Skip to content

Commit

Permalink
PR update. transmit review comments fixed.
Browse files Browse the repository at this point in the history
  • Loading branch information
@thangaraj-ramesh
thangaraj-ramesh committed Apr 15, 2024
1 parent 6129cd1 commit 487ef66
Show file tree
Hide file tree
Showing 11 changed files with 193 additions and 183 deletions.
28 changes: 2 additions & 26 deletions data/cybox/nozomi_vantage/nozomi_vantage_alerts_22022024.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@
"type": "network-traffic",
"src_ref": "1",
"protocols": [
"unknown"
"tcp"
]
},
"3": {
Expand Down Expand Up @@ -148,9 +148,6 @@
"1": {
"type": "ipv4-addr",
"value": "2.2.2.2",
"resolves_to_refs": [
"4"
],
"x_nozomi_info_ref": "6"
},
"2": {
Expand All @@ -167,9 +164,6 @@
"3": {
"type": "ipv4-addr",
"value": "3.3.3.3",
"resolves_to_refs": [
"5"
],
"x_nozomi_info_ref": "7"
},
"4": {
Expand Down Expand Up @@ -285,9 +279,6 @@
"1": {
"type": "ipv4-addr",
"value": "1.1.1.1",
"resolves_to_refs": [
"4"
],
"x_nozomi_info_ref": "6"
},
"2": {
Expand All @@ -304,9 +295,6 @@
"3": {
"type": "ipv4-addr",
"value": "4.4.4.4",
"resolves_to_refs": [
"5"
],
"x_nozomi_info_ref": "7"
},
"4": {
Expand Down Expand Up @@ -379,9 +367,6 @@
"1": {
"type": "ipv4-addr",
"value": "5.5.5.5",
"resolves_to_refs": [
"4"
],
"x_nozomi_info_ref": "6"
},
"2": {
Expand All @@ -398,9 +383,6 @@
"3": {
"type": "ipv4-addr",
"value": "1.1.1.1",
"resolves_to_refs": [
"5"
],
"x_nozomi_info_ref": "7"
},
"4": {
Expand Down Expand Up @@ -489,25 +471,19 @@
"1": {
"type": "ipv4-addr",
"value": "7.7.7.7",
"resolves_to_refs": [
"4"
],
"x_nozomi_info_ref": "6"
},
"2": {
"type": "network-traffic",
"dst_ref": "1",
"src_ref": "3",
"protocols": [
"unknown"
"tcp"
]
},
"3": {
"type": "ipv4-addr",
"value": "8.8.8.8",
"resolves_to_refs": [
"5"
],
"x_nozomi_info_ref": "7"
},
"4": {
Expand Down
6 changes: 0 additions & 6 deletions stix_shifter_modules/nozomi_vantage/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -360,9 +360,6 @@ nozomi_vantage
"1": {
"type": "ipv4-addr",
"value": "1.1.1.1",
"resolves_to_refs": [
"4"
],
"x_nozomi_info_ref": "7"
},
"2": {
Expand All @@ -379,9 +376,6 @@ nozomi_vantage
"3": {
"type": "ipv4-addr",
"value": "2.2.2.2",
"resolves_to_refs": [
"5"
],
"x_nozomi_info_ref": "6"
},
"4": {
Expand Down
9 changes: 9 additions & 0 deletions stix_shifter_modules/nozomi_vantage/configuration/config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,15 @@
"selfSignedCert": {
"type": "password",
"optional": true
},
"options": {
"type": "fields",
"api_page_size": {
"default": 1000,
"min": 1,
"max": 10000,
"type": "number"
}
}
},
"configuration": {
Expand Down
6 changes: 6 additions & 0 deletions stix_shifter_modules/nozomi_vantage/configuration/lang_en.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,12 @@
"selfSignedCert": {
"label": "PEM Formatted SSL certificate(s)",
"description": "Provide a self-signed or CA-signed certificate to securely communicate with the data source."
},
"options": {
"api_page_size": {
"label": "API page size",
"description": "Number of records per API call. Data source recommended value is 1000 per API call. Valid input range is {{min}} to {{max}}."
}
}
},
"configuration": {
Expand Down
96 changes: 54 additions & 42 deletions stix_shifter_modules/nozomi_vantage/stix_translation/json/stix_2_1/to_stix_map.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,6 @@
"key": "ipv6-addr.value",
"object": "src_ip"
},
{
"key": "network-traffic.src_ref",
"object": "nt",
"references": "src_ip"
},
{
"key": "x-ibm-finding.src_ip_ref",
"object": "alert",
Expand All @@ -28,11 +23,6 @@
"key": "ipv6-addr.value",
"object": "dst_ip"
},
{
"key": "network-traffic.dst_ref",
"object": "nt",
"references": "dst_ip"
},
{
"key": "x-ibm-finding.dst_ip_ref",
"object": "alert",
Expand All @@ -43,56 +33,78 @@
{
"key": "mac-addr.value",
"object": "mac_addr_src"
}
],
"mac_dst": [
{
"key": "mac-addr.value",
"object": "mac_addr_dst"
}
],
"port_dst": {
"key": "network-traffic.dst_port",
"object": "nt"
},
"port_src": {
"key": "network-traffic.src_port",
"object": "nt"
},
"protocol": [
{
"key": "network-traffic.protocols",
"object": "nt",
"group": true,
"transformer": "ToProtocolValue"
},
{
"key": "network-traffic.dst_ref",
"object": "nt",
"references": "dst_ip"
},
{
"key": "network-traffic.dst_ref",
"object": "nt",
"references": "mac_addr_dst"
},
{
"key": "network-traffic.src_ref",
"object": "nt",
"references": "mac_addr_src"
"references": "src_ip"
},
{
"key": "ipv4-addr.resolves_to_refs",
"object": "src_ip",
"references": ["mac_addr_src"],
"group": true
"key": "network-traffic.src_ref",
"object": "nt",
"references": "mac_addr_src"
}
],
"mac_dst": [
"transport_protocol": [
{
"key": "mac-addr.value",
"object": "mac_addr_dst"
"key": "network-traffic.protocols",
"object": "nt",
"group": true,
"transformer": "ToProtocolValue"
},
{
"key": "network-traffic.dst_ref",
"object": "nt",
"references": "dst_ip"
},
{
"key": "network-traffic.dst_ref",
"object": "nt",
"references": "mac_addr_dst"
},
{
"key": "ipv4-addr.resolves_to_refs",
"object": "dst_ip",
"references": ["mac_addr_dst"],
"group": true
"key": "network-traffic.src_ref",
"object": "nt",
"references": "src_ip"
},
{
"key": "network-traffic.src_ref",
"object": "nt",
"references": "mac_addr_src"
}
],
"port_dst": {
"key": "network-traffic.dst_port",
"object": "nt"
},
"port_src": {
"key": "network-traffic.src_port",
"object": "nt"
},
"protocol": {
"key": "network-traffic.protocols",
"object": "nt",
"group": true,
"transformer": "ToProtocolValue"
},
"transport_protocol": {
"key": "network-traffic.protocols",
"object": "nt",
"group": true,
"transformer": "ToProtocolValue"
},
"id": {
"key": "x-ibm-finding.alert_id",
"object": "alert"
Expand Down
Loading

0 comments on commit 487ef66

Please sign in to comment.