNumber

func (User_RiskLevelId) String 

func (x User_RiskLevelId) String() string

func (User_RiskLevelId) Type 

func (User_RiskLevelId) Type() protoreflect.EnumType

type User_TypeId 

type User_TypeId int32
const (
	User_TYPE_ID_UNKNOWN User_TypeId = 0
	User_TYPE_ID_USER    User_TypeId = 1 // Regular user account.
	User_TYPE_ID_ADMIN   User_TypeId = 2 // Admin/root user account.
	User_TYPE_ID_SYSTEM  User_TypeId = 3 // System account. For example, Windows computer accounts
	// with a trailing dollar sign ($).
	User_TYPE_ID_OTHER User_TypeId = 99
)

func (User_TypeId) Descriptor 

func (User_TypeId) Descriptor() protoreflect.EnumDescriptor

func (User_TypeId) Enum 

func (x User_TypeId) Enum() *User_TypeId

func (User_TypeId) EnumDescriptor deprecated 

func (User_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use User_TypeId.Descriptor instead.

func (User_TypeId) Number 

func (x User_TypeId) Number() protoreflect.EnumNumber

func (User_TypeId) String 

func (x User_TypeId) String() string

func (User_TypeId) Type 

func (User_TypeId) Type() protoreflect.EnumType

type Vulnerability 

type Vulnerability struct {
	AffectedCode           []*AffectedCode        `protobuf:"bytes,1,rep,name=affected_code,json=affectedCode,proto3" json:"affected_code,omitempty"`
	AffectedPackages       []*AffectedPackage     `protobuf:"bytes,2,rep,name=affected_packages,json=affectedPackages,proto3" json:"affected_packages,omitempty"`
	Cve                    *Cve                   `protobuf:"bytes,3,opt,name=cve,proto3" json:"cve,omitempty"`
	Cwe                    *Cwe                   `protobuf:"bytes,4,opt,name=cwe,proto3" json:"cwe,omitempty"`
	Desc                   *string                `protobuf:"bytes,5,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	FirstSeenTime          *int64                 `protobuf:"varint,6,opt,name=first_seen_time,json=firstSeenTime,proto3,oneof" json:"first_seen_time,omitempty"`
	FirstSeenTimeDt        *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=first_seen_time_dt,json=firstSeenTimeDt,proto3,oneof" json:"first_seen_time_dt,omitempty"`
	FixAvailable           *bool                  `protobuf:"varint,8,opt,name=fix_available,json=fixAvailable,proto3,oneof" json:"fix_available,omitempty"`
	IsExploitAvailable     *bool                  `protobuf:"varint,9,opt,name=is_exploit_available,json=isExploitAvailable,proto3,oneof" json:"is_exploit_available,omitempty"`
	IsFixAvailable         *bool                  `protobuf:"varint,10,opt,name=is_fix_available,json=isFixAvailable,proto3,oneof" json:"is_fix_available,omitempty"`
	KbArticleList          []*KbArticle           `protobuf:"bytes,11,rep,name=kb_article_list,json=kbArticleList,proto3" json:"kb_article_list,omitempty"`
	KbArticles             []string               `protobuf:"bytes,12,rep,name=kb_articles,json=kbArticles,proto3" json:"kb_articles,omitempty"`
	LastSeenTime           *int64                 `protobuf:"varint,13,opt,name=last_seen_time,json=lastSeenTime,proto3,oneof" json:"last_seen_time,omitempty"`
	LastSeenTimeDt         *timestamppb.Timestamp `protobuf:"bytes,14,opt,name=last_seen_time_dt,json=lastSeenTimeDt,proto3,oneof" json:"last_seen_time_dt,omitempty"`
	Packages               []*Package             `protobuf:"bytes,15,rep,name=packages,proto3" json:"packages,omitempty"`
	References             []string               `protobuf:"bytes,16,rep,name=references,proto3" json:"references,omitempty"`
	RelatedVulnerabilities []string               `` /* 128-byte string literal not displayed */
	Remediation            *Remediation           `protobuf:"bytes,18,opt,name=remediation,proto3" json:"remediation,omitempty"`
	Severity               *string                `protobuf:"bytes,19,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	Title                  *string                `protobuf:"bytes,20,opt,name=title,proto3,oneof" json:"title,omitempty"`
	VendorName             *string                `protobuf:"bytes,21,opt,name=vendor_name,json=vendorName,proto3,oneof" json:"vendor_name,omitempty"`
	// contains filtered or unexported fields
}

Vulnerability is an OSF object defined in ocsf objects/vulnerability.json

The vulnerability is an unintended characteristic of a computing component or system configuration that multiplies the risk of an adverse event or a loss occurring either due to accidental exposure, deliberate attack, or conflict with new system components.

func (*Vulnerability) Descriptor deprecated 

func (*Vulnerability) Descriptor() ([]byte, []int)

Deprecated: Use Vulnerability.ProtoReflect.Descriptor instead.

func (*Vulnerability) GetAffectedCode 

func (x *Vulnerability) GetAffectedCode() []*AffectedCode

func (*Vulnerability) GetAffectedPackages 

func (x *Vulnerability) GetAffectedPackages() []*AffectedPackage

func (*Vulnerability) GetCve 

func (x *Vulnerability) GetCve() *Cve

func (*Vulnerability) GetCwe 

func (x *Vulnerability) GetCwe() *Cwe

func (*Vulnerability) GetDesc 

func (x *Vulnerability) GetDesc() string

func (*Vulnerability) GetFirstSeenTime 

func (x *Vulnerability) GetFirstSeenTime() int64

func (*Vulnerability) GetFirstSeenTimeDt 

func (x *Vulnerability) GetFirstSeenTimeDt() *timestamppb.Timestamp

func (*Vulnerability) GetFixAvailable 

func (x *Vulnerability) GetFixAvailable() bool

func (*Vulnerability) GetIsExploitAvailable 

func (x *Vulnerability) GetIsExploitAvailable() bool

func (*Vulnerability) GetIsFixAvailable 

func (x *Vulnerability) GetIsFixAvailable() bool

func (*Vulnerability) GetKbArticleList 

func (x *Vulnerability) GetKbArticleList() []*KbArticle

func (*Vulnerability) GetKbArticles 

func (x *Vulnerability) GetKbArticles() []string

func (*Vulnerability) GetLastSeenTime 

func (x *Vulnerability) GetLastSeenTime() int64

func (*Vulnerability) GetLastSeenTimeDt 

func (x *Vulnerability) GetLastSeenTimeDt() *timestamppb.Timestamp

func (*Vulnerability) GetPackages 

func (x *Vulnerability) GetPackages() []*Package

func (*Vulnerability) GetReferences 

func (x *Vulnerability) GetReferences() []string

func (*Vulnerability) GetRelatedVulnerabilities 

func (x *Vulnerability) GetRelatedVulnerabilities() []string

func (*Vulnerability) GetRemediation 

func (x *Vulnerability) GetRemediation() *Remediation

func (*Vulnerability) GetSeverity 

func (x *Vulnerability) GetSeverity() string

func (*Vulnerability) GetTitle 

func (x *Vulnerability) GetTitle() string

func (*Vulnerability) GetVendorName 

func (x *Vulnerability) GetVendorName() string

func (*Vulnerability) ProtoMessage 

func (*Vulnerability) ProtoMessage()

func (*Vulnerability) ProtoReflect 

func (x *Vulnerability) ProtoReflect() protoreflect.Message

func (*Vulnerability) Reset 

func (x *Vulnerability) Reset()

func (*Vulnerability) String 

func (x *Vulnerability) String() string

type VulnerabilityFinding 

type VulnerabilityFinding struct {
	ActivityId      VulnerabilityFinding_ActivityId    `` /* 144-byte string literal not displayed */
	ActivityName    *string                            `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor           *Actor                             `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api             *Api                               `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName    *string                            `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid     VulnerabilityFinding_CategoryUid   `` /* 148-byte string literal not displayed */
	ClassName       *string                            `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid        VulnerabilityFinding_ClassUid      `` /* 136-byte string literal not displayed */
	Cloud           *Cloud                             `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Comment         *string                            `protobuf:"bytes,10,opt,name=comment,proto3,oneof" json:"comment,omitempty"`
	Confidence      *string                            `protobuf:"bytes,11,opt,name=confidence,proto3,oneof" json:"confidence,omitempty"`
	ConfidenceId    *VulnerabilityFinding_ConfidenceId `` /* 159-byte string literal not displayed */
	ConfidenceScore *int32                             `protobuf:"varint,13,opt,name=confidence_score,json=confidenceScore,proto3,oneof" json:"confidence_score,omitempty"`
	Count           *int32                             `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device          *Device                            `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Duration        *int32                             `protobuf:"varint,16,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime         *int64                             `protobuf:"varint,17,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt       *timestamppb.Timestamp             `protobuf:"bytes,18,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments     []*Enrichment                      `protobuf:"bytes,19,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FindingInfo     *FindingInfo                       `protobuf:"bytes,20,opt,name=finding_info,json=findingInfo,proto3" json:"finding_info,omitempty"`
	Message         *string                            `protobuf:"bytes,21,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata        *Metadata                          `protobuf:"bytes,22,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables     []*Observable                      `protobuf:"bytes,23,rep,name=observables,proto3" json:"observables,omitempty"`
	RawData         *string                            `protobuf:"bytes,24,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Resource        *ResourceDetails                   `protobuf:"bytes,25,opt,name=resource,proto3" json:"resource,omitempty"`
	Severity        *string                            `protobuf:"bytes,26,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId      VulnerabilityFinding_SeverityId    `` /* 145-byte string literal not displayed */
	StartTime       *int64                             `protobuf:"varint,28,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt     *timestamppb.Timestamp             `protobuf:"bytes,29,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status          *string                            `protobuf:"bytes,30,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode      *string                            `protobuf:"bytes,31,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail    *string                            `protobuf:"bytes,32,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId        *VulnerabilityFinding_StatusId     `` /* 143-byte string literal not displayed */
	Time            int64                              `protobuf:"varint,34,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt          *timestamppb.Timestamp             `protobuf:"bytes,35,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset  *int32                             `protobuf:"varint,36,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	TypeName        *string                            `protobuf:"bytes,37,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid         int64                              `protobuf:"varint,38,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped        *structpb.Struct                   `protobuf:"bytes,39,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	Vulnerabilities []*Vulnerability                   `protobuf:"bytes,40,rep,name=vulnerabilities,proto3" json:"vulnerabilities,omitempty"`
	// contains filtered or unexported fields
}

VulnerabilityFinding is an OSF event in category "Findings" called Vulnerability Finding defined in ocsf events/findings/vulnerability_finding.json

The Vulnerability Finding event is a notification about weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.

