From 7bbcf0ed78f751fc4d36a58f9ebb5cae7c73c81c Mon Sep 17 00:00:00 2001 From: VVX7 Date: Sun, 5 Jul 2020 22:03:16 -0400 Subject: [PATCH] chg: [dev] add Parler app objects --- objects/parler-account/definition.json | 127 ++++++++++++++++++++++ objects/parler-comment/definition.json | 145 +++++++++++++++++++++++++ objects/parler-post/definition.json | 145 +++++++++++++++++++++++++ 3 files changed, 417 insertions(+) create mode 100644 objects/parler-account/definition.json create mode 100644 objects/parler-comment/definition.json create mode 100644 objects/parler-post/definition.json diff --git a/objects/parler-account/definition.json b/objects/parler-account/definition.json new file mode 100644 index 0000000..93f9a87 --- /dev/null +++ b/objects/parler-account/definition.json @@ -0,0 +1,127 @@ +{ + "attributes": { + "account-id": { + "description": "Numeric id of the account.", + "misp-attribute": "text", + "ui-priority": 0 + }, + "account-name": { + "description": "Name of the account.", + "misp-attribute": "text", + "ui-priority": 0 + }, + "archive": { + "description": "Archive of the original parley (Internet Archive, Archive.is, etc).", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 1 + }, + "attachment": { + "description": "The parley file or screen capture.", + "misp-attribute": "attachment", + "multiple": true, + "ui-priority": 1 + }, + "badge": { + "description": "Post badge.", + "disable_correlation": true, + "misp-attribute": "float", + "multiple": true, + "ui-priority": 1 + }, + "bio": { + "description": "The account bio.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "comments": { + "description": "The number of user comments.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "cover-photo": { + "description": "Comment controversy.", + "misp-attribute": "attachment", + "ui-priority": 1 + }, + "followers": { + "description": "Number of followers.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "following": { + "description": "Number user is following.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "human": { + "description": "Account 'human' bool.", + "disable_correlation": true, + "misp-attribute": "boolean", + "ui-priority": 0 + }, + "interactions": { + "description": "Account interactions.", + "disable_correlation": true, + "misp-attribute": "float", + "ui-priority": 0 + }, + "likes": { + "description": "Number user likes.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "link": { + "description": "Original URL of the parley (supposed harmless).", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 1 + }, + "posts": { + "description": "Number user posts.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "profile-photo": { + "description": "Comment controversy.", + "misp-attribute": "attachment", + "ui-priority": 1 + }, + "score": { + "description": "User score.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "url": { + "description": "Original URL of the parley, e.g. link shortener (potentially malicious).", + "misp-attribute": "url", + "multiple": true, + "ui-priority": 1 + }, + "verified": { + "description": "Account 'verified' bool.", + "disable_correlation": true, + "misp-attribute": "boolean", + "ui-priority": 0 + } + }, + "description": "Parler account.", + "meta-category": "misc", + "name": "parler-account", + "requiredOneOf": [ + "account-id", + "account-name", + "archive", + "url", + "link", + "attachment" + ], + "uuid": "8d5ba58e-cac3-46a6-9d1f-cf236f7e95c9", + "version": 1 +} \ No newline at end of file diff --git a/objects/parler-comment/definition.json b/objects/parler-comment/definition.json new file mode 100644 index 0000000..067046b --- /dev/null +++ b/objects/parler-comment/definition.json @@ -0,0 +1,145 @@ +{ + "attributes": { + "archive": { + "description": "Archive of the original parley (Internet Archive, Archive.is, etc).", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 1 + }, + "attachment": { + "description": "The parley file or screen capture.", + "misp-attribute": "attachment", + "multiple": true, + "ui-priority": 1 + }, + "badge": { + "description": "Comment badge.", + "disable_correlation": true, + "misp-attribute": "float", + "ui-priority": 1 + }, + "body": { + "description": "Raw text of the post.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "comment-depth": { + "description": "Comment nesting depth.", + "disable_correlation": true, + "misp-attribute": "float", + "ui-priority": 1 + }, + "comments": { + "description": "Comments on this object.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "controversy": { + "description": "Comment controversy.", + "disable_correlation": true, + "misp-attribute": "float", + "ui-priority": 1 + }, + "creator": { + "description": "Name of the account that posted this parley.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "creator-id": { + "description": "ID of the account that posted this parley.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "downvotes": { + "description": "Comment downvotes.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "embedded-link": { + "description": "Link in the parley", + "misp-attribute": "url", + "multiple": true, + "ui-priority": 0 + }, + "embedded-safe-link": { + "description": "Safe link in the parley", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 0 + }, + "hashtag": { + "description": "Hashtag embedded in the parley.