1+ {
2+ "attributes" : {
3+ "capabilities" : {
4+ "description" : " Additional Linux capabilities granted to the container."
5+ "disable_correlation" : true ,
6+ "misp-attribute" : " text"
7+ "multiple" : true ,
8+ "ui-priority" : 5
9+ },
10+ "command" : {
11+ "description" : " Command used to start the container."
12+ "misp-attribute" : " text"
13+ "ui-priority" : 8
14+ },
15+ "container-id" : {
16+ "description" : " Identifier of the container instance."
17+ "misp-attribute" : " text"
18+ "ui-priority" : 10
19+ },
20+ "created" : {
21+ "description" : " Date and time when the container was created."
22+ "disable_correlation" : true ,
23+ "misp-attribute" : " datetime"
24+ "ui-priority" : 7
25+ },
26+ "environment-variables" : {
27+ "description" : " Environment variables configured for the container."
28+ "disable_correlation" : true ,
29+ "misp-attribute" : " text"
30+ "multiple" : true ,
31+ "ui-priority" : 3
32+ },
33+ "finished" : {
34+ "description" : " Date and time when the container finished."
35+ "disable_correlation" : true ,
36+ "misp-attribute" : " datetime"
37+ "ui-priority" : 7
38+ },
39+ "hostname" : {
40+ "description" : " Hostname configured for the container."
41+ "disable_correlation" : true ,
42+ "misp-attribute" : " hostname"
43+ "ui-priority" : 6
44+ },
45+ "image" : {
46+ "description" : " Reference to image used by the container."
47+ "misp-attribute" : " text"
48+ "ui-priority" : 9
49+ },
50+ "ip-address" : {
51+ "description" : " IP address assigned to the container."
52+ "misp-attribute" : " ip-dst"
53+ "multiple" : true ,
54+ "ui-priority" : 4
55+ },
56+ "mounts" : {
57+ "description" : " Mount points attached to the container."
58+ "disable_correlation" : true ,
59+ "misp-attribute" : " text"
60+ "multiple" : true ,
61+ "ui-priority" : 4
62+ },
63+ "network-mode" : {
64+ "description" : " Networking mode configured for the container."
65+ "disable_correlation" : true ,
66+ "misp-attribute" : " text"
67+ "ui-priority" : 4
68+ },
69+ "ports" : {
70+ "description" : " Exposed or mapped ports for the container."
71+ "disable_correlation" : true ,
72+ "misp-attribute" : " port"
73+ "multiple" : true ,
74+ "ui-priority" : 4
75+ },
76+ "privileged" : {
77+ "description" : " Indicates whether the container was run in privileged mode."
78+ "disable_correlation" : true ,
79+ "misp-attribute" : " boolean"
80+ "sane_default" : [
81+ " 1"
82+ " 0"
83+ ],
84+ "ui-priority" : 6
85+ },
86+ "security-opt" : {
87+ "description" : " Security options applied to the container."
88+ "disable_correlation" : true ,
89+ "misp-attribute" : " text"
90+ "multiple" : true ,
91+ "ui-priority" : 5
92+ },
93+ "started" : {
94+ "description" : " Date and time when the container was started."
95+ "disable_correlation" : true ,
96+ "misp-attribute" : " datetime"
97+ "ui-priority" : 7
98+ },
99+ "state" : {
100+ "description" : " Runtime state of the container (e.g., running, exited, paused)."
101+ "disable_correlation" : true ,
102+ "misp-attribute" : " text"
103+ "sane_default" : [
104+ " running"
105+ " exited"
106+ " paused"
107+ ],
108+ "ui-priority" : 8
109+ },
110+ "user" : {
111+ "description" : " User configured to run inside the container."
112+ "disable_correlation" : true ,
113+ "misp-attribute" : " text"
114+ "ui-priority" : 6
115+ }
116+ },
117+ "description" : " Generic container-instance object template to represent runtime container details."
118+ "meta-category" : " misc"
119+ "name" : " container-instance"
120+ "requiredOneOf" : [
121+ " container-id"
122+ " image"
123+ ],
124+ "uuid" : " abbf4433-be8f-409e-8a9b-20cf0cc5bb48"
125+ "version" : 1
126+ }
0 commit comments