pub struct NetworkFileActivity {Show 60 fields
pub action: Option<String>,
pub action_id: NetworkFileActivityActionId,
pub activity_id: NetworkFileActivityActivityId,
pub activity_name: Option<String>,
pub actor: Actor,
pub api: Option<Api>,
pub app_name: Option<String>,
pub attacks: Vec<Attack>,
pub authorizations: Vec<Authorization>,
pub category_name: Option<String>,
pub category_uid: i64,
pub class_name: Option<String>,
pub class_uid: i64,
pub cloud: Cloud,
pub connection_info: Option<NetworkConnectionInfo>,
pub count: Option<i64>,
pub device: Option<Device>,
pub disposition: Option<String>,
pub disposition_id: Option<NetworkFileActivityDispositionId>,
pub dst_endpoint: Option<NetworkEndpoint>,
pub duration: Option<i64>,
pub end_time: Option<i64>,
pub end_time_dt: Option<String>,
pub enrichments: Vec<Enrichment>,
pub expiration_time: Option<i64>,
pub expiration_time_dt: Option<String>,
pub file: File,
pub firewall_rule: Option<FirewallRule>,
pub ja4_fingerprint_list: Vec<Ja4Fingerprint>,
pub load_balancer: Option<LoadBalancer>,
pub malware: Vec<Malware>,
pub message: Option<String>,
pub metadata: Metadata,
pub observables: Vec<Observable>,
pub osint: Vec<Osint>,
pub proxy: Option<NetworkProxy>,
pub proxy_connection_info: Option<NetworkConnectionInfo>,
pub proxy_endpoint: Option<NetworkProxy>,
pub proxy_http_request: Option<HttpRequest>,
pub proxy_http_response: Option<HttpResponse>,
pub proxy_tls: Option<Tls>,
pub proxy_traffic: Option<NetworkTraffic>,
pub raw_data: Option<String>,
pub severity: Option<String>,
pub severity_id: NetworkFileActivitySeverityId,
pub src_endpoint: NetworkEndpoint,
pub start_time: Option<i64>,
pub start_time_dt: Option<String>,
pub status: Option<String>,
pub status_code: Option<String>,
pub status_detail: Option<String>,
pub status_id: Option<NetworkFileActivityStatusId>,
pub time: i64,
pub time_dt: Option<String>,
pub timezone_offset: Option<i64>,
pub tls: Option<Tls>,
pub traffic: Option<NetworkTraffic>,
pub type_name: Option<String>,
pub type_uid: i64,
pub unmapped: Option<Object>,
}Expand description
NetworkFileActivity
JSON schema
{
"$id": "https://schema.ocsf.io/schema/classes/network_file_activity",
"type": "object",
"required": [
"action_id",
"activity_id",
"actor",
"category_uid",
"class_uid",
"cloud",
"file",
"metadata",
"osint",
"severity_id",
"src_endpoint",
"time",
"type_uid"
],
"properties": {
"action": {
"type": "string"
},
"action_id": {
"type": "integer",
"enum": [
0,
1,
2,
99
]
},
"activity_id": {
"type": "integer",
"enum": [
3,
6,
0,
1,
2,
99,
4,
5,
7,
8,
9,
10,
11,
14,
15,
16,
12,
13
]
},
"activity_name": {
"type": "string"
},
"actor": {
"$ref": "#/$defs/actor"
},
"api": {
"$ref": "#/$defs/api"
},
"app_name": {
"type": "string"
},
"attacks": {
"type": "array",
"items": {
"$ref": "#/$defs/attack"
}
},
"authorizations": {
"type": "array",
"items": {
"$ref": "#/$defs/authorization"
}
},
"category_name": {
"type": "string"
},
"category_uid": {
"type": "integer",
"const": 4
},
"class_name": {
"type": "string"
},
"class_uid": {
"type": "integer",
"const": 4010
},
"cloud": {
"$ref": "#/$defs/cloud"
},
"connection_info": {
"$ref": "#/$defs/network_connection_info"
},
"count": {
"type": "integer"
},
"device": {
"$ref": "#/$defs/device"
},
"disposition": {
"type": "string"
},
"disposition_id": {
"type": "integer",
"enum": [
3,
6,
0,
1,
2,
99,
4,
5,
7,
8,
9,
10,
11,
14,
15,
16,
17,
18,
20,
21,
22,
23,
24,
25,
26,
27,
12,
13,
19
]
},
"dst_endpoint": {
"$ref": "#/$defs/network_endpoint"
},
"duration": {
"type": "integer"
},
"end_time": {
"type": "integer"
},
"end_time_dt": {
"type": "string"
},
"enrichments": {
"type": "array",
"items": {
"$ref": "#/$defs/enrichment"
}
},
"expiration_time": {
"type": "integer"
},
"expiration_time_dt": {
"type": "string"
},
"file": {
"$ref": "#/$defs/file"
},
"firewall_rule": {
"$ref": "#/$defs/firewall_rule"
},
"ja4_fingerprint_list": {
"type": "array",
"items": {
"$ref": "#/$defs/ja4_fingerprint"
}
},
"load_balancer": {
"$ref": "#/$defs/load_balancer"
},
"malware": {
"type": "array",
"items": {
"$ref": "#/$defs/malware"
}
},
"message": {
"type": "string"
},
"metadata": {
"$ref": "#/$defs/metadata"
},
"observables": {
"type": "array",
"items": {
"$ref": "#/$defs/observable"
}
},
"osint": {
"type": "array",
"items": {
"$ref": "#/$defs/osint"
}
},
"proxy": {
"$ref": "#/$defs/network_proxy"
},
"proxy_connection_info": {
"$ref": "#/$defs/network_connection_info"
},
"proxy_endpoint": {
"$ref": "#/$defs/network_proxy"
},
"proxy_http_request": {
"$ref": "#/$defs/http_request"
},
"proxy_http_response": {
"$ref": "#/$defs/http_response"
