ip-port added.

An IP address and a port seen as a tuple (or as a triple) in a specific time frame.
2016-02-16 07:25:54 +01:00 · 2016-02-16 07:25:54 +01:00 · f3afabc91b
parent 5b3eff4e7b
commit f3afabc91b
1 changed files with 39 additions and 0 deletions
--- a/objects/ip-port/definition.json
+++ b/objects/ip-port/definition.json
@ -0,0 +1,39 @@
+{
+        "name": "ip|port",
+        "meta-category": "network",
+        "description": "An IP address and a port seen as a tuple (or as a triple) in a specific time frame.",
+        "version": 1,
+        "attributes" :
+        {
+                "ip": {
+                        "misp-attribute": "ip-dst",
+                        "misp-usage-frequency": 1,
+                        "categories": ["Network activity","External analysis"]
+                },
+                "dst-port": {
+                        "misp-attribute": "text",
+                        "misp-usage-frequency": 1,
+                        "categories": ["Network activity","External analysis"]
+                },
+                "src-port": {
+                        "misp-attribute": "text",
+                        "misp-usage-frequency": 0,
+                        "categories": ["Network activity","External analysis"]
+                },
+                "first-seen": {
+                        "misp-attribute": "datetime",
+                        "misp-usage-frequency": 0
+                },
+                "last-seen": {
+                        "misp-attribute": "datetime",
+                        "misp-usage-frequency": 0
+                },
+                 "text": {
+                        "misp-attribute": "text",
+                        "misp-usage-frequency": 0
+                }
+
+        },
+        "required": ["ip"],
+        "requiredOneOf": ["dst-port", "src-port"]
+}