new: [sh] Added process state

2020-11-24 14:55:47 +09:00 · 2020-11-24 14:55:47 +09:00 · dd6ebe5385
parent 4997dc575c
commit dd6ebe5385
1 changed files with 35 additions and 42 deletions
--- a/objects/process/definition.json
+++ b/objects/process/definition.json
@ -14,47 +14,6 @@
      "disable_correlation": true,
      "ui-priority": 1
    },
-    "process-state": {
-      "description": "State of process.",
-      "sane_default": [
-        "D",
-        "R",
-        "S",
-        "T",
-        "t",
-        "W",
-        "X",
-        "Z",
-        "<",
-        "N",
-        "L",
-        "s",
-        "l",
-        "+"
-      ],
-      "ui-priority": 1,
-      "misp-attribute": "process-state",
-      "multiple": false,
-      "disable_correlation": true
-    },
-    "fake-process-name": {
-      "description": "Is the process spawned under a false name.",
-      "sane_default": [
-        "1",
-        "0"
-      ],
-      "ui-priority": 1,
-      "misp-attribute": "boolean",
-      "multiple": false,
-      "disable_correlation": true
-    },
-    "port": {
-      "description": "Port(s) owned by the process",
-      "misp-attribute": "port",
-      "multiple": true,
-      "disable_correlation": true,
-      "ui-priority": 1
-    },
    "command-line": {
      "description": "Command line of the process",
      "misp-attribute": "text",
@ -72,6 +31,17 @@
      "misp-attribute": "text",
      "ui-priority": 2
    },
+    "fake-process-name": {
+      "description": "Is the process spawned under a false name.",
+      "sane_default": [
+        "1",
+        "0"
+      ],
+      "ui-priority": 1,
+      "misp-attribute": "boolean",
+      "multiple": false,
+      "disable_correlation": true
+    },
    "guid": {
      "description": "The globally unique identifier of the assigned by the vendor product",
      "misp-attribute": "text",
@ -156,6 +126,29 @@
      "multiple": true,
      "ui-priority": 1
    },
+    "process-state": {
+      "description": "State of process.",
+      "disable_correlation": true,
+      "misp-attribute": "process-state",
+      "multiple": false,
+      "sane_default": [
+        "D",
+        "R",
+        "S",
+        "T",
+        "t",
+        "W",
+        "X",
+        "Z",
+        "<",
+        "N",
+        "L",
+        "s",
+        "l",
+        "+"
+      ],
+      "ui-priority": 1
+    },
    "start-time": {
      "description": "Local date/time at which the process was started",
      "disable_correlation": true,
@ -180,5 +173,5 @@
    "current-directory"
  ],
  "uuid": "02aeef94-ac23-455c-addb-731757ceafb5",
-  "version": 7
+  "version": 8
 }