From a16d68908512ea5f9e29c4fdcc49a496c0db3b51 Mon Sep 17 00:00:00 2001
From: phmazzoni <phmazzoni@gmail.com>
Date: Fri, 5 Mar 2021 14:03:37 -0300
Subject: [PATCH 1/3] Delete objects/panorama directory

---
 objects/panorama/definition.json | 79 --------------------------------
 1 file changed, 79 deletions(-)
 delete mode 100644 objects/panorama/definition.json

diff --git a/objects/panorama/definition.json b/objects/panorama/definition.json
deleted file mode 100644
index 9a0c6e1..0000000
--- a/objects/panorama/definition.json
+++ /dev/null
@@ -1,79 +0,0 @@
-{
-  "attributes": {
-    "app": {
-      "description": "The application identified (e.g. vnc, ssh, sip, irc, http or smtp).",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "direction": {
-      "description": "The Direction of the Event.",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "dport": {
-      "description": "The port to which the connection headed.",
-      "misp-attribute": "counter",
-      "ui-priority": 1
-    },
-    "dst": {
-      "description": "The Destination IP which is the target of the observed connections.",
-      "misp-attribute": "ip-dst",
-      "ui-priority": 1
-    },
-    "dstloc": {
-      "description": "The Destination Location of the event.",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "proto": {
-      "description": "The transport protocol (e.g. tcp, udp, icmp).",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "sport": {
-      "description": "The port from which the connection originated.",
-      "misp-attribute": "counter",
-      "ui-priority": 1
-    },
-    "src": {
-      "description": "The ip observed to initiate the connection",
-      "misp-attribute": "ip-src",
-      "ui-priority": 1
-    },
-    "srcloc": {
-      "description": "The Source Location of the event.",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "subtype": {
-      "description": "The subtype of the Log Event.",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "thr_category": {
-      "description": "The Threat Category.",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "threatid": {
-      "description": "The Threat ID.",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "time_generated": {
-      "description": "The datetime of the event.",
-      "misp-attribute": "datetime",
-      "ui-priority": 1
-    },
-    "type": {
-      "description": "The type of the Log Event",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    }
-  },
-  "description": "Palo Alto Threat Log Event",
-  "meta-category": "network",
-  "name": "paloalto-threat-event",
-  "uuid": "e6fa7a87-1173-43d6-86c2-b4d02af5fc74",
-  "version": 4
-}
\ No newline at end of file

From 16a3bed25347089a093e56f47641e960b863b534 Mon Sep 17 00:00:00 2001
From: phmazzoni <phmazzoni@gmail.com>
Date: Fri, 5 Mar 2021 14:05:39 -0300
Subject: [PATCH 2/3] Create definition.json

---
 objects/paloalto-threat-event/definition.json | 79 +++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 objects/paloalto-threat-event/definition.json

diff --git a/objects/paloalto-threat-event/definition.json b/objects/paloalto-threat-event/definition.json
new file mode 100644
index 0000000..08607a6
--- /dev/null
+++ b/objects/paloalto-threat-event/definition.json
@@ -0,0 +1,79 @@
+{
+  "attributes": {
+    "type": {
+      "description": "The type of the Log Event",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "subtype": {
+      "description": "The subtype of the Log Event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "thr_category": {
+      "description": "The Threat Category.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "direction": {
+      "description": "The Direction of the Event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "threatid": {
+      "description": "The Threat ID.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "time_generated": {
+      "description": "The datetime of the event.",
+      "misp-attribute": "datetime",
+      "ui-priority": 1
+    },
+    "srcloc": {
+      "description": "The Source Location of the event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "dstloc": {
+      "description": "The Destination Location of the event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "dst": {
+      "description": "The Destination IP which is the target of the observed connections.",
+      "misp-attribute": "ip-dst",
+      "ui-priority": 1
+    },
+    "dport": {
+      "description": "The port to which the connection headed.",
+      "misp-attribute": "counter",
+      "ui-priority": 1
+    },
+    "app": {
+      "description": "The application identified (e.g. vnc, ssh, sip, irc, http or smtp).",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "proto": {
+      "description": "The transport protocol (e.g. tcp, udp, icmp).",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "src": {
+      "description": "The ip observed to initiate the connection",
+      "misp-attribute": "ip-src",
+      "ui-priority": 1
+    },
+    "sport": {
+      "description": "The port from which the connection originated.",
+      "misp-attribute": "counter",
+      "ui-priority": 1
+    }
+  },
+  "description": "Palo Alto Threat Log Event",
+  "meta-category": "network",
+  "name": "paloalto-threat-event",
+  "uuid": "e6fa7a87-1173-43d6-86c2-b4d02af5fc74",
+  "version": 4
+}

