Merge pull request #505 from MISP/codex/add-generic-objects-for-physical-items

adulau · web-flow · commit ece467c83616 · 2026-04-09T19:22:16.000+02:00
Add generic physical-object and physical-item MISP templates
diff --git a/objects/physical-item/definition.json b/objects/physical-item/definition.json
@@ -0,0 +1,112 @@
+{
+  "attributes": {
+    "case-number": {
+      "description": "Case number associated with this item.",
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "collection-date": {
+      "description": "Date when the item was collected.",
+      "disable_correlation": true,
+      "misp-attribute": "datetime",
+      "ui-priority": 2
+    },
+    "collector": {
+      "description": "Person or unit that collected the item.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 2
+    },
+    "currency": {
+      "description": "Currency used for estimated value.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "sane_default": [
+        "EUR",
+        "USD",
+        "GBP",
+        "CHF",
+        "JPY",
+        "other"
+      ],
+      "ui-priority": 0
+    },
+    "description": {
+      "description": "Narrative description of the item.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 10
+    },
+    "estimated-value": {
+      "description": "Estimated monetary value of the item.",
+      "disable_correlation": true,
+      "misp-attribute": "float",
+      "ui-priority": 0
+    },
+    "item-number": {
+      "description": "Unique item number as listed by an analyst.",
+      "misp-attribute": "text",
+      "ui-priority": 10
+    },
+    "item-picture": {
+      "description": "Picture or scan of the item.",
+      "misp-attribute": "attachment",
+      "multiple": true,
+      "ui-priority": 4
+    },
+    "item-status": {
+      "description": "Current handling status of the item.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "sane_default": [
+        "collected",
+        "in-analysis",
+        "stored",
+        "transferred",
+        "returned",
+        "destroyed",
+        "unknown"
+      ],
+      "ui-priority": 3
+    },
+    "owner": {
+      "description": "Known owner or possessor of the item.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    },
+    "packaging": {
+      "description": "How the item is packaged or sealed.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 2
+    },
+    "recovered-from": {
+      "description": "Place, object, or person from which the item was recovered.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 4
+    },
+    "seal-number": {
+      "description": "Seal or evidence bag number used for custody.",
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 2
+    },
+    "storage-location": {
+      "description": "Current storage location of the item.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 1
+    }
+  },
+  "description": "A generic item object for analysts to track collection, custody, and contextual details of a physical item.",
+  "meta-category": "misc",
+  "name": "physical-item",
+  "required": [
+    "item-number",
+    "description"
+  ],
+  "uuid": "9d239b58-0be6-410f-836d-6634802f08ca",
+  "version": 1
+}
diff --git a/objects/physical-object/definition.json b/objects/physical-object/definition.json
@@ -0,0 +1,152 @@
+{
+  "attributes": {
+    "acquisition-date": {
+      "description": "Date when the object was acquired or seized.",
+      "disable_correlation": true,
+      "misp-attribute": "datetime",
+      "ui-priority": 1
+    },
+    "barcode": {
+      "description": "Barcode value associated with the object.",
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 3
+    },
+    "brand": {
+      "description": "Manufacturer or commercial brand of the object.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 4
+    },
+    "color": {
+      "description": "Color(s) of the object.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 5
+    },
+    "condition": {
+      "description": "Observed condition of the object.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "sane_default": [
+        "new",
+        "used",
+        "damaged",
+        "modified",
+        "destroyed",
+        "unknown"
+      ],
+      "ui-priority": 6
+    },
+    "description": {
+      "description": "Narrative description of the physical object.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 0
+    },
+    "dimensions": {
+      "description": "Dimensions of the object (for example LxWxH and unit).",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 8
+    },
+    "estimated-value": {
+      "description": "Estimated value of the object in the specified currency.",
+      "disable_correlation": true,
+      "misp-attribute": "float",
+      "ui-priority": 9
+    },
+    "identifier": {
+      "description": "Internal identifier assigned by an analyst or team.",
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 1
+    },
+    "location-found": {
+      "description": "Location where the object was observed or recovered.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 2
+    },
+    "material": {
+      "description": "Main material(s) of the object.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 7
+    },
+    "model": {
+      "description": "Model name or model number.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 4
+    },
+    "name": {
+      "description": "Short name used to identify the object.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 10
+    },
+    "object-picture": {
+      "description": "Photograph or scan of the object.",
+      "misp-attribute": "attachment",
+      "multiple": true,
+      "ui-priority": 3
+    },
+    "object-type": {
+      "description": "Type or class of physical object.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "sane_default": [
+        "document",
+        "identity-item",
+        "electronic-device",
+        "weapon",
+        "tool",
+        "vehicle-part",
+        "clothing",
+        "container",
+        "key",
+        "currency",
+        "other"
+      ],
+      "ui-priority": 10
+    },
+    "quantity": {
+      "description": "Number of identical objects.",
+      "disable_correlation": true,
+      "misp-attribute": "counter",
+      "ui-priority": 8
+    },
+    "rfid": {
+      "description": "RFID value associated with the object.",
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 3
+    },
+    "serial-number": {
+      "description": "Serial number or manufacturer identifier.",
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 5
+    },
+    "weight": {
+      "description": "Weight of the object with unit.",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 8
+    }
+  },
+  "description": "A generic object to describe a physical object recovered, observed, or seized in an investigation.",
+  "meta-category": "misc",
+  "name": "physical-object",
+  "requiredOneOf": [
+    "name",
+    "description",
+    "serial-number",
+    "identifier"
+  ],
+  "uuid": "dc786f86-4a8f-4da9-82d1-130fcefc1453",
+  "version": 1
+}
