MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'main' of github.com:MISP/misp-objects into main

pull/424/head
Alexandre Dulaunoy 2024-04-11 14:29:32 +02:00
parent b5381a3105 b2de8dd7c7
commit a6f16e0cba
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 111 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
objects/network-connection/definition.json
View File

@ -13,7 +13,7 @@
"dst-bytes-count": { "dst-bytes-count": {
"description": "Number of bytes sent from the source to the destination.", "description": "Number of bytes sent from the source to the destination.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "counter", "misp-attribute": "size-in-bytes",
"ui-priority": 0 "ui-priority": 0
}, },
"dst-packets-count": { "dst-packets-count": {
@ -116,7 +116,7 @@
"src-bytes-count": { "src-bytes-count": {
"description": "Number of bytes sent from the destination to the source.", "description": "Number of bytes sent from the destination to the source.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "counter", "misp-attribute": "size-in-bytes",
"ui-priority": 0 "ui-priority": 0
}, },
"src-packets-count": { "src-packets-count": {
@ -147,5 +147,5 @@
"community-id" "community-id"
], ],
"uuid": "af16764b-f8e5-4603-9de1-de34d272f80b", "uuid": "af16764b-f8e5-4603-9de1-de34d272f80b",
"version": 6 "version": 7
} }

108
objects/network-traffic/definition.json Normal file
View File

@ -0,0 +1,108 @@
{
"attributes": {
"dst_bytes_count": {
"description": "Number of bytes sent from the destination to the source",
"misp-attribute": "size-in-bytes",
"ui-priority": 0
},
"dst_hostname": {
"description": "Destination hostname of the network traffic",
"misp-attribute": "hostname",
"ui-priority": 1
},
"dst_ip": {
"description": "Destination IP address of the network traffic",
"misp-attribute": "ip-dst",
"ui-priority": 1
},
"dst_mac": {
"description": "Destination MAC address of the network traffic",
"misp-attribute": "mac-address",
"ui-priority": 1
},
"dst_packets": {
"description": "Number of packets sent from the destination to the source",
"misp-attribute": "counter",
"ui-priority": 0
},
"dst_port": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Destination port of the nework connection",
"misp-attribute": "port",
"ui-priority": 1
},
"end_time": {
"description": "Time the network traffic ended",
"misp-attribute": "datetime",
"ui-priority": 0
},
"is_active": {
"description": "Indicates whether the network traffic is still ongoing. Must be False if the end_time attribute is present",
"misp-attribute": "boolean",
"ui-priority": 0
},
"protocol": {
"description": "Protocol observed in the network traffic",
"misp-attribute": "text",
"multiple": true,
"ui-priority": 0
},
"src_bytes_count": {
"description": "Number of bytes sent from the source to the destination",
"misp-attribute": "size-in-bytes",
"ui-priority": 0
},
"src_hostname": {
"description": "Destination hostname of the network traffic",
"misp-attribute": "hostname",
"ui-priority": 1
},
"src_ip": {
"description": "Source IP address of the network traffic",
"misp-attribute": "ip-dst",
"ui-priority": 1
},
"src_mac": {
"description": "Source MAC address of the network traffic",
"misp-attribute": "mac-address",
"ui-priority": 1
},
"src_packets": {
"description": "Number of packets sent from the source to the destination",
"misp-attribute": "counter",
"ui-priority": 0
},
"src_port": {
"categories": [
"Network activity",
"External analysis"
],
"description": "Source port of the nework connection",
"misp-attribute": "port",
"ui-priority": 1
},
"start_time": {
"description": "Time the network traffic started",
"misp-attribute": "datetime",
"ui-priority": 0
}
},
"description": "Generic network traffic that originates from a source and is addressed to a destination.",
"meta-category": "network",
"name": "network-traffic",
"requiredOneOf": [
"dst_hostname",
"dst_ip",
"dst_mac",
"dst_port",
"src_hostname",
"src_ip",
"src_mac",
"src_port"
],
"uuid": "16290b18-9af5-4a43-b195-75fe1eef0c35",
"version": 1
}