-
Notifications
You must be signed in to change notification settings - Fork 142
Issues: ocsf/ocsf-schema
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Impact requirement is inconsistent in the Findings classes: Impact attributes should be included in Incident profile.
description_updates
Issues related to missing/incorrect/lacking descriptions of attributes
findings
Issues related to Findings Category
grammar_consistency
Issues related to the attribute grammar consistency work-stream
non_breaking
Non Breaking, backwards compatible changes
v1.4.0
Changes marked for the upcoming version 1.4.0
v1.5.0 or later
#1319
opened Jan 15, 2025 by
pagbabian-splunk
vendor_attributes missing Group in Incident Finding
bug
Something isn't working
v1.4.0
Changes marked for the upcoming version 1.4.0
#1318
opened Jan 15, 2025 by
pagbabian-splunk
Add missing Zeek logs to network activity class
network_activity
Issues related to Network Activity Category
non_breaking
Non Breaking, backwards compatible changes
#1314
opened Jan 14, 2025 by
Aniak5
OSINT profile improvements
enhancement
New feature or request
v1.5.0 or later
#1309
opened Jan 9, 2025 by
PavelJurka
Update Any breaking, non backwards compatible changes
network_activity
Issues related to Network Activity Category
Email event class to be generic
breaking
#1306
opened Jan 8, 2025 by
Aniak5
The Discovery category has too many narrow, but related classes.
enhancement
New feature or request
v1.5.0 or later
#1261
opened Nov 21, 2024 by
pagbabian-splunk
Proposal: Extend Security Control Profile for Authentication Class in OCSF
v1.5.0 or later
#1235
opened Oct 31, 2024 by
pladamgregory
Proposal: Expanded Application Lifecycle Schema (Class 6002)
#1234
opened Oct 31, 2024 by
pladamgregory
Support the ability to promote extensions to core without breaking changes
#1217
opened Oct 22, 2024 by
alanisaac
Clarification on Proper Placement of Parent Process Details in Process Event (ACTOR vs PROCESS.PARENT)
#1187
opened Oct 1, 2024 by
threatdecoder
Where to store IP addresses in Network Connection Info object?
#1183
opened Sep 25, 2024 by
jedmitten
Activity class required to represent script execution events
#1156
opened Aug 13, 2024 by
davemcatcisco
digital_signature name mismatch between objects and dictionary.json
grammar_consistency
Issues related to the attribute grammar consistency work-stream
#1151
opened Jul 29, 2024 by
medallium
USER, LDAP Person extension by useful fields + cloud profile added to support Azure AD
v1.5.0 or later
#1122
opened Jun 26, 2024 by
PavelJurka
The Job object cannot adequately describe Windows scheduled jobs
#1118
opened Jun 21, 2024 by
davemcatcisco
Previous Next
ProTip!
What’s not been updated in a month: updated:<2024-12-19.