new: [misp] event-type added to have a generic way to label an event

2021-02-08 10:12:41 +01:00 · 2021-02-08 10:12:41 +01:00 · 5fbfd36edb
parent 4eafeae4ac
commit 5fbfd36edb
1 changed files with 34 additions and 1 deletions
--- a/misp/machinetag.json
+++ b/misp/machinetag.json
@ -154,6 +154,35 @@
        }
      ]
    },
+    {
+      "predicate": "event-type",
+      "entry": [
+        {
+          "expanded": "observation",
+          "value": "observation"
+        },
+        {
+          "expanded": "incident",
+          "value": "incident"
+        },
+        {
+          "expanded": "report",
+          "value": "report"
+        },
+        {
+          "expanded": "collection",
+          "value": "collection"
+        },
+        {
+          "expanded": "analysis",
+          "value": "analysis"
+        },
+        {
+          "expanded": "automatic-analysis",
+          "value": "automatic-analysis"
+        }
+      ]
+    },
    {
      "predicate": "ids",
      "entry": [
@ -226,9 +255,13 @@
    {
      "expanded": "IDS related tag unfluencing the MISP behavior of the IDS flag.",
      "value": "ids"
+    },
+    {
+      "expanded": "Type of the event.",
+      "value": "event-type"
    }
  ],
-  "version": 11,
+  "version": 12,
  "description": "MISP taxonomy to infer with MISP behavior or operation.",
  "expanded": "MISP",
  "namespace": "misp"