-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d2fdcc6
commit 1388223
Showing
7 changed files
with
7 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| {"schema_version": "1.1.3", "type": "investigation", "search-txt": "ip:\"192.168.56.101\"", "actions": "[{\"created-perf\":1783155000.000079,\"updated-perf\":1783155000.000079,\"type\":\"collect\",\"created\":\"2021-05-12T09:26:35.375Z\",\"state\":\"ok\",\"arg\":\"ip:\\\"192.168.56.101\\\"\",\"result\":[{\"value\":\"192.168.56.101\",\"type\":\"ip\"}],\"id\":\"collect-a4b8c7ba\",\"uuid\":\"6dff455d-7c22-4213-9b60-b817d52ec32b\"},{\"created-perf\":32042210000.000523,\"updated-perf\":32042210000.000523,\"type\":\"investigate\",\"created\":\"2021-05-12T09:27:05.635Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ip\",\"value\":\"192.168.56.101\"},\"result\":{\"data\":[{\"module\":\"QRadar\",\"module_instance_id\":\"7527fe44-6930-46eb-8506-8d9c2d1cd4fc\",\"module_type_id\":\"c1b64357-c493-402c-b1be-03bfd85e0f3e\",\"data\":{}},{\"module\":\"MISP\",\"module_instance_id\":\"d85fcbe3-8c2f-47ce-893e-e664db370ce6\",\"module_type_id\":\"6793ecd6-69ea-4ac8-ae5b-e0f12a5f317f\",\"data\":{\"indicators\":{\"count\":1,\"docs\":[{\"tags\":[\"tlp:white\"],\"valid_time\":{\"start_time\":\"2018-01-25T00:00:00.000Z\",\"end_time\":\"2018-01-25T00:00:00.000Z\"},\"producer\":\"CUDESO\",\"schema_version\":\"1.1.5\",\"type\":\"indicator\",\"source\":\"MISP\",\"short_description\":\"Category: Network activity\",\"title\":\"The Dukes: 7 Years of Russian Espionage\",\"source_uri\":\"https://13.59.71.207/events/view/56ca367a-5a88-4925-a309-4cd69062e56a\",\"id\":\"transient:indicator-56ca367a-5a88-4925-a309-4cd69062e56a\",\"timestamp\":\"2016-06-21T11:52:43.000Z\",\"confidence\":\"High\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":4,\"observable\":{\"value\":\"192.168.56.101\",\"type\":\"ip\"},\"judgement_id\":\"transient:judgement-badeb937-8276-445c-becb-c00141a5397f\",\"disposition_name\":\"Common\",\"valid_time\":{\"start_time\":\"2023-09-20T09:26:36.000Z\",\"end_time\":\"2023-09-27T09:26:36.000Z\"}}]},\"relationships\":{\"count\":2,\"docs\":[{\"schema_version\":\"1.1.5\",\"target_ref\":\"transient:indicator-56ca367a-5a88-4925-a309-4cd69062e56a\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-382fcf04-25a6-4cf2-b252-2659415cc875\",\"id\":\"transient:relationship-d7e4223e-9a5a-4f9f-a438-06678b8371c2\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.1.5\",\"target_ref\":\"transient:indicator-56ca367a-5a88-4925-a309-4cd69062e56a\",\"type\":\"relationship\",\"source_ref\":\"transient:judgement-badeb937-8276-445c-becb-c00141a5397f\",\"id\":\"transient:relationship-c5193a62-1a0e-4752-a308-7778dcdf321b\",\"relationship_type\":\"element-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2023-09-20T09:26:36.000Z\",\"end_time\":\"2023-09-27T09:26:36.000Z\"},\"schema_version\":\"1.1.5\",\"observable\":{\"value\":\"192.168.56.101\",\"type\":\"ip\"},\"type\":\"judgement\",\"source\":\"MISP\",\"disposition\":4,\"source_uri\":\"https://13.59.71.207/events/view/56ca367a-5a88-4925-a309-4cd69062e56a\",\"disposition_name\":\"Common\",\"priority\":85,\"id\":\"transient:judgement-badeb937-8276-445c-becb-c00141a5397f\",\"severity\":\"Medium\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":1,\"docs\":[{\"description\":\"Category: Network activity\",\"schema_version\":\"1.1.5\",\"observables\":[{\"value\":\"192.168.56.101\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"MISP\",\"source_uri\":\"https://13.59.71.207/events/view/56ca367a-5a88-4925-a309-4cd69062e56a\",\"id\":\"transient:sighting-382fcf04-25a6-4cf2-b252-2659415cc875\",\"count\":1,\"timestamp\":\"2016-06-21T11:52:43.000Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2018-01-25T00:00:00.000Z\",\"end_time\":\"2018-01-25T00:00:00.000Z\"}}]}}}]},\"id\":\"investigate-6d456bdc\",\"uuid\":\"77d536d4-daac-481d-bc1e-bc1ac7409bec\"}]", "short_description": "Snapshot-with-IP", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-5c105434-c01a-4fcf-bd34-fe9b56143d4c", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-05-12T09:28:42.121Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d", "source": "Anastasiia Rozlyvan"} | ||
