-
Notifications
You must be signed in to change notification settings - Fork 118
/
definition.json
122 lines (122 loc) · 2.96 KB
/
definition.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
{
"attributes": {
"description": {
"description": "Description of the task.",
"misp-attribute": "text",
"ui-priority": 1
},
"end_time": {
"description": "The date and time the event was last recorded.",
"misp-attribute": "datetime",
"ui-priority": 0
},
"end_time_fidelity": {
"description": "Level of fidelity that the `end_time` is recorded in.",
"disable_correlation": true,
"misp-attribute": "text",
"sane_default": [
"day",
"hour",
"minute",
"month",
"second",
"year"
],
"ui-priority": 0
},
"error": {
"description": "Details about any failure or deviation that occurred in the task.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"name": {
"description": "Name of the task.",
"misp-attribute": "text",
"ui-priority": 1
},
"outcome": {
"description": "Outcome of the task",
"disable_correlation": true,
"misp-attribute": "text",
"sane_default": [
"cancelled",
"failed",
"ongoing",
"pending",
"successful",
"unknown"
],
"ui-priority": 0
},
"priority": {
"description": "Priority or importance of the task.",
"disable_correlation": true,
"misp-attribute": "text",
"sane_default": [
"Not Specified",
"False Positive",
"Low",
"Moderate",
"High",
"Extreme"
],
"ui-priority": 0
},
"start_time": {
"description": "The date and time the event was first recorded.",
"misp-attribute": "datetime",
"ui-priority": 0
},
"start_time_fidelity": {
"description": "Level of fidelity that the `start_time` is recorded in.",
"disable_correlation": true,
"misp-attribute": "text",
"sane_default": [
"day",
"hour",
"minute",
"month",
"second",
"year"
],
"ui-priority": 0
},
"task_type": {
"description": "Type of task.",
"disable_correlation": true,
"misp-attribute": "text",
"multiple": true,
"sane_default": [
"administrative",
"attribution",
"containment",
"declared",
"detected",
"eradication",
"escalated",
"exercised-control",
"external-intelligence",
"external-outreach",
"external-support",
"implemented-control",
"negotiation",
"playbook-execution",
"playbook-step-execution",
"recovery",
"reported",
"routine-updates",
"victim-notification"
],
"ui-priority": 0
}
},
"description": "Task object as described in STIX 2.1 Incident object extension.",
"meta-category": "misc",
"name": "task",
"required": [
"outcome"
],
"uuid": "384734e7-8710-4ab0-901a-6f0e73a551e6",
"version": 1
}