Skip to content

Network Proxy Endpoint

The network proxy endpoint object describes a proxy server, which acts as an intermediary between a client requesting a resource and the server providing that resource. Defined by D3FEND d3f:ProxyServer.

  • Extends: network_endpoint

Attributes

Section titled “Attributes”

container

The information describing an instance of a container. A container is a prepackaged, portable system image that runs isolated on an existing system using a container runtime like containerd.

hostname

  • Type: hostname_t
  • Requirement: recommended

The fully qualified name of the endpoint.

instance_uid

  • Type: string_t
  • Requirement: recommended

The unique identifier of a VM instance.

interface_name

  • Type: string_t
  • Requirement: recommended

The name of the network interface (e.g. eth2).

interface_uid

  • Type: string_t
  • Requirement: recommended

The unique identifier of the network interface.

ip

  • Type: ip_t
  • Requirement: recommended

The IP address of the endpoint, in either IPv4 or IPv6 format.

name

  • Type: string_t
  • Requirement: recommended

The short name of the endpoint.

namespace_pid

  • Type: integer_t
  • Requirement: recommended

If running under a process namespace (such as in a container), the process identifier within that process namespace.

owner

  • Type: user
  • Requirement: recommended

The identity of the service or user account that owns the endpoint or was last logged into it.

port

  • Type: port_t
  • Requirement: recommended

The port used for communication within the network connection.

svc_name

  • Type: string_t
  • Requirement: recommended

The service name in service-to-service connections. For example, AWS VPC logs the pkt-src-aws-service and pkt-dst-aws-service fields identify the connection is coming from or going to an AWS service.

type_id

The network endpoint type ID.

uid

  • Type: string_t
  • Requirement: recommended

The unique identifier of the endpoint.

agent_list

  • Type: agent
  • Requirement: optional

A list of agent objects associated with a device, endpoint, or resource.

autonomous_system

The Autonomous System details associated with an IP address.

domain

  • Type: string_t
  • Requirement: optional

The name of the domain.

hw_info

The endpoint hardware information.

intermediate_ips

  • Type: ip_t
  • Requirement: optional

The intermediate IP Addresses. For example, the IP addresses in the HTTP X-Forwarded-For header.

location

The geographical location of the endpoint.

mac

  • Type: mac_t
  • Requirement: optional

The Media Access Control (MAC) address of the endpoint.

os

  • Type: os
  • Requirement: optional

The endpoint operating system.

proxy_endpoint

The network proxy information pertaining to a specific endpoint. This can be used to describe information pertaining to network address translation (NAT).

subnet_uid

  • Type: string_t
  • Requirement: optional

The unique identifier of a virtual subnet.

type

  • Type: string_t
  • Requirement: optional

The network endpoint type. For example: unknown, server, desktop, laptop, tablet, mobile, virtual, browser, or other.

vlan_uid

  • Type: string_t
  • Requirement: optional

The Virtual LAN identifier.

vpc_uid

  • Type: string_t
  • Requirement: optional

The unique identifier of the Virtual Private Cloud (VPC).

zone

  • Type: string_t
  • Requirement: optional

The network zone or LAN segment.

Constraints

Section titled “Constraints”

At least one of: ip, uid, name, hostname, svc_name, instance_uid, interface_uid, interface_name

Used By

Section titled “Used By”