From 60f559f6da565764a4e3bcfd66fc09078b059074 Mon Sep 17 00:00:00 2001 From: DigitalLeukocyte <20444154+DigitalLeukocyte@users.noreply.github.com> Date: Tue, 2 Oct 2018 13:01:29 -0700 Subject: [PATCH 1/7] Create IP_API.JSON --- objects/IP_API.JSON | 90 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 objects/IP_API.JSON diff --git a/objects/IP_API.JSON b/objects/IP_API.JSON new file mode 100644 index 0000000..41b88d0 --- /dev/null +++ b/objects/IP_API.JSON @@ -0,0 +1,90 @@ +{ + "name": "IP Address", + "meta-category": "network", + "description": "IP Address informtion. Useful if you pull your ip information from ip-api.com", + "version": 1, + "uuid": "4336f124-6264-4f72-943e-cc3797e4122b", + + "attributes": { + "ip-src": { + "description": "Source IP address of the nework connection.", + "ui-priority": 1, + "misp-attribute": "ip-src" + }, + "asn": { + "description": "Autonomous System Number", + "ui-priority": 1, + "misp-attribute": "AS" + }, + "description": { + "description": "Description of the autonomous system", + "ui-priority": 1, + "misp-attribute": "text" + }, + "ISP": { + "description": "ISP.", + "ui-priority": 1, + "misp-attribute": "text" + }, + "zipcode": { + "description": "Zip Code.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "city": { + "description": "City.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "state": { + "description": "State.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "country": { + "description": "Country name", + "ui-priority": 1, + "misp-attribute": "text" + }, + "country code": { + "description": "Country code ", + "ui-priority": 1, + "misp-attribute": "text" + }, + "region": { + "description": "Region. example: California.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "region code": { + "description": "Region code. example: CA", + "misp-attribute": "text", + "ui-priority": 1 + }, + "latitude": { + "description": "The latitude is the decimal value of the latitude in the World Geodetic System 84 (WGS84) reference.", + "disable_correlation": true, + "ui-priority": 90, + "misp-attribute": "float" + }, + "longitude": { + "description": "The longitude is the decimal value of the longitude in the World Geodetic System 84 (WGS84) reference", + "disable_correlation": true, + "ui-priority": 89, + "misp-attribute": "float" + }, + "first-seen": { + "description": "First time the ASN was seen", + "disable_correlation": true, + "ui-priority": 0, + "misp-attribute": "datetime" + }, + "last-seen": { + "description": "Last time the ASN was seen", + "disable_correlation": true, + "ui-priority": 0, + "misp-attribute": "datetime" + } + }, + "requiredOneOf": [ "ip-src"] + } From ec75268f5c93ebbcec64b051e30172f5e8415013 Mon Sep 17 00:00:00 2001 From: DigitalLeukocyte <20444154+DigitalLeukocyte@users.noreply.github.com> Date: Tue, 2 Oct 2018 13:02:49 -0700 Subject: [PATCH 2/7] Created for data from ip-api.com --- objects/{IP_API.JSON => IP_API.json} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename objects/{IP_API.JSON => IP_API.json} (100%) diff --git a/objects/IP_API.JSON b/objects/IP_API.json similarity index 100% rename from objects/IP_API.JSON rename to objects/IP_API.json From 59b1dda754a68928051c0fe8b27c881d943cf551 Mon Sep 17 00:00:00 2001 From: DigitalLeukocyte <20444154+DigitalLeukocyte@users.noreply.github.com> Date: Thu, 4 Oct 2018 12:41:52 -0700 Subject: [PATCH 3/7] Updated to match more of ip-api.com --- objects/IP_API.