You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/platform-services/threat-intelligence-indicators.md
+1-7Lines changed: 1 addition & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -631,11 +631,5 @@ The following attributes are required:
631
631
* `url:value`. URL. (Entity type in Cloud SIEM is `_url`.)
632
632
* `user-account:user-id`. User ID. (Entity type in Cloud SIEM is `_username`.)
633
633
* `user-account:login`. Login name. (Entity type in Cloud SIEM is `_username`.)
634
-
* **pattern_type** (string). The pattern language used in this indicator (as defined by [pattern_type in STIX 2.1](https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html#_9lfdvxnyofxw)). Following are valid values:
635
-
* `stix`. Specifies the [STIX](https://oasis-open.github.io/cti-documentation/stix/intro) pattern language.
636
-
* `pcre`. Specifies the [PCRE](https://www.pcre.org/) language.
637
-
* `sigma`. Specifies the [SIGMA](https://sigmahq.io/) language.
638
-
* `snort`. Specifies the [SNORT](https://www.snort.org/) language.
639
-
* `suricata`. Specifies the [SURICATA](https://suricata-ids.org/) language.
640
-
* `yara`. Specifies the [YARA](https://virustotal.github.io/yara/) language.
634
+
* **pattern_type** (string). The pattern language used in this indicator (as defined by [pattern_type in STIX 2.1](https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html#_9lfdvxnyofxw)). Enter `stix` to specify the [STIX](https://oasis-open.github.io/cti-documentation/stix/intro) pattern language.
641
635
* **valid_from** (string [date-time]). Beginning time this indicator is valid. Timestamp in UTC in RFC3339 format. For example, `2023-03-21T12:00:00.000Z`.
0 commit comments