The Systemd data contains all attributes about a systemd unit or user session that were flagged by Sandfly Security or a user defined sandfly for whatever reason.

Systemd Unit Data

{
	"context": {
		"scope": "",
		"uid": 0
	},
	"type": "",
	"name": "",
	"description": "",
	"load_state": "",
	"active_state": "",
	"sub_state": "",
	"object_path": "",
	"service_info": {
		"exec_start": null,
		"exec_start_pre": null,
		"exec_start_post": null,
		"exec_reload": null,
		"exec_stop": null,
		"exec_stop_post": null,
		"exec_summary": null,
		"environment": null,
		"main_exec_start_time": "0001-01-01T00:00:00Z",
		"main_exec_exit_time": "0001-01-01T00:00:00Z",
		"main_pid": {
			"pid": 0,
			"process": null
		},
		"control_pid": {
			"pid": 0,
			"process": null
		},
		"status_text": "",
		"uid": 0,
		"gid": 0
	},
	"timer_info": {
		"last_trigger_time": "0001-01-01T00:00:00Z",
		"calendar": null,
		"unit": ""
	},
	"socket_info": {
		"listen": null,
		"num_connections": 0,
		"num_accepted": 0,
		"num_refused": 0,
		"unit": ""
	}
}

Systemd User Session Data

{
	"uid": 0,
	"gid": 0,
	"username": "",
	"runtime_path": "",
	"start_time": "0001-01-01T00:00:00Z",
	"linger": false
}