mirror of https://github.com/MISP/misp-objects
Add sane default for boolean objects
parent
7dc84bfac1
commit
27fce9e7ec
|
@ -93,6 +93,10 @@
|
||||||
"description": "A flag to define if this account belong to a non-banking organisation. If set to true, it's a non-banking organisation.",
|
"description": "A flag to define if this account belong to a non-banking organisation. If set to true, it's a non-banking organisation.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"opened": {
|
"opened": {
|
||||||
|
@ -167,5 +171,5 @@
|
||||||
"iban"
|
"iban"
|
||||||
],
|
],
|
||||||
"uuid": "b4712203-95a8-4883-80e9-b566f5df11c9",
|
"uuid": "b4712203-95a8-4883-80e9-b566f5df11c9",
|
||||||
"version": 2
|
"version": 3
|
||||||
}
|
}
|
|
@ -25,6 +25,10 @@
|
||||||
"description": "True if send only through HTTP",
|
"description": "True if send only through HTTP",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"path": {
|
"path": {
|
||||||
|
@ -37,6 +41,10 @@
|
||||||
"description": "True if cookie is sent over TLS",
|
"description": "True if cookie is sent over TLS",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"text": {
|
"text": {
|
||||||
|
@ -66,5 +74,5 @@
|
||||||
"cookie"
|
"cookie"
|
||||||
],
|
],
|
||||||
"uuid": "7755ad19-55c7-4da4-805e-197cf81bbcb8",
|
"uuid": "7755ad19-55c7-4da4-805e-197cf81bbcb8",
|
||||||
"version": 3
|
"version": 4
|
||||||
}
|
}
|
|
@ -28,6 +28,10 @@
|
||||||
"description": "Result of the cortex job",
|
"description": "Result of the cortex job",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"summary": {
|
"summary": {
|
||||||
|
@ -44,5 +48,5 @@
|
||||||
"full"
|
"full"
|
||||||
],
|
],
|
||||||
"uuid": "144988f3-fa00-4374-8015-c1a32092f451",
|
"uuid": "144988f3-fa00-4374-8015-c1a32092f451",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
|
@ -4,18 +4,30 @@
|
||||||
"description": "The vulnerability is being discussed in open source.",
|
"description": "The vulnerability is being discussed in open source.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"activity-location-private": {
|
"activity-location-private": {
|
||||||
"description": "The vulnerability is being discussed in private/direct communications.",
|
"description": "The vulnerability is being discussed in private/direct communications.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"activity-location-underground": {
|
"activity-location-underground": {
|
||||||
"description": "The vulnerability is being discussed in the underground.",
|
"description": "The vulnerability is being discussed in the underground.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"countermeasures": {
|
"countermeasures": {
|
||||||
|
@ -52,42 +64,70 @@
|
||||||
"description": "Exploit code for the vulnerability is available.",
|
"description": "Exploit code for the vulnerability is available.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"exploit-status-not-observed": {
|
"exploit-status-not-observed": {
|
||||||
"description": "Exploit code or usage has not been observed for the vulnerability.",
|
"description": "Exploit code or usage has not been observed for the vulnerability.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"exploit-status-productized": {
|
"exploit-status-productized": {
|
||||||
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
|
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"exploit-status-weaponized": {
|
"exploit-status-weaponized": {
|
||||||
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
|
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"interest-level-disclosed-publicly": {
|
"interest-level-disclosed-publicly": {
|
||||||
"description": "The vulnerability has been disclosed publicly.",
|
