mirror of https://github.com/MISP/misp-objects
chg: Update email template
Raphaël Vinot
parent
4cdfd7b0a0
commit
956e649315
|
|
@ -3,7 +3,7 @@
|
||||||
"uuid": "a0c666e0-fc65-4be8-b48f-3423d788b552",
|
"uuid": "a0c666e0-fc65-4be8-b48f-3423d788b552",
|
||||||
"meta-category": "network",
|
"meta-category": "network",
|
||||||
"description": "Email object describing an email with meta-information",
|
"description": "Email object describing an email with meta-information",
|
||||||
"version": 10,
|
"version": 11,
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"reply-to": {
|
"reply-to": {
|
||||||
"description": "Email address the reply will be sent to",
|
"description": "Email address the reply will be sent to",
|
||||||
|
|
@ -16,6 +16,7 @@
|
||||||
"message-id": {
|
"message-id": {
|
||||||
"description": "Message ID",
|
"description": "Message ID",
|
||||||
"misp-attribute": "email-message-id",
|
"misp-attribute": "email-message-id",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 0,
|
"ui-priority": 0,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
|
|
@ -24,6 +25,7 @@
|
||||||
"to": {
|
"to": {
|
||||||
"description": "Destination email address",
|
"description": "Destination email address",
|
||||||
"misp-attribute": "email-dst",
|
"misp-attribute": "email-dst",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 1,
|
"ui-priority": 1,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
|
|
@ -33,6 +35,7 @@
|
||||||
"cc": {
|
"cc": {
|
||||||
"description": "Carbon copy",
|
"description": "Carbon copy",
|
||||||
"misp-attribute": "email-dst",
|
"misp-attribute": "email-dst",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 1,
|
"ui-priority": 1,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
|
|
@ -59,6 +62,7 @@
|
||||||
"screenshot": {
|
"screenshot": {
|
||||||
"description": "Screenshot of email",
|
"description": "Screenshot of email",
|
||||||
"misp-attribute": "attachment",
|
"misp-attribute": "attachment",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 1,
|
"ui-priority": 1,
|
||||||
"categories": [
|
"categories": [
|
||||||
"External analysis"
|
"External analysis"
|
||||||
|
|
@ -76,6 +80,7 @@
|
||||||
"x-mailer": {
|
"x-mailer": {
|
||||||
"description": "X-Mailer generally tells the program that was used to draft and send the original email",
|
"description": "X-Mailer generally tells the program that was used to draft and send the original email",
|
||||||
"misp-attribute": "email-x-mailer",
|
"misp-attribute": "email-x-mailer",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 0,
|
"ui-priority": 0,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
|
|
@ -84,6 +89,7 @@
|
||||||
"header": {
|
"header": {
|
||||||
"description": "Full headers",
|
"description": "Full headers",
|
||||||
"misp-attribute": "email-header",
|
"misp-attribute": "email-header",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 0,
|
"ui-priority": 0,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
|
|
@ -102,6 +108,7 @@
|
||||||
"mime-boundary": {
|
"mime-boundary": {
|
||||||
"description": "MIME Boundary",
|
"description": "MIME Boundary",
|
||||||
"misp-attribute": "email-mime-boundary",
|
"misp-attribute": "email-mime-boundary",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 0,
|
"ui-priority": 0,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
|
|
@ -110,6 +117,7 @@
|
||||||
"thread-index": {
|
"thread-index": {
|
||||||
"description": "Identifies a particular conversation thread",
|
"description": "Identifies a particular conversation thread",
|
||||||
"misp-attribute": "email-thread-index",
|
"misp-attribute": "email-thread-index",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 0,
|
"ui-priority": 0,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
|
|
@ -125,7 +133,7 @@
|
||||||
},
|
},
|
||||||
"return-path": {
|
"return-path": {
|
||||||
"description": "Message return path",
|
"description": "Message return path",
|
||||||
"misp-attribute": "text",
|
"misp-attribute": "email-src",
|
||||||
"ui-priority": 1,
|
"ui-priority": 1,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
|
|
@ -142,14 +150,22 @@
|
||||||
"email-body": {
|
"email-body": {
|
||||||
"description": "Body of the email",
|
"description": "Body of the email",
|
||||||
"misp-attribute": "email-body",
|
"misp-attribute": "email-body",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 1,
|
"ui-priority": 1,
|
||||||
"categories": [
|
"categories": [
|
||||||
"Payload delivery"
|
"Payload delivery"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
"user-agent": {
|
||||||
|
"description": "User Agent of the sender",
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0,
|
||||||
|
"disable_correlation": true
|
||||||
|
},
|
||||||
"eml": {
|
"eml": {
|
||||||
"description": "Full EML",
|
"description": "Full EML",
|
||||||
"misp-attribute": "attachment",
|
"misp-attribute": "attachment",
|
||||||
|
"disable_correlation": true,
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue