issues
search
ocsf
/
ocsf-schema
OCSF Schema
Apache License 2.0
617
stars
130
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Removed constraint from group_management
#1193
pagbabian-splunk
opened
11 minutes ago
0
Provide means to indicate a file at the referenced path was deleted
#1192
antchan2
opened
1 hour ago
0
Added the profile: null statement to avoid hiding osint when the profile isn't applied
#1191
pagbabian-splunk
closed
1 hour ago
0
Process object missing field for current working directory
#1190
antchan2
opened
1 hour ago
0
Added new metadata fields for cross-referencing via hyperlink, and source
#1189
pagbabian-splunk
opened
2 hours ago
1
Added vendor_name and model to the device object.
#1188
pagbabian-splunk
closed
1 day ago
0
Clarification on Proper Placement of Parent Process Details in Process Event (ACTOR vs PROCESS.PARENT)
#1187
threatdecoder
opened
3 days ago
0
Proposals for shared files attributes to File object
#1186
erikloman
opened
5 days ago
0
Improved descriptions for usage of is_alert.
#1185
pagbabian-splunk
closed
53 minutes ago
0
Update network_connection_info.uid with examples
#1184
jedmitten
opened
1 week ago
0
Where to store IP addresses in Network Connection Info object?
#1183
jedmitten
opened
1 week ago
1
Updating hostname_t regex, other minor formatting changes
#1182
floydtree
closed
1 week ago
1
Add Zone to managed entity object
#1181
max-power15
opened
1 week ago
3
Sibling bugfix - confidence_id
#1180
floydtree
closed
2 weeks ago
0
Add Email Account `type_id` and Forwarding Address Support
#1179
mikeradka
closed
2 weeks ago
0
Added the is_alert flag to the dictionary, the security_control profile and detection_finding class
#1178
pagbabian-splunk
closed
1 week ago
4
How do I model a detection?
#1177
pagbabian-splunk
opened
2 weeks ago
8
Vulnerability finding improvements
#1176
floydtree
closed
2 weeks ago
0
Strengthen the event_code description verbiage
#1175
mikeradka
closed
2 weeks ago
1
Updating data type constraints
#1174
floydtree
closed
3 weeks ago
7
Sept 2024 pass at OCSF/DEFEND mappings
#1173
ryantxu1
opened
3 weeks ago
5
Add array of environment variables for the "process" object.
#1172
SteamBlizzard
closed
3 weeks ago
2
Eliminated includes directory and associated metaschema
#1171
alanisaac
closed
3 weeks ago
0
Eliminate includes directory and supporting metaschema
#1170
alanisaac
closed
2 weeks ago
1
Add UAS (drone) tracking event: `Remote ID Activity`
#1169
jonrau-at-queryai
opened
4 weeks ago
1
Expand `osint` object
#1168
jonrau-at-queryai
closed
1 month ago
0
General cleanup of metaschema
#1167
floydtree
closed
1 month ago
3
Expand applicability and direction of `cloud.account` and `cloud.org` & deprecate `project_uid`
#1166
jonrau-at-queryai
closed
1 month ago
0
Minor addition to the cvss object
#1165
floydtree
closed
1 month ago
0
Fix grammar for *_permissions attributes
#1164
mikeradka
closed
1 month ago
0
Updated event classes, added missing categories.
#1163
irakledibm
closed
1 month ago
12
Some event classes do not specify category
#1162
irakledibm
closed
1 month ago
1
Missing relation fields in application lifecycle
#1161
andurin
opened
1 month ago
0
Change "misspellings" of identifier contraction "Id" to "ID"
#1160
rmouritzen-splunk
closed
1 month ago
1
Added Script Activity event class.
#1159
davemcatcisco
closed
1 month ago
25
Fix `parent_process` recursion and add `grandparent_process`
#1158
jonrau-at-queryai
closed
1 month ago
6
Add evidences to Compliance Finding
#1157
lukas-krecan
closed
1 month ago
3
Activity class required to represent script execution events
#1156
davemcatcisco
opened
1 month ago
3
`user` Object expansion and related Observables creation
#1155
jonrau-at-queryai
closed
1 month ago
0
Create `OSINT Inventory Info` Discovery Event
#1154
jonrau-at-queryai
closed
1 month ago
0
v1.4.0 prep
#1153
floydtree
closed
2 months ago
0
v1.3.0 Release
#1152
floydtree
closed
2 months ago
0
digital_signature name mismatch between objects and dictionary.json
#1151
medallium
opened
2 months ago
2
Fixing inconsistencies in the findings classes, other desc corrections
#1150
floydtree
closed
2 months ago
0
Feat: [1148] - enrichment extension
#1149
PavelJurka
closed
2 months ago
1
Enrichment extension
#1148
PavelJurka
opened
2 months ago
0
Added new activity `Listen` to `Network Activity` and relax requirement of `src_endpoint`
#1147
mlmitch
closed
2 months ago
0
Enums with only the nominal values (0/99 or 99) in dictionary have 'See specific usage' in the description
#1146
mlmitch
closed
2 months ago
1
Fix "See specific usage" warnings for `package.type_id` and `package.vendor_name`
#1145
mlmitch
closed
2 months ago
2
Fixing event class names, file names for the new remediation events
#1144
floydtree
closed
2 months ago
0
Next