MISP
/
misp-rfc
mirror of https://github.com/MISP/misp-rfc
2
0
Fork 0
Code Issues Releases Wiki Activity

attribute_count added

Rafiot-patch-1
Alexandre Dulaunoy 2016-10-03 07:56:27 +02:00
parent 04fda2d46d
commit f4034924b5
1 changed files with 34 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
misp-core-format/raw.md.txt
View File

@ -72,9 +72,9 @@ Table of Contents
2.2.1. Event Attributes . . . . . . . . . . . . . . . . . . 3
3. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
3.1. Normative References . . . . . . . . . . . . . . . . . . 5
3.2. Informative References . . . . . . . . . . . . . . . . . 5
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5
3.2. Informative References . . . . . . . . . . . . . . . . . 6
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 6
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction
@ -201,7 +201,7 @@ Internet-Draft MISP core format October 2016
timestamp is expressed in seconds (decimal) since 1st of January 1970
(Unix timestamp). The time zone MUST be UTC.
timestamp is represented as a JSON string.
timestamp is represented as a JSON string. timestamp MUST be present.
2.2.1.8. publish_timestamp
@ -211,13 +211,13 @@ Internet-Draft MISP core format October 2016
an event, publish_timestamp MUST be updated. The time zone MUST be
UTC.
publish_timestamp is represented as a JSON string.
publish_timestamp is represented as a JSON string. publish_timestamp
MUST be present.
2.2.1.9. org_id
org_id represents the Universally Unique IDentifier (UUID) [RFC4122]
of the organization which generated the event. The org_id MUST be
updated when the event is generated by a new instance.
@ -226,6 +226,12 @@ Dulaunoy & Iklody Expires April 4, 2017 [Page 4]
Internet-Draft MISP core format October 2016
2.2.1.9. org_id
org_id represents the Universally Unique IDentifier (UUID) [RFC4122]
of the organization which generated the event. The org_id MUST be
updated when the event is generated by a new instance.
org_id is represented as a JSON string. org_id MUST be present.
2.2.1.10. orgc_id
@ -238,6 +244,14 @@ Internet-Draft MISP core format October 2016
orgc_id is represented as a JSON string. orgc_id MUST be present.
2.2.1.11. attribute_count
attribute_count represents the number of attributes in the event.
attribute_count is expressed in decimal.
attribute_count is represented as a JSON string. attribute_count
SHALL be present.
3. References
3.1. Normative References
@ -257,6 +271,17 @@ Internet-Draft MISP core format October 2016
DOI 10.17487/RFC4627, July 2006,
<http://www.rfc-editor.org/info/rfc4627>.
Dulaunoy & Iklody Expires April 4, 2017 [Page 5]
Internet-Draft MISP core format October 2016
3.2. Informative References
[MISP-P] MISP, , "MISP Project - Malware Information Sharing
@ -269,19 +294,6 @@ Appendix A. Acknowledgements
Authors' Addresses
Dulaunoy & Iklody Expires April 4, 2017 [Page 5]
Internet-Draft MISP core format October 2016
Alexandre Dulaunoy
Computer Incident Response Center Luxembourg
41, avenue de la gare
@ -312,18 +324,6 @@ Internet-Draft MISP core format October 2016