MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

new: [sh] Added process state

pull/298/head
Steve Clement 2020-11-24 14:55:47 +09:00
parent 4997dc575c
commit dd6ebe5385
No known key found for this signature in database
GPG Key ID: 69A20F509BE4AEE9
1 changed files with 35 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
objects/process/definition.json
View File

@ -14,47 +14,6 @@
"disable_correlation": true, "disable_correlation": true,
"ui-priority": 1 "ui-priority": 1
}, },
"process-state": {
"description": "State of process.",
"sane_default": [
"D",
"R",
"S",
"T",
"t",
"W",
"X",
"Z",
"<",
"N",
"L",
"s",
"l",
"+"
],
"ui-priority": 1,
"misp-attribute": "process-state",
"multiple": false,
"disable_correlation": true
},
"fake-process-name": {
"description": "Is the process spawned under a false name.",
"sane_default": [
"1",
"0"
],
"ui-priority": 1,
"misp-attribute": "boolean",
"multiple": false,
"disable_correlation": true
},
"port": {
"description": "Port(s) owned by the process",
"misp-attribute": "port",
"multiple": true,
"disable_correlation": true,
"ui-priority": 1
},
"command-line": { "command-line": {
"description": "Command line of the process", "description": "Command line of the process",
"misp-attribute": "text", "misp-attribute": "text",
@ -72,6 +31,17 @@
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 2 "ui-priority": 2
}, },
"fake-process-name": {
"description": "Is the process spawned under a false name.",
"sane_default": [
"1",
"0"
],
"ui-priority": 1,
"misp-attribute": "boolean",
"multiple": false,
"disable_correlation": true
},
"guid": { "guid": {
"description": "The globally unique identifier of the assigned by the vendor product", "description": "The globally unique identifier of the assigned by the vendor product",
"misp-attribute": "text", "misp-attribute": "text",
@ -156,6 +126,29 @@
"multiple": true, "multiple": true,
"ui-priority": 1 "ui-priority": 1
}, },
"process-state": {
"description": "State of process.",
"disable_correlation": true,
"misp-attribute": "process-state",
"multiple": false,
"sane_default": [
"D",
"R",
"S",
"T",
"t",
"W",
"X",
"Z",
"<",
"N",
"L",
"s",
"l",
"+"
],
"ui-priority": 1
},
"start-time": { "start-time": {
"description": "Local date/time at which the process was started", "description": "Local date/time at which the process was started",
"disable_correlation": true, "disable_correlation": true,
@ -180,5 +173,5 @@
"current-directory" "current-directory"
], ],
"uuid": "02aeef94-ac23-455c-addb-731757ceafb5", "uuid": "02aeef94-ac23-455c-addb-731757ceafb5",
"version": 7 "version": 8
} }