From 25e1790e748d5acf6017c86730b876911a119614 Mon Sep 17 00:00:00 2001 From: Michael Trewen Date: Tue, 13 Jun 2023 19:15:23 +0200 Subject: [PATCH] jq --- objects/diamond/definition.json | 208 ++++++++++++++++---------------- 1 file changed, 104 insertions(+), 104 deletions(-) diff --git a/objects/diamond/definition.json b/objects/diamond/definition.json index 23d66b9..5e88db1 100644 --- a/objects/diamond/definition.json +++ b/objects/diamond/definition.json @@ -1,106 +1,106 @@ { - "required": [ - "EventID", - "Advesary", - "Capability", - "Infrastructure", - "Victim" - ], - "version": 1, - "description": "A diamond model event object consisting of the four diamond features advesary, infrastructure, capability and victim, several meta-features and ioc attributes.", - "meta-category": "internal", - "uuid": "a9618450-694d-4c73-9f76-35ea0150c19e", - "name": "diamond-event", - "attributes": { - "EventID": { - "description": "Id of the event", - "ui-priority": 0, - "misp-attribute": "counter" - }, - "Advesary": { - "description": "The advesary who attacks the victim", - "ui-priority": 0, - "misp-attribute": "text" - }, - "Capability": { - "description": "The capability used to attack the victim", - "ui-priority": 0, - "misp-attribute": "text" - }, - "Infrastructure": { - "description": "The infrastructure used in the attack", - "ui-priority": 0, - "misp-attribute": "text" - }, - "Victim": { - "description": "The attacked victim", - "ui-priority": 0, - "misp-attribute": "text" - }, - "Timestamp": { - "description": "Timestamp when the event happened", - "ui-priority": 0, - "misp-attribute": "datetime" - }, - "Phase": { - "description": "The event mapped to a phase of the killchain", - "ui-priority": 0, - "misp-attribute": "text", - "values_list": [ - "Reconnaissance", - "Weaponization", - "Delivery", - "Exploitation", - "Installation", - "C2", - "Action on Objectives" - ] - }, - "Result": { - "description": "The result of the event", - "ui-priority": 0, - "misp-attribute": "text" - }, - "Direction": { - "description": "The network-based direction of the event", - "ui-priority": 0, - "misp-attribute": "text", - "values_list": [ - "Victim-to-Infrastructure", - "Infrastructure-to-Victim", - "Infrastructure-to-Infrastructure", - "Adversary-to-Infrastructure", - "Infrastructure-to-Adversary", - "Bidirectional", - "Unknown" - ] - }, - "Methodology": { - "description": "Mitre-Attack mapping of the event", - "ui-priority": 0, - "misp-attribute": "text" - }, - "Resources": { - "description": "The resources the attacker needed for the event to succeed", - "ui-priority": 0, - "misp-attribute": "text" - }, - "Description": { - "description": "Further context to the event", - "ui-priority": 0, - "misp-attribute": "text" - }, - "ioc": { - "description": "Generic IOC", - "ui-priority": 0, - "multiple": true, - "misp-attribute": "text" - }, - "textfield": { - "description": "Generic textfield", - "ui-priority": 0, - "multiple": true, - "misp-attribute": "text" - } + "required": [ + "EventID", + "Advesary", + "Capability", + "Infrastructure", + "Victim" + ], + "version": 1, + "description": "A diamond model event object consisting of the four diamond features advesary, infrastructure, capability and victim, several meta-features and ioc attributes.", + "meta-category": "internal", + "uuid": "a9618450-694d-4c73-9f76-35ea0150c19e", + "name": "diamond-event", + "attributes": { + "EventID": { + "description": "Id of the event", + "ui-priority": 0, + "misp-attribute": "counter" + }, + "Advesary": { + "description": "The advesary who attacks the victim", + "ui-priority": 0, + "misp-attribute": "text" + }, + "Capability": { + "description": "The capability used to attack the victim", + "ui-priority": 0, + "misp-attribute": "text" + }, + "Infrastructure": { + "description": "The infrastructure used in the attack", + "ui-priority": 0, + "misp-attribute": "text" + }, + "Victim": { + "description": "The attacked victim", + "ui-priority": 0, + "misp-attribute": "text" + }, + "Timestamp": { + "description": "Timestamp when the event happened", + "ui-priority": 0, + "misp-attribute": "datetime" + }, + "Phase": { + "description": "The event mapped to a phase of the killchain", + "ui-priority": 0, + "misp-attribute": "text", + "values_list": [ + "Reconnaissance", + "Weaponization", + "Delivery", + "Exploitation", + "Installation", + "C2", + "Action on Objectives" + ] + }, + "Result": { + "description": "The result of the event", + "ui-priority": 0, + "misp-attribute": "text" + }, + "Direction": { + "description": "The network-based direction of the event", + "ui-priority": 0, + "misp-attribute": "text", + "values_list": [ + "Victim-to-Infrastructure", + "Infrastructure-to-Victim", + "Infrastructure-to-Infrastructure", + "Adversary-to-Infrastructure", + "Infrastructure-to-Adversary", + "Bidirectional", + "Unknown" + ] + }, + "Methodology": { + "description": "Mitre-Attack mapping of the event", + "ui-priority": 0, + "misp-attribute": "text" + }, + "Resources": { + "description": "The resources the attacker needed for the event to succeed", + "ui-priority": 0, + "misp-attribute": "text" + }, + "Description": { + "description": "Further context to the event", + "ui-priority": 0, + "misp-attribute": "text" + }, + "ioc": { + "description": "Generic IOC", + "ui-priority": 0, + "multiple": true, + "misp-attribute": "text" + }, + "textfield": { + "description": "Generic textfield", + "ui-priority": 0, + "multiple": true, + "misp-attribute": "text" } - } \ No newline at end of file + } +} \ No newline at end of file