diff --git a/samples/negative/development/invalid_internal_processing_wrong_data_type.json b/samples/negative/development/invalid_internal_processing_wrong_data_type.json new file mode 100644 index 0000000..b2bbc57 --- /dev/null +++ b/samples/negative/development/invalid_internal_processing_wrong_data_type.json @@ -0,0 +1,45 @@ +{ + "Version": "development", + "ReporterInfo": { + "ReporterOrg": "ExampleOrg", + "ReporterOrgDomain": "example.com", + "ReporterOrgEmail": "reports@example.com", + "ReporterContactEmail": "contact@example.com", + "ReporterContactName": "Mr. Example", + "ReporterContactPhone": "+ 01 000 1234567" + }, + "Disclosure": true, + "InternalProcessing": + { + "SubscriberInformation": { + "ID": 123112, + "SubscriberData": { + "Active": true + } + }, + "EventTags": ["Wordpress", 9, "Untrusted"] + }, + "Report": { + "ReportType": "OpenService", + "ReportClass": "Vulnerability", + "FirstSeen": "2020-03-15T15:17:10Z", + "Date": "2020-07-24T14:17:10Z", + "ServiceName": "redis", + "ServiceVersion": "1.2.4", + "SourceIp": "192.0.2.55", + "SourcePort": 54321, + "TransportProtocol": "tcp", + "Samples": [ + { + "ContentType": "text/plain", + "Base64Encoded": false, + "Description": "Log line", + "Payload": "EXAMPLE Nmap done: 1 IP address (1 host up) scanned in 5.58 seconds EXAMPLE" + } + ], + "Custom": { + "whatever": "examplevalue", + "whatever2": "examplevalue2" + } + } +} diff --git a/samples/positive/development/loginattack_sample_optional_api_info.json b/samples/positive/development/loginattack_sample_optional_api_info.json new file mode 100644 index 0000000..cd0c8b5 --- /dev/null +++ b/samples/positive/development/loginattack_sample_optional_api_info.json @@ -0,0 +1,49 @@ +{ + "Version": "development", + "ReporterInfo": { + "ReporterOrg": "ExampleOrg", + "ReporterOrgDomain": "example.com", + "ReporterOrgEmail": "reports@example.com", + "ReporterContactEmail": "contact@example.com", + "ReporterContactName": "Mr. Example", + "ReporterContactPhone": "+ 01 000 1234567" + }, + "Disclosure": true, + "InternalProcessing": + { + "SubscriberInformation": { + "ID": "32.112.219.3", + "SubscriberData": { + "PreviousStrikes": "3", + "LastStrike": "2018-02-01T07:32:00Z" + } + }, + "ContractInformation": { + "ID": "32.112.219.3-premium", + "ResolverData": { + "ExpirationDate": "2019-01-01T00:00:00Z" + } + }, + "EventTags": ["SSH", "Untrusted", "BruteForce"] + }, + "Report": { + "ReportClass": "Activity", + "ReportType": "LoginAttack", + "Date": "2018-02-05T14:17:10Z", + "SourceIp": "192.0.2.55", + "SourcePort": 54321, + "DestinationIp": "198.51.100.33", + "DestinationPort": 80, + "Ongoing": true, + "ByteCount": 20000000, + "PacketCount": 10000, + "Samples": [ + { + "ContentType": "text/plain", + "Base64Encoded": false, + "Description": "Log entry", + "Payload": "User at 192.0.2.55:54321 tried to log in unsuccessfully 123 times." + } + ] + } +} diff --git a/samples/positive/development/openservice_sample_optional_api_info.json b/samples/positive/development/openservice_sample_optional_api_info.json new file mode 100644 index 0000000..33d6f52 --- /dev/null +++ b/samples/positive/development/openservice_sample_optional_api_info.json @@ -0,0 +1,53 @@ +{ + "Version": "development", + "ReporterInfo": { + "ReporterOrg": "ExampleOrg", + "ReporterOrgDomain": "example.com", + "ReporterOrgEmail": "reports@example.com", + "ReporterContactEmail": "contact@example.com", + "ReporterContactName": "Mr. Example", + "ReporterContactPhone": "+ 01 000 1234567" + }, + "Disclosure": true, + "InternalProcessing": + { + "SubscriberInformation": { + "ID": "32141@customer.com", + "SubscriberData": { + "CustomerEMail": "contact@customer.com", + "CustomerGeo": "South America", + "AccountContact": "Mr. Contact Person" + } + }, + "ContractInformation": { + "ID": "32141@customer.com-service", + "ResolverData": { + "Active": "true" + } + }, + "EventTags": ["Wordpress", "Admin", "Untrusted"] + }, + "Report": { + "ReportType": "OpenService", + "ReportClass": "Vulnerability", + "FirstSeen": "2020-03-15T15:17:10Z", + "Date": "2020-07-24T14:17:10Z", + "ServiceName": "redis", + "ServiceVersion": "1.2.4", + "SourceIp": "192.0.2.55", + "SourcePort": 54321, + "TransportProtocol": "tcp", + "Samples": [ + { + "ContentType": "text/plain", + "Base64Encoded": false, + "Description": "Log line", + "Payload": "EXAMPLE Nmap done: 1 IP address (1 host up) scanned in 5.58 seconds EXAMPLE" + } + ], + "Custom": { + "whatever": "examplevalue", + "whatever2": "examplevalue2" + } + } +}