{
  "required": [
    "key",
    "shell",
    "shell-path"
  ],
  "attributes": {
    "key": {
      "description": "Software hive key where the information is retrieved from.",
      "ui-priority": 0,
      "misp-attribute": "text"
    },
    "last-write-time": {
      "description": "Date and time when the key was last updated.",
      "ui-priority": 0,
      "misp-attribute": "datetime",
      "disable_correlation": true
    },
    "shell": {
      "description": "Type of shell used to execute the command.",
      "ui-priority": 0,
      "misp-attribute": "text",
      "sane_default": [
        "exe",
        "cmd",
        "bat",
        "hta",
        "pif",
        "Other"
      ],
      "disable_correlation": true
    },
    "shell-path": {
      "description": "Path of the shell.",
      "ui-priority": 0,
      "misp-attribute": "text"
    },
    "command": {
      "description": "Command executed.",
      "ui-priority": 0,
      "misp-attribute": "text"
    },
    "comments": {
      "description": "Additional comments.",
      "ui-priority": 0,
      "misp-attribute": "text",
      "disable_correlation": true
    }
  },
  "version": 1,
  "description": "Regripper Object template designed to gather information of the shell commands executed on the system.",
  "meta-category": "misc",
  "uuid": "a7dc3697-89ce-46dc-a64d-0b1015457978",
  "name": "regripper-software-hive-command-shell"
}