From 2fe584ca6f8ff78312eaceee113550c7d9e9515c Mon Sep 17 00:00:00 2001 From: Christian Studer Date: Sat, 13 Apr 2024 12:24:58 +0200 Subject: [PATCH] fix: Changed a few attribute types in different template --- objects/abuseipdb/definition.json | 2 +- objects/concordia-mtmf-intrusion-set/definition.json | 6 +++--- objects/covid19-csse-daily-report/definition.json | 4 ++-- objects/ddos/definition.json | 8 ++++---- objects/diamond/definition.json | 2 +- objects/imsi-catcher/definition.json | 2 +- objects/intelmq_event/definition.json | 6 +++--- objects/intelmq_report/definition.json | 2 +- objects/mactime-timeline-analysis/definition.json | 2 +- objects/netflow/definition.json | 6 +++--- objects/network-socket/definition.json | 4 ++-- objects/paloalto-threat-event/definition.json | 4 ++-- objects/probabilistic-data-structure/definition.json | 6 +++--- objects/r2graphity/definition.json | 6 +++--- objects/scrippsco2-c13-daily/definition.json | 2 +- objects/scrippsco2-co2-daily/definition.json | 2 +- objects/scrippsco2-o18-daily/definition.json | 2 +- objects/sigmf-expanded-recording/definition.json | 4 ++-- objects/submarine/definition.json | 10 +++++----- 19 files changed, 40 insertions(+), 40 deletions(-) diff --git a/objects/abuseipdb/definition.json b/objects/abuseipdb/definition.json index 6f1b309..d55d797 100644 --- a/objects/abuseipdb/definition.json +++ b/objects/abuseipdb/definition.json @@ -2,7 +2,7 @@ "attributes": { "abuse-confidence-score": { "description": "Rating (0-100) of how confident AbuseIPDB is that an IP address is entirely malicious", - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "is-malicious": { diff --git a/objects/concordia-mtmf-intrusion-set/definition.json b/objects/concordia-mtmf-intrusion-set/definition.json index f54b6e4..aaf2edb 100644 --- a/objects/concordia-mtmf-intrusion-set/definition.json +++ b/objects/concordia-mtmf-intrusion-set/definition.json @@ -10,14 +10,14 @@ "CMTMF_ATCKID": { "description": "Identifier of the Attack", "disable_correlation": false, - "misp-attribute": "counter", + "misp-attribute": "integer", "recommended": true, "ui-priority": 1 }, "FeedbackLoop": { "description": "Feedback Loop Sequence", "disable_correlation": false, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "PhName": { @@ -30,7 +30,7 @@ "PhSequence": { "description": "Phase Sequence", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "recommended": true, "ui-priority": 0 }, diff --git a/objects/covid19-csse-daily-report/definition.json b/objects/covid19-csse-daily-report/definition.json index 59171cf..8b44463 100644 --- a/objects/covid19-csse-daily-report/definition.json +++ b/objects/covid19-csse-daily-report/definition.json @@ -21,7 +21,7 @@ "county": { "description": "US County (US Only)", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "death": { @@ -33,7 +33,7 @@ "fips": { "description": "Federal Information Processing Standard county code (US Only)", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "latitude": { diff --git a/objects/ddos/definition.json b/objects/ddos/definition.json index 9df4984..2338aa0 100644 --- a/objects/ddos/definition.json +++ b/objects/ddos/definition.json @@ -3,7 +3,7 @@ "backscatter-threshold": { "description": "The minimum amount of backscatter received in 5 minutes / day. This field is only used when the capture origin is indirect network capture such as backscatter.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "capture-origin": { @@ -99,13 +99,13 @@ "total-bps": { "description": "Bits per second (maximum rate of bits per second measured)", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "total-bytes-sent": { "description": "Total number of bytes sent by the sources mentioned", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "size-in-bytes", "ui-priority": 0 }, "total-packets-sent": { @@ -117,7 +117,7 @@ "total-pps": { "description": "Packets per second (maximum rate of packets per second measured)", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "type": { diff --git a/objects/diamond/definition.json b/objects/diamond/definition.json index 0833e14..54e184a 100644 --- a/objects/diamond/definition.json +++ b/objects/diamond/definition.json @@ -31,7 +31,7 @@ }, "EventID": { "description": "Id of the event", - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "Infrastructure": { diff --git a/objects/imsi-catcher/definition.json b/objects/imsi-catcher/definition.json index 7c13595..7b856a8 100644 --- a/objects/imsi-catcher/definition.json +++ b/objects/imsi-catcher/definition.json @@ -56,7 +56,7 @@ "seq": { "description": "A sequence number for the collection", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "text": { diff --git a/objects/intelmq_event/definition.json b/objects/intelmq_event/definition.json index 1ec6040..f1a1a5a 100644 --- a/objects/intelmq_event/definition.json +++ b/objects/intelmq_event/definition.json @@ -112,7 +112,7 @@ }, "destination.port": { "description": "The port to which the connection headed.", - "misp-attribute": "counter", + "misp-attribute": "port", "ui-priority": 1 }, "destination.registry": { @@ -256,7 +256,7 @@ }, "rtir_id": { "description": "Request Tracker Incident Response ticket id.", - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 1 }, "screenshot_url": { @@ -366,7 +366,7 @@ }, "source.port": { "description": "The port from which the connection originated.", - "misp-attribute": "counter", + "misp-attribute": "port", "ui-priority": 1 }, "source.registry": { diff --git a/objects/intelmq_report/definition.json b/objects/intelmq_report/definition.json index 8630d2e..39d6693 100644 --- a/objects/intelmq_report/definition.json +++ b/objects/intelmq_report/definition.json @@ -42,7 +42,7 @@ }, "rtir_id": { "description": "Request Tracker Incident Response ticket id.", - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 1 }, "time.observation": { diff --git a/objects/mactime-timeline-analysis/definition.json b/objects/mactime-timeline-analysis/definition.json index f52d4bc..1df45c7 100644 --- a/objects/mactime-timeline-analysis/definition.json +++ b/objects/mactime-timeline-analysis/definition.json @@ -39,7 +39,7 @@ "file_size": { "description": "Determines the file size in bytes", "disable_correlation": true, - "misp-attribute": "text", + "misp-attribute": "size-in-bytes", "ui-priority": 0 } }, diff --git a/objects/netflow/definition.json b/objects/netflow/definition.json index 5e80527..ad6204a 100644 --- a/objects/netflow/definition.json +++ b/objects/netflow/definition.json @@ -3,7 +3,7 @@ "byte-count": { "description": "Bytes counted in this flow", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "size-in-bytes", "ui-priority": 0 }, "community-id": { @@ -73,7 +73,7 @@ "ip-protocol-number": { "description": "IP protocol number of this flow", "disable_correlation": true, - "misp-attribute": "size-in-bytes", + "misp-attribute": "integer", "ui-priority": 0 }, "ip-src": { @@ -88,7 +88,7 @@ "ip_version": { "description": "IP version of this flow", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "last-packet-seen": { diff --git a/objects/network-socket/definition.json b/objects/network-socket/definition.json index bae4f7e..59ce856 100644 --- a/objects/network-socket/definition.json +++ b/objects/network-socket/definition.json @@ -109,7 +109,7 @@ "dst-bytes-count": { "description": "Number of bytes sent from the source to the destination.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "size-in-bytes", "ui-priority": 0 }, "dst-packets-count": { @@ -215,7 +215,7 @@ "src-bytes-count": { "description": "Number of bytes sent from the destination to the source.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "size-in-bytes", "ui-priority": 0 }, "src-packets-count": { diff --git a/objects/paloalto-threat-event/definition.json b/objects/paloalto-threat-event/definition.json index 795a7f5..c9134cb 100644 --- a/objects/paloalto-threat-event/definition.json +++ b/objects/paloalto-threat-event/definition.json @@ -15,7 +15,7 @@ "dport": { "description": "The port to which the connection headed.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "port", "ui-priority": 1 }, "dst": { @@ -38,7 +38,7 @@ "sport": { "description": "The port from which the connection originated.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "port", "ui-priority": 1 }, "src": { diff --git a/objects/probabilistic-data-structure/definition.json b/objects/probabilistic-data-structure/definition.json index d1b6a39..79a99aa 100644 --- a/objects/probabilistic-data-structure/definition.json +++ b/objects/probabilistic-data-structure/definition.json @@ -21,13 +21,13 @@ "total-bits": { "description": "The number of bits used by this probabilistic data structure.