feat(crowdsec): Add attributes to crowdsec-ip-context object

pull/439/head
Julien Loizelet 2024-08-23 11:24:15 +09:00
parent 62bc75edd8
commit fa2973b502
No known key found for this signature in database
GPG Key ID: 5D80B45A75ACD581
1 changed files with 22 additions and 2 deletions

View File

@ -29,7 +29,7 @@
"ui-priority": 1 "ui-priority": 1
}, },
"background-noise": { "background-noise": {
"description": "Background noise", "description": "High background noise scores highlight untargeted, mild threat mass-attacks",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "float", "misp-attribute": "float",
"ui-priority": 1 "ui-priority": 1
@ -66,6 +66,13 @@
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 0 "ui-priority": 0
}, },
"cves": {
"description": "CVEs exploited by the observed IP",
"disable_correlation": true,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 1
},
"dst-port": { "dst-port": {
"categories": [ "categories": [
"Network activity", "Network activity",
@ -124,6 +131,19 @@
"misp-attribute": "float", "misp-attribute": "float",
"ui-priority": 1 "ui-priority": 1
}, },
"mitre-techniques": {
"description": "MITRE ATT&CK techniques used by the observed IP",
"disable_correlation": true,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 1
},
"reputation": {
"description": "Real-time, actionable IP reputation score derived from trusted reports and consensus-validated data in CrowdSec CTI",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 1
},
"reverse-dns": { "reverse-dns": {
"categories": [ "categories": [
"Network activity", "Network activity",
@ -159,5 +179,5 @@
"ip" "ip"
], ],
"uuid": "0f0a6def-a351-4d3b-9868-d732f6f4666f", "uuid": "0f0a6def-a351-4d3b-9868-d732f6f4666f",
"version": 3 "version": 4
} }