fix: Update registry-key to match correct MISP attributes

2017-12-18 14:16:36 +01:00 · 2017-12-18 14:16:36 +01:00 · 871b86e35f
parent cf7aa00f98
commit 871b86e35f
1 changed files with 8 additions and 6 deletions
--- a/objects/registry-key/definition.json
+++ b/objects/registry-key/definition.json
@ -35,7 +35,8 @@
        "REG_QWORD_LITTLE_ENDIAN"
      ],
      "ui-priority": 0,
-      "misp-attribute": "reg-datatype"
+      "disable_correlation": true,
      "misp-attribute": "text"
    },
    "data": {
      "description": "Data stored in the registry key",
@ -43,7 +44,7 @@
        "Persistence mechanism"
      ],
      "ui-priority": 1,
-      "misp-attribute": "reg-data"
+      "misp-attribute": "text"
    },
    "name": {
      "description": "Name of the registry key",
@ -51,7 +52,7 @@
        "Persistence mechanism"
      ],
      "ui-priority": 1,
-      "misp-attribute": "reg-name"
+      "misp-attribute": "text"
    },
    "key": {
      "description": "Full key path",
@ -59,7 +60,7 @@
        "Persistence mechanism"
      ],
      "ui-priority": 1,
-      "misp-attribute": "reg-key"
+      "misp-attribute": "regkey"
    },
    "hive": {
      "description": "Hive used to store the registry key (file on disk)",
@ -67,10 +68,11 @@
        "Persistence mechanism"
      ],
      "ui-priority": 1,
-      "misp-attribute": "reg-hive"
+      "disable_correlation": true,
      "misp-attribute": "text"
    }
  },
-  "version": 2,
+  "version": 3,
  "description": "Registry key object describing a Windows registry key with value and last-modified timestamp",
  "meta-category": "file",
  "uuid": "8b3228ad-6d82-4fe6-b2ae-05426308f1d5",