Merge branch 'main' of github.com:MISP/misp-objects into main

2021-04-14 09:20:52 +02:00 · 2021-04-14 09:20:52 +02:00 · 5e6f887fa1
parent 6f002cd4c6 067ae49498
commit 5e6f887fa1
2 changed files with 84 additions and 1 deletions
--- a/.github/workflows/nosetests.yml
+++ b/.github/workflows/nosetests.yml
@ -1,6 +1,10 @@
 name: Python application

-on: [push]
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]

 jobs:
  build:
--- a/objects/paloalto-threat-event/definition.json
+++ b/objects/paloalto-threat-event/definition.json
@ -0,0 +1,79 @@
+{
+  "attributes": {
+    "app": {
+      "description": "The application identified (e.g. vnc, ssh, sip, irc, http or smtp).",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "direction": {
+      "description": "The Direction of the Event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "dport": {
+      "description": "The port to which the connection headed.",
+      "misp-attribute": "counter",
+      "ui-priority": 1
+    },
+    "dst": {
+      "description": "The Destination IP which is the target of the observed connections.",
+      "misp-attribute": "ip-dst",
+      "ui-priority": 1
+    },
+    "dstloc": {
+      "description": "The Destination Location of the event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "proto": {
+      "description": "The transport protocol (e.g. tcp, udp, icmp).",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "sport": {
+      "description": "The port from which the connection originated.",
+      "misp-attribute": "counter",
+      "ui-priority": 1
+    },
+    "src": {
+      "description": "The ip observed to initiate the connection",
+      "misp-attribute": "ip-src",
+      "ui-priority": 1
+    },
+    "srcloc": {
+      "description": "The Source Location of the event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "subtype": {
+      "description": "The subtype of the Log Event.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "thr_category": {
+      "description": "The Threat Category.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "threatid": {
+      "description": "The Threat ID.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "time_generated": {
+      "description": "The datetime of the event.",
+      "misp-attribute": "datetime",
+      "ui-priority": 1
+    },
+    "type": {
+      "description": "The type of the Log Event",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    }
+  },
+  "description": "Palo Alto Threat Log Event",
+  "meta-category": "network",
+  "name": "paloalto-threat-event",
+  "uuid": "e6fa7a87-1173-43d6-86c2-b4d02af5fc74",
+  "version": 5
+}