Add validators for vocabularies and misp

This commit is contained in:
Raphaël Vinot 2017-07-25 17:39:06 +02:00
parent 8163c7295f
commit 6866b158b1
10 changed files with 130 additions and 17 deletions

View file

@ -1,7 +1,7 @@
{
"$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies",
"id": "https://www.github.com/MISP/misp-galaxies/schema.json",
"title": "Validator for misp-galaxies - Clusters",
"id": "https://www.github.com/MISP/misp-galaxies/schema_clusters.json",
"type": "object",
"additionalProperties": false,
"properties": {

View file

@ -1,7 +1,7 @@
{
"$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies",
"id": "https://www.github.com/MISP/misp-galaxies/schema.json",
"title": "Validator for misp-galaxies - Galaxies",
"id": "https://www.github.com/MISP/misp-galaxies/schema_galaxies.json",
"type": "object",
"additionalProperties": false,
"properties": {

31
schema_misp.json Normal file
View file

@ -0,0 +1,31 @@
{
"$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies - MISP",
"id": "https://www.github.com/MISP/misp-galaxies/schema_misp.json",
"type": "object",
"additionalProperties": false,
"properties": {
"elements_url": {
"type": "string"
},
"default_predicate_value_in": {
"type": "string"
},
"default_predicate_value": {
"type": "string"
},
"cluster_url": {
"type": "string"
},
"predicate_in": {
"type": "string"
}
},
"required": [
"elements_url",
"default_predicate_value_in",
"default_predicate_value",
"cluster_url",
"predicate_in"
]
}

58
schema_vocabularies.json Normal file
View file

@ -0,0 +1,58 @@
{
"$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies - Vocabularies",
"id": "https://www.github.com/MISP/misp-galaxies/schema_vocabularies.json",
"type": "object",
"additionalProperties": false,
"properties": {
"version": {
"type": "integer"
},
"description": {
"type": "string"
},
"source": {
"type": "string"
},
"author": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
}
},
"uuid": {
"type": "string"
},
"stix": {
"type": "string"
},
"type": {
"type": "string"
},
"values": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"value": {
"type": "string"
}
}
}
}
},
"required": [
"version",
"description",
"author",
"uuid",
"type",
"values"
]
}

View file

@ -9,7 +9,7 @@
# Check Jsons format, and beautify
./jq_all_the_things.sh
rc=$?
if [[ $rc != 0 ]]; then
if [[ $rc != 0 ]]; then
exit $rc
fi
@ -30,7 +30,7 @@ do
echo -n "${dir}: "
jsonschema -i ${dir} schema_clusters.json
rc=$?
if [[ $rc != 0 ]]; then
if [[ $rc != 0 ]]; then
echo "Error on ${dir}"
exit $rc
fi
@ -42,7 +42,31 @@ do
echo -n "${dir}: "
jsonschema -i ${dir} schema_galaxies.json
rc=$?
if [[ $rc != 0 ]]; then
if [[ $rc != 0 ]]; then
echo "Error on ${dir}"
exit $rc
fi
echo ''
done
for dir in misp/*.json
do
echo -n "${dir}: "
jsonschema -i ${dir} schema_misp.json
rc=$?
if [[ $rc != 0 ]]; then
echo "Error on ${dir}"
exit $rc
fi
echo ''
done
for dir in vocabularies/*/*.json
do
echo -n "${dir}: "
jsonschema -i ${dir} schema_vocabularies.json
rc=$?
if [[ $rc != 0 ]]; then
echo "Error on ${dir}"
exit $rc
fi

View file

@ -91,10 +91,10 @@
"value": "Unauthorized Access"
}
],
"version" : 1,
"version" : 2,
"description": "The IntendedEffectVocab is the default STIX vocabulary for expressing the intended effect of a threat actor",
"source": "STIX 1.0",
"author": "STIX",
"author": ["STIX"],
"uuid": "b6975c96-296a-48cf-9006-034ed102bc85",
"stix": "1.2.1",
"type": "threat-actor-intended-effect-vocabulary"

View file

@ -56,10 +56,10 @@
"description": "The threat actor is motivated by the desire to exercise some political advantage."
}
],
"version" : 1,
"version" : 2,
"description": "The MotivationVocab is the default STIX vocabulary for expressing the motivation of a threat actor.",
"source": "STIX 1.0",
"author": "STIX",
"author": ["STIX"],
"uuid": "74183277-5ee6-436a-9859-cb16fb3f21e2",
"stix": "1.2.1",
"type": "threat-actor-motivation-vocabulary"

View file

@ -67,9 +67,9 @@
"value": "Skill Development / Recruitment - University Programs"
}
],
"version" : 1,
"version" : 2,
"description": "The PlanningAndOperationalSupportVocab is the default STIX vocabulary for expressing the planning and operational support functions available to a threat actor.",
"author": "STIX",
"author": ["STIX"],
"source": "STIX 1.0",
"stix": "1.0.1",
"uuid": "f91f69d2-fcd0-45f2-baeb-4f79f9458da7",

View file

@ -17,9 +17,9 @@
"description": "Demonstrates a nascent capability. A novice has basic computer skills and likely requires the assistance of a Practitioner or higher to engage in hacking activity. He uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet and lacks the ability to conduct his own reconnaissance and targeting research."
}
],
"version" : 1,
"version" : 2,
"description": "The ThreatActorSophisticationVocab enumeration is used to define the default STIX vocabulary for expressing the subjective level of sophistication of a threat actor.",
"author": "STIX",
"author": ["STIX"],
"uuid": "fcaf1309-28c4-4d09-b56f-84d6cf6afbb3",
"stix": "1.0",
"type": "threat-actor-sophistication-vocabulary"

View file

@ -52,10 +52,10 @@
"value": "Disgruntled Customer / User"
}
],
"version": 1,
"version": 2,
"uuid": "3d7dc2ee-ca54-4a5e-96a3-2e7cba0ffe95",
"description": "The ThreatActorTypeVocab enumeration is used to define the default STIX vocabulary for expressing the subjective type of a threat actor.",
"author": "STIX",
"author": ["STIX"],
"source": "STIX 1.0",
"stix": "1.0",
"type": "threat-actor-type-vocabulary"