From 094d61a51a25844d4796a2d59aed693aa8b74da6 Mon Sep 17 00:00:00 2001
From: aaronkaplan <aaron@lo-res.org>
Date: Wed, 26 May 2021 12:34:34 +0200
Subject: [PATCH 1/2] dnsdbflex object

---
 objects/passive-dns-dnsdbflex/definition.json | 47 +++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 objects/passive-dns-dnsdbflex/definition.json

diff --git a/objects/passive-dns-dnsdbflex/definition.json b/objects/passive-dns-dnsdbflex/definition.json
new file mode 100644
index 0000000..190749b
--- /dev/null
+++ b/objects/passive-dns-dnsdbflex/definition.json
@@ -0,0 +1,47 @@
+{
+  "attributes": {
+    "rrname": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "Resource Record name of the queried resource.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "rrtype": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "Resource Record type as seen by the passive DNS.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "sane_default": [
+        "A",
+        "AAAA",
+        "CNAME",
+        "PTR",
+        "SOA",
+        "TXT",
+        "DNAME",
+        "NS",
+        "SRV",
+        "RP",
+        "NAPTR",
+        "HINFO",
+        "A6"
+      ],
+      "ui-priority": 1
+    }
+  },
+  "description": "DNSDBFLEX object. This object is used at farsight security. Roughly based on Passive DNS records as expressed in draft-dulaunoy-dnsop-passive-dns-cof-07. See https://tools.ietf.org/id/draft-dulaunoy-dnsop-passive-dns-cof-07.html",
+  "meta-category": "network",
+  "name": "passive-dns-dnsdbflex",
+  "required": [
+    "rrtype",
+    "rrname"
+  ],
+  "uuid": "e5066302-be0d-11eb-ab6d-2bb17990cb48",
+  "version": 1
+}

From 195f0fe46a92d1ccba963b5c35599ee0994cb1cf Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Wed, 26 May 2021 14:12:10 +0200
Subject: [PATCH 2/2] fix: [passive-dns-dnsdbflex] newline

---
 objects/passive-dns-dnsdbflex/definition.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/objects/passive-dns-dnsdbflex/definition.json b/objects/passive-dns-dnsdbflex/definition.json
index 190749b..c85d044 100644
--- a/objects/passive-dns-dnsdbflex/definition.json
+++ b/objects/passive-dns-dnsdbflex/definition.json
@@ -44,4 +44,4 @@
   ],
   "uuid": "e5066302-be0d-11eb-ab6d-2bb17990cb48",
   "version": 1
-}
+}
\ No newline at end of file