pub struct HttpActivity {Show 62 fields
pub action: Option<String>,
pub action_id: HttpActivityActionId,
pub activity_id: HttpActivityActivityId,
pub activity_name: Option<String>,
pub actor: Option<Actor>,
pub api: Option<Api>,
pub app_name: Option<String>,
pub attacks: Vec<Attack>,
pub authorizations: Vec<Authorization>,
pub category_name: Option<String>,
pub category_uid: i64,
pub class_name: Option<String>,
pub class_uid: i64,
pub cloud: Cloud,
pub connection_info: Option<NetworkConnectionInfo>,
pub count: Option<i64>,
pub device: Option<Device>,
pub disposition: Option<String>,
pub disposition_id: Option<HttpActivityDispositionId>,
pub dst_endpoint: NetworkEndpoint,
pub duration: Option<i64>,
pub end_time: Option<i64>,
pub end_time_dt: Option<String>,
pub enrichments: Vec<Enrichment>,
pub file: Option<File>,
pub firewall_rule: Option<FirewallRule>,
pub http_cookies: Vec<HttpCookie>,
pub http_request: HttpRequest,
pub http_response: HttpResponse,
pub http_status: Option<i64>,
pub ja4_fingerprint_list: Vec<Ja4Fingerprint>,
pub load_balancer: Option<LoadBalancer>,
pub malware: Vec<Malware>,
pub message: Option<String>,
pub metadata: Metadata,
pub observables: Vec<Observable>,
pub osint: Vec<Osint>,
pub proxy: Option<NetworkProxy>,
pub proxy_connection_info: Option<NetworkConnectionInfo>,
pub proxy_endpoint: Option<NetworkProxy>,
pub proxy_http_request: Option<HttpRequest>,
pub proxy_http_response: Option<HttpResponse>,
pub proxy_tls: Option<Tls>,
pub proxy_traffic: Option<NetworkTraffic>,
pub raw_data: Option<String>,
pub severity: Option<String>,
pub severity_id: HttpActivitySeverityId,
pub src_endpoint: Option<NetworkEndpoint>,
pub start_time: Option<i64>,
pub start_time_dt: Option<String>,
pub status: Option<String>,
pub status_code: Option<String>,
pub status_detail: Option<String>,
pub status_id: Option<HttpActivityStatusId>,
pub time: i64,
pub time_dt: Option<String>,
pub timezone_offset: Option<i64>,
pub tls: Option<Tls>,
pub traffic: Option<NetworkTraffic>,
pub type_name: Option<String>,
pub type_uid: i64,
pub unmapped: Option<Object>,
}Expand description
HttpActivity
JSON schema
{
"$id": "https://schema.ocsf.io/schema/classes/http_activity",
"type": "object",
"required": [
"action_id",
"activity_id",
"category_uid",
"class_uid",
"cloud",
"dst_endpoint",
"http_request",
"http_response",
"metadata",
"osint",
"severity_id",
"time",
"type_uid"
],
"properties": {
"action": {
"type": "string"
},
"action_id": {
"type": "integer",
"enum": [
0,
1,
2,
99
]
},
"activity_id": {
"type": "integer",
"enum": [
3,
6,
0,
1,
2,
99,
4,
5,
7,
8
]
},
"activity_name": {
"type": "string"
},
"actor": {
"$ref": "#/$defs/actor"
},
"api": {
"$ref": "#/$defs/api"
},
"app_name": {
"type": "string"
},
"attacks": {
"type": "array",
"items": {
"$ref": "#/$defs/attack"
}
},
"authorizations": {
"type": "array",
"items": {
"$ref": "#/$defs/authorization"
}
},
"category_name": {
"type": "string"
},
"category_uid": {
"type": "integer",
"const": 4
},
"class_name": {
"type": "string"
},
"class_uid": {
"type": "integer",
"const": 4002
},
"cloud": {
"$ref": "#/$defs/cloud"
},
"connection_info": {
"$ref": "#/$defs/network_connection_info"
},
"count": {
"type": "integer"
},
"device": {
"$ref": "#/$defs/device"
},
"disposition": {
"type": "string"
},
"disposition_id": {
"type": "integer",
"enum": [
3,
6,
0,
1,
2,
99,
4,
5,
7,
8,
9,
10,
11,
14,
15,
16,
17,
18,
20,
21,
22,
23,
24,
25,
26,
27,
12,
13,
19
]
},
"dst_endpoint": {
"$ref": "#/$defs/network_endpoint"
},
"duration": {
"type": "integer"
},
"end_time": {
"type": "integer"
},
"end_time_dt": {
"type": "string"
},
"enrichments": {
"type": "array",
"items": {
"$ref": "#/$defs/enrichment"
}
},
"file": {
"$ref": "#/$defs/file"
},
"firewall_rule": {
"$ref": "#/$defs/firewall_rule"
},
"http_cookies": {
"type": "array",
"items": {
"$ref": "#/$defs/http_cookie"
}
},
"http_request": {
"$ref": "#/$defs/http_request"
},
"http_response": {
"$ref": "#/$defs/http_response"
},
"http_status": {
"type": "integer"
},
"ja4_fingerprint_list": {
"type": "array",
"items": {
"$ref": "#/$defs/ja4_fingerprint"
}
},
"load_balancer": {
"$ref": "#/$defs/load_balancer"
},
"malware": {
"type": "array",
"items": {
"$ref": "#/$defs/malware"
}
},
"message": {
"type": "string"
},
"metadata": {
"$ref": "#/$defs/metadata"
},
"observables": {
"type": "array",
"items": {
"$ref": "#/$defs/observable"
}
},
"osint": {
"type": "array",
"items": {
"$ref": "#/$defs/osint"
}
},
"proxy": {
"$ref": "#/$defs/network_proxy"
},
"proxy_connection_info": {