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/objects/IP_API.json b/objects/IP_API.json index 41b88d0..449c74b 100644 --- a/objects/IP_API.json +++ b/objects/IP_API.json @@ -1,7 +1,7 @@ { "name": "IP Address", "meta-category": "network", - "description": "IP Address informtion. Useful if you pull your ip information from ip-api.com", + "description": "IP Address informtion. Useful if you are pulling your ip information from ip-api.com", "version": 1, "uuid": "4336f124-6264-4f72-943e-cc3797e4122b", @@ -16,10 +16,10 @@ "ui-priority": 1, "misp-attribute": "AS" }, - "description": { - "description": "Description of the autonomous system", + "organization": { + "description": "Organization", "ui-priority": 1, - "misp-attribute": "text" + "misp-attribute": "AS" }, "ISP": { "description": "ISP.", From 04aea7b5961795b61a49e725addde2064c200fbe Mon Sep 17 00:00:00 2001 From: DigitalLeukocyte <20444154+DigitalLeukocyte@users.noreply.github.com> Date: Thu, 4 Oct 2018 13:14:42 -0700 Subject: [PATCH 4/7] Uploaded IP_API Object in folder --- .../IP_API_IP_Address/IP_API_IP_Address.json | 90 +++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 objects/IP_API_IP_Address/IP_API_IP_Address.json diff --git a/objects/IP_API_IP_Address/IP_API_IP_Address.json b/objects/IP_API_IP_Address/IP_API_IP_Address.json new file mode 100644 index 0000000..aaf8a3e --- /dev/null +++ b/objects/IP_API_IP_Address/IP_API_IP_Address.json @@ -0,0 +1,90 @@ +{ + "name": "IP Address", + "meta-category": "network", + "description": "IP Address informtion. Useful if you are pulling your ip information from ip-api.com", + "version": 1, + "uuid": "4336f124-6264-4f72-943e-cc3797e4122b", + + "attributes": { + "ip-src": { + "description": "Source IP address of the nework connection.", + "ui-priority": 1, + "misp-attribute": "ip-src" + }, + "asn": { + "description": "Autonomous System Number", + "ui-priority": 1, + "misp-attribute": "AS" + }, + "organization": { + "description": "Organization", + "ui-priority": 1, + "misp-attribute": "AS" + }, + "ISP": { + "description": "ISP.", + "ui-priority": 1, + "misp-attribute": "text" + }, + "zipcode": { + "description": "Zip Code.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "city": { + "description": "City.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "state": { + "description": "State.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "country": { + "description": "Country name", + "ui-priority": 1, + "misp-attribute": "text" + }, + "country code": { + "description": "Country code ", + "ui-priority": 1, + "misp-attribute": "text" + }, + "region": { + "description": "Region. example: California.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "region code": { + "description": "Region code. example: CA", + "misp-attribute": "text", + "ui-priority": 1 + }, + "latitude": { + "description": "The latitude is the decimal value of the latitude in the World Geodetic System 84 (WGS84) reference.", + "disable_correlation": true, + "ui-priority": 90, + "misp-attribute": "float" + }, + "longitude": { + "description": "The longitude is the decimal value of the longitude in the World Geodetic System 84 (WGS84) reference", + "disable_correlation": true, + "ui-priority": 89, + "misp-attribute": "float" + }, + "first-seen": { + "description": "First time the ASN was seen", + "disable_correlation": true, + "ui-priority": 0, + "misp-attribute": "datetime" + }, + "last-seen": { + "description": "Last time the ASN was seen", + "disable_correlation": true, + "ui-priority": 0, + "misp-attribute": "datetime" + } + }, + "requiredOneOf": [ "ip-src"] + } \ No newline at end of file From c39ff94f415913f2b086f1ed545c56c39fda2e10 Mon Sep 17 00:00:00 2001 From: DigitalLeukocyte <20444154+DigitalLeukocyte@users.noreply.github.com> Date: Thu, 4 Oct 2018 13:15:55 -0700 Subject: [PATCH 5/7] Deleted IP_API single file --- objects/IP_API.json | 90 --------------------------------------------- 1 file changed, 90 deletions(-) delete mode 100644 objects/IP_API.json diff --git a/objects/IP_API.json b/objects/IP_API.json deleted file mode 100644 index 449c74b..0000000 --- a/objects/IP_API.json +++ /dev/null @@ -1,90 +0,0 @@ -{ - "name": "IP Address", - "meta-category": "network", - "description": "IP Address informtion. Useful if you are pulling your ip information