From 6e88746a67aa5daa23e9ed620a2f2d6f3b3ad4af Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Thu, 6 Jul 2017 14:57:32 +0200
Subject: [PATCH] Improved Tor node object to include support of the new Tor
 monitoring

---
 objects/tor-node/definition.json | 43 ++++++++++++++++++++++++++++++--
 1 file changed, 41 insertions(+), 2 deletions(-)

diff --git a/objects/tor-node/definition.json b/objects/tor-node/definition.json
index dea20c2..c5d218b 100644
--- a/objects/tor-node/definition.json
+++ b/objects/tor-node/definition.json
@@ -16,8 +16,20 @@
       "ui-priority": 1,
       "misp-attribute": "text"
     },
+    "nickname": {
+      "description": "router's nickname.",
+      "disable_correlation": false,
+      "ui-priority": 0,
+      "misp-attribute": "text"
+    },
+    "fingerprint": {
+      "description": "router's fingerprint.",
+      "disable_correlation": false,
+      "ui-priority": 0,
+      "misp-attribute": "text"
+    },
     "text": {
-      "description": "Tor node comment",
+      "description": "Tor node comment.",
       "disable_correlation": true,
       "ui-priority": 1,
       "misp-attribute": "text"
@@ -27,6 +39,27 @@
       "ui-priority": 1,
       "misp-attribute": "ip-src"
     },
+    "flags": {
+      "description": "list of flag associated with the node.",
+      "ui-priority": 0,
+      "misp-attribute": "text"
+    },
+    "version": {
+      "description": "parsed version of tor, this is None if the relay's using a new versioning scheme.",
+      "ui-priority": 0,
+      "misp-attribute": "text"
+    },
+    "version_line": {
+      "description": "versioning information reported by the node.",
+      "ui-priority": 0,
+      "misp-attribute": "text"
+    },
+    "published": {
+      "description": "router's publication time. This can be different from first-seen and last-seen.",
+      "disable_correlation": true,
+      "ui-priority": 0,
+      "misp-attribute": "datetime"
+    },
     "last-seen": {
       "description": "When the Tor node designed by the IP address has been seen for the last time.",
       "disable_correlation": true,
@@ -38,9 +71,15 @@
       "disable_correlation": true,
       "ui-priority": 0,
       "misp-attribute": "datetime"
+    },
+    "document": {
+      "description": "Raw document from the consensus.",
+      "disable_correlation": true,
+      "ui-priority": 0,
+      "misp-attribute": "text"
     }
   },
-  "version": 1,
+  "version": 2,
   "description": "Tor node (which protects your privacy on the internet by hiding the connection between users Internet address and the services used by the users) description which are part of the Tor network at a time.",
   "meta-category": "misc",
   "uuid": "a5fde1c8-318e-4658-a3ea-85ea000bdd33",