diff --git a/objects/annotation/definition.json b/objects/annotation/definition.json index d062eca..cfadfc1 100644 --- a/objects/annotation/definition.json +++ b/objects/annotation/definition.json @@ -61,6 +61,12 @@ "description": "Last update of the annotation", "ui-priority": 0, "misp-attribute": "datetime" + }, + "attachment": { + "description": "An attachment to support the annotation", + "ui-priority": 0, + "misp-attribute": "attachment", + "multiple": true } }, "version": 2, diff --git a/objects/device/definition.json b/objects/device/definition.json new file mode 100644 index 0000000..4826bdd --- /dev/null +++ b/objects/device/definition.json @@ -0,0 +1,62 @@ +{ + "requiredOneOf": [ + "name", + "alias" + ], + "attributes": { + "description": { + "description": "Description of the Device", + "ui-priority": 0, + "misp-attribute": "text", + "disable_correlation": true + }, + "name": { + "description": "Name of the Device", + "ui-priority": 101, + "misp-attribute": "text" + }, + "alias": { + "description": "Alias of the Device", + "ui-priority": 100, + "misp-attribute": "text", + "multiple": true + }, + "device-type": { + "description": "Type of the device", + "ui-priority": 99, + "misp-attribute": "text", + "disable_correlation": true, + "categories": [ + "PC", + "Mobile", + "Laptop", + "HID", + "TV", + "IoT", + "Hardware", + "Other" + ] + }, + "ip-address": { + "description": "Device IP address", + "ui-priority": 0, + "misp-attribute": "ip-src" + }, + "analysis-date": { + "description": "Date of device analysis", + "ui-priority": 0, + "misp-attribute": "datetime" + }, + "attachment": { + "description": "An attachment", + "ui-priority": 0, + "misp-attribute": "attachment", + "multiple": true + } + }, + "version": 3, + "description": "An object to define a device", + "meta-category": "misc", + "uuid": "0c64b41a-e583-4f4d-ac92-d484163b9e52", + "name": "Device" +} diff --git a/objects/organization/definition.json b/objects/organization/definition.json new file mode 100644 index 0000000..966a8f5 --- /dev/null +++ b/objects/organization/definition.json @@ -0,0 +1,75 @@ +{ + "requiredOneOf": [ + "name", + "alias" + ], + "attributes": { + "name": { + "description": "Name of the organization", + "disable_correlation": false, + "ui-priority": 100, + "misp-attribute": "text" + }, + "alias": { + "description": "Alias of the organization", + "ui-priority": 99, + "misp-attribute": "text", + "multiple": true + }, + "type-of-organizarion": { + "description": "Type of the organization", + "ui-priority": 97, + "misp-attribute": "text" + }, + "date-of-inception": { + "description": "Date of inception of the organization", + "ui-priority": 0, + "misp-attribute": "date-of-birth" + }, + "phone-number": { + "description": "Phone number of the organization.", + "ui-priority": 10, + "misp-attribute": "phone-number", + "multiple": true + }, + "fax-number": { + "description": "Fax number of the organization.", + "ui-priority": 10, + "misp-attribute": "phone-number", + "multiple": true + }, + "address": { + "description": "Postal address of the organization.", + "ui-priority": 10, + "misp-attribute": "text", + "multiple": true + }, + "e-mail": { + "description": "Email address of the organization.", + "ui-priority": 10, + "misp-attribute": "email-src", + "multiple": true + }, + "role": { + "description": "The role of the organization.", + "ui-priority": 0, + "misp-attribute": "text", + "multiple": true, + "values_list": [ + "Suspect", + "Victim", + "Defendent", + "Accused", + "Culprit", + "Accomplice", + "Target" + ], + "disable_correlation": true + } + }, + "version": 1, + "description": "An object which describes an organization.", + "meta-category": "misc", + "uuid": "f750e12b-127a-432c-b022-b3f9153c4e2a", + "name": "organization" +} diff --git a/objects/person/definition.json b/objects/person/definition.json index 220f7b3..59de239 100644 --- a/objects/person/definition.json +++ b/objects/person/definition.json @@ -13,17 +13,17 @@ }, "last-name": { "description": "Last name of a natural person.", - "ui-priority": 0, + "ui-priority": 100, "misp-attribute": "last-name" }, "middle-name": { "description": "Middle name of a natural person.", - "ui-priority": 0, + "ui-priority": 99, "misp-attribute": "middle-name" }, "first-name": { "description": "First name of a natural person.", - "ui-priority": 0, + "ui-priority": 98, "misp-attribute": "first-name", "disable_correlation": true }, @@ -34,13 +34,13 @@ }, "title": { "description": "Title of the natural person such as Dr. or equivalent.", - "ui-priority": 0, + "ui-priority": 101, "misp-attribute": "text", "disable_correlation": true }, "alias": { "description": "Alias name or known as.", - "ui-priority": 0, + "ui-priority": 97, "misp-attribute": "text", "multiple": true }, @@ -182,7 +182,8 @@ "Accused", "Culprit", "Accomplice", - "Witness" + "Witness", + "Target" ], "disable_correlation": true } diff --git a/objects/report/definition.json b/objects/report/definition.json index cce9d89..053677d 100644 --- a/objects/report/definition.json +++ b/objects/report/definition.json @@ -5,7 +5,7 @@ "attributes": { "summary": { "description": "Free text summary of the report", - "ui-priority": 1, + "ui-priority": 100, "misp-attribute": "text", "categories": [ "Other", @@ -21,6 +21,12 @@ "Internal reference", "Other" ] + }, + "report-file(s)": { + "description": "Attachment(s) that is related to the report", + "ui-priority": 99, + "misp-attribute": "attachment", + "multiple": true } }, "version": 1, diff --git a/schema_objects.json b/schema_objects.json index 0d80fa0..57d9c4f 100644 --- a/schema_objects.json +++ b/schema_objects.json @@ -68,7 +68,8 @@ "financial", "misc", "internal", - "vulnerability" + "vulnerability", + "organization" ] }, "name": {