From 4323cbd6dd770cfdeab3afbc297ba9be9014dd31 Mon Sep 17 00:00:00 2001 From: V <45754825+vxsh4d0w@users.noreply.github.com> Date: Fri, 10 Apr 2020 12:50:24 +0200 Subject: [PATCH 01/14] Proposal for whaling phishing Suggestion for another phishing attack related directors and executive employees, usually named also as Ceo Spoofing attack. --- phishing/machinetag.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/phishing/machinetag.json b/phishing/machinetag.json index 526439f..a62a5f1 100644 --- a/phishing/machinetag.json +++ b/phishing/machinetag.json @@ -95,6 +95,11 @@ "expanded": "Bulk phishing", "description": "Adversary attempts to target a large group of potential targets without specific knowledge of the victims." } + { + "value": "whaling", + "expanded": "Whaling phishing", + "description": "Adversary attempts to target executives and high-level employees (like public spokespersons)." + } ] }, { From ff63e21818fa674a7abd76b1feeb218153e483d4 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Fri, 10 Apr 2020 13:38:09 +0200 Subject: [PATCH 02/14] chg: [phishing] JSON fixed --- phishing/machinetag.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phishing/machinetag.json b/phishing/machinetag.json index a62a5f1..84e1d50 100644 --- a/phishing/machinetag.json +++ b/phishing/machinetag.json @@ -94,7 +94,7 @@ "value": "bulk-phishing", "expanded": "Bulk phishing", "description": "Adversary attempts to target a large group of potential targets without specific knowledge of the victims." - } + }, { "value": "whaling", "expanded": "Whaling phishing", From 28e7cb79f0ec603c232857a3bf7dca519d02cfa1 Mon Sep 17 00:00:00 2001 From: Andras Iklody Date: Mon, 13 Apr 2020 10:08:13 +0200 Subject: [PATCH 03/14] chg: [pandemic] Disinfrmation added --- pandemic/machinetag.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pandemic/machinetag.json b/pandemic/machinetag.json index f2d8678..6b47002 100644 --- a/pandemic/machinetag.json +++ b/pandemic/machinetag.json @@ -1,7 +1,7 @@ { "namespace": "pandemic", "description": "Pandemic", - "version": 2, + "version": 3, "predicates": [ { "value": "covid-19", @@ -21,6 +21,11 @@ "value": "cyber", "expanded": "Cyber", "description": "Information tagged about COVID-19 and related to cybersecurity" + }, + { + "value": "disinformation", + "expanded": "Disinformation", + "description": "Information tagged about COVID-19 and related to disinformation" } ] } From f36edde0945ceea750b6ebca64f95b1d8acdb752 Mon Sep 17 00:00:00 2001 From: Sebastien Tricaud Date: Mon, 13 Apr 2020 18:22:27 -0700 Subject: [PATCH 04/14] Adding the Taxonomy for Trust --- trust/machinetag.json | 89 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 trust/machinetag.json diff --git a/trust/machinetag.json b/trust/machinetag.json new file mode 100644 index 0000000..b5c7b4e --- /dev/null +++ b/trust/machinetag.json @@ -0,0 +1,89 @@ +{ + "version": 1, + "description": "The Indicator of Trust provides insight about data on what can be trusted and known as a good actor. Similar to a whitelist but on steroids, reusing features one would use with Indicators of Compromise, but to filter out what is known to be good.", + "expanded": "Indicators of Trust", + "namespace": "trust", + "exclusive": true, + "predicates": [ + { + "value": "trust", + "expanded": "How much trust the analyst has with this indicator." + }, + { + "value": "frequency", + "expanded": "Recency/count of occurence at which the indicator occurs in data." + }, + { + "value": "valid", + "expanded": "Whether this indicator was pushed as trusted but cannot be trusted (ie. MD5 cannot be valid because it is cryptographically broken)." + } + ], + "values": [ + { + "predicate": "trust", + "entry": [ + { + "value": "unknown", + "expanded": "Unknown Confidence State" + }, + { + "value": "none", + "expanded": "Cannot Trust, no confidence" + }, + { + "value": "partial", + "expanded": "Low confidence" + }, + { + "value": "relationship", + "expanded": "Inherited Full Trust by a third party that we trust" + }, + { + "value": "full", + "expanded": "We fully trust it" + } + ] + }, + { + "predicate": "frequency", + "entry": [ + { + "value": "hourly", + "expanded": "This attribute is likely to happen at an hourly interval" + }, + { + "value": "daily", + "expanded": "This attribute is likely to happen at