"description": "The vulnerability has been disclosed publicly.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"interest-level-exploit-sought": {
|
"interest-level-exploit-sought": {
|
||||||
"description": "An exploit for the vulnerability is being sought.",
|
"description": "An exploit for the vulnerability is being sought.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"interest-level-researched-publicly": {
|
"interest-level-researched-publicly": {
|
||||||
"description": "The vulnerability has been researched or documented publicly.",
|
"description": "The vulnerability has been researched or documented publicly.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"modified": {
|
"modified": {
|
||||||
|
@ -189,5 +229,5 @@
|
||||||
"cve-id"
|
"cve-id"
|
||||||
],
|
],
|
||||||
"uuid": "8f8ee946-1383-4139-b4da-ad8c5aceac07",
|
"uuid": "8f8ee946-1383-4139-b4da-ad8c5aceac07",
|
||||||
"version": 4
|
"version": 5
|
||||||
}
|
}
|
|
@ -128,6 +128,10 @@
|
||||||
"destination.tor_node": {
|
"destination.tor_node": {
|
||||||
"description": "If the destination IP was a known tor node.",
|
"description": "If the destination IP was a known tor node.",
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"destination.url": {
|
"destination.url": {
|
||||||
|
@ -378,6 +382,10 @@
|
||||||
"source.tor_node": {
|
"source.tor_node": {
|
||||||
"description": "If the source IP was a known tor node.",
|
"description": "If the source IP was a known tor node.",
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"source.url": {
|
"source.url": {
|
||||||
|
@ -415,5 +423,5 @@
|
||||||
"meta-category": "network",
|
"meta-category": "network",
|
||||||
"name": "intelmq_event",
|
"name": "intelmq_event",
|
||||||
"uuid": "491ac7d2-25a1-4078-8246-b04a132d003d",
|
"uuid": "491ac7d2-25a1-4078-8246-b04a132d003d",
|
||||||
"version": 4
|
"version": 5
|
||||||
}
|
}
|
|
@ -18,6 +18,10 @@
|
||||||
"description": "A flag to define if this meme is part of an a/b test. If set to true, it is part of an a/b test set.",
|
"description": "A flag to define if this meme is part of an a/b test. If set to true, it is part of an a/b test set.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"archive": {
|
"archive": {
|
||||||
|
@ -103,5 +107,5 @@
|
||||||
"document-text"
|
"document-text"
|
||||||
],
|
],
|
||||||
"uuid": "6f6c3b61-f085-475e-93df-2e2d9c2fb0f6",
|
"uuid": "6f6c3b61-f085-475e-93df-2e2d9c2fb0f6",
|
||||||
"version": 7
|
"version": 8
|
||||||
}
|
}
|
|
@ -61,6 +61,10 @@
|
||||||
"description": "Account 'human' bool.",
|
"description": "Account 'human' bool.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"interactions": {
|
"interactions": {
|
||||||
|
@ -108,6 +112,10 @@
|
||||||
"description": "Account 'verified' bool.",
|
"description": "Account 'verified' bool.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -123,5 +131,5 @@
|
||||||
"attachment"
|
"attachment"
|
||||||
],
|
],
|
||||||
"uuid": "8d5ba58e-cac3-46a6-9d1f-cf236f7e95c9",
|
"uuid": "8d5ba58e-cac3-46a6-9d1f-cf236f7e95c9",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
|
@ -10,6 +10,10 @@
|
||||||
"description": "Indicates if the post is an article.",
|
"description": "Indicates if the post is an article.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"attachment": {
|
"attachment": {
|
||||||
|
@ -141,5 +145,5 @@
|
||||||
"attachment"
|
"attachment"
|
||||||
],
|
],
|
||||||
"uuid": "db85b789-df44-4522-8006-b611e52da5b2",
|
"uuid": "db85b789-df44-4522-8006-b611e52da5b2",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
|
@ -50,6 +50,10 @@
|
||||||
"description": "Specifies whether the process is hidden",
|
"description": "Specifies whether the process is hidden",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"image": {
|
"image": {
|
||||||
|
@ -178,5 +182,5 @@
|
||||||
"current-directory"
|
"current-directory"
