From: Tharushi Jayasekara Date: Wed, 24 Feb 2021 16:49:44 +0000 (+0530) Subject: schema.json: schema to validate eve.json output X-Git-Tag: suricata-6.0.4~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5c852b5f33e7ddfb2b45c594b97351022e2888ad;p=thirdparty%2Fsuricata-verify.git schema.json: schema to validate eve.json output --- diff --git a/schema.json b/schema.json new file mode 100644 index 000000000..9a1c9bdc0 --- /dev/null +++ b/schema.json @@ -0,0 +1,103 @@ +{ + "type": "object", + "properties": { + "timestamp": { + "type": "string", + "pattern": "^\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}\\.\\d+[+\\-]\\d+$", + "optional": false + }, + "flow_id": { + "type": "integer", + "optional": true + }, + "pcap_cnt": { + "type": "integer", + "optional": true + }, + "event_type": { + "type": "string", + "optional": false + }, + "vlan": { + "type": "array", + "items": { + "type": "number" + } + }, + "src_ip": { + "type": "string", + "optional": true + }, + "src_port": { + "type": "integer", + "optional": true + }, + "dest_ip": { + "type": "string", + "optional": true + }, + "dest_port": { + "type": "integer", + "optional": true + }, + "proto": { + "type": "string", + "optional": true + }, + "http": { + "type": "object", + "optional": true, + "properties": { + "hostname": { + "type": "string" + }, + "url": { + "type": "string" + }, + "http_user_agent": { + "type": "string" + }, + "http_content_type": { + "type": "string" + }, + "http_method": { + "type": "string" + }, + "protocol": { + "type": "string" + }, + "status": { + "type": "integer" + }, + "length": { + "type": "integer" + } + } + }, + "app_proto": { + "type": "string", + "optional": true + }, + "fileinfo": { + "type": "object", + "optional": true, + "properties": { + "filename": { + "type": "string" + }, + "state": { + "type": "string" + }, + "stored": { + "type": "boolean" + }, + "size": { + "type": "integer" + }, + "tx_id": { + "type": "integer" + } + } + } + } +}