a daily interval" + }, + { + "value": "weekly", + "expanded": "This attribute is likely to happen at a weekly interval" + }, + { + "value": "monthly", + "expanded": "This attribute is likely to happen at a monthly interval" + }, + { + "value": "yearly", + "expanded": "Thie attribute is likely to happen at a yearly interval" + } + ] + }, + { + "predicate": "valid", + "entry": [ + { + "value": "true", + "expanded": "This Trust is valid" + }, + { + "value": "false", + "expanded": "This trust is invalid. Such as a MD5 Hash etc." + } + ] + } + ], + "refs": [ + "https://trust.fyi/" + ] +} From d34502fad767896a1e19b9763b3353071e84c83d Mon Sep 17 00:00:00 2001 From: Sebastien Tricaud Date: Mon, 13 Apr 2020 18:27:57 -0700 Subject: [PATCH 05/14] Change the README --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index a3077fd..a4de5a5 100644 --- a/README.md +++ b/README.md @@ -58,6 +58,7 @@ bfuscation techniques. This taxonomy lists all the known or official packer used - [The Permissible Actions Protocol - or short: PAP - was designed to indicate how the received information can be used.](./PAP) - [Targeted Threat Index is a metric for assigning an overall threat ranking score to email messages that deliver malware to a victim’s computer.](./targeted-threat-index) - [TLP - Traffic Light Protocol](./tlp) +- [Trust - Indicators of Trust](./trust) - [Type](./type) - [Vocabulaire des probabilités estimatives](./vocabulaire-des-probabilites-estimatives) - Vocabulary for Event Recording and Incident Sharing [VERIS](./veris) @@ -180,6 +181,10 @@ The Permissible Actions Protocol - or short: PAP - was designed to indicate how The Traffic Light Protocol - or short: TLP - was designed with the objective to create a favorable classification scheme for sharing sensitive information while keeping the control over its distribution at the same time. +### [Trust - Indicators of Trust](./trust) + +The Trust Taxonomy provides a way to use Indicators of Trust within MISP to get insight on data about what can be trusted. Similar to a whitelist but on steroids, leveraging MISP features one would use with Inidicators of Compromise, but to filter out what is known to be good. + ### Vocabulary for Event Recording and Incident Sharing [VERIS](./veris) Vocabulary for Event Recording and Incident Sharing is a format created by the [VERIS community](http://veriscommunity.net/). From 3dd06b302e751949cc462a3588a7ba9eef262e42 Mon Sep 17 00:00:00 2001 From: Sebastien Tricaud Date: Mon, 13 Apr 2020 18:29:26 -0700 Subject: [PATCH 06/14] Adding the trust taxonomy to the MANIFEST --- MANIFEST.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/MANIFEST.json b/MANIFEST.json index da8a7fe..87e1de6 100644 --- a/MANIFEST.json +++ b/MANIFEST.json @@ -543,6 +543,11 @@ "name": "tlp", "version": 5 }, + { + "description": "The Indicators of Trust provide insight on data about what can be trusted", + "name": "trust", + "version": 1 + }, { "description": "Taxonomy to describe Tor network infrastructure", "name": "tor", From 9dbd12eccb5c3d2b16fa60cba07143951c89e9b6 Mon Sep 17 00:00:00 2001 From: Sebastien Tricaud Date: Mon, 13 Apr 2020 18:30:06 -0700 Subject: [PATCH 07/14] After running ./jq_all_the_things.sh --- trust/machinetag.json | 174 +++++++++++++++++++++--------------------- 1 file changed, 87 insertions(+), 87 deletions(-) diff --git a/trust/machinetag.json b/trust/machinetag.json index b5c7b4e..69313ae 100644 --- a/trust/machinetag.json +++ b/trust/machinetag.json @@ -1,89 +1,89 @@ { - "version": 1, - "description": "The Indicator of Trust provides insight about data on what can be trusted and known as a good actor. Similar to a whitelist but on steroids, reusing features one would use with Indicators of Compromise, but to filter out what is known to be good.", - "expanded": "Indicators of Trust", - "namespace": "trust", - "exclusive": true, - "predicates": [ - { - "value": "trust", - "expanded": "How much trust the analyst has with this indicator." - }, - { - "value": "frequency", - "expanded": "Recency/count of occurence at which the indicator occurs in data." - }, - { - "value": "valid", - "expanded": "Whether this indicator was pushed as trusted but cannot be trusted (ie. MD5 cannot be valid because it is cryptographically broken)." - } - ], - "values": [ - { - "predicate": "trust", - "entry": [ - { - "value": "unknown", - "expanded": "Unknown Confidence State" - }, - { - "value": "none", - "expanded": "Cannot Trust, no confidence" - }, - { - "value": "partial", - "expanded": "Low confidence" - }, - { - "value": "relationship", - "expanded": "Inherited Full Trust by a third party that we trust" - }, - { - "value": "full", - "expanded": "We fully trust it" - } - ] - }, - { - "predicate": "frequency", - "entry": [ - { - "value": "hourly", - "expanded": "This attribute is likely to happen at an hourly interval" - }, - { - "value": "daily", - "expanded": "This attribute is likely to happen at a daily interval" - }, - { - "value": "weekly", - "expanded": "This attribute is likely to happen at a weekly interval" - }, - { - "value": "monthly", - "expanded": "This attribute is likely to happen at a monthly interval" - }, - { - "value": "yearly", - "expanded": "Thie attribute is likely to happen at a yearly interval" - } - ] - }, - { - "predicate": "valid", - "entry": [ - { - "value": "true", - "expanded": "This Trust is valid" - }, - { - "value": "false", - "expanded": "This trust is invalid. Such as a MD5 Hash etc." - } - ] - } - ], - "refs": [ - "https://trust.fyi/" - ] + "version": 1, + "description": "The Indicator of Trust provides insight about data on what can be trusted and known as a good actor. Similar to a whitelist but on steroids, reusing features one would use with Indicators of Compromise, but to filter out what is known to be good.", + "expanded": "Indicators of Trust", + "namespace": "trust", + "exclusive": true, + "predicates": [ + { + "value": "trust", + "expanded": "How much trust the analyst has with this indicator." + }, + { + "value": "frequency", + "expanded": "Recency/count of occurence at which the indicator occurs in data." + }, + { + "value": "valid", + "expanded": "Whether this indicator was pushed as trusted but cannot be trusted (ie. MD5 cannot be valid because it is cryptographically broken)." + } + ], + "values": [ + { + "predicate": "trust", + "entry": [ + { + "value": "unknown", + "expanded": "Unknown Confidence State" + }, + { + "value": "none", + "expanded": "Cannot Trust, no confidence" + }, + { + "value": "partial", + "expanded": "Low confidence" + }, + { + "value": "relationship", + "expanded": "Inherited Full Trust by a third party that we trust" + }, + { + "value": "full", + "expanded": "We fully trust it" + } + ] + }, + { + "predicate": "frequency", + "entry": [ + { + "value": "hourly", + "expanded": "This attribute is likely to happen at an hourly interval" + }, + { + "value": "daily", + "expanded": "This attribute is likely to happen at a daily interval" + }, + { + "value": "weekly", + "expanded": "This attribute is likely to happen at a weekly interval" + }, + { + "value": "monthly", + "expanded": "This attribute is likely to happen at a monthly interval" + }, + { + "value": "yearly", + "expanded": "Thie attribute is likely to happen at a yearly interval" + } + ] + }, + { + "predicate": "valid", + "entry": [ + { + "value": "true", + "expanded": "This Trust is valid" + }, + { + "value": "false", + "expanded": "This trust is invalid. Such as a MD5 Hash etc." + } + ] + } + ], + "refs": [ + "https://trust.fyi/" + ] } From 8c4e2a8e8b4d3ec287c43dcae129123fcde8cb2f Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Fri, 24 Apr 2020 14:00:07 +0200 Subject: [PATCH 08/14] chg: [pandemic] geostrategy added --- MANIFEST.json | 12 ++++++------ pandemic/machinetag.json | 7 ++++++- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/MANIFEST.json b/MANIFEST.json index 87e1de6..cd4c8d8 100644 --- a/MANIFEST.json +++ b/MANIFEST.json @@ -451,7 +451,7 @@ { "description": "Pandemic", "name": "pandemic", - "version": 2 + "version": 4 }, { "description": "Tags from RiskIQ's PassiveTotal service", @@ -544,13 +544,13 @@ "version": 5 }, { - "description": "The Indicators of Trust provide insight on data about what can be trusted", - "name": "trust", + "description": "Taxonomy to describe Tor network infrastructure", + "name": "tor", "version": 1 }, { - "description": "Taxonomy to describe Tor network infrastructure", - "name": "tor", + "description": "The Indicator of Trust provides insight about data on what can be trusted and known as a good actor. Similar to a whitelist but on steroids, reusing