add origin_referrer_url and origin_url to the process attribute

.chloggen/process_originevents.yaml

@@ -0,0 +1,22 @@
+# Use this changelog template to create an entry for release notes.
+#
+# If your change doesn't affect end users you should instead start
+# your pull request title with [chore] or use the "Skip Changelog" label.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: enhancement
+
+# The name of the area of concern in the attributes-registry, (e.g. http, cloud, db)
+component: process
+
+# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: add process.executable.origin_referrer_url and process.executable.origin_url
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+# The values here must be integers.
+issues: [1517]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext:

docs/attributes-registry/process.md

@@ -26,6 +26,8 @@ An operating system process.
 | <a id="process-executable-build-id-go" href="#process-executable-build-id-go">`process.executable.build_id.go`</a> | string | The Go build ID as retrieved by `go tool buildid <go executable>`. | `foh3mEXu7BLZjsN9pOwG/kATcXlYVCDEFouRMQed_/WwRFB1hPo9LBkekthSPG/x8hMC8emW2cCjXD0_1aY` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-executable-build-id-htlhash" href="#process-executable-build-id-htlhash">`process.executable.build_id.htlhash`</a> | string | Profiling specific build ID for executables. See the OTel specification for Profiles for more information. | `600DCAFE4A110000F2BF38C493F5FB92` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-executable-name" href="#process-executable-name">`process.executable.name`</a> | string | The name of the process executable. On Linux based systems, can be set to the `Name` in `proc/[pid]/status`. On Windows, can be set to the base name of `GetProcessImageFileNameW`. | `otelcol` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| <a id="process-executable-origin-referrer-url" href="#process-executable-origin-referrer-url">`process.executable.origin_referrer_url`</a> | string | The URL of the webpage that linked to the process's executable file. [2] | `http://example.com/article1.html` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| <a id="process-executable-origin-url" href="#process-executable-origin-url">`process.executable.origin_url`</a> | string | The URL where the process's executable file is hosted. [3] | `http://example.com/files/example.exe` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-executable-path" href="#process-executable-path">`process.executable.path`</a> | string | The full path to the process executable. On Linux based systems, can be set to the target of `proc/[pid]/exe`. On Windows, can be set to the result of `GetProcessImageFileNameW`. | `/usr/bin/cmd/otelcol` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-exit-code" href="#process-exit-code">`process.exit.code`</a> | int | The exit code of the process. | `127` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-exit-time" href="#process-exit-time">`process.exit.time`</a> | string | The date and time the process exited, in ISO 8601 format. | `2023-11-21T09:26:12.315Z` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
@@ -43,17 +45,21 @@ An operating system process.
 | <a id="process-saved-user-id" href="#process-saved-user-id">`process.saved_user.id`</a> | int | The saved user ID (SUID) of the process. | `1002` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-saved-user-name" href="#process-saved-user-name">`process.saved_user.name`</a> | string | The username of the saved user. | `operator` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-session-leader-pid" href="#process-session-leader-pid">`process.session_leader.pid`</a> | int | The PID of the process's session leader. This is also the session ID (SID) of the process. | `14` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
-| <a id="process-title" href="#process-title">`process.title`</a> | string | Process title (proctitle) [2] | `cat /etc/hostname`; `xfce4-session`; `bash` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| <a id="process-title" href="#process-title">`process.title`</a> | string | Process title (proctitle) [4] | `cat /etc/hostname`; `xfce4-session`; `bash` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-user-id" href="#process-user-id">`process.user.id`</a> | int | The effective user ID (EUID) of the process. | `1001` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-user-name" href="#process-user-name">`process.user.name`</a> | string | The username of the effective user of the process. | `root` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
-| <a id="process-vpid" href="#process-vpid">`process.vpid`</a> | int | Virtual process identifier. [3] | `12` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| <a id="process-vpid" href="#process-vpid">`process.vpid`</a> | int | Virtual process identifier. [5] | `12` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 | <a id="process-working-directory" href="#process-working-directory">`process.working_directory`</a> | string | The working directory of the process. | `/root` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 
 **[1] `process.args_count`:** This field can be useful for querying or performing bucket analysis on how many arguments were provided to start a process. More arguments may be an indication of suspicious activity.
 
