Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactored the Startup application type to apply to all OS's #981

Closed
wants to merge 64 commits into from
Closed

Refactored the Startup application type to apply to all OS's #981

wants to merge 64 commits into from

Conversation

maxhotta
Copy link
Contributor

@maxhotta maxhotta commented Mar 9, 2024

Refactored the Startup application type to apply to all OS's, as this event class has meaning across all of them.
Removed the macOS extension as this refactoring removes the only item that was used in the extension.

pagbabian-splunk and others added 5 commits March 7, 2024 08:03
@pagbabian-splunk
Added app_name to the object.
7df7391 
Signed-off-by: Paul Agbabian <[email protected]>
@pagbabian-splunk
Added app_uid to the dictionary and to the actor object. Updated CHAN…
5f4ed8a 
…GELOG.

Signed-off-by: Paul Agbabian <[email protected]>
@pagbabian-splunk
Added the Issue no. to CHANGELOG.
e2c044f 
Signed-off-by: Paul Agbabian <[email protected]>
@shellcromancer
feat: add autonomous_system object to network_endpoint
8abce4f 
Closes ocsf#978
@maxhotta
Refactored the Startup application type to apply to all OS's, as this…
908dcc5 
… event class has meaning across all of them.

Removed the macOS extension as this refactoring removes the only item that was used in the extension.
@maxhotta maxhotta added discovery Issues related to Discovery Category v1.2.0 Changes marked for version v1.2.0 of OCSF labels Mar 9, 2024
@maxhotta maxhotta requested review from pagbabian-splunk and removed request for pagbabian-splunk March 9, 2024 00:22
maxhotta and others added 3 commits March 9, 2024 00:31
@maxhotta
Refactored the Startup application type to apply to all OS's, as this…
41c5701 
… event class has meaning across all of them.

Removed the macOS extension as this refactoring removes the only item that was used in the extension.
@rmouritzen-splunk
Add new ways to define observables to metaschema
18df2de
@rmouritzen-splunk
Update changelog
5f73be3
shellcromancer and others added 10 commits March 12, 2024 08:09
@shellcromancer
fix: use valid constraint member
0880ae6
@shellcromancer
fix: update autonomous_system desciption
6802318
@pagbabian-splunk
Deprecated invoked_by. Updated the descriptions for app_name and app_…
8084c82 
…uid.

Signed-off-by: Paul Agbabian <[email protected]>
@pagbabian-splunk
Updated CHANGELOG to note the deprecation of invoked_by and note the PR.
2dcb170 
Signed-off-by: Paul Agbabian <[email protected]>
@rmouritzen-splunk
Merge pull request ocsf#982 from rmouritzen-splunk/observables
ba1cb34 
Add new ways to define observables in metaschema
@pagbabian-splunk
Updated the description of app_name and app_uid to simplify phrasing.
db32eef 
Signed-off-by: Paul Agbabian <[email protected]>
@maxhotta
Corrected startup_app_types, startup_app_type_ids to be arrays
1afab58
@maxhotta
Minor formatting update
6fa75a4
@pagbabian-splunk
Merge pull request ocsf#979 from ocsf/client_app2
0347555 
Added Client Application attributes to the Actor object
@floydtree
Merge branch 'main' into main
03a46b7 
Signed-off-by: Rajas <[email protected]>
jonrau-at-queryai and others added 28 commits March 19, 2024 09:37
@jonrau-at-queryai
remove redundant attributes
37fb8ba
@jonrau-at-queryai
Update CHANGELOG.md
519f795
@jonrau-at-queryai
Update agent.json
dcdba03
@mikeradka
Merge pull request ocsf#984 from floydtree/evidences_update
10a70f1 
Evidences object update, other minor fixes.
Moved the x_query classes from the 1.1.0 section to the (1.2.0) Unrel…
26fb7a2 
…eased section (error, should not have been 1.1.0)