},
"proxy_tls": {
"$ref": "#/$defs/tls"
},
"proxy_traffic": {
"$ref": "#/$defs/network_traffic"
},
"raw_data": {
"type": "string"
},
"severity": {
"type": "string"
},
"severity_id": {
"type": "integer",
"enum": [
3,
6,
0,
1,
2,
99,
4,
5
]
},
"src_endpoint": {
"$ref": "#/$defs/network_endpoint"
},
"start_time": {
"type": "integer"
},
"start_time_dt": {
"type": "string"
},
"status": {
"type": "string"
},
"status_code": {
"type": "string"
},
"status_detail": {
"type": "string"
},
"status_id": {
"type": "integer",
"enum": [
0,
1,
2,
99
]
},
"time": {
"type": "integer"
},
"time_dt": {
"type": "string"
},
"timezone_offset": {
"type": "integer"
},
"tls": {
"$ref": "#/$defs/tls"
},
"traffic": {
"$ref": "#/$defs/network_traffic"
},
"type_name": {
"type": "string"
},
"type_uid": {
"type": "integer"
},
"unmapped": {
"$ref": "#/$defs/object"
}
},
"$schema": "http://json-schema.org/draft-07/schema#"
}Fields§
§action: Option<String>§action_id: NetworkFileActivityActionId§activity_id: NetworkFileActivityActivityId§activity_name: Option<String>§actor: Actor§api: Option<Api>§app_name: Option<String>§attacks: Vec<Attack>§category_name: Option<String>§category_uid: i64§class_name: Option<String>§class_uid: i64§cloud: Cloud§connection_info: Option<NetworkConnectionInfo>§count: Option<i64>§device: Option<Device>§disposition: Option<String>§disposition_id: Option<NetworkFileActivityDispositionId>§dst_endpoint: Option<NetworkEndpoint>§duration: Option<i64>§end_time: Option<i64>§end_time_dt: Option<String>§enrichments: Vec<Enrichment>§expiration_time: Option<i64>§expiration_time_dt: Option<String>§file: File§firewall_rule: Option<FirewallRule>§ja4_fingerprint_list: Vec<Ja4Fingerprint>§load_balancer: Option<LoadBalancer>§malware: Vec<Malware>§message: Option<String>§metadata: Metadata§observables: Vec<Observable>§osint: Vec<Osint>§proxy: Option<NetworkProxy>§proxy_connection_info: Option<NetworkConnectionInfo>§proxy_endpoint: Option<NetworkProxy>§proxy_http_request: Option<HttpRequest>§proxy_http_response: Option<HttpResponse>§proxy_tls: Option<Tls>§proxy_traffic: Option<NetworkTraffic>§raw_data: Option<String>§severity: Option<String>§severity_id: NetworkFileActivitySeverityId§src_endpoint: NetworkEndpoint§start_time: Option<i64>§start_time_dt: Option<String>§status: Option<String>§status_code: Option<String>§status_detail: Option<String>§status_id: Option<NetworkFileActivityStatusId>§time: i64§time_dt: Option<String>§timezone_offset: Option<i64>§tls: Option<Tls>§traffic: Option<NetworkTraffic>§type_name: Option<String>§type_uid: i64§unmapped: Option<Object>Implementations§
Source§impl NetworkFileActivity
impl NetworkFileActivity
pub fn builder() -> NetworkFileActivity
Trait Implementations§
Source§impl Clone for NetworkFileActivity
impl Clone for NetworkFileActivity
Source§fn clone(&self) -> NetworkFileActivity
fn clone(&self) -> NetworkFileActivity
Returns a duplicate of the value. Read more
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source. Read moreSource§impl Debug for NetworkFileActivity
impl Debug for NetworkFileActivity
Source§impl<'de> Deserialize<'de> for NetworkFileActivity
impl<'de> Deserialize<'de> for NetworkFileActivity
Source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
Source§impl From<&NetworkFileActivity> for NetworkFileActivity
impl From<&NetworkFileActivity> for NetworkFileActivity
Source§fn from(value: &NetworkFileActivity) -> Self
fn from(value: &NetworkFileActivity) -> Self
Converts to this type from the input type.
Source§impl From<NetworkFileActivity> for NetworkFileActivity
impl From<NetworkFileActivity> for NetworkFileActivity
Source§fn from(value: NetworkFileActivity) -> Self
fn from(value: NetworkFileActivity) -> Self
Converts to this type from the input type.
Source§impl Serialize for NetworkFileActivity
impl Serialize for NetworkFileActivity
Source§impl TryFrom<NetworkFileActivity> for NetworkFileActivity
impl TryFrom<NetworkFileActivity> for NetworkFileActivity
Source§type Error = ConversionError
type Error = ConversionError
The type returned in the event of a conversion error.
Source§fn try_from(value: NetworkFileActivity) -> Result<Self, ConversionError>
fn try_from(value: NetworkFileActivity) -> Result<Self, ConversionError>
Performs the conversion.
Auto Trait Implementations§
impl Freeze for NetworkFileActivity
impl RefUnwindSafe for NetworkFileActivity
impl Send for NetworkFileActivity
impl Sync for NetworkFileActivity
impl Unpin for NetworkFileActivity
impl UnwindSafe for NetworkFileActivity
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more