11{
22 "attributes" : {
3- "type " : {
4- "description" : " The type of the Log Event "
3+ "app " : {
4+ "description" : " The application identified (e.g. vnc, ssh, sip, irc, http or smtp). "
55 "misp-attribute" : " text"
66 "ui-priority" : 1
77 },
8- "subtype " : {
9- "description" : " The subtype of the Log Event."
8+ "direction " : {
9+ "description" : " The Direction of the Event."
1010 "misp-attribute" : " text"
1111 "ui-priority" : 1
1212 },
13- "thr_category " : {
14- "description" : " The Threat Category ."
15- "misp-attribute" : " text "
13+ "dport " : {
14+ "description" : " The port to which the connection headed ."
15+ "misp-attribute" : " counter "
1616 "ui-priority" : 1
1717 },
18- "direction" : {
19- "description" : " The Direction of the Event."
18+ "dst" : {
19+ "description" : " The Destination IP which is the target of the observed connections."
20+ "misp-attribute" : " ip-dst"
21+ "ui-priority" : 1
22+ },
23+ "dstloc" : {
24+ "description" : " The Destination Location of the event."
2025 "misp-attribute" : " text"
2126 "ui-priority" : 1
2227 },
23- "threatid " : {
24- "description" : " The Threat ID ."
28+ "proto " : {
29+ "description" : " The transport protocol (e.g. tcp, udp, icmp) ."
2530 "misp-attribute" : " text"
2631 "ui-priority" : 1
2732 },
28- "time_generated" : {
29- "description" : " The datetime of the event."
30- "misp-attribute" : " datetime"
33+ "sport" : {
34+ "description" : " The port from which the connection originated."
35+ "misp-attribute" : " counter"
36+ "ui-priority" : 1
37+ },
38+ "src" : {
39+ "description" : " The ip observed to initiate the connection"
40+ "misp-attribute" : " ip-src"
3141 "ui-priority" : 1
3242 },
3343 "srcloc" : {
3444 "description" : " The Source Location of the event."
3545 "misp-attribute" : " text"
3646 "ui-priority" : 1
3747 },
38- "dstloc " : {
39- "description" : " The Destination Location of the event ."
48+ "subtype " : {
49+ "description" : " The subtype of the Log Event ."
4050 "misp-attribute" : " text"
4151 "ui-priority" : 1
4252 },
43- "dst" : {
44- "description" : " The Destination IP which is the target of the observed connections."
45- "misp-attribute" : " ip-dst"
46- "ui-priority" : 1
47- },
48- "dport" : {
49- "description" : " The port to which the connection headed."
50- "misp-attribute" : " counter"
51- "ui-priority" : 1
52- },
53- "app" : {
54- "description" : " The application identified (e.g. vnc, ssh, sip, irc, http or smtp)."
53+ "thr_category" : {
54+ "description" : " The Threat Category."
5555 "misp-attribute" : " text"
5656 "ui-priority" : 1
5757 },
58- "proto " : {
59- "description" : " The transport protocol (e.g. tcp, udp, icmp) ."
58+ "threatid " : {
59+ "description" : " The Threat ID ."
6060 "misp-attribute" : " text"
6161 "ui-priority" : 1
6262 },
63- "src " : {
64- "description" : " The ip observed to initiate the connection "
65- "misp-attribute" : " ip-src "
63+ "time_generated " : {
64+ "description" : " The datetime of the event. "
65+ "misp-attribute" : " datetime "
6666 "ui-priority" : 1
6767 },
68- "sport " : {
69- "description" : " The port from which the connection originated. "
70- "misp-attribute" : " counter "
68+ "type " : {
69+ "description" : " The type of the Log Event "
70+ "misp-attribute" : " text "
7171 "ui-priority" : 1
7272 }
7373 },
7676 "name" : " paloalto-threat-event"
7777 "uuid" : " e6fa7a87-1173-43d6-86c2-b4d02af5fc74"
7878 "version" : 4
79- }
79+ }
0 commit comments