MISP
/
misp-rfc
mirror of https://github.com/MISP/misp-rfc
2
0
Fork 0
Code Issues Releases Wiki Activity

JSON schema updated to the latest version

pull/6/head
Alexandre Dulaunoy 2017-09-04 21:39:34 +02:00
parent a965a0e25e
commit 78c6aca080
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 266 additions and 249 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

187
misp-taxonomy-format/raw.md
View File

@ -5,7 +5,7 @@
% ipr= "trust200902"
% area = "Security"
%
% date = 2017-04-10T00:00:00Z
% date = 2017-09-04T00:00:00Z
%
% [[author]]
% initials="A."
@ -17,7 +17,7 @@
% email = "alexandre.dulaunoy@circl.lu"
% phone = "+352 247 88444"
% [author.address.postal]
% street = "41, avenue de la gare"
% street = "16, bd d'Avranches"
% city = "Luxembourg"
% code = "L-1611"
% country = "Luxembourg"
@ -31,7 +31,7 @@
% email = "andras.iklody@circl.lu"
% phone = "+352 247 88444"
% [author.address.postal]
% street = "41, avenue de la gare"
% street = " 16, bd d'Avranches"
% city = "Luxembourg"
% code = "L-1611"
% country = "Luxembourg"
@ -427,36 +427,89 @@ is a *MUST* if the taxonomy is included in the MISP taxonomies directory.
~~~~
{
"required": [
"namespace",
"description",
"version",
"predicates"
],
"properties": {
"refs": {
"$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-taxonomies",
"id": "https://www.github.com/MISP/misp-taxonomies/schema.json",
"defs": {
"entry": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"numerical_value": {
"type": "number"
},
"expanded": {
"type": "string"
},
"uniqueItems": true,
"type": "array"
"description": {
"type": "string"
},
"colour": {
"type": "string"
},
"value": {
"type": "string"
},
"required": [
"value"
]
}
}
},
"values": {
"items": {
"$ref": "#/defs/entry",
"type": "object"
},
"type": "array",
"uniqueItems": true,
"type": "array"
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"entry": {
"$ref": "#/defs/entry"
},
"predicate": {
"type": "string"
}
},
"required": [
"predicate"
]
}
},
"predicates": {
"items": {
"$ref": "#/defs/predicate",
"type": "object"
},
"type": "array",
"uniqueItems": true,
"type": "array"
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"numerical_value": {
"type": "number"
},
"colour": {
"type": "string"
},
"description": {
"type": "string"
},
"expanded": {
"type": "string"
},
"value": {
"type": "string"
},
"required": [
"value"
]
}
}
}
},
"type": "object",
"additionalProperties": false,
"properties": {
"version": {
"type": "integer"
},
@ -468,76 +521,40 @@ is a *MUST* if the taxonomy is included in the MISP taxonomies directory.
},
"namespace": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object",
"defs": {
"required": [
"predicate"
],
"entry": {
"properties": {
"entry": {
"items": {
"required": [
"value"
],
"properties": {
"numerical_value": {
"type": "number"
},
"expanded": {
"type": "string"
},
"description": {
"type": "string"
},
"value": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object"
},
"type": {
"type": "array",
"uniqueItems": true,
"type": "array"
"items": {
"type": "string",
"enum": [
"org",
"user",
"attribute",
"event"
]
}
},
"predicate": {
"refs": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object"
"predicates": {
"$ref": "#/defs/predicates"
},
"values": {
"$ref": "#/defs/values"
}
},
"predicate": {
"required": [
"value"
],
"properties": {
"expanded": {
"type": "string"
},
"numerical_value": {
"type": "number"
},
"description": {
"type": "string"
},
"colour": {
"type": "string"
},
"value": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object"
}
},
"id": "https://github.com/MISP/misp-taxonomies/blob/master/schema.json",
"title": "Validator for misp-taxonomies",
"$schema": "http://json-schema.org/schema#"
"namespace",
"description",
"version",
"predicates"
]
}
~~~~

