Module Values.ActorSource

Information about the actors involved in an attack sequence.

Sourcetype nonrec t = {
  1. id : String_.t option;
    (*

    ID of the threat actor.

    *)
  2. user : User.t option;
    (*

    Contains information about the user credentials used by the threat actor.

    *)
  3. session : Session.t option;
    (*

    Contains information about the user session where the activity initiated.

    *)
  4. process : ActorProcess.t option;
    (*

    Contains information about the process associated with the threat actor. This includes details such as process name, path, execution time, and unique identifiers that help track the actor's activities within the system.

    *)
}
Sourceval make : ?id:??? -> ?user:??? -> ?session:??? -> ?process:??? -> unit -> t
Sourceval to_value : t -> [> `Structure of (string * [> `String of String_.t | `Structure of (string * [> `Enum of string | `String of String_.t | `Structure of (string * [> `String of String_.t ]) list | `Timestamp of Timestamp.t ]) list ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t