Signed-off-by: pagbabian-splunk <[email protected]>
@mikeradka
Merge pull request ocsf#994 from ocsf/changelog_fix
7e5618d 
Moved the x_query classes from the 1.1.0 section to the (1.2.0) Unreleased section.
@jonrau-at-queryai
Merge branch 'main' into sensor-and-device-owner
8caad44 
Signed-off-by: Jonathan Rau <[email protected]>
@Aniak5
Issue-989: Add List, Encrypt, Decrypt activities to datastore event c…
943bb5e 
…lass

Signed-off-by: Ania Kacewicz <[email protected]>
@Aniak5
Update datastore activity descriptions
42dc382 
Signed-off-by: Ania Kacewicz <[email protected]>
@mikeradka
Merge pull request ocsf#991 from Aniak5/issue-989
afa96ab 
Add List, Encrypt, Decrypt activities to datastore class
@jonrau-at-queryai
Merge branch 'ocsf:main' into sensor-and-device-owner
6fd7643
@jonrau-at-queryai
Update dictionary.json
f902fef 
Signed-off-by: Jonathan Rau <[email protected]>
@floydtree
Merge pull request ocsf#987 from jonrau-at-queryai/sensor-and-device-…
d3c4677 
…owner

Create `agent` Object, add `agent` and `owner` to `endpoint`
@mikeradka
Fix punctuation for transmit_time
deef77e 
Signed-off-by: Michael Radka <[email protected]>
@mikeradka
Fix punctuation for transmit_time desc
97d295d 
Signed-off-by: Michael Radka <[email protected]>
@mikeradka
Update CHANGELOG
b8a00f6 
Signed-off-by: Michael Radka <[email protected]>
@Aniak5
Merge pull request ocsf#1001 from mikeradka/fix_puntuation
4406dfe 
Fix punctuation for transmit_time
@Aniak5
Update group for network_connection object to prevent validator errors
344edb0 
Signed-off-by: Ania Kacewicz <[email protected]>
@Aniak5
Update group for actor in 'scheduled_job' event class
7121b78 
Signed-off-by: Ania Kacewicz <[email protected]>
@floydtree
Merge pull request ocsf#1010 from Aniak5/issue-1008
4b17d75 
Update attributes with default groups in order to prevent validator errors
@maxhotta
Refactored the Startup application type to apply to all OS's, as this…
98cd2c2 
… event class has meaning across all of them.

Removed the macOS extension as this refactoring removes the only item that was used in the extension.
@maxhotta
Corrected startup_app_types, startup_app_type_ids to be arrays
1abe626
@maxhotta
Minor formatting update
e81c4cb
@maxhotta
Refactored the Startup application type to apply to all OS's, as this…
4eba48e 
… event class has meaning across all of them.

Removed the macOS extension as this refactoring removes the only item that was used in the extension.
@maxhotta
Corrected startup_app_types, startup_app_type_ids to be arrays
82b9322
@maxhotta
Minor formatting update
521b645
@maxhotta
Resolve conflicts
840a13e
@maxhotta
Merge remote-tracking branch 'origin/discovery-eoc' into discovery-eoc
d1f8d39 
# Conflicts:
#	CHANGELOG.md
@maxhotta maxhotta mentioned this pull request Apr 2, 2024
Closed
@maxhotta maxhotta closed this Apr 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pagbabian-splunk pagbabian-splunk pagbabian-splunk left review comments

@jasonbreimer jasonbreimer Awaiting requested review from jasonbreimer

@rmouritzen-splunk rmouritzen-splunk Awaiting requested review from rmouritzen-splunk

@floydtree floydtree Awaiting requested review from floydtree floydtree is a code owner

@Aniak5 Aniak5 Awaiting requested review from Aniak5 Aniak5 is a code owner

@mikeradka mikeradka Awaiting requested review from mikeradka mikeradka is a code owner

@zschmerber zschmerber Awaiting requested review from zschmerber zschmerber is a code owner

Assignees
No one assigned
Labels
discovery Issues related to Discovery Category v1.2.0 Changes marked for version v1.2.0 of OCSF
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@maxhotta @pagbabian-splunk @shellcromancer @rmouritzen-splunk @floydtree @Aniak5 @jonrau-at-queryai @mikeradka