MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [crowdsec] updated

pull/391/head
Alexandre Dulaunoy 2023-05-12 08:52:19 +02:00
parent 3d736c427c
commit 65f4be51d5
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 70 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
objects/crowdsec-ip-context/definition.json
View File

@ -1,16 +1,5 @@
{ {
"attributes": { "attributes": {
"as-num": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Autonomous system number",
"disable_correlation": true,
"misp-attribute": "AS",
"multiple": true,
"ui-priority": 0
},
"as-name": { "as-name": {
"categories": [ "categories": [
"Network activity", "Network activity",
@ -22,6 +11,48 @@
"multiple": true, "multiple": true,
"ui-priority": 0 "ui-priority": 0
}, },
"as-num": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Autonomous system number",
"disable_correlation": true,
"misp-attribute": "AS",
"multiple": true,
"ui-priority": 0
},
"attack-details": {
"description": "Triggered scenarios",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 1
},
"background-noise": {
"description": "Background noise",
"disable_correlation": true,
"misp-attribute": "float",
"ui-priority": 1
},
"behaviors": {
"description": "Attack categories",
"disable_correlation": true,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 1
},
"city": {
"description": "City of origin",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 1
},
"country": {
"description": "Country of origin",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 1
},
"country-code": { "country-code": {
"categories": [ "categories": [
"Network activity", "Network activity",
@ -32,15 +63,6 @@
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 0 "ui-priority": 0
}, },
"reverse-dns": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Reverse DNS name",
"misp-attribute": "hostname",
"ui-priority": 1
},
"dst-port": { "dst-port": {
"categories": [ "categories": [
"Network activity", "Network activity",
@ -76,70 +98,48 @@
"External analysis" "External analysis"
], ],
"description": "destination IP address", "description": "destination IP address",
"disable_correlation": true,
"misp-attribute": "float", "misp-attribute": "float",
"ui-priority": 1, "ui-priority": 1
"disable_correlation": true
},
"country": {
"description": "Country of origin",
"misp-attribute": "text",
"ui-priority": 1,
"disable_correlation": true
},
"city": {
"description": "City of origin",
"misp-attribute": "text",
"ui-priority": 1,
"disable_correlation": true
}, },
"latitude": { "latitude": {
"description": "Latitude of origin", "description": "Latitude of origin",
"disable_correlation": true,
"misp-attribute": "float", "misp-attribute": "float",
"ui-priority": 1, "ui-priority": 1
"disable_correlation": true
}, },
"longitude": { "longitude": {
"description": "Longitude of origin", "description": "Longitude of origin",
"misp-attribute": "float",
"ui-priority": 1,
"disable_correlation": true
},
"behaviors": {
"description": "Attack categories",
"misp-attribute": "text",
"ui-priority": 1,
"disable_correlation": true, "disable_correlation": true,
"multiple": true
},
"attack-details": {
"description": "Triggered scenarios",
"misp-attribute": "text",
"ui-priority": 1,
"disable_correlation": true
},
"target-countries": {
"description": "Target countries (top 10)",
"misp-attribute": "text",
"ui-priority": 1,
"disable_correlation": true
},
"trust": {
"description": "Trust level",
"misp-attribute": "float", "misp-attribute": "float",
"ui-priority": 1, "ui-priority": 1
"disable_correlation": true
}, },
"background-noise": { "reverse-dns": {
"description": "Background noise", "categories": [
"misp-attribute": "float", "Network activity",
"ui-priority": 1, "External analysis"
"disable_correlation": true ],
"description": "Reverse DNS name",
"misp-attribute": "hostname",
"ui-priority": 1
}, },
"scores": { "scores": {
"description": "Scores", "description": "Scores",
"disable_correlation": true,
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 1, "ui-priority": 1
"disable_correlation": true },
"target-countries": {
"description": "Target countries (top 10)",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 1
},
"trust": {
"description": "Trust level",
"disable_correlation": true,
"misp-attribute": "float",
"ui-priority": 1
} }
}, },
"description": "CrowdSec Threat Intelligence - IP CTI search", "description": "CrowdSec Threat Intelligence - IP CTI search",