Documentation for Open Vulnerability and Assessment Language (OVAL®)
Definition Type: Element
Name: process_state
Namespace: http://oval.mitre.org/XMLSchema/oval-definitions-5#unix
Type: oval-def:StateType
Containing Schema: unix-definitions-schema.xsd
Abstract
Documentation:
The process_state element defines the different metadata associate with a UNIX process. This includes the command line, pid, ppid, priority, and user id. Please refer to the individual elements in the schema for more details about what each represents.
Collapse XSD Schema Diagram:
Drilldown into user_id in schema unix-definitions-schema_xsd Drilldown into tty in schema unix-definitions-schema_xsd Drilldown into start_time in schema unix-definitions-schema_xsd Drilldown into scheduling_class in schema unix-definitions-schema_xsd Drilldown into priority in schema unix-definitions-schema_xsd Drilldown into ppid in schema unix-definitions-schema_xsd Drilldown into pid in schema unix-definitions-schema_xsd Drilldown into exec_time in schema unix-definitions-schema_xsd Drilldown into command in schema unix-definitions-schema_xsd Drilldown into notes in schema oval-definitions-schema_xsd Drilldown into Signature in schema xmldsig-core-schema_xsd Drilldown into deprecated in schema oval-definitions-schema_xsd Drilldown into comment in schema oval-definitions-schema_xsd Drilldown into operator in schema oval-definitions-schema_xsd Drilldown into version in schema oval-definitions-schema_xsd Drilldown into id in schema oval-definitions-schema_xsd Drilldown into StateType in schema oval-definitions-schema_xsdXSD Diagram of process_state in schema unix-definitions-schema_xsd (Open Vulnerability and Assessment Language (OVAL®))
Collapse XSD Schema Code: 
<xsd:element name="process_state" substitutionGroup="oval-def:state">
    <xsd:annotation>
        <xsd:documentation>The process_state element defines the different metadata associate with a UNIX process. This includes the command line, pid, ppid, priority, and user id. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
    </xsd:annotation>
    <xsd:complexType>
        <xsd:complexContent>
            <xsd:extension base="oval-def:StateType">
                <xsd:sequence>
                    <xsd:element name="command" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>The command element specifies the command/program name to check.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocessstecommand" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:command">
                                        <sch:assert test="not(@datatype) or @datatype='string'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the command entity of a process_state should be 'string'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="exec_time" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>This is the cumulative CPU time, formatted in [DD-]HH:MM:SS where DD is the number of days when execution time is 24 hours or more.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocesssteexec_time" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:exec_time">
                                        <sch:assert test="not(@datatype) or @datatype='string'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the exec_time entity of a process_state should be 'string'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="pid" type="oval-def:EntityStateIntType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>This is the process ID of the process.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocessstepid" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:pid">
                                        <sch:assert test="not(@datatype) or @datatype='int'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the pid entity of a process_state should be 'int'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="ppid" type="oval-def:EntityStateIntType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>This is the process ID of the process's parent process.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocesssteppid" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:ppid">
                                        <sch:assert test="not(@datatype) or @datatype='int'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the ppid entity of a process_state should be 'int'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="priority" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>This is the scheduling priority with which the process runs. This can be adjusted with the nice command or nice() system call.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocessstepriority" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:priority">
                                        <sch:assert test="not(@datatype) or @datatype='string'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the priority entity of a process_state should be 'string'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="scheduling_class" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>A platform specific characteristic maintained by the scheduler: RT (real-time), TS (timeshare), FF (fifo), SYS (system), etc.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocessstescheduling_class" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:scheduling_class">
                                        <sch:assert test="not(@datatype) or @datatype='string'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the scheduling_class entity of a process_state should be 'string'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="start_time" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>This is the time of day the process started formatted in HH:MM:SS if the same day the process started or formatted as MMM_DD (Ex.: Feb_5) if process started the previous day or further in the past.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocessstestart_time" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:start_time">
                                        <sch:assert test="not(@datatype) or @datatype='string'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the start_time entity of a process_state should be 'string'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="tty" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>This is the TTY on which the process was started, if applicable.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocessstetty" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:tty">
                                        <sch:assert test="not(@datatype) or @datatype='string'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the tty entity of a process_state should be 'string'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="user_id" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
                        <xsd:annotation>
                            <xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd. It represents the owner, and thus privilege level, of the specified program.</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="unixprocesssteuser_id" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="unix-def:process_state/unix-def:user_id">
                                        <sch:assert test="not(@datatype) or @datatype='string'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the user_id entity of a process_state should be 'string'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                </xsd:sequence>
            </xsd:extension>
        </xsd:complexContent>
    </xsd:complexType>
</xsd:element>
Collapse Child Elements:
Name Type Min Occurs Max Occurs
Signature ds:Signature 0 1
notes oval-def:notes 0 1
command unix-def:command 0 1
exec_time unix-def:exec_time 0 1
pid unix-def:pid 0 1
ppid unix-def:ppid 0 1
priority unix-def:priority 0 1
scheduling_class unix-def:scheduling_class 0 1
start_time unix-def:start_time 0 1
tty unix-def:tty 0 1
user_id unix-def:user_id 0 1
Collapse Child Attributes:
Name Type Default Value Use
id oval-def:id Required
version oval-def:version Required
operator oval-def:operator AND Optional
comment oval-def:comment Optional
deprecated oval-def:deprecated false Optional
Collapse Derivation Tree:
Collapse References:
oval-def:state
Documentation for Open Vulnerability and Assessment Language (OVAL®)

Generated using Liquid Studio - Developer Bundle 21.0.0.0