From dd6ebe538555b51b327127bb761aeed945b5f0b1 Mon Sep 17 00:00:00 2001
From: Steve Clement <steve@localhost.lu>
Date: Tue, 24 Nov 2020 14:55:47 +0900
Subject: [PATCH] new: [sh] Added process state

---
 objects/process/definition.json | 77 +++++++++++++++------------------
 1 file changed, 35 insertions(+), 42 deletions(-)

diff --git a/objects/process/definition.json b/objects/process/definition.json
index 1d95afe..7d19efb 100644
--- a/objects/process/definition.json
+++ b/objects/process/definition.json
@@ -14,47 +14,6 @@
       "disable_correlation": true,
       "ui-priority": 1
     },
-    "process-state": {
-      "description": "State of process.",
-      "sane_default": [
-        "D",
-        "R",
-        "S",
-        "T",
-        "t",
-        "W",
-        "X",
-        "Z",
-        "<",
-        "N",
-        "L",
-        "s",
-        "l",
-        "+"
-      ],
-      "ui-priority": 1,
-      "misp-attribute": "process-state",
-      "multiple": false,
-      "disable_correlation": true
-    },
-    "fake-process-name": {
-      "description": "Is the process spawned under a false name.",
-      "sane_default": [
-        "1",
-        "0"
-      ],
-      "ui-priority": 1,
-      "misp-attribute": "boolean",
-      "multiple": false,
-      "disable_correlation": true
-    },
-    "port": {
-      "description": "Port(s) owned by the process",
-      "misp-attribute": "port",
-      "multiple": true,
-      "disable_correlation": true,
-      "ui-priority": 1
-    },
     "command-line": {
       "description": "Command line of the process",
       "misp-attribute": "text",
@@ -72,6 +31,17 @@
       "misp-attribute": "text",
       "ui-priority": 2
     },
+    "fake-process-name": {
+      "description": "Is the process spawned under a false name.",
+      "sane_default": [
+        "1",
+        "0"
+      ],
+      "ui-priority": 1,
+      "misp-attribute": "boolean",
+      "multiple": false,
+      "disable_correlation": true
+    },
     "guid": {
       "description": "The globally unique identifier of the assigned by the vendor product",
       "misp-attribute": "text",
@@ -156,6 +126,29 @@
       "multiple": true,
       "ui-priority": 1
     },
+    "process-state": {
+      "description": "State of process.",
+      "disable_correlation": true,
+      "misp-attribute": "process-state",
+      "multiple": false,
+      "sane_default": [
+        "D",
+        "R",
+        "S",
+        "T",
+        "t",
+        "W",
+        "X",
+        "Z",
+        "<",
+        "N",
+        "L",
+        "s",
+        "l",
+        "+"
+      ],
+      "ui-priority": 1
+    },
     "start-time": {
       "description": "Local date/time at which the process was started",
       "disable_correlation": true,
@@ -180,5 +173,5 @@
     "current-directory"
   ],
   "uuid": "02aeef94-ac23-455c-addb-731757ceafb5",
-  "version": 7
+  "version": 8
 }