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 1 }, "total-capacity": { "description": "The total capacity of the total set represented in this probabilistic data structure.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 1 }, "type": { @@ -59,7 +59,7 @@ "used-capacity": { "description": "The used capacity (and cardinality) of the set represented in this probabilistic data structure.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 1 }, "vendor-implementation-ref": { diff --git a/objects/r2graphity/definition.json b/objects/r2graphity/definition.json index bb95ee9..7fe7215 100644 --- a/objects/r2graphity/definition.json +++ b/objects/r2graphity/definition.json @@ -3,13 +3,13 @@ "callback-average": { "description": "Average size of a callback", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "callback-largest": { "description": "Largest callback", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "callbacks": { @@ -105,7 +105,7 @@ "shortest-path-to-create-thread": { "description": "Shortest path to the first time the binary calls CreateThread", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "text": { diff --git a/objects/scrippsco2-c13-daily/definition.json b/objects/scrippsco2-c13-daily/definition.json index d89f572..04eeb56 100644 --- a/objects/scrippsco2-c13-daily/definition.json +++ b/objects/scrippsco2-c13-daily/definition.json @@ -9,7 +9,7 @@ "flag": { "description": "Flag (see taxonomy for details).", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "number-flask": { diff --git a/objects/scrippsco2-co2-daily/definition.json b/objects/scrippsco2-co2-daily/definition.json index 03dc7b1..2c7ed2c 100644 --- a/objects/scrippsco2-co2-daily/definition.json +++ b/objects/scrippsco2-co2-daily/definition.json @@ -9,7 +9,7 @@ "flag": { "description": "Flag (see taxonomy for details).", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "number-flask": { diff --git a/objects/scrippsco2-o18-daily/definition.json b/objects/scrippsco2-o18-daily/definition.json index 06ca182..92c8cb4 100644 --- a/objects/scrippsco2-o18-daily/definition.json +++ b/objects/scrippsco2-o18-daily/definition.json @@ -3,7 +3,7 @@ "flag": { "description": "Flag (see taxonomy for details).", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "number-flask": { diff --git a/objects/sigmf-expanded-recording/definition.json b/objects/sigmf-expanded-recording/definition.json index e4254e5..095d7f2 100644 --- a/objects/sigmf-expanded-recording/definition.json +++ b/objects/sigmf-expanded-recording/definition.json @@ -99,7 +99,7 @@ "offset": { "description": "The index number of the first sample in the Dataset. If not provided, this value defaults to zero. Typically used when a Recording is split over multiple files. All sample indices in SigMF are absolute, and so all other indices referenced in metadata for this recording SHOULD be greater than or equal to this value.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "recorder": { @@ -123,7 +123,7 @@ "trailing_bytes": { "description": "The number of bytes to ignore at the end of a Non-Conforming Dataset file.", "disable_correlation": true, - "misp-attribute": "counter", + "misp-attribute": "size-in-bytes", "ui-priority": 0 }, "version": { diff --git a/objects/submarine/definition.json b/objects/submarine/definition.json index 2e27303..993eab9 100644 --- a/objects/submarine/definition.json +++ b/objects/submarine/definition.json @@ -36,7 +36,7 @@ }, "complement": { "description": "Crew size", - "misp-attribute": "counter", + "misp-attribute": "integer", "recommended": false, "ui-priority": 0 }, @@ -46,8 +46,8 @@ "ui-priority": 1 }, "displacement": { - "description": "Displacement in tonns", - "misp-attribute": "counter", + "description": "Displacement in tonnes", + "misp-attribute": "integer", "recommended": true, "ui-priority": 0 }, @@ -64,12 +64,12 @@ }, "in_service_from": { "description": "The year the submarine entered service", - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "in_service_until": { "description": "The year the submarine left service", - "misp-attribute": "counter", + "misp-attribute": "integer", "ui-priority": 0 }, "length": {