Discussions

• 2 You must be logged in to vote

  👻

  Re-name Fingerprint to Hash in OCSF as well as change ja3s_fingerprint to be a string

  breaking Any breaking, non backwards compatible changes

  JasonKeirstead started Feb 24, 2023 in Proposals · Closed

  

  

  

  

  14
• 1 You must be logged in to vote

  👻

  Add new object Analytic and attribute analytic

  enhancement New feature or request non_breaking Non Breaking, backwards compatible changes

  pagbabian-splunk started Mar 1, 2023 in Proposals · Closed

  

  

  3
• 4 You must be logged in to vote

  🗳️

  Add names to enumerated item definitions

  davaya started Oct 19, 2022 in Polls

  

  

  1
• 6 You must be logged in to vote

  💬

  Enhance OCSF object definitions - Anchoring definitions using the D3FEND Ontology

  netfl0 started Mar 1, 2023 in General

  

  

  

  

  4
• 1 You must be logged in to vote

  👻

  Further Enhance the Modified Resource Object (refer to Proposal #499)

  enhancement New feature or request iam Issues related to Identity & Access Management Category maintainers Issues that require attention from all maintainers breaking Any breaking, non backwards compatible changes

  pagbabian-splunk started Mar 12, 2023 in Proposals

  

  

  1
• 1 You must be logged in to vote

  👻

  Update the Security Finding class with attributes from the Splunk Detection Report extension class (Part 2)

  non_breaking Non Breaking, backwards compatible changes

  pagbabian-splunk started Feb 25, 2023 in Proposals · Closed

  

  

  

  

  10
• 👻

  New values for the category_uid and class_uid of the base_event

  rroupski started Feb 7, 2023 in Proposals · Closed

  

  

  2
• 2 You must be logged in to vote

  👻

  Extension labeling and versioning in Metadata

  enhancement New feature or request framework Structures, conventions, requirements, data types, etc.

  pagbabian-splunk started Feb 6, 2023 in Proposals

  

  

  

  

  3
• 1 You must be logged in to vote

  👻

  Modify 'depth' attribute to follow enum pattern

  zhanif3 started Mar 5, 2023 in Proposals

  

  

  0
• 1 You must be logged in to vote

  👻

  Modify the URL class by replacing the text attribute with the src_url attribute.

  grammar_consistency Issues related to the attribute grammar consistency work-stream breaking Any breaking, non backwards compatible changes

  pagbabian-splunk started Mar 4, 2023 in Proposals

  

  

  0
• 👻

  Promote Splunk's Network File Activity event class to core schema

  pagbabian-splunk started Feb 1, 2023 in Proposals

  

  

  1
• 2 You must be logged in to vote

  💬

  HTTP Activity Class - Multiple Issues

  iam Issues related to Identity & Access Management Category network_activity Issues related to Network Activity Category breaking Any breaking, non backwards compatible changes

  mikeradka started Feb 16, 2023 in General

  

  

  

  

  3
• 1 You must be logged in to vote

  👻

  Update the Security Finding class by changing the activity_id enum label

  non_breaking Non Breaking, backwards compatible changes

  pagbabian-splunk started Feb 25, 2023 in Proposals · Closed

  

  

  1
• 1 You must be logged in to vote

  👻

  Update the Security Finding class with attributes from the Splunk Detection Report extension class.

  non_breaking Non Breaking, backwards compatible changes

  pagbabian-splunk started Feb 25, 2023 in Proposals · Closed

  

  

  3
• 👻

  Description update for rcode.

  network_activity Issues related to Network Activity Category grammar_consistency Issues related to the attribute grammar consistency work-stream non_breaking Non Breaking, backwards compatible changes

  floydtree started Feb 13, 2023 in Proposals · Closed

  

  

  1
• 1 You must be logged in to vote

  🙏

  using OCSF schema for generating audits in saas product

  shreyasGit asked Feb 21, 2023 in Q&A · Unanswered

  

  

  

  

  4
• 1 You must be logged in to vote

  👻

  A new field in the packages object

  findings Issues related to Findings Category non_breaking Non Breaking, backwards compatible changes

  floydtree started Feb 13, 2023 in Proposals

  

  

  

  

  6
• 👻

  A new field in the vulnerability object

  findings Issues related to Findings Category non_breaking Non Breaking, backwards compatible changes

  floydtree started Feb 13, 2023 in Proposals

  

  

  5
• 👻

  Use SemVer RC versioning

  documentation Improvements or additions to documentation

  pagbabian-splunk started Feb 7, 2023 in Proposals

  

  

  0
• 1 You must be logged in to vote

  🙏

  How do we export the entire schema to CSV using pyhton?

  sameer-metron asked Feb 6, 2023 in Q&A · Unanswered

  

  

  

  

  2
• 1 You must be logged in to vote

  💡

  activity vs disposition vs status

  enhancement New feature or request framework Structures, conventions, requirements, data types, etc.

  pagbabian-splunk started Jan 12, 2023 in Ideas

  

  

  1
• 1 You must be logged in to vote

  👻

  Move profiles from Metadata to the Base Event class

  pagbabian-splunk started Feb 1, 2023 in Proposals

  

  

  0
• 👻

  Process Object: Requiring either PID or UID

  system_activity Issues related to System Activity Category

  tankbusta started Sep 28, 2022 in Proposals

  

  

  

  

  5
• 1 You must be logged in to vote

  🗳️

  String Sibling Normalization

  paveljos started Jan 27, 2023 in Polls

  

  

  

  

  12
• 1 You must be logged in to vote

  🙏

  OSCF schema adoption by RDBMS databases?

  debaduttar asked Jan 18, 2023 in Q&A · Answered

  

  

  4