From 62e2202b3ebe7949e9e239deac78b2bff53f7cf2 Mon Sep 17 00:00:00 2001 From: pavel jurka Date: Mon, 22 Jul 2024 14:12:12 +0200 Subject: [PATCH 1/6] Feat: [1148] - enrichment extension --- dictionary.json | 5 +++++ objects/enrichment.json | 20 ++++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/dictionary.json b/dictionary.json index ef7c33517..766bd8dab 100644 --- a/dictionary.json +++ b/dictionary.json @@ -3903,6 +3903,11 @@ } } }, + "short_desc": { + "caption": "Short Description", + "description": "The sort description that pertains to the object or event. See specific usage.", + "type": "string_t" + }, "signature": { "caption": "Digital Signature", "description": "The digital signature of the file.", diff --git a/objects/enrichment.json b/objects/enrichment.json index 47846abb2..49c083a1d 100644 --- a/objects/enrichment.json +++ b/objects/enrichment.json @@ -8,6 +8,10 @@ "description": "The enrichment data associated with the attribute and value. The meaning of this data depends on the type the enrichment record.", "requirement": "required" }, + "desc": { + "description": "A long description of the enrichment data.", + "requirement": "optional" + }, "name": { "description": "The name of the attribute to which the enriched data pertains.", "requirement": "required" @@ -16,10 +20,26 @@ "description": "The enrichment data provider name.", "requirement": "recommended" }, + "reputation": { + "description": "The reputation of the enrichment data.", + "requirement": "optional" + }, + "short_desc": { + "description": "A short description of the enrichment data.", + "requirement": "recommended" + }, + "time": { + "description": "The time when the enrichment data was generated.", + "requirement": "recommended" + }, "type": { "description": "The enrichment type. For example: location.", "requirement": "recommended" }, + "url_string": { + "description": "The URL of the source of the enrichment data.", + "requirement": "recommended" + }, "value": { "description": "The value of the attribute to which the enriched data pertains.", "requirement": "required" From 8f276da277114ff63024d4ccacb480c76452f01a Mon Sep 17 00:00:00 2001 From: pavel jurka Date: Mon, 22 Jul 2024 14:15:40 +0200 Subject: [PATCH 2/6] Feat: [1148] - enrichment extension --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f2d9f5295..ebde1b53f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -79,6 +79,7 @@ Thankyou! --> 6. Added `reg_key` and `reg_value` to `Evidence Artifacts` object. #1078 7. Added `type_id` and associated entity objects to `Managed Entity`. #1094 8. Added `vendor_name`, `type`, `type_id` to object `package`. #1093 + 9. Added `time`,`desc`, `short_desc`, `reputation`, `url_string` to `enrichment` object. #1149 * #### Platform Extensions ### Bugfixes From 21c5c76eb8b62613c8fdddb30170451499eb5e8b Mon Sep 17 00:00:00 2001 From: pavel jurka Date: Tue, 23 Jul 2024 09:20:31 +0200 Subject: [PATCH 3/6] Feat: [1148] - enrichment extension - PR recommendations --- CHANGELOG.md | 3 ++- objects/enrichment.json | 10 +++++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5cd9476b6..df9eaf1c8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -76,8 +76,9 @@ Thankyou! --> 1. Added `ext` to `File` object. #1046 2. Added `account`, `device`, `email`, `url`, `user` to `evidences` in detection finding. #1000 3. Added `state_id`, `state` to `Digital Signature` object. #1069 + 4. Added `ticket` to `Incident Finding` object. ticket. #1068 4. Added `domain` to `Uniform Resource Locator` object. #1096 - 5. Added `reg_key` and `reg_value` to `Evidence Artifacts` object. #1078 + 5. Added `reg_key` and `reg_value` to `Evidence Artifacts` object. #1078 6. Added `type_id` and associated entity objects to `Managed Entity`. #1094 7. Added `vendor_name`, `type`, `type_id` to object `package`. #1093 8. Added `router`, `ids`, and `ips` entries to `type_id` enum in the `Endpoint` object. #1121 diff --git a/objects/enrichment.json b/objects/enrichment.json index 49c083a1d..e270aac93 100644 --- a/objects/enrichment.json +++ b/objects/enrichment.json @@ -4,6 +4,10 @@ "extends": "object", "name": "enrichment", "attributes": { + "created_time": { + "description": "The time when the enrichment data was generated.", + "requirement": "recommended" + }, "data": { "description": "The enrichment data associated with the attribute and value. The meaning of this data depends on the type the enrichment record.", "requirement": "required" @@ -28,15 +32,11 @@ "description": "A short description of the enrichment data.", "requirement": "recommended" }, - "time": { - "description": "The time when the enrichment data was generated.", - "requirement": "recommended" - }, "type": { "description": "The enrichment type. For example: location.", "requirement": "recommended" }, - "url_string": { + "src_url": { "description": "The URL of the source of the enrichment data.", "requirement": "recommended" }, From cd0ee841155ca8457149f2b81a794e831a7e6bbe Mon Sep 17 00:00:00 2001 From: pavel jurka Date: Tue, 23 Jul 2024 09:23:32 +0200 Subject: [PATCH 4/6] Feat: [1148] - enrichment extension - PR recommendations --- CHANGELOG.