2018-01-05 11:34:08 +01:00
|
|
|
{
|
|
|
|
"Event": {
|
|
|
|
"Object": [
|
|
|
|
{
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Attribution",
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "registrar",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "whois-registrar",
|
|
|
|
"value": "registar.example.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "domain",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"value": "domain.example.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"disable_correlation": true,
|
|
|
|
"object_relation": "nameserver",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "hostname",
|
|
|
|
"value": "ns1.example.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"disable_correlation": false,
|
|
|
|
"object_relation": "nameserver",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "hostname",
|
|
|
|
"value": "ns2.example.com"
|
|
|
|
}
|
|
|
|
],
|
2018-03-22 16:19:02 +01:00
|
|
|
"description": "Whois records information for a domain name or an IP address.",
|
2018-08-28 23:30:07 +02:00
|
|
|
"distribution": "5",
|
2018-01-05 11:34:08 +01:00
|
|
|
"meta-category": "network",
|
|
|
|
"name": "whois",
|
2018-08-28 23:30:07 +02:00
|
|
|
"sharing_group_id": "0",
|
2018-01-05 11:34:08 +01:00
|
|
|
"template_uuid": "429faea1-34ff-47af-8a00-7c62d3be5a6a",
|
2018-08-28 23:30:07 +02:00
|
|
|
"template_version": "10",
|
2018-01-05 11:34:08 +01:00
|
|
|
"uuid": "a"
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"analysis": "1",
|
|
|
|
"date": "2017-12-31",
|
|
|
|
"distribution": "1",
|
|
|
|
"info": "This is a test",
|
|
|
|
"threat_level_id": "1"
|
|
|
|
}
|
|
|
|
}
|