From 013e552f90c5b0f98b27e31d15217a3c9043576b Mon Sep 17 00:00:00 2001
From: chrisr3d <chris.studer.68@gmail.com>
Date: Tue, 6 Mar 2018 16:17:22 +0100
Subject: [PATCH] Added Documentation explanations on readme file

---
 README.md                                    | 15 +++++++++++++--
 doc/export_mod/cef_export.json               |  3 +++
 doc/export_mod/liteexport.json               |  3 +++
 doc/export_mod/pdfexport.json                |  3 +++
 doc/export_mod/testexport.json               |  3 +++
 doc/export_mod/threatStream_misp_export.json |  3 +++
 doc/export_mod/threat_connect_export.json    |  3 +++
 doc/import_doc/cuckooimport.json             |  3 +++
 doc/import_doc/email_import.json             |  3 +++
 doc/import_doc/mispjson.json                 |  3 +++
 doc/import_doc/ocr.json                      |  3 +++
 doc/import_doc/openiocimport.json            |  3 +++
 doc/import_doc/stiximport.json               |  3 +++
 doc/import_doc/threatanalyzer_import.json    |  3 +++
 doc/import_doc/vmray_import.json             |  3 +++
 15 files changed, 55 insertions(+), 2 deletions(-)
 create mode 100644 doc/export_mod/cef_export.json
 create mode 100644 doc/export_mod/liteexport.json
 create mode 100644 doc/export_mod/pdfexport.json
 create mode 100644 doc/export_mod/testexport.json
 create mode 100644 doc/export_mod/threatStream_misp_export.json
 create mode 100644 doc/export_mod/threat_connect_export.json
 create mode 100644 doc/import_doc/cuckooimport.json
 create mode 100644 doc/import_doc/email_import.json
 create mode 100644 doc/import_doc/mispjson.json
 create mode 100644 doc/import_doc/ocr.json
 create mode 100644 doc/import_doc/openiocimport.json
 create mode 100644 doc/import_doc/stiximport.json
 create mode 100644 doc/import_doc/threatanalyzer_import.json
 create mode 100644 doc/import_doc/vmray_import.json

diff --git a/README.md b/README.md
index 67ba189..d488813 100644
--- a/README.md
+++ b/README.md
@@ -372,7 +372,7 @@ Recommended     Plugin.Import_ocr_enabled       true   Enable or disable the ocr
 In this same menu set any other plugin settings that are required for testing.
 
 ## Install misp-module on an offline instance.
-First, you need to grab all necessery packages for example like this : 
+First, you need to grab all necessery packages for example like this :
 