| {"schema_version": "1.1.3", "type": "investigation", "search-txt": "ip:\"192.168.56.101\"", "actions": "[{\"created-perf\":1783155000.000079,\"updated-perf\":1783155000.000079,\"type\":\"collect\",\"created\":\"2021-05-12T09:26:35.375Z\",\"state\":\"ok\",\"arg\":\"ip:\\\"192.168.56.101\\\"\",\"result\":[{\"value\":\"192.168.56.101\",\"type\":\"ip\"}],\"id\":\"collect-a4b8c7ba\",\"uuid\":\"6dff455d-7c22-4213-9b60-b817d52ec32b\"},{\"created-perf\":32042210000.000523,\"updated-perf\":32042210000.000523,\"type\":\"investigate\",\"created\":\"2021-05-12T09:27:05.635Z\",\"state\":\"ok\",\"arg\":{\"type\":\"ip\",\"value\":\"192.168.56.101\"},\"result\":{\"data\":[{\"module\":\"QRadar\",\"module_instance_id\":\"7527fe44-6930-46eb-8506-8d9c2d1cd4fc\",\"module_type_id\":\"c1b64357-c493-402c-b1be-03bfd85e0f3e\",\"data\":{}},{\"module\":\"MISP\",\"module_instance_id\":\"d85fcbe3-8c2f-47ce-893e-e664db370ce6\",\"module_type_id\":\"6793ecd6-69ea-4ac8-ae5b-e0f12a5f317f\",\"data\":{\"indicators\":{\"count\":1,\"docs\":[{\"tags\":[\"tlp:white\"],\"valid_time\":{\"start_time\":\"2018-02-01T00:00:00.000Z\",\"end_time\":\"2018-02-01T00:00:00.000Z\"},\"producer\":\"CUDESO\",\"schema_version\":\"1.1.5\",\"type\":\"indicator\",\"source\":\"MISP\",\"short_description\":\"Category: Network activity\",\"title\":\"The Dukes: 7 Years of Russian Espionage\",\"source_uri\":\"https://13.59.71.207/events/view/56ca367a-5a88-4925-a309-4cd69062e56a\",\"id\":\"transient:indicator-56ca367a-5a88-4925-a309-4cd69062e56a\",\"timestamp\":\"2016-06-21T11:52:43.000Z\",\"confidence\":\"High\"}]},\"verdicts\":{\"count\":1,\"docs\":[{\"type\":\"verdict\",\"disposition\":4,\"observable\":{\"value\":\"192.168.56.101\",\"type\":\"ip\"},\"judgement_id\":\"transient:judgement-badeb937-8276-445c-becb-c00141a5397f\",\"disposition_name\":\"Common\",\"valid_time\":{\"start_time\":\"2023-09-27T09:26:36.000Z\",\"end_time\":\"2023-10-04T09:26:36.000Z\"}}]},\"relationships\":{\"count\":2,\"docs\":[{\"schema_version\":\"1.1.5\",\"target_ref\":\"transient:indicator-56ca367a-5a88-4925-a309-4cd69062e56a\",\"type\":\"relationship\",\"source_ref\":\"transient:sighting-382fcf04-25a6-4cf2-b252-2659415cc875\",\"id\":\"transient:relationship-d7e4223e-9a5a-4f9f-a438-06678b8371c2\",\"relationship_type\":\"member-of\"},{\"schema_version\":\"1.1.5\",\"target_ref\":\"transient:indicator-56ca367a-5a88-4925-a309-4cd69062e56a\",\"type\":\"relationship\",\"source_ref\":\"transient:judgement-badeb937-8276-445c-becb-c00141a5397f\",\"id\":\"transient:relationship-c5193a62-1a0e-4752-a308-7778dcdf321b\",\"relationship_type\":\"element-of\"}]},\"judgements\":{\"count\":1,\"docs\":[{\"valid_time\":{\"start_time\":\"2023-09-27T09:26:36.000Z\",\"end_time\":\"2023-10-04T09:26:36.000Z\"},\"schema_version\":\"1.1.5\",\"observable\":{\"value\":\"192.168.56.101\",\"type\":\"ip\"},\"type\":\"judgement\",\"source\":\"MISP\",\"disposition\":4,\"source_uri\":\"https://13.59.71.207/events/view/56ca367a-5a88-4925-a309-4cd69062e56a\",\"disposition_name\":\"Common\",\"priority\":85,\"id\":\"transient:judgement-badeb937-8276-445c-becb-c00141a5397f\",\"severity\":\"Medium\",\"confidence\":\"Medium\"}]},\"sightings\":{\"count\":1,\"docs\":[{\"description\":\"Category: Network activity\",\"schema_version\":\"1.1.5\",\"observables\":[{\"value\":\"192.168.56.101\",\"type\":\"ip\"}],\"type\":\"sighting\",\"source\":\"MISP\",\"source_uri\":\"https://13.59.71.207/events/view/56ca367a-5a88-4925-a309-4cd69062e56a\",\"id\":\"transient:sighting-382fcf04-25a6-4cf2-b252-2659415cc875\",\"count\":1,\"timestamp\":\"2016-06-21T11:52:43.000Z\",\"confidence\":\"High\",\"observed_time\":{\"start_time\":\"2018-02-01T00:00:00.000Z\",\"end_time\":\"2018-02-01T00:00:00.000Z\"}}]}}}]},\"id\":\"investigate-6d456bdc\",\"uuid\":\"77d536d4-daac-481d-bc1e-bc1ac7409bec\"}]", "short_description": "Snapshot-with-IP", "id": "https://private.intel.amp.cisco.com:443/ctia/investigation/investigation-5c105434-c01a-4fcf-bd34-fe9b56143d4c", "tlp": "amber", "groups": ["32e22c6d-7624-477e-8bbd-989c979b552e"], "timestamp": "2021-05-12T09:28:42.121Z", "owner": "9d64bbce-2e7c-43f0-b9d7-0e2fa3c2d88d", "source": "Anastasiia Rozlyvan"} |
Large diffs are not rendered by default.
Oops, something went wrong.
Oops, something went wrong.