MISP
/
misp-rfc
mirror of https://github.com/MISP/misp-rfc
2
0
Fork 0
Code Issues Releases Wiki Activity

text output updated

pull/6/head
Alexandre Dulaunoy 2017-05-05 16:52:14 +02:00
parent f7c65fb881
commit 904c1f1d47
1 changed files with 31 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
misp-taxonomy-format/raw.md.txt
View File

@ -144,23 +144,23 @@ Internet-Draft MISP taxonomy format April 2017
The MISP taxonomy format uses the JSON [RFC4627] format. Each The MISP taxonomy format uses the JSON [RFC4627] format. Each
namespace is represented as a JSON object with meta information namespace is represented as a JSON object with meta information
including the following fields: namespace, description, version. including the following fields: namespace, description, version,
type.
namespace defines the overall namespace of the machine tag. The namespace defines the overall namespace of the machine tag. The
namespace is represented as a string and MUST be present. The namespace is represented as a string and MUST be present. The
description is represented as a string and MUST be present. A description is represented as a string and MUST be present. A
version is represented as a decimal and MUST be present. version is represented as a decimal and MUST be present. A type
defines where a specific taxonomy is applicable and a type can be
applicable at event, user or org level. The type is represented as
an array containing one or more type and SHOULD be present. If a
type is not mentioned, by default, the taxonomy is applicable at
event level only.
predicates defines all the predicates available in the namespace predicates defines all the predicates available in the namespace
defined. predicates is represented as an array of JSON objects. defined. predicates is represented as an array of JSON objects.
predicates MUST be present and MUST at least content one element. predicates MUST be present and MUST at least content one element.
values defines all the values for each predicate in the namespace
defined. values SHOULD be present.
@ -170,6 +170,9 @@ Dulaunoy & Iklody Expires October 12, 2017 [Page 3]
Internet-Draft MISP taxonomy format April 2017 Internet-Draft MISP taxonomy format April 2017
values defines all the values for each predicate in the namespace
defined. values SHOULD be present.
2.2. predicates 2.2. predicates
The predicates array contains one or more JSON objects which lists The predicates array contains one or more JSON objects which lists
@ -203,6 +206,26 @@ Internet-Draft MISP taxonomy format April 2017
Example use of the colour field in the Traffic Light Protocol (TLP): Example use of the colour field in the Traffic Light Protocol (TLP):
Dulaunoy & Iklody Expires October 12, 2017 [Page 4]
Internet-Draft MISP taxonomy format April 2017
"predicates": [ "predicates": [
{ {
"colour": "#CC0033", "colour": "#CC0033",
@ -219,13 +242,6 @@ Internet-Draft MISP taxonomy format April 2017
"value": "amber" "value": "amber"
}...] }...]
Dulaunoy & Iklody Expires October 12, 2017 [Page 4]
Internet-Draft MISP taxonomy format April 2017
2.4.2. description 2.4.2. description
description fields MAY be used at predicates or values level to add a description fields MAY be used at predicates or values level to add a
@ -256,22 +272,6 @@ Internet-Draft MISP taxonomy format April 2017