salo.events.sysmon.windows.eventcode
Module Contents
Classes
Mixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details. |
|
Mixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details. |
- class salo.events.sysmon.windows.eventcode.EventCodeModel(__pydantic_self__, **data: Any)[source]
Bases:
salo.SaloEventModelMixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details.
__pretty__ is used by [devtools](https://python-devtools.helpmanual.io/) to provide human readable representations of objects.
- _template :str
- timestamp :datetime.datetime
- class salo.events.sysmon.windows.eventcode.EventCode3Model(__pydantic_self__, **data: Any)[source]
Bases:
EventCodeModelMixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details.
__pretty__ is used by [devtools](https://python-devtools.helpmanual.io/) to provide human readable representations of objects.
- _template :str = eventcode3.jinja2
- Version :int
- Level :int
- Task :int
- Opcode :int
- Keywords :str = 0x8000000000000000
- EventRecordID :int
- ProcessID :int
- ThreadID :int
- Computer :str
- UserID :str
- UtcTime :datetime.datetime
- ProcessGuid :uuid.UUID
- ProcessId :int
- Image :Optional[str]
- User :Optional[str]
- protocol :Optional[str]
- Initiated :bool
- src_ip :pydantic.IPvAnyAddress
- SourceIsIpv6 :bool
- SourceHostname :str
- src_port :Optional[str]
- SourcePortName :str
- dest_ip :pydantic.IPvAnyAddress
- DestinationIsIpv6 :bool
- DestinationHostname :str
- dest_port :Optional[str]
- DestinationPortName :str