misp-objects/objects/dns-record/definition.json

139 lines
3.3 KiB
JSON
Raw Normal View History

2017-11-14 21:38:54 +01:00
{
"attributes": {
"a-record": {
"categories": [
"Network activity",
"External analysis"
],
2020-08-15 14:57:53 +02:00
"description": "IPv4 address associated with A record",
2017-11-14 21:38:54 +01:00
"misp-attribute": "ip-dst",
"multiple": true,
"ui-priority": 1
2017-11-14 21:38:54 +01:00
},
2020-08-15 14:57:53 +02:00
"aaaa-record": {
"categories": [
"Network activity",
"External analysis"
],
"description": "IPv6 address associated with AAAA record",
"misp-attribute": "ip-dst",
"multiple": true,
"ui-priority": 1
},
"cname-record": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Domain associated with CNAME record",
"misp-attribute": "domain",
"multiple": true,
"ui-priority": 1
},
2017-11-14 21:38:54 +01:00
"mx-record": {
"categories": [
"Network activity",
"External analysis"
],
2020-08-15 14:57:53 +02:00
"description": "Domain associated with MX record",
2017-11-14 21:38:54 +01:00
"misp-attribute": "domain",
"multiple": true,
"ui-priority": 1
2017-11-14 21:38:54 +01:00
},
"ns-record": {
"categories": [
"Network activity",
"External analysis"
],
2020-08-15 14:57:53 +02:00
"description": "Domain associated with NS record",
"misp-attribute": "domain",
"multiple": true,
"ui-priority": 1
},
"ptr-record": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Domain associated with PTR record",
"misp-attribute": "domain",
"multiple": true,
"ui-priority": 1
},
"queried-domain": {
2017-11-14 21:38:54 +01:00
"categories": [
"Network activity",
"External analysis"
],
"description": "Domain name",
2017-11-14 21:38:54 +01:00
"misp-attribute": "domain",
"ui-priority": 1
},
2020-08-15 14:57:53 +02:00
"soa-record": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Domain associated with SOA record",
"misp-attribute": "domain",
"multiple": true,
"ui-priority": 1
},
"spf-record": {
"categories": [
"Network activity",
"External analysis"
],
"description": "IP addresses associated with SPF record",
"misp-attribute": "ip-dst",
"multiple": true,
"ui-priority": 1
},
"srv-record": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Domain associated with SRV record",
"misp-attribute": "domain",
"multiple": true,
"ui-priority": 1
},
"text": {
"description": "A description of the records",
"misp-attribute": "text",
"recommended": false,
"ui-priority": 1
2020-08-15 14:57:53 +02:00
},
"txt-record": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Content associated with TXT record",
"misp-attribute": "text",
"multiple": true,
"ui-priority": 1
2017-11-14 21:38:54 +01:00
}
},
2020-08-15 14:57:53 +02:00
"description": "A set of DNS records observed for a specific domain.",
2017-11-14 21:38:54 +01:00
"meta-category": "network",
"name": "dns-record",
"required": [
"queried-domain"
],
"requiredOneOf": [
"a-record",
2020-08-15 14:57:53 +02:00
"aaaa-record",
"cname-record",
"mx-record",
2020-08-15 14:57:53 +02:00
"ns-record",
"ptr-record",
"soa-record",
"spf-record",
"srv-record",
"txt-record"
],
2017-11-14 21:38:54 +01:00
"uuid": "f023c8f0-81ab-41f3-9f5d-fa597a34a9b9",
2020-08-15 14:57:53 +02:00
"version": 2
}