MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

new: [attribute type] kusto-query attribute type 

Kusto query is the query language for the Kusto services in Azure used
to search large dataset. It's used in Windows Defender ATP Hunting-Queries
and also Azure Sentinel (Cloud-native SIEM).
pull/527/head
Alexandre Dulaunoy 2019-12-28 15:30:39 +01:00
parent cb715c5d7e
commit 2d5e729025
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pymisp/data/describeTypes.json
View File

@ -54,6 +54,7 @@
"hex", "hex",
"impfuzzy", "impfuzzy",
"imphash", "imphash",
"kusto-query",
"malware-sample", "malware-sample",
"md5", "md5",
"mime-type", "mime-type",
@ -779,6 +780,10 @@
"default_category": "Social network", "default_category": "Social network",
"to_ids": 0 "to_ids": 0
}, },
"kusto-query": {
"default_category": "Artifacts dropped",
"to_ids": 0
},
"last-name": { "last-name": {
"default_category": "Person", "default_category": "Person",
"to_ids": 0 "to_ids": 0
@ -1183,6 +1188,7 @@
"issue-date-of-the-visa", "issue-date-of-the-visa",
"ja3-fingerprint-md5", "ja3-fingerprint-md5",
"jabber-id", "jabber-id",
"kusto-query",
"last-name", "last-name",
"link", "link",
"mac-address", "mac-address",