302
misp-taxonomy-format/raw.md.txt
View File

@ -5,7 +5,7 @@
Network Working Group A. Dulaunoy
Internet-Draft A. Iklody
Intended status: Informational CIRCL
Expires: October 12, 2017 April 10, 2017
Expires: March 8, 2018 September 4, 2017
MISP taxonomy format
@ -35,7 +35,7 @@ Status of This Memo
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 12, 2017.
This Internet-Draft will expire on March 8, 2018.
Copyright Notice
@ -53,9 +53,9 @@ Copyright Notice
Dulaunoy & Iklody Expires October 12, 2017 [Page 1]
Dulaunoy & Iklody Expires March 8, 2018 [Page 1]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
the Trust Legal Provisions and are provided without warranty as
@ -82,7 +82,7 @@ Table of Contents
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 14
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 14
7.1. Normative References . . . . . . . . . . . . . . . . . . 14
7.2. Informative References . . . . . . . . . . . . . . . . . 14
7.2. Informative References . . . . . . . . . . . . . . . . . 15
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15
1. Introduction
@ -109,9 +109,9 @@ Table of Contents
Dulaunoy & Iklody Expires October 12, 2017 [Page 2]
Dulaunoy & Iklody Expires March 8, 2018 [Page 2]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
visualisation depending on their use in threat intelligence platforms
@ -165,9 +165,9 @@ Internet-Draft MISP taxonomy format April 2017
Dulaunoy & Iklody Expires October 12, 2017 [Page 3]
Dulaunoy & Iklody Expires March 8, 2018 [Page 3]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
values defines all the values for each predicate in the namespace
@ -221,9 +221,9 @@ Internet-Draft MISP taxonomy format April 2017
Dulaunoy & Iklody Expires October 12, 2017 [Page 4]
Dulaunoy & Iklody Expires March 8, 2018 [Page 4]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
"predicates": [
@ -277,9 +277,9 @@ Internet-Draft MISP taxonomy format April 2017
Dulaunoy & Iklody Expires October 12, 2017 [Page 5]
Dulaunoy & Iklody Expires March 8, 2018 [Page 5]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
{
@ -333,9 +333,9 @@ Internet-Draft MISP taxonomy format April 2017
Dulaunoy & Iklody Expires October 12, 2017 [Page 6]
Dulaunoy & Iklody Expires March 8, 2018 [Page 6]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
3.1. Sample Manifest
@ -389,9 +389,9 @@ Internet-Draft MISP taxonomy format April 2017
Dulaunoy & Iklody Expires October 12, 2017 [Page 7]
Dulaunoy & Iklody Expires March 8, 2018 [Page 7]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
"value": "a",
@ -445,9 +445,9 @@ Internet-Draft MISP taxonomy format April 2017
Dulaunoy & Iklody Expires October 12, 2017 [Page 8]
Dulaunoy & Iklody Expires March 8, 2018 [Page 8]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
{
@ -501,9 +501,9 @@ Internet-Draft MISP taxonomy format April 2017
Dulaunoy & Iklody Expires October 12, 2017 [Page 9]
Dulaunoy & Iklody Expires March 8, 2018 [Page 9]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
"predicate": "source-type"
@ -557,9 +557,9 @@ Internet-Draft MISP taxonomy format April 2017
Dulaunoy & Iklody Expires October 12, 2017 [Page 10]
Dulaunoy & Iklody Expires March 8, 2018 [Page 10]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
"description": "30% Probably not"
@ -608,45 +608,106 @@ Internet-Draft MISP taxonomy format April 2017
used validating a MISP taxonomy. The validation is a _MUST_ if the
taxonomy is included in the MISP taxonomies directory.
{
"required": [
{
"$schema": "http://json-schema.org/schema#",
Dulaunoy & Iklody Expires October 12, 2017 [Page 11]
Dulaunoy & Iklody Expires March 8, 2018 [Page 11]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
"namespace",
"description",
"version",
"predicates"
],
"properties": {
"refs": {
"title": "Validator for misp-taxonomies",
"id": "https://www.github.com/MISP/misp-taxonomies/schema.json",
"defs": {
"entry": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"numerical_value": {
"type": "number"
},
"expanded": {
"type": "string"
},
"uniqueItems": true,
