Docs for schema item data in Open Vulnerability and Assessment Language (OVAL®)

Documentation for Open Vulnerability and Assessment Language (OVAL®)

Definition Type:	Element
Name:	data
Namespace:	http://oval.mitre.org/XMLSchema/system_characteristics#windows
Type:	system_characteristics:dataType
Containing Schema:	windows-system-characteristics-schema.xsd
MinOccurs	0
MaxOccurs	1
Abstract

XSD Schema Diagram:

XSD Diagram of data in schema windows-system-characteristics-schema_xsd (Open Vulnerability and Assessment Language (OVAL®))

XSD Schema Code:

<xsd:element name="data" minOccurs="0" maxOccurs="1">
    <xsd:complexType>
        <xsd:complexContent>
            <xsd:extension base="system_characteristics:dataType">
                <xsd:sequence>
                    <xsd:element name="account_logon" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit attempts to log on to or log off of the system. Also, audit attempts to make a network connection.</xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="account_management" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit attempts to create, delete, or change user or group accounts. Also, audit password changes.</xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="detailed_tracking" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit specific events, such as program activation, some forms of handle duplication, indirect access to an object, and process exit. </xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="directory_service_access" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit attempts to access the directory service.</xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="logon" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit attempts to log on to or log off of the system. Also, audit attempts to make a network connection.</xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="object_access" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit attempts to access securable objects, such as files.</xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="policy_change" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit attempts to change Policy object rules. </xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="privilege_use" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit attempts to use privileges.</xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="system" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>Audit attempts to shut down or restart the computer. Also, audit events that affect system security or the security log.</xsd:documentation>
                            <xsd:appinfo>
                                <parent_item>auditeventpolicy_item</parent_item>
                                <cardinality>1</cardinality>
                                <content>string</content>
                                <valid_datatypes>string</valid_datatypes>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                </xsd:sequence>
            </xsd:extension>
        </xsd:complexContent>
    </xsd:complexType>
</xsd:element>

Child Elements:

Name	Type	Min Occurs	Max Occurs
account_logon	windows:account_logon	1	1
account_management	windows:account_management	1	1
detailed_tracking	windows:detailed_tracking	1	1
directory_service_access	windows:directory_service_access	1	1
logon	windows:logon	1	1
object_access	windows:object_access	1	1
policy_change	windows:policy_change	1	1
privilege_use	windows:privilege_use	1	1
system	windows:system	1	1

Derivation Tree:
	system_characteristics:dataType *data*

Documentation for Open Vulnerability and Assessment Language (OVAL®)

Generated using Liquid Studio - Developer Bundle 21.0.0.0