Maturity: Events

Maturity Spectrum Rationale

Semantic Consensus: Medium

There are some fundamental questions about the scope of Events and what they are intended to represent in CybOX: system (software) level events, such as those recorded by operating systems? hardware/appliance generated events? something else? The current EventTypeVocab is correspondingly broad in scope, and has values such as "Packet Traffic", "USB/Media Detection", and "Basic System Ops". Accordingly, the primary distinction between Events and Actions in the current model is that Events are a collection of Actions.

It seems that we need to better define:

Exactly what Events are intended to capture (and thus their scope)
Who are the expected producers/consumers of Events
When to use Events versus Actions

Semantic Completeness: Medium

Given the existing relatively abstract nature of the Events model, it's quite likely that there could be additional fields, such as the name of the system user that initiated the Event (as an example).

Existing Use: Low

There are no known implementations or uses of Events.

Uh oh!

Maturity: Events

Maturity Spectrum Rationale

Semantic Consensus: Medium

Semantic Completeness: Medium

Existing Use: Low

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!