Struct Agent 

#[non_exhaustive]
pub struct Agent {
    pub name: Option<String>,
    pub policies: Option<Vec<Policy>>,
    pub type: Option<String>,
    pub type_id: Option<i64>,
    pub uid: Option<String>,
    pub uid_alt: Option<String>,
    pub vendor_name: Option<String>,
    pub version: Option<String>,
}

Agent

An Agent (also known as a Sensor) is typically installed on an Operating System (OS) and serves as a specialized software component that can be designed to monitor, detect, collect, archive, or take action. These activities and possible actions are defined by the upstream system controlling the Agent and its intended purpose. For instance, an Agent can include Endpoint Detection & Response (EDR) agents, backup/disaster recovery sensors, Application Performance Monitoring or profiling sensors, and similar software.

[] Category: | Name: agent

Constraints:

• at_least_one: [uid,name]

Fields (Non-exhaustive)

Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.

name: Option<String>

Agent Name

The name of the agent or sensor. For example: AWS SSM Agent.

recommended

policies: Option<Vec<Policy>>

Agent Policies

Describes the various policies that may be applied or enforced by an agent or sensor. E.g., Conditional Access, prevention, auto-update, tamper protection, destination configuration, etc.

optional

type: Option<String>

Agent Type

The normalized caption of the type_id value for the agent or sensor. In the case of ‘Other’ or ‘Unknown’, it is defined by the event source.

optional

type_id: Option<i64>

Type ID

The normalized representation of an agent or sensor. E.g., EDR, vulnerability management, APM, backup & recovery, etc.

recommended

uid: Option<String>

Agent ID

The UID of the agent or sensor, sometimes known as a Sensor ID or aid.

recommended

uid_alt: Option<String>

Alternate Agent ID

An alternative or contextual identifier for the agent or sensor, such as a configuration, organization, or license UID.

optional

vendor_name: Option<String>

Vendor Name

The company or author who created the agent or sensor. For example: Crowdstrike.

optional

version: Option<String>

Agent Version

The semantic version of the agent or sensor, e.g., 7.101.50.0.

optional

Trait Implementations

impl Clone for Agent

fn clone(&self) -> Agent

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Agent

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Agent

fn default() -> Agent

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for Agent

where Agent: Default,

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl PartialEq for Agent

fn eq(&self, other: &Agent) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for Agent

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl StructuralPartialEq for Agent