From 321a952a6695f1e9abee22ee212953906829f48e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= <raphael@vinot.info>
Date: Fri, 5 Mar 2021 18:16:46 +0100
Subject: [PATCH 3/3] chg: make jq validation happy

---
 objects/paloalto-threat-event/definition.json | 90 +++++++++----------
 1 file changed, 45 insertions(+), 45 deletions(-)

diff --git a/objects/paloalto-threat-event/definition.json b/objects/paloalto-threat-event/definition.json
index 08607a6..0fb3ac9 100644
--- a/objects/paloalto-threat-event/definition.json
+++ b/objects/paloalto-threat-event/definition.json
@@ -1,7 +1,47 @@
 {
   "attributes": {
-    "type": {
-      "description": "The type of the Log Event",
+    "app": {
+      "description": "The application identified (e.g. vnc, ssh, sip, irc, http or smtp).",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "direction": {
+      "description": "The Direction of the Event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "dport": {
+      "description": "The port to which the connection headed.",
+      "misp-attribute": "counter",
+      "ui-priority": 1
+    },
+    "dst": {
+      "description": "The Destination IP which is the target of the observed connections.",
+      "misp-attribute": "ip-dst",
+      "ui-priority": 1
+    },
+    "dstloc": {
+      "description": "The Destination Location of the event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "proto": {
+      "description": "The transport protocol (e.g. tcp, udp, icmp).",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "sport": {
+      "description": "The port from which the connection originated.",
+      "misp-attribute": "counter",
+      "ui-priority": 1
+    },
+    "src": {
+      "description": "The ip observed to initiate the connection",
+      "misp-attribute": "ip-src",
+      "ui-priority": 1
+    },
+    "srcloc": {
+      "description": "The Source Location of the event.",
       "misp-attribute": "text",
       "ui-priority": 1
     },
@@ -15,11 +55,6 @@
       "misp-attribute": "text",
       "ui-priority": 1
     },
-    "direction": {
-      "description": "The Direction of the Event.",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
     "threatid": {
       "description": "The Threat ID.",
       "misp-attribute": "text",
@@ -30,50 +65,15 @@
       "misp-attribute": "datetime",
       "ui-priority": 1
     },
-    "srcloc": {
-      "description": "The Source Location of the event.",
+    "type": {
+      "description": "The type of the Log Event",
       "misp-attribute": "text",
       "ui-priority": 1
-    },
-    "dstloc": {
-      "description": "The Destination Location of the event.",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "dst": {
-      "description": "The Destination IP which is the target of the observed connections.",
-      "misp-attribute": "ip-dst",
-      "ui-priority": 1
-    },
-    "dport": {
-      "description": "The port to which the connection headed.",
-      "misp-attribute": "counter",
-      "ui-priority": 1
-    },
-    "app": {
-      "description": "The application identified (e.g. vnc, ssh, sip, irc, http or smtp).",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "proto": {
-      "description": "The transport protocol (e.g. tcp, udp, icmp).",
-      "misp-attribute": "text",
-      "ui-priority": 1
-    },
-    "src": {
-      "description": "The ip observed to initiate the connection",
-      "misp-attribute": "ip-src",
-      "ui-priority": 1
-    },
-    "sport": {
-      "description": "The port from which the connection originated.",
-      "misp-attribute": "counter",
-      "ui-priority": 1
     }
   },
   "description": "Palo Alto Threat Log Event",
   "meta-category": "network",
   "name": "paloalto-threat-event",
   "uuid": "e6fa7a87-1173-43d6-86c2-b4d02af5fc74",
-  "version": 4
+  "version": 5
 }