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + }, + "in-reply-to-display-name": { + "description": "The user display name of the parley this post shares.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + }, + "in-reply-to-parley-id": { + "description": "The Parler ID of the parley that this post shares.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + }, + "in-reply-to-user-id": { + "description": "The user ID of the parley this post shares.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + }, + "link": { + "description": "Original link to the post (supposed harmless).", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 1 + }, + "post-id": { + "description": "Numeric id of the parley.", + "misp-attribute": "text", + "ui-priority": 0 + }, + "score": { + "description": "Comment score.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "upvotes": { + "description": "Comment upvotes.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "url": { + "description": "Original URL of the parley, e.g. link shortener (potentially malicious).", + "misp-attribute": "url", + "multiple": true, + "ui-priority": 1 + }, + "username-quoted": { + "description": "Username who is quoted in the parley.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + } + }, + "description": "Parler comment.", + "meta-category": "misc", + "name": "parler-comment", + "requiredOneOf": [ + "body", + "post-id", + "archive", + "url", + "link", + "attachment" + ], + "uuid": "86db742e-b86a-40f3-945f-96ab4e305cd6", + "version": 1 +} \ No newline at end of file diff --git a/objects/parler-post/definition.json b/objects/parler-post/definition.json new file mode 100644 index 0000000..a8d46c1 --- /dev/null +++ b/objects/parler-post/definition.json @@ -0,0 +1,145 @@ +{ + "attributes": { + "archive": { + "description": "Archive of the original parley (Internet Archive, Archive.is, etc).", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 1 + }, + "article": { + "description": "Indicates if the post is an article.", + "disable_correlation": true, + "misp-attribute": "boolean", + "ui-priority": 1 + }, + "attachment": { + "description": "The parley file or screen capture.", + "misp-attribute": "attachment", + "multiple": true, + "ui-priority": 1 + }, + "badge": { + "description": "Post badge.", + "disable_correlation": true, + "misp-attribute": "float", + "ui-priority": 1 + }, + "body": { + "description": "Raw text of the post.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "comments": { + "description": "Number of comments on this object.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "creator": { + "description": "Name of the account that posted this parley.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "creator-id": { + "description": "ID of the account that posted this parley.", + "misp-attribute": "text", + "ui-priority": 1 + }, + "depth": { + "description": "Post nesting depth.", + "disable_correlation": true, + "misp-attribute": "float", + "ui-priority": 1 + }, + "embedded-link": { + "description": "Link in the parley", + "misp-attribute": "url", + "multiple": true, + "ui-priority": 0 + }, + "embedded-safe-link": { + "description": "Safe link in the parley", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 0 + }, + "hashtag": { + "description": "Hashtag embedded in the parley.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + }, + "impressions": { + "description": "Number of impressions.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "in-reply-to-display-name": { + "description": "The user display name of the parley this post shares.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + }, + "in-reply-to-parley-id": { + "description": "The Parler ID of the parley that this post shares.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + }, + "in-reply-to-user-id": { + "description": "The user ID of the parley this post shares.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + }, + "link": { + "description": "Original link to the post (supposed harmless).", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 1 + }, + "post-id": { + "description": "Numeric id of the parley.", + "misp-attribute": "text", + "ui-priority": 0 + }, + "share-link": { + "description": "Sharable link generated by Parler (supposed harmless).", + "misp-attribute": "link", + "multiple": true, + "ui-priority": 1 + }, + "upvotes": { + "description": "Comment upvotes.", + "disable_correlation": true, + "misp-attribute": "text", + "ui-priority": 1 + }, + "url": { + "description": "Original URL of the parley, e.g. link shortener (potentially malicious).", + "misp-attribute": "url", + "multiple": true, + "ui-priority": 1 + }, + "username-quoted": { + "description": "Username who is quoted in the parley.", + "misp-attribute": "text", + "multiple": true, + "ui-priority": 0 + } + }, + "description": "Parler post (parley).", + "meta-category": "misc", + "name": "parler-post", + "requiredOneOf": [ + "body", + "post-id", + "archive", + "url", + "link", + "attachment" + ], + "uuid": "db85b789-df44-4522-8006-b611e52da5b2", + "version": 1 +} \ No newline at end of file