From 9b74873fe57181e91608fca28075d78b57a4f420 Mon Sep 17 00:00:00 2001
From: Brad Chiappetta <brad@greynoise.io>
Date: Fri, 10 Mar 2023 09:16:49 -0500
Subject: [PATCH] add greynoise-ip object

---
 objects/greynoise-ip/definition.json | 71 ++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 objects/greynoise-ip/definition.json

diff --git a/objects/greynoise-ip/definition.json b/objects/greynoise-ip/definition.json
new file mode 100644
index 0000000..5c9b2b2
--- /dev/null
+++ b/objects/greynoise-ip/definition.json
@@ -0,0 +1,71 @@
+{
+  "attributes": {
+    "ip-src": {
+      "description": "Source IP address of the network connection.",
+      "misp-attribute": "ip-src",
+      "ui-priority": 1
+    },
+    "classification": {
+      "description": "GreyNoise Classification",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "trust-level": {
+      "description": "GreyNoise RIOT Trust Level",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "actor": {
+      "description": "GreyNoise Actor",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "provider": {
+      "description": "GreyNoise Service Provider",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "first-seen": {
+      "description": "First Seen",
+      "disable_correlation": true,
+      "misp-attribute": "datetime",
+      "ui-priority": 2
+    },
+    "last-seen": {
+      "description": "Last Seen",
+      "disable_correlation": true,
+      "misp-attribute": "datetime",
+      "ui-priority": 1
+    },
+    "link": {
+      "description": "GreyNoise Visualizer Link",
+      "disable_correlation": true,
+      "misp-attribute": "link",
+      "ui-priority": 2
+    },
+    "noise": {
+      "description": "GreyNoise Internet Scanning Flag",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "riot": {
+      "description": "GreyNoise Common Business Service Flag",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    }
+  },
+  "description": "GreyNoise IP Information",
+  "meta-category": "network",
+  "name": "greynoise-ip",
+  "requiredOneOf": [
+    "ip-src"
+  ],
+  "uuid": "6B14A94A-46E4-4B82-B24D-0DBF8E8B3FD9",
+  "version": 1
+}
\ No newline at end of file