Subset: AttackAux
Auxiliary helper classes used as inlined component types within ATT&CK objects (e.g., RelatedAsset, LogSource, LogSourceReference, MutableElement, ObjectVersionReference).
URI: AttackAux
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/attack
Classes in subset
| Class | Description |
|---|---|
| AttackKillChainPhase | An ATT&CK-constrained kill chain phase restricting kill_chain_name to the thr... |
| LogSource | A platform-specific log collection configuration embedded within a data compo... |
| LogSourceReference | A reference linking an analytic to a specific data component and log source p... |
| MutableElement | An environment-tunable parameter within an ATT&CK analytic |
| ObjectVersionReference | A versioned reference to a specific state of a STIX object, consisting of the... |
| RelatedAsset | A sector-specific alias or variant name for a primary ATT&CK Asset object |
Slots from LogSource also in attack_aux
| Name | Cardinality and Range | Description |
|---|---|---|
| log_source_channel | 1 String |
The specific log channel, event ID, or event category within the log source (... |
| log_source_name | 1 String |
The log source provider or service name (e |
Slots from LogSourceReference also in attack_aux
| Name | Cardinality and Range | Description |
|---|---|---|
| log_source_channel | 1 String |
The specific log channel, event ID, or event category within the log source (... |
| log_source_name | 1 String |
The log source provider or service name (e |
| x_mitre_data_component_ref | 1 StixIdentifier |
The STIX ID of the x-mitre-data-component object that this log source referen... |
Slots from MutableElement also in attack_aux
| Name | Cardinality and Range | Description |
|---|---|---|
| mutable_field | 1 String |
The name of the analytic field or parameter that can be tuned by a defender t... |
Slots from RelatedAsset also in attack_aux
| Name | Cardinality and Range | Description |
|---|---|---|
| related_asset_sectors | * AttackAssetSectorEnum |
The industry sectors in which this related (aliased) asset variant is observe... |
Slots in subset
| Slot | Description |
|---|---|
| log_source_channel | The specific log channel, event ID, or event category within the log source (... |
| log_source_name | The log source provider or service name (e |
| mutable_field | The name of the analytic field or parameter that can be tuned by a defender t... |
| related_asset_sectors | The industry sectors in which this related (aliased) asset variant is observe... |
| x_mitre_data_component_ref | The STIX ID of the x-mitre-data-component object that this log source referen... |