Onyphe-Data-Model.xml
|
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<Use-Onyphe> <data-model> <search>datascan</search> <search>synscan</search> <search>inetnum</search> <search>threatlist</search> <search>pastries</search> <search>resolver</search> <search>sniffer</search> <search>onionscan</search> <filter>asn</filter> <filter>city</filter> <filter>count</filter> <filter>country</filter> <filter>country_name</filter> <filter>data</filter> <filter>distinct</filter> <filter>domain</filter> <filter>forward</filter> <filter>hostname</filter> <filter>information</filter> <filter>ip</filter> <filter>ipv6</filter> <filter>key</filter> <filter>location</filter> <filter>netname</filter> <filter>onion</filter> <filter>organization</filter> <filter>os</filter> <filter>port</filter> <filter>product</filter> <filter>productversion</filter> <filter>protocol</filter> <filter>reverse</filter> <filter>since</filter> <filter>source</filter> <filter>subnet</filter> <filter>threatlist</filter> <filter>total</filter> <filter>datamd5</filter> <filter>abuse</filter> <filter>tld</filter> <filter>subdomains</filter> <filter>host</filter> <filter>url</filter> <filter>cve</filter> <filter>title</filter> <filter>user</filter> <filter>syntax</filter> <filter>osdistribution</filter> <filter>osversion</filter> <filter>content</filter> <filter>type</filter> <filter>transport</filter> <filter>content</filter> <filter>app.length</filter> <filter>app.extract.ip</filter> <filter>app.extract.file</filter> <filter>app.extract.hostname</filter> <filter>app.extract.domain</filter> <filter>app.smb.workgroup</filter> <filter>app.smb.nullsession</filter> <filter>app.smb.servername</filter> <filter>app.smb.share</filter> <filter>app.http.realm</filter> <filter>app.http.title</filter> <filter>app.http.keywords</filter> <filter>app.http.description</filter> <filter>app.http.copyright</filter> <filter>app.rtsp.realm</filter> <filter>app.elasticsearch.product</filter> <filter>app.elasticsearch.productversion</filter> <filter>app.elasticsearch.clustername</filter> <filter>app.elasticsearch.luceneversion</filter> <filter>app.kibana.product</filter> <filter>app.kibana.productversion</filter> <filter>app.mongodb.product</filter> <filter>app.mongodb.productversion</filter> <filter>app.mongodb.name</filter> <filter>app.dns.versionbind</filter> <filter>tag</filter> <api>myip</api> <api>geoloc</api> <api>user</api> <api>inetnum</api> <api>thratlist</api> <api>pastries</api> <api>synscan</api> <api>datascan</api> <api>reverse</api> <api>forward</api> <api>search</api> <cli-facet>@category</cli-facet> <cli-facet>@timestamp</cli-facet> <cli-facet>@type</cli-facet> <cli-facet>asn</cli-facet> <cli-facet>content</cli-facet> <cli-facet>city</cli-facet> <cli-facet>count</cli-facet> <cli-facet>country</cli-facet> <cli-facet>country_name</cli-facet> <cli-facet>data</cli-facet> <cli-facet>distinct</cli-facet> <cli-facet>domain</cli-facet> <cli-facet>forward</cli-facet> <cli-facet>hostname</cli-facet> <cli-facet>information</cli-facet> <cli-facet>ip</cli-facet> <cli-facet>ipv6</cli-facet> <cli-facet>key</cli-facet> <cli-facet>location</cli-facet> <cli-facet>netname</cli-facet> <cli-facet>onion</cli-facet> <cli-facet>organization</cli-facet> <cli-facet>os</cli-facet> <cli-facet>port</cli-facet> <cli-facet>product</cli-facet> <cli-facet>productversion</cli-facet> <cli-facet>protocol</cli-facet> <cli-facet>reverse</cli-facet> <cli-facet>since</cli-facet> <cli-facet>source</cli-facet> <cli-facet>subnet</cli-facet> <cli-facet>threatlist</cli-facet> <cli-facet>total</cli-facet> <cli-facet>datamd5</cli-facet> <cli-facet>abuse</cli-facet> <cli-facet>tld</cli-facet> <cli-facet>subdomains</cli-facet> <cli-facet>host</cli-facet> <cli-facet>url</cli-facet> <cli-facet>cve</cli-facet> <cli-facet>title</cli-facet> <cli-facet>user</cli-facet> <cli-facet>syntax</cli-facet> <cli-facet>osdistribution</cli-facet> <cli-facet>osversion</cli-facet> <cli-facet>content</cli-facet> <cli-facet>type</cli-facet> <cli-facet>transport</cli-facet> <cli-facet>content</cli-facet> <cli-facet>app.length</cli-facet> <cli-facet>app.extract.ip</cli-facet> <cli-facet>app.extract.file</cli-facet> <cli-facet>app.extract.hostname</cli-facet> <cli-facet>app.extract.domain</cli-facet> <cli-facet>app.smb.workgroup</cli-facet> <cli-facet>app.smb.nullsession</cli-facet> <cli-facet>app.smb.servername</cli-facet> <cli-facet>app.smb.share</cli-facet> <cli-facet>app.http.realm</cli-facet> <cli-facet>app.http.title</cli-facet> <cli-facet>app.http.keywords</cli-facet> <cli-facet>app.http.description</cli-facet> <cli-facet>app.http.copyright</cli-facet> <cli-facet>app.rtsp.realm</cli-facet> <cli-facet>app.elasticsearch.product</cli-facet> <cli-facet>app.elasticsearch.productversion</cli-facet> <cli-facet>app.elasticsearch.clustername</cli-facet> <cli-facet>app.elasticsearch.luceneversion</cli-facet> <cli-facet>app.kibana.product</cli-facet> <cli-facet>app.kibana.productversion</cli-facet> <cli-facet>app.mongodb.product</cli-facet> <cli-facet>app.mongodb.productversion</cli-facet> <cli-facet>app.mongodb.name</cli-facet> <cli-facet>app.dns.versionbind</cli-facet> <cli-facet>tag</cli-facet> </data-model> </Use-Onyphe> |