|
||||||
],
|
],
|
||||||
"uuid": "02aeef94-ac23-455c-addb-731757ceafb5",
|
"uuid": "02aeef94-ac23-455c-addb-731757ceafb5",
|
||||||
"version": 9
|
"version": 10
|
||||||
}
|
}
|
|
@ -57,6 +57,10 @@
|
||||||
"description": "Determines if the Recycle bin option has been disabled.",
|
"description": "Determines if the Recycle bin option has been disabled.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"recent-files-accessed": {
|
"recent-files-accessed": {
|
||||||
|
@ -94,5 +98,5 @@
|
||||||
"logon-user-name"
|
"logon-user-name"
|
||||||
],
|
],
|
||||||
"uuid": "f9dc7b7e-8ab1-4dde-95d9-67e41b461c65",
|
"uuid": "f9dc7b7e-8ab1-4dde-95d9-67e41b461c65",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
|
@ -4,12 +4,20 @@
|
||||||
"description": "Flag value to determine if autologon is enabled for a user without entering the password.",
|
"description": "Flag value to determine if autologon is enabled for a user without entering the password.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"AutoRestartShell": {
|
"AutoRestartShell": {
|
||||||
"description": "Value of the flag set to auto restart the shell if it crashes or shuts down automatically.",
|
"description": "Value of the flag set to auto restart the shell if it crashes or shuts down automatically.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"CachedLogonCount": {
|
"CachedLogonCount": {
|
||||||
|
@ -34,6 +42,10 @@
|
||||||
"description": "Flag to determine if user login is enabled by pressing Ctrl+ALT+Delete.",
|
"description": "Flag to determine if user login is enabled by pressing Ctrl+ALT+Delete.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"Legal-notice-caption": {
|
"Legal-notice-caption": {
|
||||||
|
@ -60,6 +72,10 @@
|
||||||
"description": "Flag value- if the system is set to power down after it is shutdown.",
|
"description": "Flag value- if the system is set to power down after it is shutdown.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"PreCreateKnownFolders": {
|
"PreCreateKnownFolders": {
|
||||||
|
@ -72,6 +88,10 @@
|
||||||
"description": "Flag to check if the reboot was successful.",
|
"description": "Flag to check if the reboot was successful.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"SID": {
|
"SID": {
|
||||||
|
@ -97,6 +117,10 @@
|
||||||
"description": "Value of the flag set to enable shutdown without requiring a user to login.",
|
"description": "Value of the flag set to enable shutdown without requiring a user to login.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"UserInit": {
|
"UserInit": {
|
||||||
|
@ -109,6 +133,10 @@
|
||||||
"description": "Flag value set to enable/disable logons to the system.",
|
"description": "Flag value set to enable/disable logons to the system.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"user-profile-key-last-write-time": {
|
"user-profile-key-last-write-time": {
|
||||||
|
@ -156,5 +184,5 @@
|
||||||
"SID"
|
"SID"
|
||||||
],
|
],
|
||||||
"uuid": "df03d0e4-3e6b-4e56-951a-142eae4cad59",
|
"uuid": "df03d0e4-3e6b-4e56-951a-142eae4cad59",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
|
@ -10,12 +10,20 @@
|
||||||
"description": "Boolean flag to determine if firewall notifications are enabled.",
|
"description": "Boolean flag to determine if firewall notifications are enabled.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"enbled-firewall": {
|
"enbled-firewall": {
|
||||||
"description": "Boolean flag to determine if the firewall is enabled.",
|
"description": "Boolean flag to determine if the firewall is enabled.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"last-write-time": {
|
"last-write-time": {
|
||||||
|
@ -46,5 +54,5 @@
|
||||||
"profile"
|
"profile"
|
||||||
],
|
],
|
||||||
"uuid": "d9839b3c-c013-4ba7-b5e5-2787198b9e07",
