2016-09-27 19:47:22 +02:00
|
|
|
{
|
|
|
|
"$schema": "http://json-schema.org/draft-04/schema#",
|
2017-04-07 17:30:43 +02:00
|
|
|
"title": "Validator for misp events",
|
2017-04-09 00:02:02 +02:00
|
|
|
"id": "https://github.com/MISP/MISP/blob/2.4/format/2.4/schema.json",
|
2017-04-07 17:30:43 +02:00
|
|
|
"defs": {
|
|
|
|
"org": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"name": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"uuid": {
|
|
|
|
"type": "string"
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"required": [
|
|
|
|
"uuid"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
"orgc": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"name": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"uuid": {
|
|
|
|
"type": "string"
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"required": [
|
|
|
|
"uuid"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
"sharing_group": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"name": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"releasability": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"description": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"uuid": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"organisation_uuid": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"org_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"sync_user_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"active": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"created": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"modified": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"local": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"roaming": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"Organisation": {
|
|
|
|
"$ref": "#/defs/org"
|
|
|
|
},
|
|
|
|
"SharingGroupOrg": {
|
|
|
|
"type": "array",
|
|
|
|
"uniqueItems": true,
|
|
|
|
"items": {
|
|
|
|
"$ref": "#/defs/sharing_group_org"
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"SharingGroupServer": {
|
|
|
|
"type": "array",
|
|
|
|
"uniqueItems": true,
|
|
|
|
"items": {
|
|
|
|
"$ref": "#/defs/sharing_group_server"
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"required": [
|
|
|
|
"uuid"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
"required": [
|
|
|
|
"uuid"
|
|
|
|
]
|
|
|
|
},
|
|
|
|
"sharing_group_org": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"sharing_group_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"org_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"extend": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"Organisation": {
|
|
|
|
"$ref": "#/defs/org"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"sharing_group_server": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"sharing_group_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"server_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"all_orgs": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"Server": {
|
|
|
|
"$ref": "#/defs/server"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"server": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"url": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"name": {
|
|
|
|
"type": "string"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"attribute": {
|
2016-09-27 19:47:22 +02:00
|
|
|
"type": "object",
|
2017-04-07 17:30:43 +02:00
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"type": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"category": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"to_ids": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"uuid": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"event_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"distribution": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"timestamp": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"comment": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"sharing_group_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"deleted": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"disable_correlation": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"value": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"data": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"SharingGroup": {
|
|
|
|
"$ref": "#/defs/sharing_group"
|
|
|
|
},
|
|
|
|
"ShadowAttribute": {
|
|
|
|
"type": "array",
|
|
|
|
"uniqueItems": true,
|
|
|
|
"items": {
|
|
|
|
"$ref": "#/defs/attribute"
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"Tag": {
|
|
|
|
"type": "array",
|
|
|
|
"uniqueItems": true,
|
|
|
|
"items": {
|
|
|
|
"$ref": "#/defs/tag"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"event": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
2016-09-27 19:47:22 +02:00
|
|
|
"properties": {
|
|
|
|
"id": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"orgc_id": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"org_id": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"date": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"threat_level_id": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"info": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"published": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"uuid": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"attribute_count": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"analysis": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"timestamp": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"distribution": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"proposal_email_lock": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"locked": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"publish_timestamp": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"sharing_group_id": {
|
2017-04-07 17:30:43 +02:00
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"disable_correlation": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"event_creator_email": {
|
2016-09-30 16:06:41 +02:00
|
|
|
"type": "string"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"Org": {
|
2017-04-07 17:30:43 +02:00
|
|
|
"$ref": "#/defs/org"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"Orgc": {
|
2017-04-07 17:30:43 +02:00
|
|
|
"$ref": "#/defs/org"
|
|
|
|
},
|
|
|
|
"SharingGroup": {
|
|
|
|
"$ref": "#/defs/sharing_group"
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"Attribute": {
|
|
|
|
"type": "array",
|
2017-04-07 17:30:43 +02:00
|
|
|
"uniqueItems": true,
|
2016-09-27 19:47:22 +02:00
|
|
|
"items": {
|
2017-04-07 17:30:43 +02:00
|
|
|
"$ref": "#/defs/attribute"
|
|
|
|
}
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"ShadowAttribute": {
|
|
|
|
"type": "array",
|
2017-04-07 17:30:43 +02:00
|
|
|
"uniqueItems": true,
|
|
|
|
"items": {
|
|
|
|
"$ref": "#/defs/attribute"
|
|
|
|
}
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"RelatedEvent": {
|
|
|
|
"type": "array",
|
2017-04-07 17:30:43 +02:00
|
|
|
"uniqueItems": true,
|
2016-09-27 19:47:22 +02:00
|
|
|
"items": {
|
|
|
|
"type": "object",
|
2017-04-07 17:30:43 +02:00
|
|
|
"additionalProperties": false,
|
2016-09-27 19:47:22 +02:00
|
|
|
"properties": {
|
2017-04-07 17:30:43 +02:00
|
|
|
"Event":{
|
|
|
|
"$ref": "#/defs/event"
|
2016-09-27 19:47:22 +02:00
|
|
|
}
|
|
|
|
}
|
2017-04-07 17:30:43 +02:00
|
|
|
}
|
|
|
|
},
|
|
|
|
"Galaxy": {
|
|
|
|
"type": "array",
|
|
|
|
"uniqueItems": true,
|
|
|
|
"items": {
|
|
|
|
"$ref": "#/defs/galaxy"
|
|
|
|
}
|
2016-09-27 19:47:22 +02:00
|
|
|
},
|
|
|
|
"Tag": {
|
|
|
|
"type": "array",
|
2017-04-07 17:30:43 +02:00
|
|
|
"uniqueItems": true,
|
2016-09-27 19:47:22 +02:00
|
|
|
"items": {
|
2017-04-07 17:30:43 +02:00
|
|
|
"$ref": "#/defs/tag"
|
|
|
|
}
|
2016-09-27 19:47:22 +02:00
|
|
|
}
|
2017-04-07 17:30:43 +02:00
|
|
|
}
|
|
|
|
},
|
|
|
|
"tag": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"name": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"colour": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"exportable": {
|
|
|
|
"type": "boolean"
|
|
|
|
},
|
|
|
|
"hide_tag": {
|
|
|
|
"type": "boolean"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"galaxy": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"uuid": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"name": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"type": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"description": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"version": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"GalaxyCluster": {
|
|
|
|
"type": "array",
|
|
|
|
"uniqueItems": true,
|
|
|
|
"items": {
|
|
|
|
"$ref": "#/defs/galaxy_cluster"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"galaxy_cluster": {
|
|
|
|
"type": "object",
|
|
|
|
"additionalProperties": false,
|
|
|
|
"properties": {
|
|
|
|
"id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"uuid": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"type": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"value": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"tag_name": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"description": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"galaxy_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"source": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"authors": {
|
|
|
|
"type": "array",
|
|
|
|
"uniqueItems": true,
|
|
|
|
"items": {
|
|
|
|
"type": "string"
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"tag_id": {
|
|
|
|
"type": "string"
|
|
|
|
},
|
|
|
|
"meta": {
|
|
|
|
"type": "object"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
},
|
|
|
|
"type": "object",
|
|
|
|
"properties": {
|
|
|
|
"Event": {
|
|
|
|
"$ref": "#/defs/event"
|
2016-09-27 19:47:22 +02:00
|
|
|
}
|
|
|
|
},
|
|
|
|
"required": [
|
|
|
|
"Event"
|
|
|
|
]
|
|
|
|
}
|