History

The History class is a log of the significant events or actions performed by the involved parties during the course of handling the incident. 

digraph History {
	graph [bb="0,0,1071,448.5",
		rankdir=LR
	];
	node [label="\N"];
	History	 [height=0.98611,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#cca352" HREF="/idmef_parser/IODEFv2/History.html" TITLE="The History class is a log of the significant events or actions performed by the involved parties during the course of handling the incident. "><FONT FACE="Nimbus Sans L">History</FONT></td> </tr>" %<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/History.html" TITLE="See Section 3.3.1."><FONT FACE="Nimbus Sans L">[ENUM] restriction (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/History.html" TITLE="A means by which to extend the restriction attribute.  See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] ext-restriction (0..1)</FONT></td></tr>%</table>>,
		pos="100,341.5",
		shape=plaintext,
		width=2.7778];
	HistoryItem	 [height=2.7361,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#cca352" HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="The HistoryItem class is an entry in the History (Section 3.13) log that documents a particular action or event that occurred in the course of handling the incident. The details of the entry are a free-form text description, but each can be categorized with the type attribute. "><FONT FACE="Nimbus Sans L">HistoryItem</FONT></td> </tr>" %<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="A timestamp of this entry in the history log."><FONT FACE="Nimbus Sans L">[DATETIME] DateTime (1..1)</FONT></td></tr>%<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="A free-form text description of the action or event."><FONT FACE="Nimbus Sans L">[ML_STRING] Description (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="An identifier meaningful to the sender and recipient of this document that references a course of action (COA).  This class MUST be present if the action attribute is set to &quot;defined-coa&quot;."><FONT FACE="Nimbus Sans L">[STRING] DefinedCOA (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="A mechanism by which to extend the data model."><FONT FACE="Nimbus Sans L">[EXTENSION] AdditionalData (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="A means by which to extend the action attribute.  See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] action (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="See Section 3.3.1."><FONT FACE="Nimbus Sans L">[ENUM] restriction (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="A means by which to extend the restriction attribute.  See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] ext-restriction (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#FFCC66"  HREF="/idmef_parser/IODEFv2/HistoryItem.html" TITLE="See Section 3.3.2."><FONT FACE="Nimbus Sans L">[ID] observable-id (0..1)</FONT></td></tr>%</table>>,
		pos="375.5,341.5",
		shape=plaintext,
		width=3.2361];
	History -> HistoryItem	 [label="1..*",
		lp="229.5,349",
		pos="e,258.97,341.5 200.24,341.5 216.04,341.5 232.55,341.5 248.85,341.5"];
	IncidentID	 [height=0.5,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#90ac3d" HREF="/idmef_parser/IODEFv2/IncidentID.html" TITLE="The IncidentID class represents a tracking number that is unique in the context of the CSIRT. It serves as an identifier for an incident or a document identifier when sharing indicators. This identifier would serve as an index into a CSIRT&#39;s incident handling or knowledge management system. "><FONT FACE="Nimbus Sans L">IncidentID</FONT></td> </tr>" %</table>>,
		pos="667.5,430.5",
		shape=plaintext,
		width=1.1528];
	HistoryItem -> IncidentID	 [label="0..1",
		lp="521.5,405",
		pos="e,625.96,422.06 492.44,384.85 511.88,391.47 531.92,397.94 551,403.5 572.06,409.64 595.58,415.31 615.94,419.85"];
	Contact	 [height=3.0278,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#52a3cc" HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="The Contact class describes contact information for organizations and personnel involved in the incident. This class allows for the naming of the involved party, specifying contact information for them, and identifying their role in the incident. "><FONT FACE="Nimbus Sans L">Contact</FONT></td> </tr>" %<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="The name of the contact.  The contact may either be an organization or a person.  The type attribute disambiguates the semantics."><FONT FACE="Nimbus Sans L">[ML_STRING] ContactName (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="The title for the individual named in the ContactName."><FONT FACE="Nimbus Sans L">[ML_STRING] ContactTitle (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="A free-form text description of the contact."><FONT FACE="Nimbus Sans L">[ML_STRING] Description (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="The timezone in which the contact resides."><FONT FACE="Nimbus Sans L">[TIMEZONE] Timezone (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="A mechanism by which to extend the data model."><FONT FACE="Nimbus Sans L">[EXTENSION] AdditionalData (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="A means by which to extend the role attribute. See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] role (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="A means by which to extend the type attribute. See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] type (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="See Section 3.3.1."><FONT FACE="Nimbus Sans L">[ENUM] restriction (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Contact.html" TITLE="A means by which to extend the restriction attribute.  See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] ext-restriction (0..1)</FONT></td></tr>%</table>>,