"type": "array"
"description": {
"type": "string"
},
"colour": {
"type": "string"
},
"value": {
"type": "string"
},
"required": [
"value"
]
}
}
},
"values": {
"items": {
"$ref": "#/defs/entry",
"type": "object"
},
"type": "array",
"uniqueItems": true,
"type": "array"
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"entry": {
"$ref": "#/defs/entry"
},
"predicate": {
"type": "string"
}
},
"required": [
"predicate"
]
Dulaunoy & Iklody Expires March 8, 2018 [Page 12]
Internet-Draft MISP taxonomy format September 2017
}
},
"predicates": {
"items": {
"$ref": "#/defs/predicate",
"type": "object"
},
"type": "array",
"uniqueItems": true,
"type": "array"
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"numerical_value": {
"type": "number"
},
"colour": {
"type": "string"
},
"description": {
"type": "string"
},
"expanded": {
"type": "string"
},
"value": {
"type": "string"
},
"required": [
"value"
]
}
}
}
},
"type": "object",
"additionalProperties": false,
"properties": {
"version": {
"type": "integer"
},
@ -658,93 +719,49 @@ Internet-Draft MISP taxonomy format April 2017
},
"namespace": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object",
"defs": {
"required": [
"predicate"
],
"type": {
"type": "array",
Dulaunoy & Iklody Expires October 12, 2017 [Page 12]
Dulaunoy & Iklody Expires March 8, 2018 [Page 13]
Internet-Draft MISP taxonomy format April 2017
Internet-Draft MISP taxonomy format September 2017
"entry": {
"properties": {
"entry": {
"items": {
"required": [
"value"
],
"properties": {
"numerical_value": {
"type": "number"
},
"expanded": {
"type": "string"
},
"description": {
"type": "string"
},
"value": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object"
},
"uniqueItems": true,
"type": "array"
"items": {
"type": "string",
"enum": [
"org",
"user",
"attribute",
"event"
]
}
},
"predicate": {
"refs": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
}
},
"additionalProperties": false,
"type": "object"
"predicates": {
"$ref": "#/defs/predicates"
},
"values": {
"$ref": "#/defs/values"
}
},
"predicate": {
"required": [
"value"
],
"properties": {
"expanded": {
"type": "string"
},
"numerical_value": {
"type": "number"
},
"description": {
"type": "string"
},
Dulaunoy & Iklody Expires October 12, 2017 [Page 13]
Internet-Draft MISP taxonomy format April 2017
"colour": {
"type": "string"
},
"value": {
"type": "string"
"namespace",
"description",
"version",
"predicates"
]
}
},
"additionalProperties": false,
"type": "object"
}
},
"id": "https://github.com/MISP/misp-taxonomies/blob/master/schema.json",
"title": "Validator for misp-taxonomies",
"$schema": "http://json-schema.org/schema#"
}
6. Acknowledgements
@ -757,13 +774,22 @@ Internet-Draft MISP taxonomy format April 2017
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>.
DOI 10.17487/RFC2119, March 1997, <https://www.rfc-
editor.org/info/rfc2119>.
Dulaunoy & Iklody Expires March 8, 2018 [Page 14]
Internet-Draft MISP taxonomy format September 2017
[RFC4627] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627,
DOI 10.17487/RFC4627, July 2006,
<http://www.rfc-editor.org/info/rfc4627>.
DOI 10.17487/RFC4627, July 2006, <https://www.rfc-
editor.org/info/rfc4627>.
7.2. Informative References
@ -777,15 +803,6 @@ Internet-Draft MISP taxonomy format April 2017
<https://www.flickr.com/groups/51035612836@N01/
discuss/72157594497877875/>.
Dulaunoy & Iklody Expires October 12, 2017 [Page 14]
Internet-Draft MISP taxonomy format April 2017
[MISP-P] MISP, , "MISP Project - Malware Information Sharing
Platform and Threat Sharing", <https://github.com/MISP>.
@ -796,7 +813,7 @@ Authors' Addresses
Alexandre Dulaunoy
Computer Incident Response Center Luxembourg
41, avenue de la gare
16, bd d'Avranches
Luxembourg L-1611
Luxembourg
@ -806,7 +823,7 @@ Authors' Addresses
Andras Iklody
Computer Incident Response Center Luxembourg
41, avenue de la gare
16, bd d'Avranches
Luxembourg L-1611
Luxembourg
@ -820,21 +837,4 @@ Authors' Addresses
Dulaunoy & Iklody Expires October 12, 2017 [Page 15]
Dulaunoy & Iklody Expires March 8, 2018 [Page 15]