func (*VulnerabilityFinding) Descriptor deprecated 

func (*VulnerabilityFinding) Descriptor() ([]byte, []int)

Deprecated: Use VulnerabilityFinding.ProtoReflect.Descriptor instead.

func (*VulnerabilityFinding) GetActivityId 

func (x *VulnerabilityFinding) GetActivityId() VulnerabilityFinding_ActivityId

func (*VulnerabilityFinding) GetActivityName 

func (x *VulnerabilityFinding) GetActivityName() string

func (*VulnerabilityFinding) GetActor 

func (x *VulnerabilityFinding) GetActor() *Actor

func (*VulnerabilityFinding) GetApi 

func (x *VulnerabilityFinding) GetApi() *Api

func (*VulnerabilityFinding) GetCategoryName 

func (x *VulnerabilityFinding) GetCategoryName() string

func (*VulnerabilityFinding) GetCategoryUid 

func (x *VulnerabilityFinding) GetCategoryUid() VulnerabilityFinding_CategoryUid

func (*VulnerabilityFinding) GetClassName 

func (x *VulnerabilityFinding) GetClassName() string

func (*VulnerabilityFinding) GetClassUid 

func (x *VulnerabilityFinding) GetClassUid() VulnerabilityFinding_ClassUid

func (*VulnerabilityFinding) GetCloud 

func (x *VulnerabilityFinding) GetCloud() *Cloud

func (*VulnerabilityFinding) GetComment 

func (x *VulnerabilityFinding) GetComment() string

func (*VulnerabilityFinding) GetConfidence 

func (x *VulnerabilityFinding) GetConfidence() string

func (*VulnerabilityFinding) GetConfidenceId 

func (x *VulnerabilityFinding) GetConfidenceId() VulnerabilityFinding_ConfidenceId

func (*VulnerabilityFinding) GetConfidenceScore 

func (x *VulnerabilityFinding) GetConfidenceScore() int32

func (*VulnerabilityFinding) GetCount 

func (x *VulnerabilityFinding) GetCount() int32

func (*VulnerabilityFinding) GetDevice 

func (x *VulnerabilityFinding) GetDevice() *Device

func (*VulnerabilityFinding) GetDuration 

func (x *VulnerabilityFinding) GetDuration() int32

func (*VulnerabilityFinding) GetEndTime 

func (x *VulnerabilityFinding) GetEndTime() int64

func (*VulnerabilityFinding) GetEndTimeDt 

func (x *VulnerabilityFinding) GetEndTimeDt() *timestamppb.Timestamp

func (*VulnerabilityFinding) GetEnrichments 

func (x *VulnerabilityFinding) GetEnrichments() []*Enrichment

func (*VulnerabilityFinding) GetFindingInfo 

func (x *VulnerabilityFinding) GetFindingInfo() *FindingInfo

func (*VulnerabilityFinding) GetMessage 

func (x *VulnerabilityFinding) GetMessage() string

func (*VulnerabilityFinding) GetMetadata 

func (x *VulnerabilityFinding) GetMetadata() *Metadata

func (*VulnerabilityFinding) GetObservables 

func (x *VulnerabilityFinding) GetObservables() []*Observable

func (*VulnerabilityFinding) GetRawData 

func (x *VulnerabilityFinding) GetRawData() string

func (*VulnerabilityFinding) GetResource 

func (x *VulnerabilityFinding) GetResource() *ResourceDetails

func (*VulnerabilityFinding) GetSeverity 

func (x *VulnerabilityFinding) GetSeverity() string

func (*VulnerabilityFinding) GetSeverityId 

func (x *VulnerabilityFinding) GetSeverityId() VulnerabilityFinding_SeverityId

func (*VulnerabilityFinding) GetStartTime 

func (x *VulnerabilityFinding) GetStartTime() int64

func (*VulnerabilityFinding) GetStartTimeDt 

func (x *VulnerabilityFinding) GetStartTimeDt() *timestamppb.Timestamp

func (*VulnerabilityFinding) GetStatus 

func (x *VulnerabilityFinding) GetStatus() string

func (*VulnerabilityFinding) GetStatusCode 

func (x *VulnerabilityFinding) GetStatusCode() string

func (*VulnerabilityFinding) GetStatusDetail 

func (x *VulnerabilityFinding) GetStatusDetail() string

func (*VulnerabilityFinding) GetStatusId 

func (x *VulnerabilityFinding) GetStatusId() VulnerabilityFinding_StatusId

func (*VulnerabilityFinding) GetTime 

func (x *VulnerabilityFinding) GetTime() int64

func (*VulnerabilityFinding) GetTimeDt 

func (x *VulnerabilityFinding) GetTimeDt() *timestamppb.Timestamp

func (*VulnerabilityFinding) GetTimezoneOffset 

func (x *VulnerabilityFinding) GetTimezoneOffset() int32

func (*VulnerabilityFinding) GetTypeName 

func (x *VulnerabilityFinding) GetTypeName() string

func (*VulnerabilityFinding) GetTypeUid 

func (x *VulnerabilityFinding) GetTypeUid() int64

func (*VulnerabilityFinding) GetUnmapped 

func (x *VulnerabilityFinding) GetUnmapped() *structpb.Struct

func (*VulnerabilityFinding) GetVulnerabilities 

func (x *VulnerabilityFinding) GetVulnerabilities() []*Vulnerability

func (*VulnerabilityFinding) ProtoMessage 

func (*VulnerabilityFinding) ProtoMessage()

func (*VulnerabilityFinding) ProtoReflect 

func (x *VulnerabilityFinding) ProtoReflect() protoreflect.Message

func (*VulnerabilityFinding) Reset 

func (x *VulnerabilityFinding) Reset()

func (*VulnerabilityFinding) String 

func (x *VulnerabilityFinding) String() string

type VulnerabilityFinding_ActivityId 

type VulnerabilityFinding_ActivityId int32
const (
	VulnerabilityFinding_ACTIVITY_ID_UNKNOWN VulnerabilityFinding_ActivityId = 0
	VulnerabilityFinding_ACTIVITY_ID_CREATE  VulnerabilityFinding_ActivityId = 1 // A finding was created.
	VulnerabilityFinding_ACTIVITY_ID_UPDATE  VulnerabilityFinding_ActivityId = 2 // A finding was updated.
	VulnerabilityFinding_ACTIVITY_ID_CLOSE   VulnerabilityFinding_ActivityId = 3 // A finding was closed.
	VulnerabilityFinding_ACTIVITY_ID_OTHER   VulnerabilityFinding_ActivityId = 99
)

func (VulnerabilityFinding_ActivityId) Descriptor 

func (VulnerabilityFinding_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (VulnerabilityFinding_ActivityId) Enum 

func (x VulnerabilityFinding_ActivityId) Enum() *VulnerabilityFinding_ActivityId

func (VulnerabilityFinding_ActivityId) EnumDescriptor deprecated 

func (VulnerabilityFinding_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use VulnerabilityFinding_ActivityId.Descriptor instead.

func (VulnerabilityFinding_ActivityId) Number 

func (x VulnerabilityFinding_ActivityId) Number() protoreflect.EnumNumber

func (VulnerabilityFinding_ActivityId) String 

func (x VulnerabilityFinding_ActivityId) String() string

func (VulnerabilityFinding_ActivityId) Type 

func (VulnerabilityFinding_ActivityId) Type() protoreflect.EnumType

type VulnerabilityFinding_CategoryUid 

type VulnerabilityFinding_CategoryUid int32
const (
	VulnerabilityFinding_CATEGORY_UID_UNKNOWN  VulnerabilityFinding_CategoryUid = 0
	VulnerabilityFinding_CATEGORY_UID_FINDINGS VulnerabilityFinding_CategoryUid = 2
)

func (VulnerabilityFinding_CategoryUid) Descriptor 

func (VulnerabilityFinding_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (VulnerabilityFinding_CategoryUid) Enum 

func (x VulnerabilityFinding_CategoryUid) Enum() *VulnerabilityFinding_CategoryUid

func (VulnerabilityFinding_CategoryUid) EnumDescriptor deprecated 

func (VulnerabilityFinding_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use VulnerabilityFinding_CategoryUid.Descriptor instead.

func (VulnerabilityFinding_CategoryUid) Number 

func (x VulnerabilityFinding_CategoryUid) Number() protoreflect.EnumNumber

func (VulnerabilityFinding_CategoryUid) String 

func (x VulnerabilityFinding_CategoryUid) String() string

func (VulnerabilityFinding_CategoryUid) Type 

func (VulnerabilityFinding_CategoryUid) Type() protoreflect.EnumType

type VulnerabilityFinding_ClassUid 

type VulnerabilityFinding_ClassUid int32
const (
	VulnerabilityFinding_CLASS_UID_UNKNOWN               VulnerabilityFinding_ClassUid = 0
	VulnerabilityFinding_CLASS_UID_VULNERABILITY_FINDING VulnerabilityFinding_ClassUid = 2002
)

func (VulnerabilityFinding_ClassUid) Descriptor 

func (VulnerabilityFinding_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (VulnerabilityFinding_ClassUid) Enum 

func (x VulnerabilityFinding_ClassUid) Enum() *VulnerabilityFinding_ClassUid

func (VulnerabilityFinding_ClassUid) EnumDescriptor deprecated 

func (VulnerabilityFinding_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use VulnerabilityFinding_ClassUid.Descriptor instead.

func (VulnerabilityFinding_ClassUid) Number 

func (x VulnerabilityFinding_ClassUid) Number() protoreflect.EnumNumber

func (VulnerabilityFinding_ClassUid) String 

func (x VulnerabilityFinding_ClassUid) String() string

func (VulnerabilityFinding_ClassUid) Type 

func (VulnerabilityFinding_ClassUid) Type() protoreflect.EnumType

type VulnerabilityFinding_ConfidenceId 

type VulnerabilityFinding_ConfidenceId int32
const (
	VulnerabilityFinding_CONFIDENCE_ID_UNKNOWN VulnerabilityFinding_ConfidenceId = 0 // The normalized confidence is unknown.
	VulnerabilityFinding_CONFIDENCE_ID_LOW     VulnerabilityFinding_ConfidenceId = 1
	VulnerabilityFinding_CONFIDENCE_ID_MEDIUM  VulnerabilityFinding_ConfidenceId = 2
	VulnerabilityFinding_CONFIDENCE_ID_HIGH    VulnerabilityFinding_ConfidenceId = 3
	VulnerabilityFinding_CONFIDENCE_ID_OTHER   VulnerabilityFinding_ConfidenceId = 99 // The confidence is not mapped to the defined enum
)

func (VulnerabilityFinding_ConfidenceId) Descriptor 

func (VulnerabilityFinding_ConfidenceId) Descriptor() protoreflect.EnumDescriptor

func (VulnerabilityFinding_ConfidenceId) Enum 

func (x VulnerabilityFinding_ConfidenceId) Enum() *VulnerabilityFinding_ConfidenceId

func (VulnerabilityFinding_ConfidenceId) EnumDescriptor deprecated 

func (VulnerabilityFinding_ConfidenceId) EnumDescriptor() ([]byte, []int)

