1. Home
  2. Entities
  3. Classes
  4. observable:EventRecordFacet

observable:EventRecordFacet leaf node

URI

https://ontology.unifiedcyberontology.org/uco/observable/EventRecordFacet

Label

EventRecordFacet

Description

An event record facet is a grouping of characteristics unique to something that happens in a digital context (e.g., operating system events).

Superclasses (3)

  • core:Facet
  • core:UcoInherentCharacterizationThing
  • core:UcoThing

    • Shapes (1)

  • observable:EventRecordFacet

    • Usage

    Instances of observable:EventRecordFacet can have the following properties:

    PROPERTYTYPEDESCRIPTIONRANGE
    From class owl:Thing
    types:threadNextItem owl:ObjectProperty The link to a next item in a thread. owl:Thing
    types:threadPreviousItem owl:ObjectProperty A direct link to a previous item in a thread. owl:Thing

    Property Shapes

    By the associated SHACL property shapes, instances of observable:EventRecordFacet can have the following properties:

    PROPERTY

    PROPERTY TYPE

    DESCRIPTION

    MIN COUNT

    MAX COUNT

    LOCAL RANGE
    (type range for property on this class)

    GLOBAL RANGE
    (type range for property globally)
    observable:EventRecordFacet
    observable:account owl:ObjectProperty Specifies the account referenced in an event log entry or used to run the scheduled task. See also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa381228(v=vs.85).aspx.
    		1 observable:ObservableObject
    		observable:ObservableObject
    observable:application
    		1 observable:ObservableObject
    		owl:Thing
    observable:cyberAction
    		1 observable:ObservableAction
    		owl:Thing
    observable:endTime
    		1 xsd:dateTime
    		owl:Thing

    		1 xsd:string
    		owl:Thing
    observable:eventRecordDevice owl:ObjectProperty The device on which the log entry was generated.
    		1 observable:ObservableObject
    		observable:ObservableObject
    observable:eventRecordID owl:DatatypeProperty The identifier of the event record.
    		1 xsd:string
    		xsd:string
    observable:eventRecordRaw
    		1 xsd:string
    		owl:Thing
    observable:eventRecordServiceName owl:DatatypeProperty The service that generated the event record. A single application can have multiple services generating event records.
    		1 xsd:string
    		xsd:string
    observable:eventRecordText
    		1 xsd:string
    		owl:Thing
    observable:eventType owl:DatatypeProperty The type of the event, for example 'information', 'warning' or 'error'.
    		1 xsd:string
    		xsd:string
    observable:observableCreatedTime
    		1 xsd:dateTime
    		owl:Thing
    observable:startTime owl:DatatypeProperty
    		1 xsd:dateTime
    		xsd:dateTime

    Implementation

    @prefix core: <https://ontology.unifiedcyberontology.org/uco/core/> .
@prefix observable: <https://ontology.unifiedcyberontology.org/uco/observable/> .
@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix sh: <http://www.w3.org/ns/shacl#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .

observable:EventRecordFacet a owl:Class,
        sh:NodeShape ;
    rdfs:label "EventRecordFacet"@en ;
    rdfs:comment "An event record facet is a grouping of characteristics unique to something that happens in a digital context (e.g., operating system events)."@en ;
    rdfs:subClassOf core:Facet ;
    sh:property [ sh:class observable:ObservableAction ;
            sh:maxCount 1 ;
            sh:nodeKind sh:IRI ;
            sh:path observable:cyberAction ],
        [ sh:class observable:ObservableObject ;
            sh:maxCount 1 ;
            sh:nodeKind sh:IRI ;
            sh:path observable:account ],
        [ sh:class observable:ObservableObject ;
            sh:maxCount 1 ;
            sh:nodeKind sh:IRI ;
            sh:path observable:application ],
        [ sh:class observable:ObservableObject ;
            sh:maxCount 1 ;
            sh:nodeKind sh:IRI ;
            sh:path observable:eventRecordDevice ],
        [ sh:datatype xsd:dateTime ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:endTime ],
        [ sh:datatype xsd:dateTime ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:observableCreatedTime ],
        [ sh:datatype xsd:dateTime ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:startTime ],
        [ sh:datatype xsd:string ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:eventID ],
        [ sh:datatype xsd:string ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:eventRecordID ],
        [ sh:datatype xsd:string ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:eventRecordRaw ],
        [ sh:datatype xsd:string ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:eventRecordServiceName ],
        [ sh:datatype xsd:string ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:eventRecordText ],
        [ sh:datatype xsd:string ;
            sh:maxCount 1 ;
            sh:nodeKind sh:Literal ;
            sh:path observable:eventType ] ;
    sh:targetClass observable:EventRecordFacet .