Merge branch 'master' of github.com:MISP/misp-galaxy

pull/76/head
Raphaël Vinot 2017-07-25 18:02:19 +02:00
commit 3f8b2b4b01
10 changed files with 130 additions and 17 deletions

View File

@ -1,7 +1,7 @@
{ {
"$schema": "http://json-schema.org/schema#", "$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies", "title": "Validator for misp-galaxies - Clusters",
"id": "https://www.github.com/MISP/misp-galaxies/schema.json", "id": "https://www.github.com/MISP/misp-galaxies/schema_clusters.json",
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {

View File

@ -1,7 +1,7 @@
{ {
"$schema": "http://json-schema.org/schema#", "$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies", "title": "Validator for misp-galaxies - Galaxies",
"id": "https://www.github.com/MISP/misp-galaxies/schema.json", "id": "https://www.github.com/MISP/misp-galaxies/schema_galaxies.json",
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {

31
schema_misp.json Normal file
View File

@ -0,0 +1,31 @@
{
"$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies - MISP",
"id": "https://www.github.com/MISP/misp-galaxies/schema_misp.json",
"type": "object",
"additionalProperties": false,
"properties": {
"elements_url": {
"type": "string"
},
"default_predicate_value_in": {
"type": "string"
},
"default_predicate_value": {
"type": "string"
},
"cluster_url": {
"type": "string"
},
"predicate_in": {
"type": "string"
}
},
"required": [
"elements_url",
"default_predicate_value_in",
"default_predicate_value",
"cluster_url",
"predicate_in"
]
}

58
schema_vocabularies.json Normal file
View File

@ -0,0 +1,58 @@
{
"$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies - Vocabularies",
"id": "https://www.github.com/MISP/misp-galaxies/schema_vocabularies.json",
"type": "object",
"additionalProperties": false,
"properties": {
"version": {
"type": "integer"
},
"description": {
"type": "string"
},
"source": {
"type": "string"
},
"author": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
}
},
"uuid": {
"type": "string"
},
"stix": {
"type": "string"
},
"type": {
"type": "string"
},
"values": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"value": {
"type": "string"
}
}
}
}
},
"required": [
"version",
"description",
"author",
"uuid",
"type",
"values"
]
}

View File

@ -9,7 +9,7 @@
# Check Jsons format, and beautify # Check Jsons format, and beautify
./jq_all_the_things.sh ./jq_all_the_things.sh
rc=$? rc=$?
if [[ $rc != 0 ]]; then if [[ $rc != 0 ]]; then
exit $rc exit $rc
fi fi
@ -30,7 +30,7 @@ do
echo -n "${dir}: " echo -n "${dir}: "
jsonschema -i ${dir} schema_clusters.json jsonschema -i ${dir} schema_clusters.json
rc=$? rc=$?
if [[ $rc != 0 ]]; then if [[ $rc != 0 ]]; then
echo "Error on ${dir}" echo "Error on ${dir}"
exit $rc exit $rc
fi fi
@ -42,7 +42,31 @@ do
echo -n "${dir}: " echo -n "${dir}: "
jsonschema -i ${dir} schema_galaxies.json jsonschema -i ${dir} schema_galaxies.json
rc=$? rc=$?
if [[ $rc != 0 ]]; then if [[ $rc != 0 ]]; then
echo "Error on ${dir}"
exit $rc
fi
echo ''
done
for dir in misp/*.json
do
echo -n "${dir}: "
jsonschema -i ${dir} schema_misp.json
rc=$?
if [[ $rc != 0 ]]; then
echo "Error on ${dir}"
exit $rc
fi
echo ''
done
for dir in vocabularies/*/*.json
do
echo -n "${dir}: "
jsonschema -i ${dir} schema_vocabularies.json
rc=$?
if [[ $rc != 0 ]]; then
echo "Error on ${dir}" echo "Error on ${dir}"
exit $rc exit $rc
fi fi