Deprecated: Use VulnerabilityFinding_ConfidenceId.Descriptor instead.

func (VulnerabilityFinding_ConfidenceId) Number 

func (x VulnerabilityFinding_ConfidenceId) Number() protoreflect.EnumNumber

func (VulnerabilityFinding_ConfidenceId) String 

func (x VulnerabilityFinding_ConfidenceId) String() string

func (VulnerabilityFinding_ConfidenceId) Type 

func (VulnerabilityFinding_ConfidenceId) Type() protoreflect.EnumType

type VulnerabilityFinding_SeverityId 

type VulnerabilityFinding_SeverityId int32
const (
	VulnerabilityFinding_SEVERITY_ID_UNKNOWN       VulnerabilityFinding_SeverityId = 0 // The event/finding severity is unknown.
	VulnerabilityFinding_SEVERITY_ID_INFORMATIONAL VulnerabilityFinding_SeverityId = 1 // Informational message. No action required.
	VulnerabilityFinding_SEVERITY_ID_LOW           VulnerabilityFinding_SeverityId = 2 // The user decides if action is needed.
	VulnerabilityFinding_SEVERITY_ID_MEDIUM        VulnerabilityFinding_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	VulnerabilityFinding_SEVERITY_ID_HIGH     VulnerabilityFinding_SeverityId = 4 // Action is required immediately.
	VulnerabilityFinding_SEVERITY_ID_CRITICAL VulnerabilityFinding_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	VulnerabilityFinding_SEVERITY_ID_FATAL VulnerabilityFinding_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	VulnerabilityFinding_SEVERITY_ID_OTHER VulnerabilityFinding_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (VulnerabilityFinding_SeverityId) Descriptor 

func (VulnerabilityFinding_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (VulnerabilityFinding_SeverityId) Enum 

func (x VulnerabilityFinding_SeverityId) Enum() *VulnerabilityFinding_SeverityId

func (VulnerabilityFinding_SeverityId) EnumDescriptor deprecated 

func (VulnerabilityFinding_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use VulnerabilityFinding_SeverityId.Descriptor instead.

func (VulnerabilityFinding_SeverityId) Number 

func (x VulnerabilityFinding_SeverityId) Number() protoreflect.EnumNumber

func (VulnerabilityFinding_SeverityId) String 

func (x VulnerabilityFinding_SeverityId) String() string

func (VulnerabilityFinding_SeverityId) Type 

func (VulnerabilityFinding_SeverityId) Type() protoreflect.EnumType

type VulnerabilityFinding_StatusId 

type VulnerabilityFinding_StatusId int32
const (
	VulnerabilityFinding_STATUS_ID_UNKNOWN     VulnerabilityFinding_StatusId = 0 // The status is unknown.
	VulnerabilityFinding_STATUS_ID_NEW         VulnerabilityFinding_StatusId = 1 // The Finding is new and yet to be reviewed.
	VulnerabilityFinding_STATUS_ID_IN_PROGRESS VulnerabilityFinding_StatusId = 2 // The Finding is under review.
	VulnerabilityFinding_STATUS_ID_SUPPRESSED  VulnerabilityFinding_StatusId = 3 // The Finding was reviewed, determined to be benign
	// or a false positive and is now suppressed.
	VulnerabilityFinding_STATUS_ID_RESOLVED VulnerabilityFinding_StatusId = 4 // The Finding was reviewed, remediated and is now
	// considered resolved.
	VulnerabilityFinding_STATUS_ID_OTHER VulnerabilityFinding_StatusId = 99 // The event status is not mapped. See the
)

func (VulnerabilityFinding_StatusId) Descriptor 

func (VulnerabilityFinding_StatusId) Descriptor() protoreflect.EnumDescriptor

func (VulnerabilityFinding_StatusId) Enum 

func (x VulnerabilityFinding_StatusId) Enum() *VulnerabilityFinding_StatusId

func (VulnerabilityFinding_StatusId) EnumDescriptor deprecated 

func (VulnerabilityFinding_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use VulnerabilityFinding_StatusId.Descriptor instead.

func (VulnerabilityFinding_StatusId) Number 

func (x VulnerabilityFinding_StatusId) Number() protoreflect.EnumNumber

func (VulnerabilityFinding_StatusId) String 

func (x VulnerabilityFinding_StatusId) String() string

func (VulnerabilityFinding_StatusId) Type 

func (VulnerabilityFinding_StatusId) Type() protoreflect.EnumType

type WebResource 

type WebResource struct {
	Data               *structpb.Value     `protobuf:"bytes,1,opt,name=data,proto3,oneof" json:"data,omitempty"`
	DataClassification *DataClassification `protobuf:"bytes,2,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	Desc               *string             `protobuf:"bytes,3,opt,name=desc,proto3,oneof" json:"desc,omitempty"`
	Labels             []string            `protobuf:"bytes,4,rep,name=labels,proto3" json:"labels,omitempty"`
	Name               *string             `protobuf:"bytes,5,opt,name=name,proto3,oneof" json:"name,omitempty"`
	Type               *string             `protobuf:"bytes,6,opt,name=type,proto3,oneof" json:"type,omitempty"`
	Uid                *string             `protobuf:"bytes,7,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	UrlString          *string             `protobuf:"bytes,8,opt,name=url_string,json=urlString,proto3,oneof" json:"url_string,omitempty"`
	// contains filtered or unexported fields
}

WebResource is an OSF object defined in ocsf objects/web_resource.json

The Web Resource object describes characteristics of a web resource that was affected by the activity/event.

func (*WebResource) Descriptor deprecated 

func (*WebResource) Descriptor() ([]byte, []int)

Deprecated: Use WebResource.ProtoReflect.Descriptor instead.

func (*WebResource) GetData 

func (x *WebResource) GetData() *structpb.Value

func (*WebResource) GetDataClassification 

func (x *WebResource) GetDataClassification() *DataClassification

func (*WebResource) GetDesc 

func (x *WebResource) GetDesc() string

func (*WebResource) GetLabels 

func (x *WebResource) GetLabels() []string

func (*WebResource) GetName 

func (x *WebResource) GetName() string

func (*WebResource) GetType 

func (x *WebResource) GetType() string

func (*WebResource) GetUid 

func (x *WebResource) GetUid() string

func (*WebResource) GetUrlString 

func (x *WebResource) GetUrlString() string

func (*WebResource) ProtoMessage 

func (*WebResource) ProtoMessage()

func (*WebResource) ProtoReflect 

func (x *WebResource) ProtoReflect() protoreflect.Message

func (*WebResource) Reset 

func (x *WebResource) Reset()

func (*WebResource) String 

func (x *WebResource) String() string

type WebResourceAccessActivity 

type WebResourceAccessActivity struct {
	ActivityId          WebResourceAccessActivity_ActivityId  `` /* 149-byte string literal not displayed */
	ActivityName        *string                               `protobuf:"bytes,2,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                                `protobuf:"bytes,3,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                                  `protobuf:"bytes,4,opt,name=api,proto3" json:"api,omitempty"`
	CategoryName        *string                               `protobuf:"bytes,5,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         WebResourceAccessActivity_CategoryUid `` /* 153-byte string literal not displayed */
	ClassName           *string                               `protobuf:"bytes,7,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            WebResourceAccessActivity_ClassUid    `` /* 141-byte string literal not displayed */
	Cloud               *Cloud                                `protobuf:"bytes,9,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count               *int32                                `protobuf:"varint,10,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                               `protobuf:"bytes,11,opt,name=device,proto3" json:"device,omitempty"`
	Duration            *int32                                `protobuf:"varint,12,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                                `protobuf:"varint,13,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp                `protobuf:"bytes,14,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment                         `protobuf:"bytes,15,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	HttpRequest         *HttpRequest                          `protobuf:"bytes,16,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	HttpResponse        *HttpResponse                         `protobuf:"bytes,17,opt,name=http_response,json=httpResponse,proto3" json:"http_response,omitempty"`
	Message             *string                               `protobuf:"bytes,18,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                             `protobuf:"bytes,19,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable                         `protobuf:"bytes,20,rep,name=observables,proto3" json:"observables,omitempty"`
	Proxy               *NetworkProxy                         `protobuf:"bytes,21,opt,name=proxy,proto3" json:"proxy,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo                `protobuf:"bytes,22,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy                         `protobuf:"bytes,23,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest                          `protobuf:"bytes,24,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse                         `protobuf:"bytes,25,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                                  `protobuf:"bytes,26,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic                       `protobuf:"bytes,27,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                               `protobuf:"bytes,28,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity            *string                               `protobuf:"bytes,29,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          WebResourceAccessActivity_SeverityId  `` /* 150-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint                      `protobuf:"bytes,31,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                                `protobuf:"varint,32,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp                `protobuf:"bytes,33,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                               `protobuf:"bytes,34,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                               `protobuf:"bytes,35,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                               `protobuf:"bytes,36,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *WebResourceAccessActivity_StatusId   `` /* 148-byte string literal not displayed */
	Time                int64                                 `protobuf:"varint,38,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp                `protobuf:"bytes,39,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                                `protobuf:"varint,40,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                                  `protobuf:"bytes,41,opt,name=tls,proto3" json:"tls,omitempty"`
	TypeName            *string                               `protobuf:"bytes,42,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                                 `protobuf:"varint,43,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct                      `protobuf:"bytes,44,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	WebResources        []*WebResource                        `protobuf:"bytes,45,rep,name=web_resources,json=webResources,proto3" json:"web_resources,omitempty"`
	// contains filtered or unexported fields
}

WebResourceAccessActivity is an OSF event in category "Application Activity" called Web Resource Access Activity defined in ocsf events/application/web_resource_access_activity.json

Web Resource Access Activity events describe successful/failed attempts to access a web resource over HTTP.

func (*WebResourceAccessActivity) Descriptor deprecated 

func (*WebResourceAccessActivity) Descriptor() ([]byte, []int)

Deprecated: Use WebResourceAccessActivity.ProtoReflect.Descriptor instead.

