Pipeline: Release 4.5.0.stable38 documentation

docs/odm/models/ontology/file.md

@@ -0,0 +1,16 @@
+[comment]: # (AUTOGENERATED MARKDOWN CONTENT. UPDATES TO ODM DOCUMENTATION SHOULD BE DONE THROUGH ASSEMBLYLINE-BASE REPO!)
+# File
+> File Characteristics
+
+| Field | Type | Description | Required | Default |
+| :--- | :--- | :--- | :--- | :--- |
+| md5 | MD5 | MD5 of file | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+| sha1 | SHA1 | SHA1 of file | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+| sha256 | SHA256 | SHA256 of file | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+| type | Keyword | None | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| size | Integer | Size of the file in bytes | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+| names | List [Text] | Known filenames associated to file | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| parent | SHA256 | Absolute parent of file relative to submission | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| pe | [PE](/assemblyline4_docs/odm/models/ontology/filetypes/pe/#pe) | Properties related to PE | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+
+

docs/odm/models/ontology/ontology.md

@@ -5,37 +5,22 @@
 | Field | Type | Description | Required | Default |
 | :--- | :--- | :--- | :--- | :--- |
 | odm_type | Text | Type of ODM Model | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `Assemblyline Result Ontology` |
-| odm_version | Text | Version of ODM Model | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `1.9` |
+| odm_version | Text | Version of ODM Model | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `1.10` |
 | classification | ClassificationString | Classification of Ontological Record | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| file | [File](/assemblyline4_docs/odm/models/ontology/ontology/#file) | Descriptors about file being analyzed | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+| file | [File](/assemblyline4_docs/odm/models/ontology/file/#file) | Descriptors about file being analyzed | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
 | service | [Service](/assemblyline4_docs/odm/models/ontology/ontology/#service) | Information about Service | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
 | submission | [Submission](/assemblyline4_docs/odm/models/ontology/ontology/#submission) | Information about Submission | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | results | [Results](/assemblyline4_docs/odm/models/ontology/ontology/#results) | Ontological Results | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 
 
-[comment]: # (AUTOGENERATED MARKDOWN CONTENT. UPDATES TO ODM DOCUMENTATION SHOULD BE DONE THROUGH ASSEMBLYLINE-BASE REPO!)
-## File
-> File Characteristics
-
-| Field | Type | Description | Required | Default |
-| :--- | :--- | :--- | :--- | :--- |
-| md5 | MD5 | MD5 of file | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| sha1 | SHA1 | SHA1 of file | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| sha256 | SHA256 | SHA256 of file | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| type | Keyword | Type of file as identified by Assemblyline | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| size | Integer | Size of the file in bytes | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| names | List [Text] | Known filenames associated to file | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
-| parent | SHA256 | Absolute parent of file relative to submission | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
-| pe | [PE](/assemblyline4_docs/odm/models/ontology/filetypes/pe/#pe) | Properties related to PE | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
-
-
 [comment]: # (AUTOGENERATED MARKDOWN CONTENT. UPDATES TO ODM DOCUMENTATION SHOULD BE DONE THROUGH ASSEMBLYLINE-BASE REPO!)
 ## Results
 > Ontological Results
 
 | Field | Type | Description | Required | Default |
 | :--- | :--- | :--- | :--- | :--- |
 | antivirus | List [[Antivirus](/assemblyline4_docs/odm/models/ontology/results/antivirus/#antivirus)] | List of Antivirus Ontologies | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| http | List [[HTTP](/assemblyline4_docs/odm/models/ontology/results/http/#http)] | List of HTTP Ontologies | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | malwareconfig | List [[MalwareConfig](/assemblyline4_docs/odm/models/ontology/results/malware_config/#malwareconfig)] | List of MalwareConfig Ontologies | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | netflow | List [[NetworkConnection](/assemblyline4_docs/odm/models/ontology/results/network/#networkconnection)] | List of Network Ontologies | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | process | List [[Process](/assemblyline4_docs/odm/models/ontology/results/process/#process)] | List of Process Ontologies | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |

docs/odm/models/ontology/results/http.md

@@ -0,0 +1,23 @@
+[comment]: # (AUTOGENERATED MARKDOWN CONTENT. UPDATES TO ODM DOCUMENTATION SHOULD BE DONE THROUGH ASSEMBLYLINE-BASE REPO!)
+# HTTP
+> HTTP Task
+
+| Field | Type | Description | Required | Default |
+| :--- | :--- | :--- | :--- | :--- |
+| response_code | Integer | The status code of the main page | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+| redirection_url | Keyword | The final page of the requested url | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| redirects | List [[HTTPRedirect](/assemblyline4_docs/odm/models/ontology/results/http/#httpredirect)] | List of Redirects | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| favicon | [File](/assemblyline4_docs/odm/models/ontology/file/#file) | The file information of the main favicon | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| title | Keyword | The title of the main page after any redirection | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+
+
+[comment]: # (AUTOGENERATED MARKDOWN CONTENT. UPDATES TO ODM DOCUMENTATION SHOULD BE DONE THROUGH ASSEMBLYLINE-BASE REPO!)
+## HTTPRedirect
+> 
+
+| Field | Type | Description | Required | Default |
+| :--- | :--- | :--- | :--- | :--- |
+| from_url | Keyword |  | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+| to_url | Keyword |  | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+
+

docs/odm/models/ontology/results/network.md

@@ -5,10 +5,10 @@
 | Field | Type | Description | Required | Default |
 | :--- | :--- | :--- | :--- | :--- |
 | objectid | [ObjectID](/assemblyline4_docs/odm/models/ontology/results/process/#objectid) | The object ID of the network object | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| destination_ip | IP | The destination IP of the connection | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| destination_port | Integer | The destination port of the connection | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| transport_layer_protocol | Enum | The transport layer protocol of the connection<br>Values:<br>`"tcp", "udp"` | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
-| direction | Enum | The direction of the network connection<br>Values:<br>`"inbound", "outbound", "unknown"` | <div style="width:100px">:material-checkbox-marked-outline: Yes</div> | `None` |
+| destination_ip | IP | The destination IP of the connection | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| destination_port | Integer | The destination port of the connection | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| transport_layer_protocol | Enum | The transport layer protocol of the connection<br>Values:<br>`"tcp", "udp"` | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| direction | Enum | The direction of the network connection<br>Values:<br>`"inbound", "outbound", "unknown"` | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | process | [Process](/assemblyline4_docs/odm/models/ontology/results/process/#process) | The process that spawned the network connection | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | source_ip | IP | The source IP of the connection | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | source_port | Integer | The source port of the connection | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
@@ -41,5 +41,7 @@
 | request_body | Text | The body of the request | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | response_status_code | Integer | The status code of the response | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | response_body | Text | The body of the response | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| response_content_fileinfo | [File](/assemblyline4_docs/odm/models/ontology/file/#file) | The file information of the response content | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| response_content_mimetype | Text | The response content mimetype returned by the server | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 
 

docs/odm/models/ontology/results/sandbox.md

@@ -21,6 +21,7 @@
 | end_time | Date | The end time of the analysis | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | routing | Keyword | The routing used in the sandbox setup (Spoofed, Internet, Tor, VPN) | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 | machine_metadata | [MachineMetadata](/assemblyline4_docs/odm/models/ontology/results/sandbox/#machinemetadata) | The metadata of the analysis | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
+| window_size | Keyword | The resolution used for the analysis | <div style="width:100px">:material-minus-box-outline: Optional</div> | `None` |
 
 
 [comment]: # (AUTOGENERATED MARKDOWN CONTENT. UPDATES TO ODM DOCUMENTATION SHOULD BE DONE THROUGH ASSEMBLYLINE-BASE REPO!)

mkdocs.yml

@@ -140,11 +140,13 @@ nav:
     - FileScore: odm/models/filescore.md
     - Heuristic: odm/models/heuristic.md
     - Ontology:
+      - File: odm/models/ontology/file.md
       - Filetypes:
         - PE: odm/models/ontology/filetypes/pe.md
       - ResultOntology: odm/models/ontology/ontology.md
       - Results:
         - Antivirus: odm/models/ontology/results/antivirus.md
+        - HTTP: odm/models/ontology/results/http.md
         - MalwareConfig: odm/models/ontology/results/malware_config.md
         - NetworkConnection: odm/models/ontology/results/network.md
         - Process: odm/models/ontology/results/process.md