First draft of Rx schema
This commit is contained in:
Thomas Patzke
@@ -0,0 +1,79 @@
|
||||
type: //rec
|
||||
required:
|
||||
title:
|
||||
type: //str
|
||||
length:
|
||||
min: 1
|
||||
max: 256
|
||||
logsource:
|
||||
type: //rec
|
||||
optional:
|
||||
category: //str
|
||||
product: //str
|
||||
service: //str
|
||||
definition: //str
|
||||
detection:
|
||||
type: //rec
|
||||
required:
|
||||
condition:
|
||||
type: //any
|
||||
of:
|
||||
- type: //str
|
||||
- type: //arr
|
||||
contents: //str
|
||||
length:
|
||||
min: 2
|
||||
optional:
|
||||
timeframe: //str
|
||||
rest:
|
||||
type: //any
|
||||
of:
|
||||
- type: //arr
|
||||
contents: //str
|
||||
- type: //map
|
||||
values:
|
||||
type: //any
|
||||
of:
|
||||
- type: //str
|
||||
- type: //arr
|
||||
contents: //str
|
||||
length:
|
||||
min: 2
|
||||
optional:
|
||||
status:
|
||||
type: //any
|
||||
of:
|
||||
- type: //str
|
||||
value: stable
|
||||
- type: //str
|
||||
value: testing
|
||||
- type: //str
|
||||
value: experimental
|
||||
description: //str
|
||||
author: //str
|
||||
references:
|
||||
type: //arr
|
||||
contents: //str
|
||||
fields:
|
||||
type: //arr
|
||||
contents: //str
|
||||
falsepositives:
|
||||
type: //any
|
||||
of:
|
||||
- type: //str
|
||||
- type: //arr
|
||||
contents: //str
|
||||
length:
|
||||
min: 2
|
||||
level:
|
||||
type: //any
|
||||
of:
|
||||
- type: //str
|
||||
value: low
|
||||
- type: //str
|
||||
value: medium
|
||||
- type: //str
|
||||
value: high
|
||||
- type: //str
|
||||
value: critical
|
||||
rest: //any
|
||||
Reference in New Issue
Block a user