func (*WebResourceAccessActivity) GetActivityId 

func (x *WebResourceAccessActivity) GetActivityId() WebResourceAccessActivity_ActivityId

func (*WebResourceAccessActivity) GetActivityName 

func (x *WebResourceAccessActivity) GetActivityName() string

func (*WebResourceAccessActivity) GetActor 

func (x *WebResourceAccessActivity) GetActor() *Actor

func (*WebResourceAccessActivity) GetApi 

func (x *WebResourceAccessActivity) GetApi() *Api

func (*WebResourceAccessActivity) GetCategoryName 

func (x *WebResourceAccessActivity) GetCategoryName() string

func (*WebResourceAccessActivity) GetCategoryUid 

func (x *WebResourceAccessActivity) GetCategoryUid() WebResourceAccessActivity_CategoryUid

func (*WebResourceAccessActivity) GetClassName 

func (x *WebResourceAccessActivity) GetClassName() string

func (*WebResourceAccessActivity) GetClassUid 

func (x *WebResourceAccessActivity) GetClassUid() WebResourceAccessActivity_ClassUid

func (*WebResourceAccessActivity) GetCloud 

func (x *WebResourceAccessActivity) GetCloud() *Cloud

func (*WebResourceAccessActivity) GetCount 

func (x *WebResourceAccessActivity) GetCount() int32

func (*WebResourceAccessActivity) GetDevice 

func (x *WebResourceAccessActivity) GetDevice() *Device

func (*WebResourceAccessActivity) GetDuration 

func (x *WebResourceAccessActivity) GetDuration() int32

func (*WebResourceAccessActivity) GetEndTime 

func (x *WebResourceAccessActivity) GetEndTime() int64

func (*WebResourceAccessActivity) GetEndTimeDt 

func (x *WebResourceAccessActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*WebResourceAccessActivity) GetEnrichments 

func (x *WebResourceAccessActivity) GetEnrichments() []*Enrichment

func (*WebResourceAccessActivity) GetHttpRequest 

func (x *WebResourceAccessActivity) GetHttpRequest() *HttpRequest

func (*WebResourceAccessActivity) GetHttpResponse 

func (x *WebResourceAccessActivity) GetHttpResponse() *HttpResponse

func (*WebResourceAccessActivity) GetMessage 

func (x *WebResourceAccessActivity) GetMessage() string

func (*WebResourceAccessActivity) GetMetadata 

func (x *WebResourceAccessActivity) GetMetadata() *Metadata

func (*WebResourceAccessActivity) GetObservables 

func (x *WebResourceAccessActivity) GetObservables() []*Observable

func (*WebResourceAccessActivity) GetProxy 

func (x *WebResourceAccessActivity) GetProxy() *NetworkProxy

func (*WebResourceAccessActivity) GetProxyConnectionInfo 

func (x *WebResourceAccessActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*WebResourceAccessActivity) GetProxyEndpoint 

func (x *WebResourceAccessActivity) GetProxyEndpoint() *NetworkProxy

func (*WebResourceAccessActivity) GetProxyHttpRequest 

func (x *WebResourceAccessActivity) GetProxyHttpRequest() *HttpRequest

func (*WebResourceAccessActivity) GetProxyHttpResponse 

func (x *WebResourceAccessActivity) GetProxyHttpResponse() *HttpResponse

func (*WebResourceAccessActivity) GetProxyTls 

func (x *WebResourceAccessActivity) GetProxyTls() *Tls

func (*WebResourceAccessActivity) GetProxyTraffic 

func (x *WebResourceAccessActivity) GetProxyTraffic() *NetworkTraffic

func (*WebResourceAccessActivity) GetRawData 

func (x *WebResourceAccessActivity) GetRawData() string

func (*WebResourceAccessActivity) GetSeverity 

func (x *WebResourceAccessActivity) GetSeverity() string

func (*WebResourceAccessActivity) GetSeverityId 

func (x *WebResourceAccessActivity) GetSeverityId() WebResourceAccessActivity_SeverityId

func (*WebResourceAccessActivity) GetSrcEndpoint 

func (x *WebResourceAccessActivity) GetSrcEndpoint() *NetworkEndpoint

func (*WebResourceAccessActivity) GetStartTime 

func (x *WebResourceAccessActivity) GetStartTime() int64

func (*WebResourceAccessActivity) GetStartTimeDt 

func (x *WebResourceAccessActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*WebResourceAccessActivity) GetStatus 

func (x *WebResourceAccessActivity) GetStatus() string

func (*WebResourceAccessActivity) GetStatusCode 

func (x *WebResourceAccessActivity) GetStatusCode() string

func (*WebResourceAccessActivity) GetStatusDetail 

func (x *WebResourceAccessActivity) GetStatusDetail() string

func (*WebResourceAccessActivity) GetStatusId 

func (x *WebResourceAccessActivity) GetStatusId() WebResourceAccessActivity_StatusId

func (*WebResourceAccessActivity) GetTime 

func (x *WebResourceAccessActivity) GetTime() int64

func (*WebResourceAccessActivity) GetTimeDt 

func (x *WebResourceAccessActivity) GetTimeDt() *timestamppb.Timestamp

func (*WebResourceAccessActivity) GetTimezoneOffset 

func (x *WebResourceAccessActivity) GetTimezoneOffset() int32

func (*WebResourceAccessActivity) GetTls 

func (x *WebResourceAccessActivity) GetTls() *Tls

func (*WebResourceAccessActivity) GetTypeName 

func (x *WebResourceAccessActivity) GetTypeName() string

func (*WebResourceAccessActivity) GetTypeUid 

func (x *WebResourceAccessActivity) GetTypeUid() int64

func (*WebResourceAccessActivity) GetUnmapped 

func (x *WebResourceAccessActivity) GetUnmapped() *structpb.Struct

func (*WebResourceAccessActivity) GetWebResources 

func (x *WebResourceAccessActivity) GetWebResources() []*WebResource

func (*WebResourceAccessActivity) ProtoMessage 

func (*WebResourceAccessActivity) ProtoMessage()

func (*WebResourceAccessActivity) ProtoReflect 

func (x *WebResourceAccessActivity) ProtoReflect() protoreflect.Message

func (*WebResourceAccessActivity) Reset 

func (x *WebResourceAccessActivity) Reset()

func (*WebResourceAccessActivity) String 

func (x *WebResourceAccessActivity) String() string

type WebResourceAccessActivity_ActivityId 

type WebResourceAccessActivity_ActivityId int32
const (
	WebResourceAccessActivity_ACTIVITY_ID_UNKNOWN      WebResourceAccessActivity_ActivityId = 0
	WebResourceAccessActivity_ACTIVITY_ID_ACCESS_GRANT WebResourceAccessActivity_ActivityId = 1 // The incoming request has permission to the web
	// resource.
	WebResourceAccessActivity_ACTIVITY_ID_ACCESS_DENY WebResourceAccessActivity_ActivityId = 2 // The incoming request does not have permission
	// to the web resource.
	WebResourceAccessActivity_ACTIVITY_ID_ACCESS_REVOKE WebResourceAccessActivity_ActivityId = 3 // The incoming request's access has been revoked
	// due to security policy enforcements.
	WebResourceAccessActivity_ACTIVITY_ID_ACCESS_ERROR WebResourceAccessActivity_ActivityId = 4 // An error occurred during processing the
	// request.
	WebResourceAccessActivity_ACTIVITY_ID_OTHER WebResourceAccessActivity_ActivityId = 99
)

func (WebResourceAccessActivity_ActivityId) Descriptor 

func (WebResourceAccessActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (WebResourceAccessActivity_ActivityId) Enum 

func (x WebResourceAccessActivity_ActivityId) Enum() *WebResourceAccessActivity_ActivityId

func (WebResourceAccessActivity_ActivityId) EnumDescriptor deprecated 

func (WebResourceAccessActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourceAccessActivity_ActivityId.Descriptor instead.

func (WebResourceAccessActivity_ActivityId) Number 

func (x WebResourceAccessActivity_ActivityId) Number() protoreflect.EnumNumber

func (WebResourceAccessActivity_ActivityId) String 

func (x WebResourceAccessActivity_ActivityId) String() string

func (WebResourceAccessActivity_ActivityId) Type 

func (WebResourceAccessActivity_ActivityId) Type() protoreflect.EnumType

type WebResourceAccessActivity_CategoryUid 

type WebResourceAccessActivity_CategoryUid int32
const (
	WebResourceAccessActivity_CATEGORY_UID_UNKNOWN              WebResourceAccessActivity_CategoryUid = 0
	WebResourceAccessActivity_CATEGORY_UID_APPLICATION_ACTIVITY WebResourceAccessActivity_CategoryUid = 6
)

func (WebResourceAccessActivity_CategoryUid) Descriptor 

func (WebResourceAccessActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (WebResourceAccessActivity_CategoryUid) Enum 

func (x WebResourceAccessActivity_CategoryUid) Enum() *WebResourceAccessActivity_CategoryUid

func (WebResourceAccessActivity_CategoryUid) EnumDescriptor deprecated 

func (WebResourceAccessActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourceAccessActivity_CategoryUid.Descriptor instead.

func (WebResourceAccessActivity_CategoryUid) Number 

func (x WebResourceAccessActivity_CategoryUid) Number() protoreflect.EnumNumber

func (WebResourceAccessActivity_CategoryUid) String 

func (x WebResourceAccessActivity_CategoryUid) String() string

func (WebResourceAccessActivity_CategoryUid) Type 

func (WebResourceAccessActivity_CategoryUid) Type() protoreflect.EnumType

type WebResourceAccessActivity_ClassUid 

type WebResourceAccessActivity_ClassUid int32
const (
	WebResourceAccessActivity_CLASS_UID_UNKNOWN                      WebResourceAccessActivity_ClassUid = 0
	WebResourceAccessActivity_CLASS_UID_WEB_RESOURCE_ACCESS_ACTIVITY WebResourceAccessActivity_ClassUid = 6004
)

func (WebResourceAccessActivity_ClassUid) Descriptor 

func (WebResourceAccessActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (WebResourceAccessActivity_ClassUid) Enum 

func (x WebResourceAccessActivity_ClassUid) Enum() *WebResourceAccessActivity_ClassUid

func (WebResourceAccessActivity_ClassUid) EnumDescriptor deprecated 

func (WebResourceAccessActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourceAccessActivity_ClassUid.Descriptor instead.

