TheHive Model Definition#
Field Types#
string
: textual data (example "malware").text
: textual data. The difference betweenstring
andtext
is in the way content can be searched.string
is searchable as-is whereastext
, words (token) are searchable, not the whole content (example "Ten users have received this ransomware").date
: date and time using timestamps with milliseconds format.boolean
: true or falsenumber
: numeric valuemetrics
: JSON object that contains only numbers
Field can be prefixed with multi-
in order to indicate that multiple values can be provided.
Common Attributes#
All entities share the following attributes:
- createdBy
(text) : login of the user who created the entity
- createdAt
(date) : date and time of the creation
- updatedBy
(text) : login of the user who last updated the entity
- upadtedAt
(date) : date and time of the last update
- user
(text) : same value as createdBy
(this field is deprecated)
These attributes are handled by the back-end and can't be directly updated.
Last update:
March 2, 2021 11:39:03