otupy.types.targets.process.Process

class Process(*args, **kwargs)

Bases: Map

OpenC2 Process

Implements the process target (Section 3.4.1.15). Common properties of an instance of a computer program as executed on an operating system.

Methods

`clear`	D.clear() -> None.
`copy`	D.copy() -> a shallow copy of D
`fromdict`	Builds instance from dictionary
`fromkeys`	Create a new dictionary with keys from iterable and values set to value.
`get`	Return the value for key if key is in the dictionary, else default.
`items`	D.items() -> a set-like object providing a view on D's items
`keys`	D.keys() -> a set-like object providing a view on D's keys
`make_recursive`	Make this class recursive
`pop`	D.pop(k[,d]) -> v, remove specified key and return the corresponding value.
`popitem`	Remove and return a (key, value) pair as a 2-tuple.
`setdefault`	Insert key with a value of default if key is not in the dictionary.
`todict`	Converts to dictionary
`update`	D.update([E, ]**F) -> None.
`validate_fields`	Check whether field names are valid
`values`	D.values() -> an object providing a view on D's values

Attributes

`base`	Base class
`fieldtypes`	Internal class members are just provided as reference for valid fields and to map their name to the expected type.
`register`	Registered extensions

__init__(*args, **kwargs)

Initialize the Process

This object can be initialized both with a dictionary and with keyword arguments. For valid fields that can be used, see Process. Keyword arguments take precedence over non-keyword arguments. Non-keyword arguments must precede keyword arguments. :param args: Dictionary of key/value pairs. :param kwargs: Keyword arguments.

base = None

Base class

Data types defined in the Language Specification shall not set this field. Data types defined in Profiles that extends a Data Type defined in the Language Specification, must set this field to the corresponding class of the base Data Type.

Note: Extensions defined in the otupy context are recommended to use the same name of the base Data Type, and to distinguish them through appropriate usage of the namespacing mechanism.

clear() → None. Remove all items from D.

copy() → a shallow copy of D

fieldtypes: dict = {'command_line': <class 'str'>, 'cwd': <class 'str'>, 'executable': <class 'otupy.types.targets.file.File'>, 'name': <class 'str'>, 'parent': <class 'otupy.types.targets.process.Process'>, 'pid': <class 'int'>}: Internal class members are just provided as reference for valid fields and to map their name to the expected type. They shall not be instantiated or used directly. pid: Process ID of the process name: Name of the process cwd: Current working directory of the process executable: Executable that was executed to start the process parent: Process that spawned this one command_line: The full command line invocation used to start this process, including all arguments

classmethod fromdict(dic, e)

Builds instance from dictionary

It is used during deserialization to create an otupy instance from the text message. It takes an Encoder instance that is used to recursively build instances of the inner objects (the Encoder provides standard methods to create instances of base objects like strings, integers, boolean).

Parameters:

dic – The intermediary dictionary representation from which the object is built.
e – The Encoder that is being used.

Returns:

An instance of this class initialized from the dictionary values.

classmethod fromkeys(iterable, value=None, /): Create a new dictionary with keys from iterable and values set to value.

get(key, default=None, /): Return the value for key if key is in the dictionary, else default.

items() → a set-like object providing a view on D's items

keys() → a set-like object providing a view on D's keys

static make_recursive(cls)

Make this class recursive

This method can be used as a decorator to make a Map-derived class recurive, namely to hold objects of the same type in fieldtypes. To use this function, just declare the field that must be of the same type as the class as typing.Self, and use the @make_recursive decorator at declaration time.

Param:: No arguments must be specified when using this method as a decorator.
Returns:: A new instance of the class, where all types in fieldtypes marked as typing.Self are replaced with the class instance.

pop(k[, d]) → v, remove specified key and return the corresponding value.: If the key is not found, return the default if given; otherwise, raise a KeyError.

popitem()

Remove and return a (key, value) pair as a 2-tuple.

Pairs are returned in LIFO (last-in, first-out) order. Raises KeyError if the dict is empty.

register = None

Registered extensions

Classes that implement a Data Type defined in the Language Specification will use this field to register extensions defined by external Profiles. Classes that define extensions within Profiles shall register themselves according to the specific documentation of the base type class, but shall not modify this field.

setdefault(key, default=None, /)

Insert key with a value of default if key is not in the dictionary.

Return the value for key if key is in the dictionary, else default.

todict(e)

Converts to dictionary

It is used to convert this object to an intermediary representation during serialization. It takes an Encoder argument that is used to recursively serialize inner data and structures (the Encoder provides standard methods for converting base types to dictionaries)..

Parameters:: e – The Encoder that is being used.
Returns:: A dictionary compliants to the Language Specification’s serialization rules.

update([E, ]**F) → None. Update D from dict/iterable E and F.: If E is present and has a .keys() method, then does: for k in E: D[k] = E[k] If E is present and lacks a .keys() method, then does: for k, v in E: D[k] = v In either case, this is followed by: for k in F: D[k] = F[k]

validate_fields(min_num=1)

Check whether field names are valid

Check if supplied field names are compliant with the fieldtypes list. Only check the name and number of fields, but does not perform any type checking.

Parameters:: min_num – Check that at list min_num fields are supplied (usually, at least 1 field must be supplied to create a valid object). Default to 1.
Returns:: True if validity check is passed, raise a ValueError exception otherwise.

values() → an object providing a view on D's values