func (WebResourceAccessActivity_ClassUid) Number 

func (x WebResourceAccessActivity_ClassUid) Number() protoreflect.EnumNumber

func (WebResourceAccessActivity_ClassUid) String 

func (x WebResourceAccessActivity_ClassUid) String() string

func (WebResourceAccessActivity_ClassUid) Type 

func (WebResourceAccessActivity_ClassUid) Type() protoreflect.EnumType

type WebResourceAccessActivity_SeverityId 

type WebResourceAccessActivity_SeverityId int32
const (
	WebResourceAccessActivity_SEVERITY_ID_UNKNOWN       WebResourceAccessActivity_SeverityId = 0 // The event/finding severity is unknown.
	WebResourceAccessActivity_SEVERITY_ID_INFORMATIONAL WebResourceAccessActivity_SeverityId = 1 // Informational message. No action required.
	WebResourceAccessActivity_SEVERITY_ID_LOW           WebResourceAccessActivity_SeverityId = 2 // The user decides if action is needed.
	WebResourceAccessActivity_SEVERITY_ID_MEDIUM        WebResourceAccessActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	WebResourceAccessActivity_SEVERITY_ID_HIGH     WebResourceAccessActivity_SeverityId = 4 // Action is required immediately.
	WebResourceAccessActivity_SEVERITY_ID_CRITICAL WebResourceAccessActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	WebResourceAccessActivity_SEVERITY_ID_FATAL WebResourceAccessActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	WebResourceAccessActivity_SEVERITY_ID_OTHER WebResourceAccessActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (WebResourceAccessActivity_SeverityId) Descriptor 

func (WebResourceAccessActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (WebResourceAccessActivity_SeverityId) Enum 

func (x WebResourceAccessActivity_SeverityId) Enum() *WebResourceAccessActivity_SeverityId

func (WebResourceAccessActivity_SeverityId) EnumDescriptor deprecated 

func (WebResourceAccessActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourceAccessActivity_SeverityId.Descriptor instead.

func (WebResourceAccessActivity_SeverityId) Number 

func (x WebResourceAccessActivity_SeverityId) Number() protoreflect.EnumNumber

func (WebResourceAccessActivity_SeverityId) String 

func (x WebResourceAccessActivity_SeverityId) String() string

func (WebResourceAccessActivity_SeverityId) Type 

func (WebResourceAccessActivity_SeverityId) Type() protoreflect.EnumType

type WebResourceAccessActivity_StatusId 

type WebResourceAccessActivity_StatusId int32
const (
	WebResourceAccessActivity_STATUS_ID_UNKNOWN WebResourceAccessActivity_StatusId = 0 // The status is unknown.
	WebResourceAccessActivity_STATUS_ID_SUCCESS WebResourceAccessActivity_StatusId = 1
	WebResourceAccessActivity_STATUS_ID_FAILURE WebResourceAccessActivity_StatusId = 2
	WebResourceAccessActivity_STATUS_ID_OTHER   WebResourceAccessActivity_StatusId = 99 // The event status is not mapped. See the
)

func (WebResourceAccessActivity_StatusId) Descriptor 

func (WebResourceAccessActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (WebResourceAccessActivity_StatusId) Enum 

func (x WebResourceAccessActivity_StatusId) Enum() *WebResourceAccessActivity_StatusId

func (WebResourceAccessActivity_StatusId) EnumDescriptor deprecated 

func (WebResourceAccessActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourceAccessActivity_StatusId.Descriptor instead.

func (WebResourceAccessActivity_StatusId) Number 

func (x WebResourceAccessActivity_StatusId) Number() protoreflect.EnumNumber

func (WebResourceAccessActivity_StatusId) String 

func (x WebResourceAccessActivity_StatusId) String() string

func (WebResourceAccessActivity_StatusId) Type 

func (WebResourceAccessActivity_StatusId) Type() protoreflect.EnumType

type WebResourcesActivity 

type WebResourcesActivity struct {
	Action              *string                             `protobuf:"bytes,1,opt,name=action,proto3,oneof" json:"action,omitempty"`
	ActionId            WebResourcesActivity_ActionId       `` /* 136-byte string literal not displayed */
	ActivityId          WebResourcesActivity_ActivityId     `` /* 144-byte string literal not displayed */
	ActivityName        *string                             `protobuf:"bytes,4,opt,name=activity_name,json=activityName,proto3,oneof" json:"activity_name,omitempty"`
	Actor               *Actor                              `protobuf:"bytes,5,opt,name=actor,proto3" json:"actor,omitempty"`
	Api                 *Api                                `protobuf:"bytes,6,opt,name=api,proto3" json:"api,omitempty"`
	Attacks             []*Attack                           `protobuf:"bytes,7,rep,name=attacks,proto3" json:"attacks,omitempty"`
	Authorizations      []*Authorization                    `protobuf:"bytes,8,rep,name=authorizations,proto3" json:"authorizations,omitempty"`
	CategoryName        *string                             `protobuf:"bytes,9,opt,name=category_name,json=categoryName,proto3,oneof" json:"category_name,omitempty"`
	CategoryUid         WebResourcesActivity_CategoryUid    `` /* 149-byte string literal not displayed */
	ClassName           *string                             `protobuf:"bytes,11,opt,name=class_name,json=className,proto3,oneof" json:"class_name,omitempty"`
	ClassUid            WebResourcesActivity_ClassUid       `` /* 137-byte string literal not displayed */
	Cloud               *Cloud                              `protobuf:"bytes,13,opt,name=cloud,proto3" json:"cloud,omitempty"`
	Count               *int32                              `protobuf:"varint,14,opt,name=count,proto3,oneof" json:"count,omitempty"`
	Device              *Device                             `protobuf:"bytes,15,opt,name=device,proto3" json:"device,omitempty"`
	Disposition         *string                             `protobuf:"bytes,16,opt,name=disposition,proto3,oneof" json:"disposition,omitempty"`
	DispositionId       *WebResourcesActivity_DispositionId `` /* 163-byte string literal not displayed */
	DstEndpoint         *NetworkEndpoint                    `protobuf:"bytes,18,opt,name=dst_endpoint,json=dstEndpoint,proto3" json:"dst_endpoint,omitempty"`
	Duration            *int32                              `protobuf:"varint,19,opt,name=duration,proto3,oneof" json:"duration,omitempty"`
	EndTime             *int64                              `protobuf:"varint,20,opt,name=end_time,json=endTime,proto3,oneof" json:"end_time,omitempty"`
	EndTimeDt           *timestamppb.Timestamp              `protobuf:"bytes,21,opt,name=end_time_dt,json=endTimeDt,proto3,oneof" json:"end_time_dt,omitempty"`
	Enrichments         []*Enrichment                       `protobuf:"bytes,22,rep,name=enrichments,proto3" json:"enrichments,omitempty"`
	FirewallRule        *FirewallRule                       `protobuf:"bytes,23,opt,name=firewall_rule,json=firewallRule,proto3" json:"firewall_rule,omitempty"`
	HttpRequest         *HttpRequest                        `protobuf:"bytes,24,opt,name=http_request,json=httpRequest,proto3" json:"http_request,omitempty"`
	HttpResponse        *HttpResponse                       `protobuf:"bytes,25,opt,name=http_response,json=httpResponse,proto3" json:"http_response,omitempty"`
	Malware             []*Malware                          `protobuf:"bytes,26,rep,name=malware,proto3" json:"malware,omitempty"`
	Message             *string                             `protobuf:"bytes,27,opt,name=message,proto3,oneof" json:"message,omitempty"`
	Metadata            *Metadata                           `protobuf:"bytes,28,opt,name=metadata,proto3" json:"metadata,omitempty"`
	Observables         []*Observable                       `protobuf:"bytes,29,rep,name=observables,proto3" json:"observables,omitempty"`
	ProxyConnectionInfo *NetworkConnectionInfo              `protobuf:"bytes,30,opt,name=proxy_connection_info,json=proxyConnectionInfo,proto3" json:"proxy_connection_info,omitempty"`
	ProxyEndpoint       *NetworkProxy                       `protobuf:"bytes,31,opt,name=proxy_endpoint,json=proxyEndpoint,proto3" json:"proxy_endpoint,omitempty"`
	ProxyHttpRequest    *HttpRequest                        `protobuf:"bytes,32,opt,name=proxy_http_request,json=proxyHttpRequest,proto3" json:"proxy_http_request,omitempty"`
	ProxyHttpResponse   *HttpResponse                       `protobuf:"bytes,33,opt,name=proxy_http_response,json=proxyHttpResponse,proto3" json:"proxy_http_response,omitempty"`
	ProxyTls            *Tls                                `protobuf:"bytes,34,opt,name=proxy_tls,json=proxyTls,proto3" json:"proxy_tls,omitempty"`
	ProxyTraffic        *NetworkTraffic                     `protobuf:"bytes,35,opt,name=proxy_traffic,json=proxyTraffic,proto3" json:"proxy_traffic,omitempty"`
	RawData             *string                             `protobuf:"bytes,36,opt,name=raw_data,json=rawData,proto3,oneof" json:"raw_data,omitempty"`
	Severity            *string                             `protobuf:"bytes,37,opt,name=severity,proto3,oneof" json:"severity,omitempty"`
	SeverityId          WebResourcesActivity_SeverityId     `` /* 145-byte string literal not displayed */
	SrcEndpoint         *NetworkEndpoint                    `protobuf:"bytes,39,opt,name=src_endpoint,json=srcEndpoint,proto3" json:"src_endpoint,omitempty"`
	StartTime           *int64                              `protobuf:"varint,40,opt,name=start_time,json=startTime,proto3,oneof" json:"start_time,omitempty"`
	StartTimeDt         *timestamppb.Timestamp              `protobuf:"bytes,41,opt,name=start_time_dt,json=startTimeDt,proto3,oneof" json:"start_time_dt,omitempty"`
	Status              *string                             `protobuf:"bytes,42,opt,name=status,proto3,oneof" json:"status,omitempty"`
	StatusCode          *string                             `protobuf:"bytes,43,opt,name=status_code,json=statusCode,proto3,oneof" json:"status_code,omitempty"`
	StatusDetail        *string                             `protobuf:"bytes,44,opt,name=status_detail,json=statusDetail,proto3,oneof" json:"status_detail,omitempty"`
	StatusId            *WebResourcesActivity_StatusId      `` /* 143-byte string literal not displayed */
	Time                int64                               `protobuf:"varint,46,opt,name=time,proto3" json:"time,omitempty"`
	TimeDt              *timestamppb.Timestamp              `protobuf:"bytes,47,opt,name=time_dt,json=timeDt,proto3" json:"time_dt,omitempty"`
	TimezoneOffset      *int32                              `protobuf:"varint,48,opt,name=timezone_offset,json=timezoneOffset,proto3,oneof" json:"timezone_offset,omitempty"`
	Tls                 *Tls                                `protobuf:"bytes,49,opt,name=tls,proto3" json:"tls,omitempty"`
	TypeName            *string                             `protobuf:"bytes,50,opt,name=type_name,json=typeName,proto3,oneof" json:"type_name,omitempty"`
	TypeUid             int64                               `protobuf:"varint,51,opt,name=type_uid,json=typeUid,proto3" json:"type_uid,omitempty"`
	Unmapped            *structpb.Struct                    `protobuf:"bytes,52,opt,name=unmapped,proto3" json:"unmapped,omitempty"`
	WebResources        []*WebResource                      `protobuf:"bytes,53,rep,name=web_resources,json=webResources,proto3" json:"web_resources,omitempty"`
	WebResourcesResult  []*WebResource                      `protobuf:"bytes,54,rep,name=web_resources_result,json=webResourcesResult,proto3" json:"web_resources_result,omitempty"`
	// contains filtered or unexported fields
}

