Palo Alto Networks · JSON-LD Context
Palo Alto Cortex Xdr Context
JSON-LD context defining the semantic vocabulary for Palo Alto Cortex Xdr from Palo Alto Networks.
1 Classes
32 Properties
4 Namespaces
Namespaces
pan:
https://pan.dev/schema/
schema:
https://schema.org/
dcterms:
http://purl.org/dc/terms/
xsd:
http://www.w3.org/2001/XMLSchema#
Classes
Cortex XDR Incident
Properties
| Property | Type | Container |
|---|---|---|
| alertCount | integer | |
| alertSources | string | set |
| assignedUserMail | string | |
| assignedUserPrettyName | string | |
| creationTime | integer | |
| description | string | |
| fileArtifacts | set | |
| fileName | string | |
| filePath | string | |
| fileSha256 | string | |
| fileSignatureStatus | string | |
| highSeverityAlertCount | integer | |
| hostCount | integer | |
| incidentId | string | |
| incidentName | string | |
| isManual | boolean | |
| lowSeverityAlertCount | integer | |
| medSeverityAlertCount | integer | |
| modificationTime | integer | |
| networkArtifacts | set | |
| networkCountry | string | |
| networkDomain | string | |
| networkRemoteIp | string | |
| networkRemotePort | integer | |
| notes | string | |
| resolveComment | string | |
| severity | string | |
| status | string | |
| type | string | |
| userCount | integer | |
| wildfireVerdict | string | |
| xdrUrl | reference |
JSON-LD Document
{
"@context": {
"@version": 1.1,
"pan": "https://pan.dev/schema/",
"schema": "https://schema.org/",
"dcterms": "http://purl.org/dc/terms/",
"xsd": "http://www.w3.org/2001/XMLSchema#",
"Cortex XDR Incident": "pan:Cortex XDR Incident",
"alertCount": {
"@id": "pan:alert_count",
"@type": "xsd:integer"
},
"alertSources": {
"@id": "pan:alert_sources",
"@container": "@set",
"@type": "xsd:string"
},
"assignedUserMail": {
"@id": "pan:assigned_user_mail",
"@type": "xsd:string"
},
"assignedUserPrettyName": {
"@id": "pan:assigned_user_pretty_name",
"@type": "xsd:string"
},
"creationTime": {
"@id": "schema:dateCreated",
"@type": "xsd:integer"
},
"description": {
"@id": "schema:description",
"@type": "xsd:string"
},
"fileArtifacts": {
"@id": "pan:file_artifacts",
"@container": "@set"
},
"fileName": {
"@id": "pan:file_name",
"@type": "xsd:string"
},
"filePath": {
"@id": "pan:file_path",
"@type": "xsd:string"
},
"fileSha256": {
"@id": "pan:file_sha256",
"@type": "xsd:string"
},
"fileSignatureStatus": {
"@id": "pan:file_signature_status",
"@type": "xsd:string"
},
"highSeverityAlertCount": {
"@id": "pan:high_severity_alert_count",
"@type": "xsd:integer"
},
"hostCount": {
"@id": "pan:host_count",
"@type": "xsd:integer"
},
"incidentId": {
"@id": "pan:incident_id",
"@type": "xsd:string"
},
"incidentName": {
"@id": "pan:incident_name",
"@type": "xsd:string"
},
"isManual": {
"@id": "pan:is_manual",
"@type": "xsd:boolean"
},
"lowSeverityAlertCount": {
"@id": "pan:low_severity_alert_count",
"@type": "xsd:integer"
},
"medSeverityAlertCount": {
"@id": "pan:med_severity_alert_count",
"@type": "xsd:integer"
},
"modificationTime": {
"@id": "schema:dateModified",
"@type": "xsd:integer"
},
"networkArtifacts": {
"@id": "pan:network_artifacts",
"@container": "@set"
},
"networkCountry": {
"@id": "pan:network_country",
"@type": "xsd:string"
},
"networkDomain": {
"@id": "pan:network_domain",
"@type": "xsd:string"
},
"networkRemoteIp": {
"@id": "pan:network_remote_ip",
"@type": "xsd:string"
},
"networkRemotePort": {
"@id": "pan:network_remote_port",
"@type": "xsd:integer"
},
"notes": {
"@id": "pan:notes",
"@type": "xsd:string"
},
"resolveComment": {
"@id": "pan:resolve_comment",
"@type": "xsd:string"
},
"severity": {
"@id": "pan:severity",
"@type": "xsd:string"
},
"status": {
"@id": "pan:status",
"@type": "xsd:string"
},
"type": {
"@id": "pan:type",
"@type": "xsd:string"
},
"userCount": {
"@id": "pan:user_count",
"@type": "xsd:integer"
},
"wildfireVerdict": {
"@id": "pan:wildfire_verdict",
"@type": "xsd:string"
},
"xdrUrl": {
"@id": "pan:xdr_url",
"@type": "@id"
}
}
}