|
"uuid": "d9839b3c-c013-4ba7-b5e5-2787198b9e07",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
|
@ -15,6 +15,10 @@
|
||||||
"description": "Specifies whether remote connections are enabled or disabled on the system.",
|
"description": "Specifies whether remote connections are enabled or disabled on the system.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"last-write-time": {
|
"last-write-time": {
|
||||||
|
@ -85,5 +89,5 @@
|
||||||
"computer-name"
|
"computer-name"
|
||||||
],
|
],
|
||||||
"uuid": "5ac85401-cbf1-4d05-a85e-1784546881e4",
|
"uuid": "5ac85401-cbf1-4d05-a85e-1784546881e4",
|
||||||
"version": 2
|
"version": 3
|
||||||
}
|
}
|
|
@ -52,6 +52,10 @@
|
||||||
"description": "",
|
"description": "",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"interface-MediaSubType": {
|
"interface-MediaSubType": {
|
||||||
|
@ -102,5 +106,5 @@
|
||||||
"network-key"
|
"network-key"
|
||||||
],
|
],
|
||||||
"uuid": "a5a3ba3a-ba2e-42a4-be45-b36809ae56f0",
|
"uuid": "a5a3ba3a-ba2e-42a4-be45-b36809ae56f0",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
|
@ -142,6 +142,10 @@
|
||||||
"description": "A boolean that identifies if the playbook creator deems that this playbook is no longer valid.",
|
"description": "A boolean that identifies if the playbook creator deems that this playbook is no longer valid.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"severity": {
|
"severity": {
|
||||||
|
@ -181,5 +185,5 @@
|
||||||
"playbook-type"
|
"playbook-type"
|
||||||
],
|
],
|
||||||
"uuid": "48894c92-447b-4abe-b093-360c4d823e9d",
|
"uuid": "48894c92-447b-4abe-b093-360c4d823e9d",
|
||||||
"version": 1
|
"version": 2
|
||||||
}
|
}
|
|
@ -22,6 +22,10 @@
|
||||||
"description": "Specifies if the account has the ability to escalate privileges.",
|
"description": "Specifies if the account has the ability to escalate privileges.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"created": {
|
"created": {
|
||||||
|
@ -40,6 +44,10 @@
|
||||||
"description": "Specifies if the account is desabled.",
|
"description": "Specifies if the account is desabled.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"display-name": {
|
"display-name": {
|
||||||
|
@ -82,6 +90,10 @@
|
||||||
"description": "Specifies if the account is associated with a network service.",
|
"description": "Specifies if the account is associated with a network service.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"last_login": {
|
"last_login": {
|
||||||
|
@ -110,6 +122,10 @@
|
||||||
"description": "Specifies if the account has privileges such as root rights.",
|
"description": "Specifies if the account has privileges such as root rights.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"shell": {
|
"shell": {
|
||||||
|
@ -144,5 +160,5 @@
|
||||||
"user-id"
|
"user-id"
|
||||||
],
|
],
|
||||||
"uuid": "49606b06-22f0-4ac8-8eee-2f12ad46f3d3",
|
"uuid": "49606b06-22f0-4ac8-8eee-2f12ad46f3d3",
|
||||||
"version": 5
|
"version": 6
|
||||||
}
|
}
|
|
@ -22,6 +22,10 @@
|
||||||
"description": "CA certificate",
|
"description": "CA certificate",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"issuer": {
|
"issuer": {
|
||||||
|
@ -72,6 +76,10 @@
|
||||||
"description": "Self-signed certificate",
|
"description": "Self-signed certificate",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
|
"sane_default": [
|
||||||
|
"True",
|
||||||
|
"False"
|
||||||
|
],
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"serial-number": {
|
"serial-number": {
|
||||||
|
@ -152,5 +160,5 @@
|
||||||
"issuer"
|
"issuer"
|
||||||
],
|
],
|
||||||
"uuid": "d1ab756a-26b5-4349-9f43-765630f0911c",
|
"uuid": "d1ab756a-26b5-4349-9f43-765630f0911c",
|
||||||
"version": 12
|
"version": 13
|
||||||
}
|
}
|
Loading…
Reference in New Issue