WebResourcesActivity is an OSF event in category "Application Activity" called Web Resources Activity defined in ocsf events/application/web_resources_activity.json

Web Resources Activity events describe actions executed on a set of Web Resources.

func (*WebResourcesActivity) Descriptor deprecated 

func (*WebResourcesActivity) Descriptor() ([]byte, []int)

Deprecated: Use WebResourcesActivity.ProtoReflect.Descriptor instead.

func (*WebResourcesActivity) GetAction 

func (x *WebResourcesActivity) GetAction() string

func (*WebResourcesActivity) GetActionId 

func (x *WebResourcesActivity) GetActionId() WebResourcesActivity_ActionId

func (*WebResourcesActivity) GetActivityId 

func (x *WebResourcesActivity) GetActivityId() WebResourcesActivity_ActivityId

func (*WebResourcesActivity) GetActivityName 

func (x *WebResourcesActivity) GetActivityName() string

func (*WebResourcesActivity) GetActor 

func (x *WebResourcesActivity) GetActor() *Actor

func (*WebResourcesActivity) GetApi 

func (x *WebResourcesActivity) GetApi() *Api

func (*WebResourcesActivity) GetAttacks 

func (x *WebResourcesActivity) GetAttacks() []*Attack

func (*WebResourcesActivity) GetAuthorizations 

func (x *WebResourcesActivity) GetAuthorizations() []*Authorization

func (*WebResourcesActivity) GetCategoryName 

func (x *WebResourcesActivity) GetCategoryName() string

func (*WebResourcesActivity) GetCategoryUid 

func (x *WebResourcesActivity) GetCategoryUid() WebResourcesActivity_CategoryUid

func (*WebResourcesActivity) GetClassName 

func (x *WebResourcesActivity) GetClassName() string

func (*WebResourcesActivity) GetClassUid 

func (x *WebResourcesActivity) GetClassUid() WebResourcesActivity_ClassUid

func (*WebResourcesActivity) GetCloud 

func (x *WebResourcesActivity) GetCloud() *Cloud

func (*WebResourcesActivity) GetCount 

func (x *WebResourcesActivity) GetCount() int32

func (*WebResourcesActivity) GetDevice 

func (x *WebResourcesActivity) GetDevice() *Device

func (*WebResourcesActivity) GetDisposition 

func (x *WebResourcesActivity) GetDisposition() string

func (*WebResourcesActivity) GetDispositionId 

func (x *WebResourcesActivity) GetDispositionId() WebResourcesActivity_DispositionId

func (*WebResourcesActivity) GetDstEndpoint 

func (x *WebResourcesActivity) GetDstEndpoint() *NetworkEndpoint

func (*WebResourcesActivity) GetDuration 

func (x *WebResourcesActivity) GetDuration() int32

func (*WebResourcesActivity) GetEndTime 

func (x *WebResourcesActivity) GetEndTime() int64

func (*WebResourcesActivity) GetEndTimeDt 

func (x *WebResourcesActivity) GetEndTimeDt() *timestamppb.Timestamp

func (*WebResourcesActivity) GetEnrichments 

func (x *WebResourcesActivity) GetEnrichments() []*Enrichment

func (*WebResourcesActivity) GetFirewallRule 

func (x *WebResourcesActivity) GetFirewallRule() *FirewallRule

func (*WebResourcesActivity) GetHttpRequest 

func (x *WebResourcesActivity) GetHttpRequest() *HttpRequest

func (*WebResourcesActivity) GetHttpResponse 

func (x *WebResourcesActivity) GetHttpResponse() *HttpResponse

func (*WebResourcesActivity) GetMalware 

func (x *WebResourcesActivity) GetMalware() []*Malware

func (*WebResourcesActivity) GetMessage 

func (x *WebResourcesActivity) GetMessage() string

func (*WebResourcesActivity) GetMetadata 

func (x *WebResourcesActivity) GetMetadata() *Metadata

func (*WebResourcesActivity) GetObservables 

func (x *WebResourcesActivity) GetObservables() []*Observable

func (*WebResourcesActivity) GetProxyConnectionInfo 

func (x *WebResourcesActivity) GetProxyConnectionInfo() *NetworkConnectionInfo

func (*WebResourcesActivity) GetProxyEndpoint 

func (x *WebResourcesActivity) GetProxyEndpoint() *NetworkProxy

func (*WebResourcesActivity) GetProxyHttpRequest 

func (x *WebResourcesActivity) GetProxyHttpRequest() *HttpRequest

func (*WebResourcesActivity) GetProxyHttpResponse 

func (x *WebResourcesActivity) GetProxyHttpResponse() *HttpResponse

func (*WebResourcesActivity) GetProxyTls 

func (x *WebResourcesActivity) GetProxyTls() *Tls

func (*WebResourcesActivity) GetProxyTraffic 

func (x *WebResourcesActivity) GetProxyTraffic() *NetworkTraffic

func (*WebResourcesActivity) GetRawData 

func (x *WebResourcesActivity) GetRawData() string

func (*WebResourcesActivity) GetSeverity 

func (x *WebResourcesActivity) GetSeverity() string

func (*WebResourcesActivity) GetSeverityId 

func (x *WebResourcesActivity) GetSeverityId() WebResourcesActivity_SeverityId

func (*WebResourcesActivity) GetSrcEndpoint 

func (x *WebResourcesActivity) GetSrcEndpoint() *NetworkEndpoint

func (*WebResourcesActivity) GetStartTime 

func (x *WebResourcesActivity) GetStartTime() int64

func (*WebResourcesActivity) GetStartTimeDt 

func (x *WebResourcesActivity) GetStartTimeDt() *timestamppb.Timestamp

func (*WebResourcesActivity) GetStatus 

func (x *WebResourcesActivity) GetStatus() string

func (*WebResourcesActivity) GetStatusCode 

func (x *WebResourcesActivity) GetStatusCode() string

func (*WebResourcesActivity) GetStatusDetail 

func (x *WebResourcesActivity) GetStatusDetail() string

func (*WebResourcesActivity) GetStatusId 

func (x *WebResourcesActivity) GetStatusId() WebResourcesActivity_StatusId

func (*WebResourcesActivity) GetTime 

func (x *WebResourcesActivity) GetTime() int64

func (*WebResourcesActivity) GetTimeDt 

func (x *WebResourcesActivity) GetTimeDt() *timestamppb.Timestamp

func (*WebResourcesActivity) GetTimezoneOffset 

func (x *WebResourcesActivity) GetTimezoneOffset() int32

func (*WebResourcesActivity) GetTls 

func (x *WebResourcesActivity) GetTls() *Tls

func (*WebResourcesActivity) GetTypeName 

func (x *WebResourcesActivity) GetTypeName() string

func (*WebResourcesActivity) GetTypeUid 

func (x *WebResourcesActivity) GetTypeUid() int64

func (*WebResourcesActivity) GetUnmapped 

func (x *WebResourcesActivity) GetUnmapped() *structpb.Struct

func (*WebResourcesActivity) GetWebResources 

func (x *WebResourcesActivity) GetWebResources() []*WebResource

func (*WebResourcesActivity) GetWebResourcesResult 

func (x *WebResourcesActivity) GetWebResourcesResult() []*WebResource

func (*WebResourcesActivity) ProtoMessage 

func (*WebResourcesActivity) ProtoMessage()

func (*WebResourcesActivity) ProtoReflect 

func (x *WebResourcesActivity) ProtoReflect() protoreflect.Message

func (*WebResourcesActivity) Reset 

func (x *WebResourcesActivity) Reset()

func (*WebResourcesActivity) String 

func (x *WebResourcesActivity) String() string

type WebResourcesActivity_ActionId 

type WebResourcesActivity_ActionId int32
const (
	WebResourcesActivity_ACTION_ID_UNKNOWN WebResourcesActivity_ActionId = 0 // The action was unknown. The <code>disposition_id</code>
	// attribute may still be set to a non-unknown value, for
	// example 'Count', 'Uncorrected', 'Isolated',
	// 'Quarantined' or 'Exonerated'.
	WebResourcesActivity_ACTION_ID_ALLOWED WebResourcesActivity_ActionId = 1 // The activity was allowed. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Allowed', 'Approved', 'Delayed', 'No Action', 'Count'
	// etc.
	WebResourcesActivity_ACTION_ID_DENIED WebResourcesActivity_ActionId = 2 // The attempted activity was denied. The
	// <code>disposition_id</code> attribute should be set to
	// a value that conforms to this action, for example
	// 'Blocked', 'Rejected', 'Quarantined', 'Isolated',
	// 'Dropped', 'Access Revoked, etc.
	WebResourcesActivity_ACTION_ID_OTHER WebResourcesActivity_ActionId = 99 // The action was not mapped. See the <code>action</code>
)

func (WebResourcesActivity_ActionId) Descriptor 

func (WebResourcesActivity_ActionId) Descriptor() protoreflect.EnumDescriptor

func (WebResourcesActivity_ActionId) Enum 

func (x WebResourcesActivity_ActionId) Enum() *WebResourcesActivity_ActionId

func (WebResourcesActivity_ActionId) EnumDescriptor deprecated 

func (WebResourcesActivity_ActionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourcesActivity_ActionId.Descriptor instead.

