ocsf-schema icon indicating copy to clipboard operation
ocsf-schema copied to clipboard

Published 20 hours ago verified publisher icon ocsf

TCP Flags should be directional

Open arunj18 opened this issue 10 months ago • 8 comments

I was looking at the data dictionary on https://schema.ocsf.io/1.1.0/dictionary?extensions= and noticed that the tcp_flags are set on the Network Connection Information object with no directionality specified.

My understanding is TCP flags are directional and should exist on the Network Traffic object since it is directional in nature.

See https://www.site24x7.com/learn/linux/tcp-flags.html for an example that TCP flags are set in each packet. In systems that log network traffic, TCP flags that are received by the system and sent by the system will be different.

arunj18 avatar Apr 10 '24 16:04 arunj18