Signature¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| classification | Classification | Security classification assigned to the signature based on its contents and context. | Yes |
TLP:C |
| data | Text | None | Yes |
None |
| last_modified | Date | Notes the last modification timestamp of the signature. | Yes |
NOW |
| name | Keyword | Name of the signature. | Yes |
None |
| order | Integer | no longer used in v4 | Yes |
1 |
| revision | Keyword | Yes |
1 |
|
| signature_id | Keyword | ID associated with the signature. | Optional |
None |
| source | Keyword | Source or author of the signature. | Yes |
None |
| state_change_date | Date | Date the signature's state was last changed. | Optional |
None |
| state_change_user | Keyword | User who last changed the signature's state. | Optional |
None |
| stats | Statistics | Stats associated with count, average, min, max, and sum of various signature metrics. | Yes |
See Statistics for more details. |
| status | Enum | The current state of the signature (i.e. NOISY, DISABLED, DEPLOYED, etc.). Supported values are: "DEPLOYED", "DISABLED", "INVALID", "NOISY", "STAGING", "TESTING" |
Yes |
None |
| type | Keyword | The service type that the signature is associated with. | Yes |
None |