misp-training/training-support/sample-events/dirty-harry-example.json

{"response": [{"Event":{"id":"2847","orgc_id":"2","org_id":"1","date":"2021-12-22","threat_level_id":"1","info":"Dirty harry example","published":false,"uuid":"339b8437-13e8-4ae6-97dc-47cf909aa78d","attribute_count":"28","analysis":"0","timestamp":"1640166254","distribution":"0","proposal_email_lock":false,"locked":true,"publish_timestamp":"0","sharing_group_id":"0","disable_correlation":false,"extends_uuid":"","protected":null,"Org":{"id":"1","name":"Training","uuid":"5d6d3b30-9db0-44b9-8869-7f56a5e38e14","local":true},"Orgc":{"id":"2","name":"CIRCL","uuid":"55f6ea5e-2c60-40e5-964f-47a8950d210f","local":true},"Attribute":[],"ShadowAttribute":[],"RelatedEvent":[{"Event":{"id":"2851","date":"2022-02-23","threat_level_id":"1","info":"Seen someone suspicious in the surrounding","published":false,"uuid":"0ef1b4cd-938f-48b4-9fdf-1d345e1265a5","analysis":"0","timestamp":"1645627555","distribution":"0","org_id":"1","orgc_id":"1","Org":{"id":"1","name":"Training","uuid":"5d6d3b30-9db0-44b9-8869-7f56a5e38e14"},"Orgc":{"id":"1","name":"Training","uuid":"5d6d3b30-9db0-44b9-8869-7f56a5e38e14"}}},{"Event":{"id":"2702","date":"2021-12-09","threat_level_id":"4","info":"Seen someone suspicious in the surrounding","published":false,"uuid":"0b050072-96ea-42fc-a889-ffdba4e81daf","analysis":"1","timestamp":"1639055163","distribution":"0","org_id":"1","orgc_id":"1","Org":{"id":"1","name":"Training","uuid":"5d6d3b30-9db0-44b9-8869-7f56a5e38e14"},"Orgc":{"id":"1","name":"Training","uuid":"5d6d3b30-9db0-44b9-8869-7f56a5e38e14"}}}],"Galaxy":[],"Object":[{"id":"34212","name":"person","meta-category":"misc","description":"An object which describes a person or an identity.","template_uuid":"a15b0477-e9d1-4b9c-9546-abe78a4f4248","template_version":"11","event_id":"2847","uuid":"52530308-9f93-4235-b606-151f28681730","timestamp":"1640166235","distribution":"5","sharing_group_id":"0","comment":"","deleted":false,"first_seen":"2021-12-22T09:36:30.000000+00:00","last_seen":null,"ObjectReference":[{"id":"11792","uuid":"57be7f90-e4e0-42ae-83d5-ecccc86a5dc1","timestamp":"1640165352","object_id":"34212","referenced_uuid":"3d137956-d3c2-421f-8144-256b2d06da65","referenced_id":"34214","referenced_type":"1","relationship_type":"knows","comment":"","deleted":false,"event_id":"2847","source_uuid":"52530308-9f93-4235-b606-151f28681730","Object":{"distribution":"5","sharing_group_id":"0","uuid":"3d137956-d3c2-421f-8144-256b2d06da65","name":"person","meta-category":"misc"}},{"id":"11793","uuid":"f58d2502-74b3-4ed0-8b38-5f18a2bd1556","timestamp":"1640165378","object_id":"34212","referenced_uuid":"e7c50da3-33de-4f83-bcca-7e43643e3572","referenced_id":"34213","referenced_type":"1","relationship_type":"knows","comment":"","deleted":false,"event_id":"2847","source_uuid":"52530308-9f93-4235-b606-151f28681730","Object":{"distribution":"5","sharing_group_id":"0","uuid":"e7c50da3-33de-4f83-bcca-7e43643e3572","name":"person","meta-category":"misc"}},{"id":"11794","uuid":"7c57b0fe-88c1-491e-8b5c-d84cfaa53934","timestamp":"1640165394","object_id":"34212","referenced_uuid":"e33f6a8d-6c1f-4566-b9b5-6a608edfc41b","referenced_id":"34215","referenced_type":"1","relationship_type":"knows","comment":"","deleted":false,"event_id":"2847","source_uuid":"52530308-9f93-4235-b606-151f28681730","Object":{"distribution":"5","sharing_group_id":"0","uuid":"e33f6a8d-6c1f-4566-b9b5-6a608edfc41b","name":"person","meta-category":"misc"}},{"id":"11795","uuid":"f8de34dc-5bfb-4dbe-881b-5b8aec108682","timestamp":"1640166048","object_id":"34212","referenced_uuid":"a919af16-503c-4c6b-b6d2-30460407ed05","referenced_id":"34216","referenced_type":"1","relationship_type":"owns","comment":"","deleted":false,"event_id":"2847","source_uuid":"52530308-9f93-4235-b606-151f28681730","Object":{"distribution":"5","sharing_group_id":"0","uuid":"a919af16-503c-4c6b-b6d2-30460407ed05","name":"vehicle","meta-category":"misc"}}],"Attribute":[{"id":"546619","type":"text","category":"Other","to_ids":false,"uuid":"6d99f43a-d493-46d5-9e0a-9ae5e859aded","event_id":"2847","distribution":"5","timestamp":"1640164738","comment":""