jq all the things (tm)

2018-09-04 20:40:16 +02:00 · 2018-09-04 20:40:16 +02:00 · 3a81765d8f
parent 258b6830b2
commit 3a81765d8f
1 changed files with 73 additions and 73 deletions
--- a/objects/forensic-evidence/definition.json
+++ b/objects/forensic-evidence/definition.json
@ -1,80 +1,80 @@
 {
  "required": [
-	"case-number",
+    "case-number",
-	"evidence-number"
+    "evidence-number"
  ],
  "attributes": {
-	  "case-number": {
+    "case-number": {
-		"description": "A unique number assigned to the case for unique identification.",
+      "description": "A unique number assigned to the case for unique identification.",
-		"ui-priority": 0,
+      "ui-priority": 0,
-		"misp-attribute": "text"
+      "misp-attribute": "text"
-	  },
+    },
-	  "evidence-number": {
+    "evidence-number": {
-		"description": "A unique number assigned to the evidence for unique identification.",
+      "description": "A unique number assigned to the evidence for unique identification.",
-		"ui-priority": 0,
+      "ui-priority": 0,
-		"misp-attribute": "text"
+      "misp-attribute": "text"
-	  },
+    },
-	  "type": {
+    "type": {
-		"description": "Evidence type.",
+      "description": "Evidence type.",
-		"multiple": true,
+      "multiple": true,
-		"ui-priority": 0,
+      "ui-priority": 0,
-		"misp-attribute": "text",
+      "misp-attribute": "text",
-		"sane_default": [
+      "sane_default": [
-			"Computer",
+        "Computer",
-			"Network",
+        "Network",
-			"Mobile Device",
+        "Mobile Device",
-			"Multimedia",
+        "Multimedia",
-			"Cloud",
+        "Cloud",
-			"IoT",
+        "IoT",
-			"Other"
+        "Other"
-		  ]
+      ]
-	  },
+    },
-	  "name": {
+    "name": {
-		"description": "Name",
+      "description": "Name",
-		"ui-priority": 0,
+      "ui-priority": 0,
-		"misp-attribute": "text"
+      "misp-attribute": "text"
-	  },
+    },
-	  "acquisition-method": {
+    "acquisition-method": {
-		"description": "Method used for acquisition of the evidence.",
+      "description": "Method used for acquisition of the evidence.",
-		"ui-priority": 0,
+      "ui-priority": 0,
-		"misp-attribute": "text",
+      "misp-attribute": "text",
-		"sane_default": [
+      "sane_default": [
-			"Live acquisition",
+        "Live acquisition",
-			"Dead/Offline acquisition",
+        "Dead/Offline acquisition",
-			"Physical collection",
+        "Physical collection",
-			"Logical collection",
+        "Logical collection",
-			"File system extraction",
+        "File system extraction",
-			"Chip-off",
+        "Chip-off",
-			"Other"
+        "Other"
-		  ]
+      ]
-	  },
+    },
-	  "acquisition-tools": {
+    "acquisition-tools": {
-		"description": "Tools used for acquisition of the evidence.",
+      "description": "Tools used for acquisition of the evidence.",
-		"ui-priority": 0,
+      "ui-priority": 0,
-		"misp-attribute": "text",
+      "misp-attribute": "text",
-		"multiple" : true,
+      "multiple": true,
-		"sane_default": [
+      "sane_default": [
-			"DCFldd",
+        "DCFldd",
-			"EnCase",
+        "EnCase",
-			"FTK Imager",
+        "FTK Imager",
-			"FDAS",
+        "FDAS",
-			"TrueBack",
+        "TrueBack",
-			"Guymager",
+        "Guymager",
-			"IXimager",
+        "IXimager",
-			"Other"
+        "Other"
-		  ]
+      ]
-	  },
+    },
-	  "references": {
+    "references": {
-		"description": "External references",
+      "description": "External references",
-		"multiple": true,
+      "multiple": true,
-		"ui-priority": 0,
+      "ui-priority": 0,
-		"misp-attribute": "link"
+      "misp-attribute": "link"
-	  },
+    },
-	  "additional-comments": {
+    "additional-comments": {
-		"description": "Comments.",
+      "description": "Comments.",
-		"ui-priority": 0,
+      "ui-priority": 0,
-		"misp-attribute": "text"
+      "misp-attribute": "text"
-	  }
+    }
  },
  "version": 1,
  "description": "An object template to describe a digital forensic evidence.",