View File

@ -91,10 +91,10 @@
"value": "Unauthorized Access" "value": "Unauthorized Access"
} }
], ],
"version" : 1, "version" : 2,
"description": "The IntendedEffectVocab is the default STIX vocabulary for expressing the intended effect of a threat actor", "description": "The IntendedEffectVocab is the default STIX vocabulary for expressing the intended effect of a threat actor",
"source": "STIX 1.0", "source": "STIX 1.0",
"author": "STIX", "author": ["STIX"],
"uuid": "b6975c96-296a-48cf-9006-034ed102bc85", "uuid": "b6975c96-296a-48cf-9006-034ed102bc85",
"stix": "1.2.1", "stix": "1.2.1",
"type": "threat-actor-intended-effect-vocabulary" "type": "threat-actor-intended-effect-vocabulary"

View File

@ -56,10 +56,10 @@
"description": "The threat actor is motivated by the desire to exercise some political advantage." "description": "The threat actor is motivated by the desire to exercise some political advantage."
} }
], ],
"version" : 1, "version" : 2,
"description": "The MotivationVocab is the default STIX vocabulary for expressing the motivation of a threat actor.", "description": "The MotivationVocab is the default STIX vocabulary for expressing the motivation of a threat actor.",
"source": "STIX 1.0", "source": "STIX 1.0",
"author": "STIX", "author": ["STIX"],
"uuid": "74183277-5ee6-436a-9859-cb16fb3f21e2", "uuid": "74183277-5ee6-436a-9859-cb16fb3f21e2",
"stix": "1.2.1", "stix": "1.2.1",
"type": "threat-actor-motivation-vocabulary" "type": "threat-actor-motivation-vocabulary"

View File

@ -67,9 +67,9 @@
"value": "Skill Development / Recruitment - University Programs" "value": "Skill Development / Recruitment - University Programs"
} }
], ],
"version" : 1, "version" : 2,
"description": "The PlanningAndOperationalSupportVocab is the default STIX vocabulary for expressing the planning and operational support functions available to a threat actor.", "description": "The PlanningAndOperationalSupportVocab is the default STIX vocabulary for expressing the planning and operational support functions available to a threat actor.",
"author": "STIX", "author": ["STIX"],
"source": "STIX 1.0", "source": "STIX 1.0",
"stix": "1.0.1", "stix": "1.0.1",
"uuid": "f91f69d2-fcd0-45f2-baeb-4f79f9458da7", "uuid": "f91f69d2-fcd0-45f2-baeb-4f79f9458da7",

View File

@ -17,9 +17,9 @@
"description": "Demonstrates a nascent capability. A novice has basic computer skills and likely requires the assistance of a Practitioner or higher to engage in hacking activity. He uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet and lacks the ability to conduct his own reconnaissance and targeting research." "description": "Demonstrates a nascent capability. A novice has basic computer skills and likely requires the assistance of a Practitioner or higher to engage in hacking activity. He uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet and lacks the ability to conduct his own reconnaissance and targeting research."
} }
], ],
"version" : 1, "version" : 2,
"description": "The ThreatActorSophisticationVocab enumeration is used to define the default STIX vocabulary for expressing the subjective level of sophistication of a threat actor.", "description": "The ThreatActorSophisticationVocab enumeration is used to define the default STIX vocabulary for expressing the subjective level of sophistication of a threat actor.",
"author": "STIX", "author": ["STIX"],
"uuid": "fcaf1309-28c4-4d09-b56f-84d6cf6afbb3", "uuid": "fcaf1309-28c4-4d09-b56f-84d6cf6afbb3",
"stix": "1.0", "stix": "1.0",
"type": "threat-actor-sophistication-vocabulary" "type": "threat-actor-sophistication-vocabulary"

View File

@ -52,10 +52,10 @@
"value": "Disgruntled Customer / User" "value": "Disgruntled Customer / User"
} }
], ],
"version": 1, "version": 2,
"uuid": "3d7dc2ee-ca54-4a5e-96a3-2e7cba0ffe95", "uuid": "3d7dc2ee-ca54-4a5e-96a3-2e7cba0ffe95",
"description": "The ThreatActorTypeVocab enumeration is used to define the default STIX vocabulary for expressing the subjective type of a threat actor.", "description": "The ThreatActorTypeVocab enumeration is used to define the default STIX vocabulary for expressing the subjective type of a threat actor.",
"author": "STIX", "author": ["STIX"],
"source": "STIX 1.0", "source": "STIX 1.0",
"stix": "1.0", "stix": "1.0",
"type": "threat-actor-type-vocabulary" "type": "threat-actor-type-vocabulary"