Closed HamptonJ closed 5 years ago
It looks like these same two files also share a campaign id of "054e7551-bbbe-4e7f-b923-73fb08fa00b2", which looks like the same id?
Both Sofacy.json and Reaper.json have a report with an ID of "report--054e7551-bbbe-4e7f-b923-73fb08fa00b2". Is this intentional?
This was a mistake. I have pushed changes that fix this. If you find any other issues like this, please let us know.
It looks like these same two files also share a campaign id of "054e7551-bbbe-4e7f-b923-73fb08fa00b2", which looks like the same id?
This is intentional. From a viewer's perspective the Campaign is a single object. In the JSON two objects, a Report and a Campaign, are required to represent all of the data. In this case, the type portion of the id is distinct, while the uuid portion of the id is shared.
A uuid by itself is not a valid STIX 2.0 id. Identifier
There have been questions about this before and we are currently looking at ways to improve this in the Playbooks, but don't have any changes planned yet.
Hope this helps. Let us know if you have any other issues.
Thanks! I will let you know if I see anything else like this.
Both Sofacy.json and Reaper.json have a report with an ID of "report--054e7551-bbbe-4e7f-b923-73fb08fa00b2". Is this intentional?