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index df9eaf1c8..1adcbea10 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -77,13 +77,13 @@ Thankyou! --> 2. Added `account`, `device`, `email`, `url`, `user` to `evidences` in detection finding. #1000 3. Added `state_id`, `state` to `Digital Signature` object. #1069 4. Added `ticket` to `Incident Finding` object. ticket. #1068 - 4. Added `domain` to `Uniform Resource Locator` object. #1096 - 5. Added `reg_key` and `reg_value` to `Evidence Artifacts` object. #1078 - 6. Added `type_id` and associated entity objects to `Managed Entity`. #1094 - 7. Added `vendor_name`, `type`, `type_id` to object `package`. #1093 - 8. Added `router`, `ids`, and `ips` entries to `type_id` enum in the `Endpoint` object. #1121 - 9. Added `job` to `Evidence Artifacts` object. #1130 - 10. Added `time`,`desc`, `short_desc`, `reputation`, `url_string` to `enrichment` object. #1149 + 5. Added `domain` to `Uniform Resource Locator` object. #1096 + 6. Added `reg_key` and `reg_value` to `Evidence Artifacts` object. #1078 + 7. Added `type_id` and associated entity objects to `Managed Entity`. #1094 + 8. Added `vendor_name`, `type`, `type_id` to object `package`. #1093 + 9. Added `router`, `ids`, and `ips` entries to `type_id` enum in the `Endpoint` object. #1121 + 10. Added `job` to `Evidence Artifacts` object. #1130 + 11. Added `created_time`,`desc`, `short_desc`, `reputation`, `src_url` to `enrichment` object. #1149 * #### Platform Extensions ### Bugfixes From 0a64546bbe78eae1f7caffc30835cb2d2668184e Mon Sep 17 00:00:00 2001 From: pavel jurka Date: Wed, 24 Jul 2024 09:57:33 +0200 Subject: [PATCH 5/6] Feat: [1148] - enrichment extension - PR recommendations - removed ticket from CHANGELOG.md --- CHANGELOG.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8755aa56b..08b8bab84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -77,14 +77,13 @@ Thankyou! --> 1. Added `ext` to `File` object. #1046 2. Added `account`, `device`, `email`, `url`, `user` to `evidences` in detection finding. #1000 3. Added `state_id`, `state` to `Digital Signature` object. #1069 - 4. Added `ticket` to `Incident Finding` object. ticket. #1068 - 5. Added `domain` to `Uniform Resource Locator` object. #1096 - 6. Added `reg_key` and `reg_value` to `Evidence Artifacts` object. #1078 - 7. Added `type_id` and associated entity objects to `Managed Entity`. #1094 - 8. Added `vendor_name`, `type`, `type_id` to object `package`. #1093 - 9. Added `router`, `ids`, and `ips` entries to `type_id` enum in the `Endpoint` object. #1121 - 10. Added `job` to `Evidence Artifacts` object. #1130 - 11. Added `created_time`,`desc`, `short_desc`, `reputation`, `src_url` to `enrichment` object. #1149 + 4. Added `domain` to `Uniform Resource Locator` object. #1096 + 5. Added `reg_key` and `reg_value` to `Evidence Artifacts` object. #1078 + 6. Added `type_id` and associated entity objects to `Managed Entity`. #1094 + 7. Added `vendor_name`, `type`, `type_id` to object `package`. #1093 + 8. Added `router`, `ids`, and `ips` entries to `type_id` enum in the `Endpoint` object. #1121 + 9. Added `job` to `Evidence Artifacts` object. #1130 + 10. Added `created_time`,`desc`, `short_desc`, `reputation`, `src_url` to `enrichment` object. #1149 * #### Platform Extensions ### Bugfixes From a0ddc0c13461ca0e9c3ac807e71d6c57a8d10db6 Mon Sep 17 00:00:00 2001 From: pavel jurka Date: Thu, 25 Jul 2024 10:02:28 +0200 Subject: [PATCH 6/6] Feat: [1148] - enrichment extension - PR recommendations - typo --- dictionary.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dictionary.json b/dictionary.json index 886b5e095..1a0d129bf 100644 --- a/dictionary.json +++ b/dictionary.json @@ -3987,7 +3987,7 @@ }, "short_desc": { "caption": "Short Description", - "description": "The sort description that pertains to the object or event. See specific usage.", + "description": "The short description that pertains to the object or event. See specific usage.", "type": "string_t" }, "signature": {