{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-guardduty/refs/heads/main/json-schema/guardduty-process-details-schema.json",
  "title": "ProcessDetails",
  "description": "Information about the observed process.",
  "type": "object",
  "properties": {
    "Name": {
      "allOf": [
        {
          "$ref": "#/components/schemas/String"
        },
        {
          "xml": {
            "name": "name"
          },
          "description": "The name of the process."
        }
      ]
    },
    "ExecutablePath": {
      "allOf": [
        {
          "$ref": "#/components/schemas/String"
        },
        {
          "xml": {
            "name": "executablePath"
          },
          "description": "The absolute path of the process executable file."
        }
      ]
    },
    "ExecutableSha256": {
      "allOf": [
        {
          "$ref": "#/components/schemas/String"
        },
        {
          "xml": {
            "name": "executableSha256"
          },
          "description": "The <code>SHA256</code> hash of the process executable."
        }
      ]
    },
    "NamespacePid": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Integer"
        },
        {
          "xml": {
            "name": "namespacePid"
          },
          "description": "The ID of the child process."
        }
      ]
    },
    "Pwd": {
      "allOf": [
        {
          "$ref": "#/components/schemas/String"
        },
        {
          "xml": {
            "name": "pwd"
          },
          "description": "The present working directory of the process."
        }
      ]
    },
    "Pid": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Integer"
        },
        {
          "xml": {
            "name": "pid"
          },
          "description": "The ID of the process."
        }
      ]
    },
    "StartTime": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Timestamp"
        },
        {
          "xml": {
            "name": "startTime"
          },
          "description": "The time when the process started. This is in UTC format."
        }
      ]
    },
    "Uuid": {
      "allOf": [
        {
          "$ref": "#/components/schemas/String"
        },
        {
          "xml": {
            "name": "uuid"
          },
          "description": "The unique ID assigned to the process by GuardDuty."
        }
      ]
    },
    "ParentUuid": {
      "allOf": [
        {
          "$ref": "#/components/schemas/String"
        },
        {
          "xml": {
            "name": "parentUuid"
          },
          "description": "The unique ID of the parent process. This ID is assigned to the parent process by GuardDuty."
        }
      ]
    },
    "User": {
      "allOf": [
        {
          "$ref": "#/components/schemas/String"
        },
        {
          "xml": {
            "name": "user"
          },
          "description": "The user that executed the process."
        }
      ]
    },
    "UserId": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Integer"
        },
        {
          "xml": {
            "name": "userId"
          },
          "description": "The unique ID of the user that executed the process."
        }
      ]
    },
    "Euid": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Integer"
        },
        {
          "xml": {
            "name": "euid"
          },
          "description": "The effective user ID of the user that executed the process."
        }
      ]
    },
    "Lineage": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Lineage"
        },
        {
          "xml": {
            "name": "lineage"
          },
          "description": "Information about the process's lineage."
        }
      ]
    }
  }
}