From 871b86e35fff0c465725e61d34462e0527d668bd Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Mon, 18 Dec 2017 14:16:36 +0100
Subject: [PATCH] fix: Update registry-key to match correct MISP attributes

---
 objects/registry-key/definition.json | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/objects/registry-key/definition.json b/objects/registry-key/definition.json
index f5ce2c7..d5a74ab 100644
--- a/objects/registry-key/definition.json
+++ b/objects/registry-key/definition.json
@@ -35,7 +35,8 @@
         "REG_QWORD_LITTLE_ENDIAN"
       ],
       "ui-priority": 0,
-      "misp-attribute": "reg-datatype"
+      "disable_correlation": true,
+      "misp-attribute": "text"
     },
     "data": {
       "description": "Data stored in the registry key",
@@ -43,7 +44,7 @@
         "Persistence mechanism"
       ],
       "ui-priority": 1,
-      "misp-attribute": "reg-data"
+      "misp-attribute": "text"
     },
     "name": {
       "description": "Name of the registry key",
@@ -51,7 +52,7 @@
         "Persistence mechanism"
       ],
       "ui-priority": 1,
-      "misp-attribute": "reg-name"
+      "misp-attribute": "text"
     },
     "key": {
       "description": "Full key path",
@@ -59,7 +60,7 @@
         "Persistence mechanism"
       ],
       "ui-priority": 1,
-      "misp-attribute": "reg-key"
+      "misp-attribute": "regkey"
     },
     "hive": {
       "description": "Hive used to store the registry key (file on disk)",
@@ -67,10 +68,11 @@
         "Persistence mechanism"
       ],
       "ui-priority": 1,
-      "misp-attribute": "reg-hive"
+      "disable_correlation": true,
+      "misp-attribute": "text"
     }
   },
-  "version": 2,
+  "version": 3,
   "description": "Registry key object describing a Windows registry key with value and last-modified timestamp",
   "meta-category": "file",
   "uuid": "8b3228ad-6d82-4fe6-b2ae-05426308f1d5",