from ip-api.com", - "version": 1, - "uuid": "4336f124-6264-4f72-943e-cc3797e4122b", - - "attributes": { - "ip-src": { - "description": "Source IP address of the nework connection.", - "ui-priority": 1, - "misp-attribute": "ip-src" - }, - "asn": { - "description": "Autonomous System Number", - "ui-priority": 1, - "misp-attribute": "AS" - }, - "organization": { - "description": "Organization", - "ui-priority": 1, - "misp-attribute": "AS" - }, - "ISP": { - "description": "ISP.", - "ui-priority": 1, - "misp-attribute": "text" - }, - "zipcode": { - "description": "Zip Code.", - "misp-attribute": "text", - "ui-priority": 1 - }, - "city": { - "description": "City.", - "misp-attribute": "text", - "ui-priority": 1 - }, - "state": { - "description": "State.", - "misp-attribute": "text", - "ui-priority": 1 - }, - "country": { - "description": "Country name", - "ui-priority": 1, - "misp-attribute": "text" - }, - "country code": { - "description": "Country code ", - "ui-priority": 1, - "misp-attribute": "text" - }, - "region": { - "description": "Region. example: California.", - "misp-attribute": "text", - "ui-priority": 1 - }, - "region code": { - "description": "Region code. example: CA", - "misp-attribute": "text", - "ui-priority": 1 - }, - "latitude": { - "description": "The latitude is the decimal value of the latitude in the World Geodetic System 84 (WGS84) reference.", - "disable_correlation": true, - "ui-priority": 90, - "misp-attribute": "float" - }, - "longitude": { - "description": "The longitude is the decimal value of the longitude in the World Geodetic System 84 (WGS84) reference", - "disable_correlation": true, - "ui-priority": 89, - "misp-attribute": "float" - }, - "first-seen": { - "description": "First time the ASN was seen", - "disable_correlation": true, - "ui-priority": 0, - "misp-attribute": "datetime" - }, - "last-seen": { - "description": "Last time the ASN was seen", - "disable_correlation": true, - "ui-priority": 0, - "misp-attribute": "datetime" - } - }, - "requiredOneOf": [ "ip-src"] - } From 237b5a364bef8357478be6775ca2d55c0594fe68 Mon Sep 17 00:00:00 2001 From: DigitalLeukocyte <20444154+DigitalLeukocyte@users.noreply.github.com> Date: Thu, 4 Oct 2018 13:42:07 -0700 Subject: [PATCH 6/7] Delete IP_API_IP_Address.json --- .../IP_API_IP_Address/IP_API_IP_Address.json | 90 ------------------- 1 file changed, 90 deletions(-) delete mode 100644 objects/IP_API_IP_Address/IP_API_IP_Address.json diff --git a/objects/IP_API_IP_Address/IP_API_IP_Address.json b/objects/IP_API_IP_Address/IP_API_IP_Address.json deleted file mode 100644 index aaf8a3e..0000000 --- a/objects/IP_API_IP_Address/IP_API_IP_Address.json +++ /dev/null @@ -1,90 +0,0 @@ -{ - "name": "IP Address", - "meta-category": "network", - "description": "IP Address informtion. Useful if you are pulling your ip information from ip-api.com", - "version": 1, - "uuid": "4336f124-6264-4f72-943e-cc3797e4122b", - - "attributes": { - "ip-src": { - "description": "Source IP address of the nework connection.", - "ui-priority": 1, - "misp-attribute": "ip-src" - }, - "asn": { - "description": "Autonomous System Number", - "ui-priority": 1, - "misp-attribute": "AS" - }, - "organization": { - "description": "Organization", - "ui-priority": 1, - "misp-attribute": "AS" - }, - "ISP": { - "description": "ISP.", - "ui-priority": 1, - "misp-attribute": "text" - }, - "zipcode": { - "description": "Zip Code.", - "misp-attribute": "text", - "ui-priority": 1 - }, - "city": { - "description": "City.", - "misp-attribute": "text", - "ui-priority": 1 - }, - "state": { - "description": "State.", - "misp-attribute": "text", - "ui-priority": 1 - }, - "country": { - "description": "Country name", - "ui-priority": 1, - "misp-attribute": "text" - }, - "country code": { - "description": "Country code ", - "ui-priority": 1, - "misp-attribute": "text" - }, - "region": { - "description": "Region. example: California.", - "misp-attribute": "text", - "ui-priority": 1 - }, - "region code": { - "description": "Region code. example: CA", - "misp-attribute": "text", - "ui-priority": 1 - }, - "latitude": { - "description": "The latitude is the decimal value of the latitude in the World Geodetic System 84 (WGS84) reference.", - "disable_correlation": true, - "ui-priority": 90, - "misp-attribute": "float" - }, - "longitude": { - "description": "The longitude is the decimal value of the longitude in the World Geodetic System 84 (WGS84) reference", - "disable_correlation": true, - "ui-priority": 89, - "misp-attribute": "float" - }, - "first-seen": { - "description": "First time the ASN was seen", - "disable_correlation": true, - "ui-priority": 0, - "misp-attribute": "datetime" - }, - "last-seen": { - "description": "Last time the ASN was seen", - "disable_correlation": true, - "ui-priority": 0, - "misp-attribute": "datetime" - } - }, - "requiredOneOf": [ "ip-src"] - } \ No newline at end of file From afb1d28b2bf8b9e48d471d7e3dc2a68e14d38fe1 Mon Sep 17 00:00:00 2001 From: DigitalLeukocyte <20444154+DigitalLeukocyte@users.noreply.github.com> Date: Thu, 4 Oct 2018 13:45:22 -0700 Subject: [PATCH 7/7] Added ip-api-address object Object useful for IP data from http://ip-api.com. --- objects/ip-api-address/ip-api-address.json | 90 ++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 objects/ip-api-address/ip-api-address.json diff --git a/objects/ip-api-address/ip-api-address.json b/objects/ip-api-address/ip-api-address.json new file mode 100644 index 0000000..ab2a557 --- /dev/null +++ b/objects/ip-api-address/ip-api-address.json @@ -0,0 +1,90 @@ +{ + "name": "ip-api-address", + "meta-category": "network", + "description": "IP Address information. Useful if you are pulling your ip information from ip-api.com", + "version": 1, + "uuid": "4336f124-6264-4f72-943e-cc3797e4122b", + + "attributes": { + "ip-src": { + "description": "Source IP address of the network connection.", + "ui-priority": 1, + "misp-attribute": "ip-src" + }, + "asn": { + "description": "Autonomous System Number", + "ui-priority": 1, + "misp-attribute": "AS" + }, + "organization": { + "description": "organization", + "ui-priority": 1, + "misp-attribute": "text" + }, + "ISP": { + "description": "ISP.", + "ui-priority": 1, + "misp-attribute": "text" + }, + "zipcode": { + "description": "Zip Code.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "city": { + "description": "City.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "state": { + "description": "State.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "country": { + "description": "Country name", + "ui-priority": 1, + "misp-attribute": "text" + }, + "country code": { + "description": "Country code ", + "ui-priority": 1, + "misp-attribute": "text" + }, + "region": { + "description": "Region. example: California.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "region code": { + "description": "Region code. example: CA", + "misp-attribute": "text", + "ui-priority": 1 + }, + "latitude": { + "description": "The latitude is the decimal value of the latitude in the World Geodetic System 84 (WGS84) reference.", + "disable_correlation": true, + "ui-priority": 90, + "misp-attribute": "float" + }, + "longitude": { + "description": "The longitude is the decimal value of the longitude in the World Geodetic System 84 (WGS84) reference", + "disable_correlation": true, + "ui-priority": 89, + "misp-attribute": "float" + }, + "first-seen": { + "description": "First time the ASN was seen", + "disable_correlation": true, + "ui-priority": 0, + "misp-attribute": "datetime" + }, + "last-seen": { + "description": "Last time the ASN was seen", + "disable_correlation": true, + "ui-priority": 0, + "misp-attribute": "datetime" + } + }, + "requiredOneOf": [ "ip-src"] + } \ No newline at end of file