"$ref": "#/$defs/network_connection_info"
},
"proxy_endpoint": {
"$ref": "#/$defs/network_proxy"
},
"proxy_http_request": {
"$ref": "#/$defs/http_request"
},
"proxy_http_response": {
"$ref": "#/$defs/http_response"
},
"proxy_tls": {
"$ref": "#/$defs/tls"
},
"proxy_traffic": {
"$ref": "#/$defs/network_traffic"
},
"raw_data": {
"type": "string"
},
"severity": {
"type": "string"
},
"severity_id": {
"type": "integer",
"enum": [
3,
6,
0,
1,
2,
99,
4,
5
]
},
"src_endpoint": {
"$ref": "#/$defs/network_endpoint"
},
"start_time": {
"type": "integer"
},
"start_time_dt": {
"type": "string"
},
"status": {
"type": "string"
},
"status_code": {
"type": "string"
},
"status_detail": {
"type": "string"
},
"status_id": {
"type": "integer",
"enum": [
0,
1,
2,
99
]
},
"time": {
"type": "integer"
},
"time_dt": {
"type": "string"
},
"timezone_offset": {
"type": "integer"
},
"tls": {
"$ref": "#/$defs/tls"
},
"traffic": {
"$ref": "#/$defs/network_traffic"
},
"type_name": {
"type": "string"
},
"type_uid": {
"type": "integer"
},
"unmapped": {
"$ref": "#/$defs/object"
}
},
"$schema": "http://json-schema.org/draft-07/schema#"
}Fields§
§action: Option<String>§action_id: HttpActivityActionId§activity_id: HttpActivityActivityId§activity_name: Option<String>§actor: Option<Actor>§api: Option<Api>§app_name: Option<String>§attacks: Vec<Attack>§category_name: Option<String>§category_uid: i64§class_name: Option<String>§class_uid: i64§cloud: Cloud§connection_info: Option<NetworkConnectionInfo>§count: Option<i64>§device: Option<Device>§disposition: Option<String>§disposition_id: Option<HttpActivityDispositionId>§dst_endpoint: NetworkEndpoint§duration: Option<i64>§end_time: Option<i64>§end_time_dt: Option<String>§enrichments: Vec<Enrichment>§file: Option<File>§firewall_rule: Option<FirewallRule>§http_request: HttpRequest§http_response: HttpResponse§http_status: Option<i64>§ja4_fingerprint_list: Vec<Ja4Fingerprint>§load_balancer: Option<LoadBalancer>§malware: Vec<Malware>§message: Option<String>§metadata: Metadata§observables: Vec<Observable>§osint: Vec<Osint>§proxy: Option<NetworkProxy>§proxy_connection_info: Option<NetworkConnectionInfo>§proxy_endpoint: Option<NetworkProxy>§proxy_http_request: Option<HttpRequest>§proxy_http_response: Option<HttpResponse>§proxy_tls: Option<Tls>§proxy_traffic: Option<NetworkTraffic>§raw_data: Option<String>§severity: Option<String>§severity_id: HttpActivitySeverityId§src_endpoint: Option<NetworkEndpoint>§start_time: Option<i64>§start_time_dt: Option<String>§status: Option<String>§status_code: Option<String>§status_detail: Option<String>§status_id: Option<HttpActivityStatusId>§time: i64§time_dt: Option<String>§timezone_offset: Option<i64>§tls: Option<Tls>§traffic: Option<NetworkTraffic>§type_name: Option<String>§type_uid: i64§unmapped: Option<Object>Implementations§
Source§impl HttpActivity
impl HttpActivity
pub fn builder() -> HttpActivity
Trait Implementations§
Source§impl Clone for HttpActivity
impl Clone for HttpActivity
Source§fn clone(&self) -> HttpActivity
fn clone(&self) -> HttpActivity
Returns a duplicate of the value. Read more
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source. Read moreSource§impl Debug for HttpActivity
impl Debug for HttpActivity
Source§impl<'de> Deserialize<'de> for HttpActivity
impl<'de> Deserialize<'de> for HttpActivity
Source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
Source§impl From<&HttpActivity> for HttpActivity
impl From<&HttpActivity> for HttpActivity
Source§fn from(value: &HttpActivity) -> Self
fn from(value: &HttpActivity) -> Self
Converts to this type from the input type.
Source§impl From<HttpActivity> for HttpActivity
impl From<HttpActivity> for HttpActivity
Source§fn from(value: HttpActivity) -> Self
fn from(value: HttpActivity) -> Self
Converts to this type from the input type.
Source§impl Serialize for HttpActivity
impl Serialize for HttpActivity
Source§impl TryFrom<HttpActivity> for HttpActivity
impl TryFrom<HttpActivity> for HttpActivity
Source§type Error = ConversionError
type Error = ConversionError
The type returned in the event of a conversion error.
Source§fn try_from(value: HttpActivity) -> Result<Self, ConversionError>
fn try_from(value: HttpActivity) -> Result<Self, ConversionError>
Performs the conversion.
Auto Trait Implementations§
impl Freeze for HttpActivity
impl RefUnwindSafe for HttpActivity
impl Send for HttpActivity
impl Sync for HttpActivity
impl Unpin for HttpActivity
impl UnwindSafe for HttpActivity
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more