forked from threatgrid/ctim
/
incidents.cljc
66 lines (60 loc) · 2.26 KB
/
incidents.cljc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
(ns ctim.examples.incidents
(:require [ctim.schemas.common :as c]))
(def incident-maximal
{:id "http://ex.tld/ctia/incident/incident-e1b8afdf-e3dd-45d9-961c-dd84f37a8587"
:external_ids ["http://ex.tld/ctia/incident/incident-e1b8afdf-e3dd-45d9-961c-dd84f37a8587"
"http://ex.tld/ctia/incident/incident-456"]
:external_references
[{:source_name "source"
:external_id "T1067"
:url "https://ex.tld/wiki/T1067"
:hashes ["#section1"]
:description "Description text"}]
:type "incident"
:title "incident"
:description "description"
:short_description "short desc"
:tlp "green"
:schema_version c/ctim-schema-version
:revision 1
:timestamp #inst "2016-02-11T00:40:48.212-00:00"
:language "language"
:source "source"
:source_uri "http://example.com"
:confidence "High"
:categories ["Denial of Service"
"Improper Usage"]
:status "Open"
:incident_time {:discovered #inst "2016-02-11T00:40:48.212-00:00"
:opened #inst "2016-02-11T00:40:48.212-00:00"
:remediated #inst "2016-02-11T00:40:48.212-00:00"
:reported #inst "2016-02-11T00:40:48.212-00:00"
:closed #inst "2016-02-11T00:40:48.212-00:00"
:rejected #inst "2016-02-11T00:40:48.212-00:00"}
:discovery_method "Log Review"
:intended_effect "Extortion"})
(def incident-minimal
{:id "http://ex.tld/ctia/incident/incident-e1b8afdf-e3dd-45d9-961c-dd84f37a8587"
:type "incident"
:incident_time {:opened #inst "2016-02-11T00:40:48.212-00:00"}
:status "Open"
:schema_version c/ctim-schema-version
:confidence "High"})
(def new-incident-maximal
incident-maximal)
(def new-incident-minimal
{:incident_time {:opened #inst "2016-02-11T00:40:48.212-00:00"}
:status "Open"
:confidence "High"})
(def stored-incident-maximal
(merge incident-maximal
{:owner "foouser"
:groups ["bar"]
:created #inst "2016-02-11T00:40:48.212-00:00"
:modified #inst "2016-02-11T00:40:48.212-00:00"}))
(def stored-incident-minimal
(merge incident-minimal
{:owner "foouser"
:groups ["bar"]
:created #inst "2016-02-11T00:40:48.212-00:00"
:modified #inst "2016-02-11T00:40:48.212-00:00"}))