func (WebResourcesActivity_ActionId) Number 

func (x WebResourcesActivity_ActionId) Number() protoreflect.EnumNumber

func (WebResourcesActivity_ActionId) String 

func (x WebResourcesActivity_ActionId) String() string

func (WebResourcesActivity_ActionId) Type 

func (WebResourcesActivity_ActionId) Type() protoreflect.EnumType

type WebResourcesActivity_ActivityId 

type WebResourcesActivity_ActivityId int32
const (
	WebResourcesActivity_ACTIVITY_ID_UNKNOWN WebResourcesActivity_ActivityId = 0
	WebResourcesActivity_ACTIVITY_ID_CREATE  WebResourcesActivity_ActivityId = 1 // One or more web resources were created.
	WebResourcesActivity_ACTIVITY_ID_READ    WebResourcesActivity_ActivityId = 2 // One or more web resources were read / viewed.
	WebResourcesActivity_ACTIVITY_ID_UPDATE  WebResourcesActivity_ActivityId = 3 // One or more web resources were updated.
	WebResourcesActivity_ACTIVITY_ID_DELETE  WebResourcesActivity_ActivityId = 4 // One or more web resources were deleted.
	WebResourcesActivity_ACTIVITY_ID_SEARCH  WebResourcesActivity_ActivityId = 5 // A search was performed on one or more web resources.
	WebResourcesActivity_ACTIVITY_ID_IMPORT  WebResourcesActivity_ActivityId = 6 // One or more web resources were imported into an
	// Application.
	WebResourcesActivity_ACTIVITY_ID_EXPORT WebResourcesActivity_ActivityId = 7 // One or more web resources were exported from an
	// Application.
	WebResourcesActivity_ACTIVITY_ID_SHARE WebResourcesActivity_ActivityId = 8 // One or more web resources were shared.
	WebResourcesActivity_ACTIVITY_ID_OTHER WebResourcesActivity_ActivityId = 99
)

func (WebResourcesActivity_ActivityId) Descriptor 

func (WebResourcesActivity_ActivityId) Descriptor() protoreflect.EnumDescriptor

func (WebResourcesActivity_ActivityId) Enum 

func (x WebResourcesActivity_ActivityId) Enum() *WebResourcesActivity_ActivityId

func (WebResourcesActivity_ActivityId) EnumDescriptor deprecated 

func (WebResourcesActivity_ActivityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourcesActivity_ActivityId.Descriptor instead.

func (WebResourcesActivity_ActivityId) Number 

func (x WebResourcesActivity_ActivityId) Number() protoreflect.EnumNumber

func (WebResourcesActivity_ActivityId) String 

func (x WebResourcesActivity_ActivityId) String() string

func (WebResourcesActivity_ActivityId) Type 

func (WebResourcesActivity_ActivityId) Type() protoreflect.EnumType

type WebResourcesActivity_CategoryUid 

type WebResourcesActivity_CategoryUid int32
const (
	WebResourcesActivity_CATEGORY_UID_UNKNOWN              WebResourcesActivity_CategoryUid = 0
	WebResourcesActivity_CATEGORY_UID_APPLICATION_ACTIVITY WebResourcesActivity_CategoryUid = 6
)

func (WebResourcesActivity_CategoryUid) Descriptor 

func (WebResourcesActivity_CategoryUid) Descriptor() protoreflect.EnumDescriptor

func (WebResourcesActivity_CategoryUid) Enum 

func (x WebResourcesActivity_CategoryUid) Enum() *WebResourcesActivity_CategoryUid

func (WebResourcesActivity_CategoryUid) EnumDescriptor deprecated 

func (WebResourcesActivity_CategoryUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourcesActivity_CategoryUid.Descriptor instead.

func (WebResourcesActivity_CategoryUid) Number 

func (x WebResourcesActivity_CategoryUid) Number() protoreflect.EnumNumber

func (WebResourcesActivity_CategoryUid) String 

func (x WebResourcesActivity_CategoryUid) String() string

func (WebResourcesActivity_CategoryUid) Type 

func (WebResourcesActivity_CategoryUid) Type() protoreflect.EnumType

type WebResourcesActivity_ClassUid 

type WebResourcesActivity_ClassUid int32
const (
	WebResourcesActivity_CLASS_UID_UNKNOWN                WebResourcesActivity_ClassUid = 0
	WebResourcesActivity_CLASS_UID_WEB_RESOURCES_ACTIVITY WebResourcesActivity_ClassUid = 6001
)

func (WebResourcesActivity_ClassUid) Descriptor 

func (WebResourcesActivity_ClassUid) Descriptor() protoreflect.EnumDescriptor

func (WebResourcesActivity_ClassUid) Enum 

func (x WebResourcesActivity_ClassUid) Enum() *WebResourcesActivity_ClassUid

func (WebResourcesActivity_ClassUid) EnumDescriptor deprecated 

func (WebResourcesActivity_ClassUid) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourcesActivity_ClassUid.Descriptor instead.

func (WebResourcesActivity_ClassUid) Number 

func (x WebResourcesActivity_ClassUid) Number() protoreflect.EnumNumber

func (WebResourcesActivity_ClassUid) String 

func (x WebResourcesActivity_ClassUid) String() string

func (WebResourcesActivity_ClassUid) Type 

func (WebResourcesActivity_ClassUid) Type() protoreflect.EnumType

type WebResourcesActivity_DispositionId 

type WebResourcesActivity_DispositionId int32
const (
	WebResourcesActivity_DISPOSITION_ID_UNKNOWN WebResourcesActivity_DispositionId = 0 // The disposition was not known.
	WebResourcesActivity_DISPOSITION_ID_ALLOWED WebResourcesActivity_DispositionId = 1 // Granted access or allowed the action
	// to the protected resource.
	WebResourcesActivity_DISPOSITION_ID_BLOCKED WebResourcesActivity_DispositionId = 2 // Denied access or blocked the action to
	// the protected resource.
	WebResourcesActivity_DISPOSITION_ID_QUARANTINED WebResourcesActivity_DispositionId = 3 // A suspicious file or other content was
	// moved to a benign location.
	WebResourcesActivity_DISPOSITION_ID_ISOLATED WebResourcesActivity_DispositionId = 4 // A session was isolated on the network
	// or within a browser.
	WebResourcesActivity_DISPOSITION_ID_DELETED WebResourcesActivity_DispositionId = 5 // A file or other content was deleted.
	WebResourcesActivity_DISPOSITION_ID_DROPPED WebResourcesActivity_DispositionId = 6 // The request was detected as a threat
	// and resulted in the connection being
	// dropped.
	WebResourcesActivity_DISPOSITION_ID_CUSTOM_ACTION WebResourcesActivity_DispositionId = 7 // A custom action was executed such as
	// running of a command script. Use the
	// <code>message</code> attribute of the
	// base class for details.
	WebResourcesActivity_DISPOSITION_ID_APPROVED WebResourcesActivity_DispositionId = 8 // A request or submission was approved.
	// For example, when a form was properly
	// filled out and submitted. This is
	// distinct from <code>1</code>
	// 'Allowed'.
	WebResourcesActivity_DISPOSITION_ID_RESTORED WebResourcesActivity_DispositionId = 9 // A quarantined file or other content
	// was restored to its original location.
	WebResourcesActivity_DISPOSITION_ID_EXONERATED WebResourcesActivity_DispositionId = 10 // A suspicious or risky entity was
	// deemed to no longer be suspicious (re-
	// scored).
	WebResourcesActivity_DISPOSITION_ID_CORRECTED WebResourcesActivity_DispositionId = 11 // A corrupt file or configuration was
	// corrected.
	WebResourcesActivity_DISPOSITION_ID_PARTIALLY_CORRECTED WebResourcesActivity_DispositionId = 12 // A corrupt file or configuration was
	// partially corrected.
	WebResourcesActivity_DISPOSITION_ID_UNCORRECTED WebResourcesActivity_DispositionId = 13 // A corrupt file or configuration was
	// not corrected.
	WebResourcesActivity_DISPOSITION_ID_DELAYED WebResourcesActivity_DispositionId = 14 // An operation was delayed, for example
	// if a restart was required to finish
	// the operation.
	WebResourcesActivity_DISPOSITION_ID_DETECTED WebResourcesActivity_DispositionId = 15 // Suspicious activity or a policy
	// violation was detected without further
	// action.
	WebResourcesActivity_DISPOSITION_ID_NO_ACTION WebResourcesActivity_DispositionId = 16 // The outcome of an operation had no
	// action taken.
	WebResourcesActivity_DISPOSITION_ID_LOGGED WebResourcesActivity_DispositionId = 17 // The operation or action was logged
	// without further action.
	WebResourcesActivity_DISPOSITION_ID_TAGGED WebResourcesActivity_DispositionId = 18 // A file or other entity was marked with
	// extended attributes.
	WebResourcesActivity_DISPOSITION_ID_ALERT WebResourcesActivity_DispositionId = 19 // The request or activity was detected
	// as a threat and resulted in a
	// notification but request was not
	// blocked.
	WebResourcesActivity_DISPOSITION_ID_COUNT WebResourcesActivity_DispositionId = 20 // Counted the request or activity but
	// did not determine whether to allow it
	// or block it.
	WebResourcesActivity_DISPOSITION_ID_RESET WebResourcesActivity_DispositionId = 21 // The request was detected as a threat
	// and resulted in the connection being
	// reset.
	WebResourcesActivity_DISPOSITION_ID_CAPTCHA WebResourcesActivity_DispositionId = 22 // Required the end user to solve a
	// CAPTCHA puzzle to prove that a human
	// being is sending the request.
	WebResourcesActivity_DISPOSITION_ID_CHALLENGE WebResourcesActivity_DispositionId = 23 // Ran a silent challenge that required
	// the client session to verify that it's
	// a browser, and not a bot.
	WebResourcesActivity_DISPOSITION_ID_ACCESS_REVOKED WebResourcesActivity_DispositionId = 24 // The requestor's access has been
	// revoked due to security policy
	// enforcements. Note: use the
	// <code>Host</code> profile if the
	// <code>User</code> or
	// <code>Actor</code> requestor is not
	// present in the event class.
	WebResourcesActivity_DISPOSITION_ID_REJECTED WebResourcesActivity_DispositionId = 25 // A request or submission was rejected.
	// For example, when a form was
	// improperly filled out and submitted.
	// This is distinct from <code>2</code>
	// 'Blocked'.
	WebResourcesActivity_DISPOSITION_ID_UNAUTHORIZED WebResourcesActivity_DispositionId = 26 // An attempt to access a resource was
	// denied due to an authorization check
	// that failed. This is a more specific
	// disposition than <code>2</code>
	// 'Blocked' and can be complemented with
	// the <code>authorizations</code>
	// attribute for more detail.
	WebResourcesActivity_DISPOSITION_ID_ERROR WebResourcesActivity_DispositionId = 27 // An error occurred during the
	// processing of the activity or request.
	// Use the <code>message</code> attribute
	// of the base class for details.
	WebResourcesActivity_DISPOSITION_ID_OTHER WebResourcesActivity_DispositionId = 99 // The disposition is not listed. The
)

func (WebResourcesActivity_DispositionId) Descriptor 

func (WebResourcesActivity_DispositionId) Descriptor() protoreflect.EnumDescriptor

func (WebResourcesActivity_DispositionId) Enum 

func (x WebResourcesActivity_DispositionId) Enum() *WebResourcesActivity_DispositionId

func (WebResourcesActivity_DispositionId) EnumDescriptor deprecated 

func (WebResourcesActivity_DispositionId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourcesActivity_DispositionId.Descriptor instead.