features one would use with Indicators of Compromise, but to filter out what is known to be good.", + "name": "trust", "version": 1 }, { @@ -580,5 +580,5 @@ } ], "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/master/", - "version": "20200324" + "version": "20200424" } diff --git a/pandemic/machinetag.json b/pandemic/machinetag.json index 6b47002..aa864a9 100644 --- a/pandemic/machinetag.json +++ b/pandemic/machinetag.json @@ -1,7 +1,7 @@ { "namespace": "pandemic", "description": "Pandemic", - "version": 3, + "version": 4, "predicates": [ { "value": "covid-19", @@ -26,6 +26,11 @@ "value": "disinformation", "expanded": "Disinformation", "description": "Information tagged about COVID-19 and related to disinformation" + }, + { + "value": "geostrategy", + "expanded": "Geostrategy", + "description": "Information tagged about COVID-19 and related to geostrategy or geopolitics" } ] } From 43ee8e949295759240b14e4905c45b5d6b6336e0 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 18 May 2020 10:52:34 +0200 Subject: [PATCH 09/14] chg: [exercise] a new generic predicate added for comcheck without name --- exercise/machinetag.json | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/exercise/machinetag.json b/exercise/machinetag.json index 68210aa..43b52d5 100644 --- a/exercise/machinetag.json +++ b/exercise/machinetag.json @@ -34,6 +34,11 @@ "description": "Cyber SOPEx (formerly known as EuroSOPEx) is the first step in a series of ENISA exercises focusing on training the participants on situational awareness, information sharing, understanding roles and responsibilities and utilising related tools, as agreed by the CSIRTs Network", "expanded": "Cyber SOPEx", "value": "cyber-sopex" + }, + { + "value": "generic", + "expanded": "Generic", + "description": "Generic exercise which are not named." } ], "values": [ @@ -166,9 +171,19 @@ "expanded": "2021" } ] + }, + { + "predicate": "generic", + "entry": [ + { + "value": "comcheck", + "expanded": "Communication check", + "description": "A communication check exercise which can include digital or non-digital communication." + } + ] } ], - "version": 7, + "version": 8, "description": "Exercise is a taxonomy to describe if the information is part of one or more cyber or crisis exercise.", "expanded": "Exercise", "namespace": "exercise" From 031287c19d74d137e87348c5ba6fff8827e7f8ee Mon Sep 17 00:00:00 2001 From: Cookie Date: Tue, 19 May 2020 18:59:39 +0200 Subject: [PATCH 10/14] new: [extended-event] first proposal --- extended-event/machinetag.json | 43 ++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 extended-event/machinetag.json diff --git a/extended-event/machinetag.json b/extended-event/machinetag.json new file mode 100644 index 0000000..35e15dd --- /dev/null +++ b/extended-event/machinetag.json @@ -0,0 +1,43 @@ +{ + "namespace": "extended-event", + "description": "Reasons why an event has been extended : ", + "version": 1, + "predicates": [ + { + "value": "competitive-analysis", + "expanded": "Competitive analysis" + }, + { + "value": "extended-analysis", + "expanded": "Extended analysis" + } + ], + "values": [ + { + "predicate": "competitive-analysis", + "entry": [ + { + "value": "devil-advocate", + "description": "Devil's advocate" + }, + { + "value": "absurd-reasoning", + "expanded": "Absurd reasoning" + } + ] + }, + { + "predicate": "extended-analysis", + "entry": [ + { + "value": "automatic-expansion", + "description": "Automatic expansion" + }, + { + "value": "aggressive-pivoting", + "description": "Aggressive pivoting" + } + ] + } + ] +} From 113e5959d5c334ee5370615172d74f9052e914ac Mon Sep 17 00:00:00 2001 From: Cookie Date: Wed, 20 May 2020 17:21:12 +0200 Subject: [PATCH 11/14] update to predicate --- extended-event/machinetag.json | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/extended-event/machinetag.json b/extended-event/machinetag.json index 35e15dd..715ea84 100644 --- a/extended-event/machinetag.json +++ b/extended-event/machinetag.json @@ -23,7 +23,15 @@ { "value": "absurd-reasoning", "expanded": "Absurd reasoning" - } + }, + { + "value": "role-playing", + "expanded": "Role playing" + }, + { + "value": "crystal-ball", + "expanded": "Crystal ball" + } ] }, { From 2350f8213ba981a24f6e0a28de08f4051a687472 Mon Sep 17 00:00:00 2001 From: Cookie Date: Tue, 26 May 2020 16:04:44 +0200 Subject: [PATCH 12/14] complete version before merge --- extended-event/machinetag.json | 58 +++++++++++++++++++++++++++++----- 1 file changed, 50 insertions(+), 8 deletions(-) diff --git a/extended-event/machinetag.json b/extended-event/machinetag.json index 715ea84..2ed46f9 100644 --- a/extended-event/machinetag.json +++ b/extended-event/machinetag.json @@ -1,6 +1,6 @@ { "namespace": "extended-event", - "description": "Reasons why an event has been extended : ", + "description": "Reasons why an event has been extended. ", "version": 1, "predicates": [ { @@ -10,6 +10,21 @@ { "value": "extended-analysis", "expanded": "Extended analysis" + }, + { + "value": "human-readable", + "expanded": "Human readable", + "description": "This extended event makes a human readable output of a machine or technical report." + }, + { + "value": "chunked-event", + "expanded": "Chunked Event", + "description": "This extended event is a part of a large event." + }, + { + "value" : "update", + "expanded" : "Update", + "description" : "Original event is deprecated" } ], "values": [ @@ -18,19 +33,23 @@ "entry": [ { "value": "devil-advocate", - "description": "Devil's advocate" + "expanded": "Devil's advocate", + "description": "Is a competitive analysis of devil's advocate type." }, { "value": "absurd-reasoning", - "expanded": "Absurd reasoning" + "expanded": "Absurd reasoning", + "description": "Is a competitive analysis of absurd reasoning type" }, { "value": "role-playing", - "expanded": "Role playing" + "expanded": "Role playing", + "description": "Is a competitive analysis of role playing type" }, { "value": "crystal-ball", - "expanded": "Crystal ball" + "expanded": "Crystal ball", + "description": "Is a competitive analysis of crystal ball type" } ] }, @@ -39,13 +58,36 @@ "entry": [ { "value": "automatic-expansion", - "description": "Automatic expansion" + "expanded": "Automatic expansion", + "description": "This extended event is composed of elements derived from automatic expanxions services" }, { "value": "aggressive-pivoting", - "description": "Aggressive pivoting" - } + "expanded": "Aggressive pivoting", + "description": "This extended event is composed of elements resulting of a careless pivoting" + }, + { + "value": "complementary-analysis", + "expanded": "Complementary analysis", + "description": "This extended event is composed of elements gathered by a different analyst than the original one" + } ] + }, + { + "predicate": "chunked-event", + "entry" : [ + { + "value": "time-based", + "expanded" : "Time based", + "dscription": "is an element of a serie of extended events, split by matter of time" + }, + { + "value": "counter-based", + "expanded": "Counter based", + "description": "is an element of a serie of extended events, split by number of elements" + } + ] } + ] } From a29f19e4b92de6ea8fecee4dc48bac63bcd196e2 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Tue, 26 May 2020 16:09:44 +0200 Subject: [PATCH 13/14] chg: [extended-event] updated to please our strict rules --- MANIFEST.json | 9 +++- extended-event/machinetag.json | 83 +++++++++++++++++----------------- 2 files changed, 48 insertions(+), 44 deletions(-) diff --git a/MANIFEST.json b/MANIFEST.json index cd4c8d8..565f88f 100644 --- a/MANIFEST.json +++ b/MANIFEST.json @@ -246,7 +246,12 @@ { "description": "Exercise is a taxonomy to describe if the information is part of one or more cyber or crisis exercise.", "name": "exercise", - "version": 7 + "version": 8 + }, + { + "description": "Reasons why an event has been extended. ", + "name": "extended-event", + "version": 1 }, { "description": "The purpose of this taxonomy is to jointly tabulate both the of these failure modes in a single place. Intentional failures wherein the failure is caused by an active adversary attempting to subvert the system to attain her goals – either to misclassify the result, infer private training data, or to steal the underlying algorithm. Unintentional failures wherein the failure is because an ML system produces a formally correct but completely unsafe outcome.", @@ -580,5 +585,5 @@ } ], "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/master/", - "version": "20200424" + "version": "20200526" } diff --git a/extended-event/machinetag.json b/extended-event/machinetag.json index 2ed46f9..63a506d 100644 --- a/extended-event/machinetag.json +++ b/extended-event/machinetag.json @@ -12,19 +12,19 @@ "expanded": "Extended analysis" }, { - "value": "human-readable", - "expanded": "Human readable", - "description": "This extended event makes a human readable output of a machine or technical report." + "value": "human-readable", + "expanded": "Human readable", + "description": "This extended event makes a human readable output of a machine or technical report." }, { - "value": "chunked-event", - "expanded": "Chunked Event", - "description": "This extended event is a part of a large event." + "value": "chunked-event", + "expanded": "Chunked Event", + "description": "This extended event is a part of a large event." }, { - "value" : "update", - "expanded" : "Update", - "description" : "Original event is deprecated" + "value": "update", + "expanded": "Update", + "description": "Original event is deprecated" } ], "values": [ @@ -34,23 +34,23 @@ { "value": "devil-advocate", "expanded": "Devil's advocate", - "description": "Is a competitive analysis of devil's advocate type." + "description": "Is a competitive analysis of devil's advocate type." }, { "value": "absurd-reasoning", "expanded": "Absurd reasoning", - "description": "Is a competitive analysis of absurd reasoning type" + "description": "Is a competitive analysis of absurd reasoning type" }, - { - "value": "role-playing", - "expanded": "Role playing", - "description": "Is a competitive analysis of role playing type" - }, - { - "value": "crystal-ball", - "expanded": "Crystal ball", - "description": "Is a competitive analysis of crystal ball type" - } + { + "value": "role-playing", + "expanded": "Role playing", + "description": "Is a competitive analysis of role playing type" + }, + { + "value": "crystal-ball", + "expanded": "Crystal ball", + "description": "Is a competitive analysis of crystal ball type" + } ] }, { @@ -59,35 +59,34 @@ { "value": "automatic-expansion", "expanded": "Automatic expansion", - "description": "This extended event is composed of elements derived from automatic expanxions services" + "description": "This extended event is composed of elements derived from automatic expanxions services" }, { "value": "aggressive-pivoting", "expanded": "Aggressive pivoting", - "description": "This extended event is composed of elements resulting of a careless pivoting" + "description": "This extended event is composed of elements resulting of a careless pivoting" }, - { - "value": "complementary-analysis", - "expanded": "Complementary analysis", - "description": "This extended event is composed of elements gathered by a different analyst than the original one" - } + { + "value": "complementary-analysis", + "expanded": "Complementary analysis", + "description": "This extended event is composed of elements gathered by a different analyst than the original one" + } ] }, { - "predicate": "chunked-event", - "entry" : [ - { - "value": "time-based", - "expanded" : "Time based", - "dscription": "is an element of a serie of extended events, split by matter of time" - }, - { - "value": "counter-based", - "expanded": "Counter based", - "description": "is an element of a serie of extended events, split by number of elements" - } - ] + "predicate": "chunked-event", + "entry": [ + { + "value": "time-based", + "expanded": "Time based", + "dscription": "is an element of a serie of extended events, split by matter of time" + }, + { + "value": "counter-based", + "expanded": "Counter based", + "description": "is an element of a serie of extended events, split by number of elements" + } + ] } - ] } From 35e561697a88e9101a3d0809b3d2c6565f2c8749 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Tue, 26 May 2020 16:12:38 +0200 Subject: [PATCH 14/14] chg: [extended-event] description typo fixed --- extended-event/machinetag.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/extended-event/machinetag.json b/extended-event/machinetag.json index 63a506d..45e05c4 100644 --- a/extended-event/machinetag.json +++ b/extended-event/machinetag.json @@ -79,7 +79,7 @@ { "value": "time-based", "expanded": "Time based", - "dscription": "is an element of a serie of extended events, split by matter of time" + "description": "is an element of a serie of extended events, split by matter of time" }, { "value": "counter-based",