The Session object describes details about an authenticated session. e.g. Session Creation Time, Session Issuer. Defined by D3FEND d3f:Session.
Attributes
Section titled “Attributes”created_time
- Type:
timestamp_t - Requirement: recommended
The time when the session was created.
is_remote
- Type:
boolean_t - Requirement: recommended
The indication of whether the session is remote.
issuer
- Type:
string_t - Requirement: recommended
The identifier of the session issuer.
uid
- Type:
string_t - Requirement: recommended
The unique identifier of the session.
count
- Type:
integer_t - Requirement: optional
The number of identical sessions spawned from the same source IP, destination IP, application, and content/threat type seen over a period of time.
created_time_dt
- Type:
datetime_t - Requirement: optional
The time when the session was created.
credential_uid
- Type:
string_t - Requirement: optional
The unique identifier of the user’s credential. For example, AWS Access Key ID.
expiration_reason
- Type:
string_t - Requirement: optional
The reason which triggered the session expiration.
expiration_time
- Type:
timestamp_t - Requirement: optional
The session expiration time.
expiration_time_dt
- Type:
datetime_t - Requirement: optional
The session expiration time.
is_mfa
- Type:
boolean_t - Requirement: optional
Indicates whether Multi Factor Authentication was used during authentication.
is_vpn
- Type:
boolean_t - Requirement: optional
The indication of whether the session is a VPN session.
terminal
- Type:
string_t - Requirement: optional
The Pseudo Terminal associated with the session. Ex: the tty or pts value.
uid_alt
- Type:
string_t - Requirement: optional
The alternate unique identifier of the session. e.g. AWS ARN - arn:aws:sts::123344444444:assumed-role/Admin/example-session.
uuid
- Type:
uuid_t - Requirement: optional
The universally unique identifier of the session.