-**[2] `process.title`:** In many Unix-like systems, process title (proctitle), is the string that represents the name or command line of a running process, displayed by system monitoring tools like ps, top, and htop.
+**[2] `process.executable.origin_referrer_url`:** This information comes from metadata or alternate data streams linked to the process's executable file. `process.executable.origin_url` represents the URL from which the file was downloaded, and `process.executable.origin_referrer_url` indicates the URL of the page where that URL was listed. There may be cases where both `process.executable.origin_url` and `process.executable.origin_referrer_url` exist, or only one of them is present. Note that the URL itself may contain sensitive information.
 
-**[3] `process.vpid`:** The process ID within a PID namespace. This is not necessarily unique across all processes on the host but it is unique within the process namespace that the process exists within.
+**[3] `process.executable.origin_url`:** This information comes from metadata or alternate data streams linked to the process's executable file. `process.executable.origin_url` represents the URL from which the file was downloaded, and `process.executable.origin_referrer_url` indicates the URL of the page where that URL was listed. There may be cases where both `process.executable.origin_url` and `process.executable.origin_referrer_url` exist, or only one of them is present. Note that the URL itself may contain sensitive information.
+
+**[4] `process.title`:** In many Unix-like systems, process title (proctitle), is the string that represents the name or command line of a running process, displayed by system monitoring tools like ps, top, and htop.
+
+**[5] `process.vpid`:** The process ID within a PID namespace. This is not necessarily unique across all processes on the host but it is unique within the process namespace that the process exists within.
 
 ---
 
@@ -79,9 +85,9 @@ Describes Linux Process attributes
 
 | Attribute | Type | Description | Examples | Stability |
 |---|---|---|---|---|
-| <a id="process-linux-cgroup" href="#process-linux-cgroup">`process.linux.cgroup`</a> | string | The control group associated with the process. [4] | `1:name=systemd:/user.slice/user-1000.slice/session-3.scope`; `0::/user.slice/user-1000.slice/user@1000.service/tmux-spawn-0267755b-4639-4a27-90ed-f19f88e53748.scope` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
+| <a id="process-linux-cgroup" href="#process-linux-cgroup">`process.linux.cgroup`</a> | string | The control group associated with the process. [6] | `1:name=systemd:/user.slice/user-1000.slice/session-3.scope`; `0::/user.slice/user-1000.slice/user@1000.service/tmux-spawn-0267755b-4639-4a27-90ed-f19f88e53748.scope` | ![Experimental](https://img.shields.io/badge/-experimental-blue) |
 
-**[4] `process.linux.cgroup`:** Control groups (cgroups) are a kernel feature used to organize and manage process resources. This attribute provides the path(s) to the cgroup(s) associated with the process, which should match the contents of the [/proc/\[PID\]/cgroup](https://man7.org/linux/man-pages/man7/cgroups.7.html) file.
+**[6] `process.linux.cgroup`:** Control groups (cgroups) are a kernel feature used to organize and manage process resources. This attribute provides the path(s) to the cgroup(s) associated with the process, which should match the contents of the [/proc/\[PID\]/cgroup](https://man7.org/linux/man-pages/man7/cgroups.7.html) file.
 
 ## Deprecated Process Attributes
 

model/process/registry.yaml

@@ -76,6 +76,30 @@ groups:
           be set to the target of `proc/[pid]/exe`. On Windows, can be set to the
           result of `GetProcessImageFileNameW`.
         examples: ['/usr/bin/cmd/otelcol']
+      - id: process.executable.origin_referrer_url
+        type: string
+        stability: experimental
+        brief: >
+          The URL of the webpage that linked to the process's executable file.
+        note: >
+          This information comes from metadata or alternate data streams linked to the process's executable file.
+          `process.executable.origin_url` represents the URL from which the file was downloaded, and
+          `process.executable.origin_referrer_url` indicates the URL of the page where that URL was listed.
+          There may be cases where both `process.executable.origin_url` and `process.executable.origin_referrer_url`
+          exist, or only one of them is present. Note that the URL itself may contain sensitive information.
+        examples: ['http://example.com/article1.html']
+      - id: process.executable.origin_url
+        type: string
+        stability: experimental
+        brief: >
+          The URL where the process's executable file is hosted.
+        note: >
+          This information comes from metadata or alternate data streams linked to the process's executable file.
+          `process.executable.origin_url` represents the URL from which the file was downloaded, and
+          `process.executable.origin_referrer_url` indicates the URL of the page where that URL was listed.
+          There may be cases where both `process.executable.origin_url` and `process.executable.origin_referrer_url`
+          exist, or only one of them is present. Note that the URL itself may contain sensitive information.
+        examples: ['http://example.com/files/example.exe']
       - id: process.command
         type: string
         stability: experimental