Merge pull request #3 from MISP/master

Update
2018-04-10 15:57:18 +00:00 · 2018-04-10 15:57:18 +00:00 · 26a53b7b19
parent 448867f298 c8e9155a3e
commit 26a53b7b19
2 changed files with 30 additions and 7 deletions
--- a/objects/file/definition.json
+++ b/objects/file/definition.json
@ -17,7 +17,8 @@
    "tlsh",
    "pattern-in-file",
    "x509-fingerprint-sha1",
-    "malware-sample"
+    "malware-sample",
+    "path"
  ],
  "attributes": {
    "md5": {
@ -124,6 +125,13 @@
      "ui-priority": 1,
      "misp-attribute": "filename"
    },
+    "path": {
+      "description": "Path of the filename complete or partial",
+      "disable_correlation": true,
+      "multiple": true,
+      "ui-priority": 0,
+      "misp-attribute": "text"
+    },
    "tlsh": {
      "description": "Fuzzy hash by Trend Micro: Locality Sensitive Hash",
      "ui-priority": 0,
@ -156,7 +164,7 @@
      ]
    }
  },
-  "version": 10,
+  "version": 11,
  "description": "File object describing a file with meta-information",
  "meta-category": "file",
  "uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
--- a/objects/ip-port/definition.json
+++ b/objects/ip-port/definition.json
@ -3,6 +3,7 @@
    "dst-port",
    "src-port",
    "domain",
+    "hostname",
    "ip"
  ],
  "attributes": {
@ -40,7 +41,9 @@
        "External analysis"
      ],
      "ui-priority": 1,
-      "misp-attribute": "port"
+      "misp-attribute": "port",
+      "disable_correlation": true,
+      "multiple": true
    },
    "domain": {
      "description": "Domain",
@ -49,7 +52,18 @@
        "External analysis"
      ],
      "ui-priority": 1,
-      "misp-attribute": "domain"
+      "misp-attribute": "domain",
+      "multiple": true
+    },
+    "hostname": {
+      "description": "Hostname",
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "ui-priority": 1,
+      "misp-attribute": "hostname",
+      "multiple": true
    },
    "ip": {
      "description": "IP Address",
@ -58,11 +72,12 @@
        "External analysis"
      ],
      "ui-priority": 1,
-      "misp-attribute": "ip-dst"
+      "misp-attribute": "ip-dst",
+      "multiple": true
    }
  },
-  "version": 6,
-  "description": "An IP address (or domain) and a port seen as a tuple (or as a triple) in a specific time frame.",
+  "version": 7,
+  "description": "An IP address (or domain or hostname) and a port seen as a tuple (or as a triple) in a specific time frame.",
  "meta-category": "network",
  "uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6",
  "name": "ip-port"