func (WebResourcesActivity_DispositionId) Number 

func (x WebResourcesActivity_DispositionId) Number() protoreflect.EnumNumber

func (WebResourcesActivity_DispositionId) String 

func (x WebResourcesActivity_DispositionId) String() string

func (WebResourcesActivity_DispositionId) Type 

func (WebResourcesActivity_DispositionId) Type() protoreflect.EnumType

type WebResourcesActivity_SeverityId 

type WebResourcesActivity_SeverityId int32
const (
	WebResourcesActivity_SEVERITY_ID_UNKNOWN       WebResourcesActivity_SeverityId = 0 // The event/finding severity is unknown.
	WebResourcesActivity_SEVERITY_ID_INFORMATIONAL WebResourcesActivity_SeverityId = 1 // Informational message. No action required.
	WebResourcesActivity_SEVERITY_ID_LOW           WebResourcesActivity_SeverityId = 2 // The user decides if action is needed.
	WebResourcesActivity_SEVERITY_ID_MEDIUM        WebResourcesActivity_SeverityId = 3 // Action is required but the situation is not
	// serious at this time.
	WebResourcesActivity_SEVERITY_ID_HIGH     WebResourcesActivity_SeverityId = 4 // Action is required immediately.
	WebResourcesActivity_SEVERITY_ID_CRITICAL WebResourcesActivity_SeverityId = 5 // Action is required immediately and the scope is
	// broad.
	WebResourcesActivity_SEVERITY_ID_FATAL WebResourcesActivity_SeverityId = 6 // An error occurred but it is too late to take
	// remedial action.
	WebResourcesActivity_SEVERITY_ID_OTHER WebResourcesActivity_SeverityId = 99 // The event/finding severity is not mapped. See
)

func (WebResourcesActivity_SeverityId) Descriptor 

func (WebResourcesActivity_SeverityId) Descriptor() protoreflect.EnumDescriptor

func (WebResourcesActivity_SeverityId) Enum 

func (x WebResourcesActivity_SeverityId) Enum() *WebResourcesActivity_SeverityId

func (WebResourcesActivity_SeverityId) EnumDescriptor deprecated 

func (WebResourcesActivity_SeverityId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourcesActivity_SeverityId.Descriptor instead.

func (WebResourcesActivity_SeverityId) Number 

func (x WebResourcesActivity_SeverityId) Number() protoreflect.EnumNumber

func (WebResourcesActivity_SeverityId) String 

func (x WebResourcesActivity_SeverityId) String() string

func (WebResourcesActivity_SeverityId) Type 

func (WebResourcesActivity_SeverityId) Type() protoreflect.EnumType

type WebResourcesActivity_StatusId 

type WebResourcesActivity_StatusId int32
const (
	WebResourcesActivity_STATUS_ID_UNKNOWN WebResourcesActivity_StatusId = 0 // The status is unknown.
	WebResourcesActivity_STATUS_ID_SUCCESS WebResourcesActivity_StatusId = 1
	WebResourcesActivity_STATUS_ID_FAILURE WebResourcesActivity_StatusId = 2
	WebResourcesActivity_STATUS_ID_OTHER   WebResourcesActivity_StatusId = 99 // The event status is not mapped. See the
)

func (WebResourcesActivity_StatusId) Descriptor 

func (WebResourcesActivity_StatusId) Descriptor() protoreflect.EnumDescriptor

func (WebResourcesActivity_StatusId) Enum 

func (x WebResourcesActivity_StatusId) Enum() *WebResourcesActivity_StatusId

func (WebResourcesActivity_StatusId) EnumDescriptor deprecated 

func (WebResourcesActivity_StatusId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WebResourcesActivity_StatusId.Descriptor instead.

func (WebResourcesActivity_StatusId) Number 

func (x WebResourcesActivity_StatusId) Number() protoreflect.EnumNumber

func (WebResourcesActivity_StatusId) String 

func (x WebResourcesActivity_StatusId) String() string

func (WebResourcesActivity_StatusId) Type 

func (WebResourcesActivity_StatusId) Type() protoreflect.EnumType

type WinResource 

type WinResource struct {
	Data               *structpb.Value     `protobuf:"bytes,1,opt,name=data,proto3,oneof" json:"data,omitempty"`
	DataClassification *DataClassification `protobuf:"bytes,2,opt,name=data_classification,json=dataClassification,proto3" json:"data_classification,omitempty"`
	Details            *string             `protobuf:"bytes,3,opt,name=details,proto3,oneof" json:"details,omitempty"`
	Labels             []string            `protobuf:"bytes,4,rep,name=labels,proto3" json:"labels,omitempty"`
	Name               *string             `protobuf:"bytes,5,opt,name=name,proto3,oneof" json:"name,omitempty"`
	SvcName            *string             `protobuf:"bytes,6,opt,name=svc_name,json=svcName,proto3,oneof" json:"svc_name,omitempty"`
	Type               *string             `protobuf:"bytes,7,opt,name=type,proto3,oneof" json:"type,omitempty"`
	TypeId             WinResource_TypeId  `protobuf:"varint,8,opt,name=type_id,json=typeId,proto3,enum=ocsf_schema.v1.WinResource_TypeId" json:"type_id,omitempty"`
	Uid                *string             `protobuf:"bytes,9,opt,name=uid,proto3,oneof" json:"uid,omitempty"`
	// contains filtered or unexported fields
}

WinResource is an OSF object defined in win objects/win_resource.json

The Windows resource object describes a resource object managed by Windows, such as mutant or timer.

func (*WinResource) Descriptor deprecated 

func (*WinResource) Descriptor() ([]byte, []int)

Deprecated: Use WinResource.ProtoReflect.Descriptor instead.

func (*WinResource) GetData 

func (x *WinResource) GetData() *structpb.Value

func (*WinResource) GetDataClassification 

func (x *WinResource) GetDataClassification() *DataClassification

func (*WinResource) GetDetails 

func (x *WinResource) GetDetails() string

func (*WinResource) GetLabels 

func (x *WinResource) GetLabels() []string

func (*WinResource) GetName 

func (x *WinResource) GetName() string

func (*WinResource) GetSvcName 

func (x *WinResource) GetSvcName() string

func (*WinResource) GetType 

func (x *WinResource) GetType() string

func (*WinResource) GetTypeId 

func (x *WinResource) GetTypeId() WinResource_TypeId

func (*WinResource) GetUid 

func (x *WinResource) GetUid() string

func (*WinResource) ProtoMessage 

func (*WinResource) ProtoMessage()

func (*WinResource) ProtoReflect 

func (x *WinResource) ProtoReflect() protoreflect.Message

func (*WinResource) Reset 

func (x *WinResource) Reset()

func (*WinResource) String 

func (x *WinResource) String() string

type WinResource_TypeId 

type WinResource_TypeId int32
const (
	WinResource_TYPE_ID_UNKNOWN                 WinResource_TypeId = 0 // The resource object type is unknown.
	WinResource_TYPE_ID_DIRECTORY               WinResource_TypeId = 1
	WinResource_TYPE_ID_EVENT                   WinResource_TypeId = 2
	WinResource_TYPE_ID_TIMER                   WinResource_TypeId = 3
	WinResource_TYPE_ID_DEVICE                  WinResource_TypeId = 4
	WinResource_TYPE_ID_MUTANT                  WinResource_TypeId = 5
	WinResource_TYPE_ID_TYPE                    WinResource_TypeId = 6
	WinResource_TYPE_ID_FILE                    WinResource_TypeId = 7
	WinResource_TYPE_ID_TOKEN                   WinResource_TypeId = 8
	WinResource_TYPE_ID_THREAD                  WinResource_TypeId = 9
	WinResource_TYPE_ID_SECTION                 WinResource_TypeId = 10
	WinResource_TYPE_ID_WINDOWSTATION           WinResource_TypeId = 11
	WinResource_TYPE_ID_DEBUGOBJECT             WinResource_TypeId = 12
	WinResource_TYPE_ID_FILTERCOMMUNICATIONPORT WinResource_TypeId = 13
	WinResource_TYPE_ID_EVENTPAIR               WinResource_TypeId = 14
	WinResource_TYPE_ID_DRIVER                  WinResource_TypeId = 15
	WinResource_TYPE_ID_IOCOMPLETION            WinResource_TypeId = 16
	WinResource_TYPE_ID_CONTROLLER              WinResource_TypeId = 17
	WinResource_TYPE_ID_SYMBOLICLINK            WinResource_TypeId = 18
	WinResource_TYPE_ID_WMIGUID                 WinResource_TypeId = 19
	WinResource_TYPE_ID_PROCESS                 WinResource_TypeId = 20
	WinResource_TYPE_ID_PROFILE                 WinResource_TypeId = 21
	WinResource_TYPE_ID_DESKTOP                 WinResource_TypeId = 22
	WinResource_TYPE_ID_KEYEDEVENT              WinResource_TypeId = 23
	WinResource_TYPE_ID_ADAPTER                 WinResource_TypeId = 24
	WinResource_TYPE_ID_KEY                     WinResource_TypeId = 25
	WinResource_TYPE_ID_WAITABLEPORT            WinResource_TypeId = 26
	WinResource_TYPE_ID_CALLBACK                WinResource_TypeId = 27
	WinResource_TYPE_ID_SEMAPHORE               WinResource_TypeId = 28
	WinResource_TYPE_ID_JOB                     WinResource_TypeId = 29
	WinResource_TYPE_ID_PORT                    WinResource_TypeId = 30
	WinResource_TYPE_ID_FILTERCONNECTIONPORT    WinResource_TypeId = 31
	WinResource_TYPE_ID_ALPC_PORT               WinResource_TypeId = 32
	WinResource_TYPE_ID_SAM_ALIAS               WinResource_TypeId = 33
	WinResource_TYPE_ID_SAM_GROUP               WinResource_TypeId = 34
	WinResource_TYPE_ID_SAM_USER                WinResource_TypeId = 35
	WinResource_TYPE_ID_SAM_DOMAIN              WinResource_TypeId = 36
	WinResource_TYPE_ID_SAM_SERVER              WinResource_TypeId = 37
	WinResource_TYPE_ID_OTHER                   WinResource_TypeId = 99 // The resource object type is not mapped.
)

func (WinResource_TypeId) Descriptor 

func (WinResource_TypeId) Descriptor() protoreflect.EnumDescriptor

func (WinResource_TypeId) Enum 

func (x WinResource_TypeId) Enum() *WinResource_TypeId

func (WinResource_TypeId) EnumDescriptor deprecated 

func (WinResource_TypeId) EnumDescriptor() ([]byte, []int)

Deprecated: Use WinResource_TypeId.Descriptor instead.

func (WinResource_TypeId) Number 

func (x WinResource_TypeId) Number() protoreflect.EnumNumber

func (WinResource_TypeId) String 

func (x WinResource_TypeId) String() string

func (WinResource_TypeId) Type 

func (WinResource_TypeId) Type() protoreflect.EnumType

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.