@mitre-attack/attack-data-model
Version:
A TypeScript API for the MITRE ATT&CK data model
187 lines (184 loc) • 8.58 kB
text/typescript
import { z } from 'zod/v4';
declare const xMitreLogSourcePermutationKey: z.ZodString;
declare const xMitreLogSourceRefSchema: z.ZodObject<{
ref: z.ZodString;
keys: z.ZodArray<z.ZodString>;
}, z.core.$strip>;
type LogSourceRef = z.infer<typeof xMitreLogSourceRefSchema>;
declare const xMitreLogSourceRefsSchema: z.ZodArray<z.ZodObject<{
ref: z.ZodString;
keys: z.ZodArray<z.ZodString>;
}, z.core.$strip>>;
type LogSourceRefs = z.infer<typeof xMitreLogSourceRefsSchema>;
declare const xMitreMutableElementSchema: z.ZodObject<{
field: z.ZodString;
description: z.ZodString;
}, z.core.$strip>;
type MutableElement = z.infer<typeof xMitreMutableElementSchema>;
declare const xMitreMutableElementsSchema: z.ZodArray<z.ZodObject<{
field: z.ZodString;
description: z.ZodString;
}, z.core.$strip>>;
type MutableElements = z.infer<typeof xMitreMutableElementsSchema>;
declare const extensibleAnalyticSchema: z.ZodObject<{
spec_version: z.ZodEnum<{
"2.0": "2.0";
2.1: "2.1";
}>;
created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">;
modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">;
created_by_ref: z.ZodNonOptional<z.ZodOptional<z.ZodString>>;
labels: z.ZodOptional<z.ZodArray<z.ZodString>>;
revoked: z.ZodOptional<z.ZodBoolean>;
confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
lang: z.ZodOptional<z.ZodString>;
object_marking_refs: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>;
granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{
marking_ref: z.ZodString;
selectors: z.ZodArray<z.ZodString>;
}, z.core.$strip>>>;
extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{
extension_type: z.ZodEnum<{
"new-sdo": "new-sdo";
"new-sco": "new-sco";
"new-sro": "new-sro";
"property-extension": "property-extension";
"toplevel-property-extension": "toplevel-property-extension";
}>;
}, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>;
name: z.ZodString;
x_mitre_attack_spec_version: z.ZodString;
x_mitre_version: z.ZodString;
x_mitre_old_attack_id: z.ZodOptional<z.ZodString>;
x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>;
id: z.ZodString;
type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">;
x_mitre_platforms: z.ZodArray<z.ZodEnum<{
"Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED";
"Network Devices": "Network Devices";
"Data Historian": "Data Historian";
"Google Workspace": "Google Workspace";
"Office Suite": "Office Suite";
ESXi: "ESXi";
"Identity Provider": "Identity Provider";
Containers: "Containers";
"Azure AD": "Azure AD";
"Engineering Workstation": "Engineering Workstation";
"Control Server": "Control Server";
"Human-Machine Interface": "Human-Machine Interface";
Windows: "Windows";
Linux: "Linux";
IaaS: "IaaS";
None: "None";
iOS: "iOS";
PRE: "PRE";
SaaS: "SaaS";
"Input/Output Server": "Input/Output Server";
macOS: "macOS";
Android: "Android";
"Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay";
Embedded: "Embedded";
}>>;
x_mitre_detects: z.ZodString;
external_references: z.ZodArray<z.ZodObject<{
source_name: z.ZodString;
description: z.ZodOptional<z.ZodString>;
url: z.ZodOptional<z.ZodURL>;
external_id: z.ZodOptional<z.ZodString>;
}, z.core.$strip>>;
x_mitre_log_sources: z.ZodArray<z.ZodObject<{
ref: z.ZodString;
keys: z.ZodArray<z.ZodString>;
}, z.core.$strip>>;
x_mitre_mutable_elements: z.ZodArray<z.ZodObject<{
field: z.ZodString;
description: z.ZodString;
}, z.core.$strip>>;
x_mitre_domains: z.ZodArray<z.ZodEnum<{
"enterprise-attack": "enterprise-attack";
"mobile-attack": "mobile-attack";
"ics-attack": "ics-attack";
}>>;
}, z.core.$strict>;
declare const analyticSchema: z.ZodObject<{
spec_version: z.ZodEnum<{
"2.0": "2.0";
2.1: "2.1";
}>;
created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">;
modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">;
created_by_ref: z.ZodNonOptional<z.ZodOptional<z.ZodString>>;
labels: z.ZodOptional<z.ZodArray<z.ZodString>>;
revoked: z.ZodOptional<z.ZodBoolean>;
confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
lang: z.ZodOptional<z.ZodString>;
object_marking_refs: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>;
granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{
marking_ref: z.ZodString;
selectors: z.ZodArray<z.ZodString>;
}, z.core.$strip>>>;
extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{
extension_type: z.ZodEnum<{
"new-sdo": "new-sdo";
"new-sco": "new-sco";
"new-sro": "new-sro";
"property-extension": "property-extension";
"toplevel-property-extension": "toplevel-property-extension";
}>;
}, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>;
name: z.ZodString;
x_mitre_attack_spec_version: z.ZodString;
x_mitre_version: z.ZodString;
x_mitre_old_attack_id: z.ZodOptional<z.ZodString>;
x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>;
id: z.ZodString;
type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">;
x_mitre_platforms: z.ZodArray<z.ZodEnum<{
"Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED";
"Network Devices": "Network Devices";
"Data Historian": "Data Historian";
"Google Workspace": "Google Workspace";
"Office Suite": "Office Suite";
ESXi: "ESXi";
"Identity Provider": "Identity Provider";
Containers: "Containers";
"Azure AD": "Azure AD";
"Engineering Workstation": "Engineering Workstation";
"Control Server": "Control Server";
"Human-Machine Interface": "Human-Machine Interface";
Windows: "Windows";
Linux: "Linux";
IaaS: "IaaS";
None: "None";
iOS: "iOS";
PRE: "PRE";
SaaS: "SaaS";
"Input/Output Server": "Input/Output Server";
macOS: "macOS";
Android: "Android";
"Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay";
Embedded: "Embedded";
}>>;
x_mitre_detects: z.ZodString;
external_references: z.ZodArray<z.ZodObject<{
source_name: z.ZodString;
description: z.ZodOptional<z.ZodString>;
url: z.ZodOptional<z.ZodURL>;
external_id: z.ZodOptional<z.ZodString>;
}, z.core.$strip>>;
x_mitre_log_sources: z.ZodArray<z.ZodObject<{
ref: z.ZodString;
keys: z.ZodArray<z.ZodString>;
}, z.core.$strip>>;
x_mitre_mutable_elements: z.ZodArray<z.ZodObject<{
field: z.ZodString;
description: z.ZodString;
}, z.core.$strip>>;
x_mitre_domains: z.ZodArray<z.ZodEnum<{
"enterprise-attack": "enterprise-attack";
"mobile-attack": "mobile-attack";
"ics-attack": "ics-attack";
}>>;
}, z.core.$strict>;
type Analytic = z.infer<typeof extensibleAnalyticSchema>;
export { type Analytic, type LogSourceRef, type LogSourceRefs, type MutableElement, type MutableElements, analyticSchema, extensibleAnalyticSchema, xMitreLogSourcePermutationKey, xMitreLogSourceRefSchema, xMitreLogSourceRefsSchema, xMitreMutableElementSchema, xMitreMutableElementsSchema };