ProcessDetails is a JSON Structure definition published by Amazon GuardDuty, describing 13 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.
{
"$schema": "https://json-structure.org/meta/core/v0/#",
"$id": "https://raw.githubusercontent.com/api-evangelist/amazon-guardduty/refs/heads/main/json-structure/guardduty-process-details-structure.json",
"name": "ProcessDetails",
"description": "Information about the observed process.",
"type": "object",
"properties": {
"Name": {
"allOf": [
{
"$ref": "#/components/schemas/String"
},
{
"xml": {
"name": "name"
},
"description": "The name of the process."
}
]
},
"ExecutablePath": {
"allOf": [
{
"$ref": "#/components/schemas/String"
},
{
"xml": {
"name": "executablePath"
},
"description": "The absolute path of the process executable file."
}
]
},
"ExecutableSha256": {
"allOf": [
{
"$ref": "#/components/schemas/String"
},
{
"xml": {
"name": "executableSha256"
},
"description": "The <code>SHA256</code> hash of the process executable."
}
]
},
"NamespacePid": {
"allOf": [
{
"$ref": "#/components/schemas/Integer"
},
{
"xml": {
"name": "namespacePid"
},
"description": "The ID of the child process."
}
]
},
"Pwd": {
"allOf": [
{
"$ref": "#/components/schemas/String"
},
{
"xml": {
"name": "pwd"
},
"description": "The present working directory of the process."
}
]
},
"Pid": {
"allOf": [
{
"$ref": "#/components/schemas/Integer"
},
{
"xml": {
"name": "pid"
},
"description": "The ID of the process."
}
]
},
"StartTime": {
"allOf": [
{
"$ref": "#/components/schemas/Timestamp"
},
{
"xml": {
"name": "startTime"
},
"description": "The time when the process started. This is in UTC format."
}
]
},
"Uuid": {
"allOf": [
{
"$ref": "#/components/schemas/String"
},
{
"xml": {
"name": "uuid"
},
"description": "The unique ID assigned to the process by GuardDuty."
}
]
},
"ParentUuid": {
"allOf": [
{
"$ref": "#/components/schemas/String"
},
{
"xml": {
"name": "parentUuid"
},
"description": "The unique ID of the parent process. This ID is assigned to the parent process by GuardDuty."
}
]
},
"User": {
"allOf": [
{
"$ref": "#/components/schemas/String"
},
{
"xml": {
"name": "user"
},
"description": "The user that executed the process."
}
]
},
"UserId": {
"allOf": [
{
"$ref": "#/components/schemas/Integer"
},
{
"xml": {
"name": "userId"
},
"description": "The unique ID of the user that executed the process."
}
]
},
"Euid": {
"allOf": [
{
"$ref": "#/components/schemas/Integer"
},
{
"xml": {
"name": "euid"
},
"description": "The effective user ID of the user that executed the process."
}
]
},
"Lineage": {
"allOf": [
{
"$ref": "#/components/schemas/Lineage"
},
{
"xml": {
"name": "lineage"
},
"description": "Information about the process's lineage."
}
]
}
}
}