Merge branch 'main' into 1122-User-LdapPerson-Asure-AD-support

Sentinel-One · Jul 10, 2024 · 1ba0aa9 · 1ba0aa9
2 parents 7de32c8 + df2e130
commit 1ba0aa9
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -83,6 +83,7 @@ Thankyou! -->
     6. Added `reg_key` and `reg_value` to `Evidence Artifacts` object. #1078  
     7. Added `type_id` and associated entity objects to `Managed Entity`. #1094
     8. Added `vendor_name`, `type`, `type_id` to object `package`. #1093
+    9. Added `router`, `ids`, and `ips` entries to `type_id` enum in the `Endpoint` object. #1121
 * #### Platform Extensions
 
 ### Bugfixes
@@ -103,6 +104,9 @@ Thankyou! -->
     4. New Extension registration for Cisco #1074
     5. Cleaned up MITRE trademarks and registrations for captions and descriptions.
     6. Declared enums in dictionary.json have sane "0" (Unknown) and "99" (Other) declarations and descriptions where appropriate #1111
+    7. Adds support for `suppress_checks` controls in attributes to allow tools to automatically validate conventions #1063
+        * Updated several attributes that do not follow conventions to disable linting for them
+
 
 ## [v1.2.0] - April 23rd, 2024
 

diff --git a/dictionary.json b/dictionary.json
@@ -89,6 +89,7 @@
     "activity_id": {
       "caption": "Activity ID",
       "description": "The normalized identifier of the activity that triggered the event.",
+      "suppress_checks": ["sibling_convention"],
       "sibling": "activity_name",
       "type": "integer_t",
       "enum": {
@@ -3131,6 +3132,7 @@
     "opcode_id": {
       "caption": "DNS Opcode ID",
       "description": "The DNS opcode ID specifies the normalized query message type as defined in <a target='_blank' href='https://www.rfc-editor.org/rfc/rfc5395.html'>RFC-5395</a>.",
+      "suppress_checks": ["enum_convention"],
       "type": "integer_t",
       "enum": {
         "0": {
@@ -3876,6 +3878,7 @@
     "risk_level_id": {
       "caption": "Risk Level ID",
       "description": "The normalized risk level id.",
+      "suppress_checks": ["enum_convention"],
       "sibling": "risk_level",
       "type": "integer_t",
       "enum": {

diff --git a/metaschema/attribute.schema.json b/metaschema/attribute.schema.json
@@ -73,4 +73,4 @@
             }
         }
     }
-}
+}
diff --git a/metaschema/dictionary-attribute.schema.json b/metaschema/dictionary-attribute.schema.json
@@ -53,9 +53,25 @@
             "type": "boolean",
             "description": "A flag used when the attribute represents an array of values rather than a single value."
         },
+        "suppress_checks": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "anyOf": [
+              {
+                "const": "enum_convention",
+                "description": "Suppresses the convention that every Enum type has two common values with integer value 0 for Unknown and 99 for Other."
+              },
+              {
+                "const": "sibling_convention",
+                "description": "Suppresses the convention that a sibling field for a field that has an _id suffix should be the name with the _id suffix stripped."
+              }
+            ]
+          }
+        },
         "observable": {
             "$ref": "observable.schema.json"
         }
     },
     "additionalProperties": false
-}
+}
diff --git a/objects/endpoint.json b/objects/endpoint.json
@@ -94,7 +94,7 @@
         },
         "7": {
           "caption": "IOT",
-          "description": "A <a target='_blank' href='https://www.techtarget.com/iotagenda/definition/IoT-device'>IOT (Internet of Things) device</a>."
+          "description": "An <a target='_blank' href='https://www.techtarget.com/iotagenda/definition/IoT-device'>IOT (Internet of Things) device</a>."
         },
         "8": {
           "caption": "Browser",
@@ -111,6 +111,18 @@
         "11": {
           "caption": "Hub",
           "description": "A <a target='_blank' href='https://en.wikipedia.org/wiki/Ethernet_hub'>networking hub</a>."
+        },
+        "12": {
+          "caption": "Router",
+          "description": "A <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:Router/'>networking router</a>."
+        },
+        "13": {
+          "caption": "IDS",
+          "description": "An <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:IntrusionDetectionSystem/'>intrusion detection system</a>."
+        },
+        "14": {
+          "caption": "IPS",
+          "description": "An <a target='_blank' href='https://d3fend.mitre.org/dao/artifact/d3f:IntrusionPreventionSystem/'>intrusion prevention system</a>."
         }
       },
       "requirement": "recommended"
-Original file line number
+Diff line change
@@ Expand Up / @@ -73,4 +73,4 @@ @@
                 }
             }
         }
-    }
+    }