		pos="667.5,252.5",
		shape=plaintext,
		width=3.2361];
	HistoryItem -> Contact	 [label="0..1",
		lp="521.5,307",
		pos="e,550.54,288.15 492.17,305.94 508.08,301.09 524.49,296.09 540.57,291.19"];
	Contact -> Contact	 [label="0..*",
		lp="667.5,387",
		pos="e,689.82,361.79 645.18,361.79 649.65,372.62 657.09,379.5 667.5,379.5 674.66,379.5 680.41,376.25 684.76,370.69"];
	RegistryHandle	 [height=0.5,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#52a3cc" HREF="/idmef_parser/IODEFv2/RegistryHandle.html" TITLE="The RegistryHandle class represents a handle into an Internet registry or community-specific database. "><FONT FACE="Nimbus Sans L">RegistryHandle</FONT></td> </tr>" %</table>>,
		pos="957,411.5",
		shape=plaintext,
		width=1.5972];
	Contact -> RegistryHandle	 [label="0..*",
		lp="813.5,381",
		pos="e,899.49,402.7 784.13,350.39 803.03,363.19 822.98,375.11 843,384.5 857.42,391.27 873.7,396.42 889.33,400.32"];
	PostalAddress	 [height=1.5694,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#52a3cc" HREF="/idmef_parser/IODEFv2/PostalAddress.html" TITLE="The PostalAddress class specifies a postal address and associated annotation. "><FONT FACE="Nimbus Sans L">PostalAddress</FONT></td> </tr>" %<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/PostalAddress.html" TITLE="A postal address."><FONT FACE="Nimbus Sans L">[POSTAL] PAddress (1..1)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/PostalAddress.html" TITLE="A free-form text description of the address."><FONT FACE="Nimbus Sans L">[ML_STRING] Description (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/PostalAddress.html" TITLE="Categorizes the type of address described in the PAddress class.  These values are maintained in the &quot;PostalAddress-type&quot; IANA registry per Section 10.2."><FONT FACE="Nimbus Sans L">[ENUM] type (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/PostalAddress.html" TITLE="A means by which to extend the type attribute. See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] ext-type (0..1)</FONT></td></tr>%</table>>,
		pos="957,318.5",
		shape=plaintext,
		width=2.9444];
	Contact -> PostalAddress	 [label="0..*",
		lp="813.5,294",
		pos="e,850.86,294.3 784.42,279.15 803.04,283.4 822.3,287.79 840.9,292.03"];
	Email	 [height=1.5694,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#52a3cc" HREF="/idmef_parser/IODEFv2/Email.html" TITLE="The Email class specifies an email address and associated annotation. "><FONT FACE="Nimbus Sans L">Email</FONT></td> </tr>" %<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Email.html" TITLE="An email address."><FONT FACE="Nimbus Sans L">[EMAIL] EmailTo (1..1)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Email.html" TITLE="A free-form text description of the email address."><FONT FACE="Nimbus Sans L">[ML_STRING] Description (0..*)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Email.html" TITLE="Categorizes the type of email address described in the EmailTo class.  These values are maintained in the &quot;Email- type&quot; IANA registry per Section 10.2."><FONT FACE="Nimbus Sans L">[ENUM] type (0..1)</FONT></td></tr>%<tr><td BGCOLOR="#66CCFF"  HREF="/idmef_parser/IODEFv2/Email.html" TITLE="A means by which to extend the type attribute. See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] ext-type (0..1)</FONT></td></tr>%</table>>,
		pos="957,187.5",
		shape=plaintext,
		width=2.9444];
	Contact -> Email	 [label="0..*",
		lp="813.5,229",
		pos="e,850.86,211.33 784.42,226.25 803.04,222.07 822.3,217.74 840.9,213.57"];
	Telephone	 [height=1.5694,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#CECECE" HREF="/idmef_parser/IODEFv2/Telephone.html" TITLE="The Telephone class describes a telephone number and associated annotation. "><FONT FACE="Nimbus Sans L">Telephone</FONT></td> </tr>" %<tr><td  HREF="/idmef_parser/IODEFv2/Telephone.html" TITLE="A telephone number."><FONT FACE="Nimbus Sans L">[PHONE] TelephoneNumber (1..1)</FONT></td></tr>%<tr><td  HREF="/idmef_parser/IODEFv2/Telephone.html" TITLE="A free-form text description of the phone number."><FONT FACE="Nimbus Sans L">[ML_STRING] Description (0..*)</FONT></td></tr>%<tr><td  HREF="/idmef_parser/IODEFv2/Telephone.html" TITLE="Categorizes the type of telephone number described in the TelephoneNumber class.  These values are maintained in the &quot;Telephone-type&quot; IANA registry per Section 10.2."><FONT FACE="Nimbus Sans L">[ENUM] type (0..1)</FONT></td></tr>%<tr><td  HREF="/idmef_parser/IODEFv2/Telephone.html" TITLE="A means by which to extend the type attribute. See Section 5.1.1."><FONT FACE="Nimbus Sans L">[STRING] ext-type (0..1)</FONT></td></tr>%</table>>,
		pos="957,56.5",
		shape=plaintext,
		width=3.1667];
	Contact -> Telephone	 [label="0..*",
		lp="813.5,156",
		pos="e,857.72,113.07 784.2,163.23 803.58,149.23 823.67,135.2 843,122.5 844.94,121.22 846.91,119.95 848.9,118.67"];
}

Aggregates

HistoryItem (1..*)

An entry in the history log of significant events or actions performed by the involved parties. See Section 3.13.1.

restriction (0..1)

See Section 3.3.1.

ext-restriction (0..1)

A means by which to extend the restriction attribute. See Section 5.1.1.

IDMEFv1

IDMEFv2

IODEFv1

IODEFv2