 Use pip wheel to create an archive
 ~~~
@@ -380,7 +380,7 @@ mkdir misp-modules-offline
 pip3 wheel -r REQUIREMENTS shodan --wheel-dir=./misp-modules-offline
 tar -cjvf misp-module-bundeled.tar.bz2 ./misp-modules-offline/*
 ~~~
-On offline machine : 
+On offline machine :
 ~~~
 mkdir misp-modules-bundle
 tar xvf misp-module-bundeled.tar.bz2 -C misp-modules-bundle
@@ -439,3 +439,14 @@ cd tests/
 curl -s http://127.0.0.1:6666/query -H "Content-Type: application/json" --data @MY_TEST_FILE.json -X POST
 cd ../
 ~~~
+
+## Documentation
+
+In order to provide documentation about some modules that require specific input / output / configuration, the [doc](doc) directory contains detailed information about the general purpose, requirements, features, input and ouput of each of these modules:
+
+- ***description** - quick description of the general purpose of the module, as the one given by the moduleinfo
+- **requirements** - special libraries needed to make the module work
+- **features** - description of the way to use the module, with the required MISP features to make the module give the intended result
+- **references** - link(s) giving additional information about the format concerned in the module
+- **input** - description of the format of data used in input
+- **output** - description of the format given as the result of the module execution
diff --git a/doc/export_mod/cef_export.json b/doc/export_mod/cef_export.json
new file mode 100644
index 0000000..44a09e7
--- /dev/null
+++ b/doc/export_mod/cef_export.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to export a MISP event in CEF format."
+}
diff --git a/doc/export_mod/liteexport.json b/doc/export_mod/liteexport.json
new file mode 100644
index 0000000..f8c3e90
--- /dev/null
+++ b/doc/export_mod/liteexport.json
@@ -0,0 +1,3 @@
+{
+    "description": "Lite export of a MISP event."
+}
diff --git a/doc/export_mod/pdfexport.json b/doc/export_mod/pdfexport.json
new file mode 100644
index 0000000..987dde6
--- /dev/null
+++ b/doc/export_mod/pdfexport.json
@@ -0,0 +1,3 @@
+{
+    "description": "Simple export of a MISP event to PDF."
+}
diff --git a/doc/export_mod/testexport.json b/doc/export_mod/testexport.json
new file mode 100644
index 0000000..213ea92
--- /dev/null
+++ b/doc/export_mod/testexport.json
@@ -0,0 +1,3 @@
+{
+    "description": "Skeleton export module."
+}
diff --git a/doc/export_mod/threatStream_misp_export.json b/doc/export_mod/threatStream_misp_export.json
new file mode 100644
index 0000000..f311c87
--- /dev/null
+++ b/doc/export_mod/threatStream_misp_export.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to export a structured CSV file for uploading to threatStream."
+}
diff --git a/doc/export_mod/threat_connect_export.json b/doc/export_mod/threat_connect_export.json
new file mode 100644
index 0000000..5ad2469
--- /dev/null
+++ b/doc/export_mod/threat_connect_export.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to export a structured CSV file for uploading to ThreatConnect."
+}
diff --git a/doc/import_doc/cuckooimport.json b/doc/import_doc/cuckooimport.json
new file mode 100644
index 0000000..d0d17d6
--- /dev/null
+++ b/doc/import_doc/cuckooimport.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to import Cuckoo JSON."
+}
diff --git a/doc/import_doc/email_import.json b/doc/import_doc/email_import.json
new file mode 100644
index 0000000..9d6abad
--- /dev/null
+++ b/doc/import_doc/email_import.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to import emails in MISP."
+}
diff --git a/doc/import_doc/mispjson.json b/doc/import_doc/mispjson.json
new file mode 100644
index 0000000..b9be29b
--- /dev/null
+++ b/doc/import_doc/mispjson.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to import MISP JSON format for merging MISP events."
+}
diff --git a/doc/import_doc/ocr.json b/doc/import_doc/ocr.json
new file mode 100644
index 0000000..79d4f43
--- /dev/null
+++ b/doc/import_doc/ocr.json
@@ -0,0 +1,3 @@
+{
+    "description": "Optical Character Recognition (OCR) module for MISP."
+}
diff --git a/doc/import_doc/openiocimport.json b/doc/import_doc/openiocimport.json
new file mode 100644
index 0000000..c49db67
--- /dev/null
+++ b/doc/import_doc/openiocimport.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to import OpenIOC packages."
+}
diff --git a/doc/import_doc/stiximport.json b/doc/import_doc/stiximport.json
new file mode 100644
index 0000000..00442a4
--- /dev/null
+++ b/doc/import_doc/stiximport.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to import some stix stuff."
+}
diff --git a/doc/import_doc/threatanalyzer_import.json b/doc/import_doc/threatanalyzer_import.json
new file mode 100644
index 0000000..179307a
--- /dev/null
+++ b/doc/import_doc/threatanalyzer_import.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to import ThreatAnalyzer archive.zip / analysis.json files."
+}
diff --git a/doc/import_doc/vmray_import.json b/doc/import_doc/vmray_import.json
new file mode 100644
index 0000000..11b413b
--- /dev/null
+++ b/doc/import_doc/vmray_import.json
@@ -0,0 +1,3 @@
+{
+    "description": "Module to import VMRay (VTI) results."
+}