MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #240 from cudeso/master 

Objects for data coming from the Cytomic Orion API
pull/244/head
Alexandre Dulaunoy 2020-03-10 09:40:50 +01:00 committed by GitHub
parent a09f7f55a8 2c58470654
commit 7ef9a2ba56
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 164 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
objects/cytomic_orion/definition.json Normal file
View File

@ -0,0 +1,63 @@
{
"required": [],
"attributes": {
"fileName": {
"description": "Original filename",
"ui-priority": 9,
"categories": [
"Other"
],
"misp-attribute": "filename"
},
"fileSize": {
"description": "Size of the file",
"to_ids": false,
"ui-priority": 0,
"categories": [
"Other"
],
"misp-attribute": "size-in-bytes"
},
"classification": {
"description": "File classification - number",
"to_ids": false,
"ui-priority": 2,
"categories": [
"Other"
],
"misp-attribute": "text"
},
"classificationName": {
"description": "File classification",
"to_ids": false,
"ui-priority": 1,
"categories": [
"Other"
],
"misp-attribute": "text"
},
"first-seen": {
"description": "First seen timestamp of the file",
"to_ids": false,
"ui-priority": 3,
"categories": [
"Other"
],
"misp-attribute": "datetime"
},
"last-seen": {
"description": "Last seen timestamp of the file",
"to_ids": false,
"ui-priority": 4,
"categories": [
"Other"
],
"misp-attribute": "datetime"
}
},
"version": 7,
"description": "Cytomic Orion File Detection",
"meta-category": "misc",
"uuid": "0ad86572-ba38-4baf-9fed-1926e9ecc916",
"name": "cytomic-orion-file"
}

101
objects/cytomic_orion_machine/definition.json Normal file
View File

@ -0,0 +1,101 @@
{
"required": [
"machineName"
],
"attributes": {
"machineName": {
"description": "Machine name",
"ui-priority": 9,
"categories": [
"Other"
],
"misp-attribute": "target-machine"
},
"machineMuid": {
"description": "Machine UID",
"to_ids": false,
"ui-priority": 0,
"categories": [
"Other"
],
"misp-attribute": "text"
},
"clientName": {
"description": "Client name",
"to_ids": false,
"ui-priority": 0,
"categories": [
"Other"
],
"misp-attribute": "target-org"
},
"clientId": {
"description": "Client id",
"to_ids": false,
"ui-priority": 0,
"categories": [
"Other"
],
"misp-attribute": "text"
},
"machinePath": {
"description": "Path of observable",
"to_ids": false,
"ui-priority": 2,
"categories": [
"Other"
],
"misp-attribute": "text"
},
"first-seen": {
"description": "First seen on machine",
"to_ids": false,
"ui-priority": 3,
"categories": [
"Other"
],
"misp-attribute": "datetime"
},
"last-seen": {
"description": "Last seen on machine",
"to_ids": false,
"ui-priority": 4,
"categories": [
"Other"
],
"misp-attribute": "datetime"
},
"clientCreationDateUTC": {
"description": "Client creation date UTC",
"to_ids": false,
"ui-priority": 0,
"categories": [
"Other"
],
"misp-attribute": "datetime"
},
"creationDate": {
"description": "Client creation date",
"to_ids": false,
"ui-priority": 0,
"categories": [
"Other"
],
"misp-attribute": "datetime"
},
"lastSeenUtc": {
"description": "Client last seen UTC",
"to_ids": false,
"ui-priority": 0,
"categories": [
"Other"
],
"misp-attribute": "datetime"
}
},
"version": 4,
"description": "Cytomic Orion File at Machine Detection",
"meta-category": "misc",
"uuid": "e0e46343-43fd-4ce7-b447-51381402c774",
"name": "cytomic-orion-machine"
}