Heads up! These docs are for STIX 1.0, which is not the latest version (1.2). View the latest!

ObservablesTypeCybOX Core Schema

The ObservablesType is a type representing a collection of cyber observables.


Fields

Field Name Type Description
@cybox_major_versionrequired string

The major_version field specifies the major version of the CybOX language utlized for this set of Observables.

@cybox_minor_versionrequired string

The minor_version field specifies the minor version of the CybOX language utlized for this set of Observables.

Observable_Package_Source0..1 MeasureSourceType

The Observable_Package_Source field is optional and enables descriptive specification of how this package of Observables was identified and specified.

Observable1..n ObservableType
Pools0..1 PoolsType

The Pools construct enables the description of Events, Actions, Objects and Properties in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled elements. This reduces redundancy caused when identical observable elements occur multiple times within a set of defined Observables.