The ObservablesType is a type representing a collection of cyber observables.
| Field Name | Type | Description |
|---|---|---|
| @cybox_major_versionrequired | string |
The cybox_major_version field specifies the major version of the CybOX language utilized for this set of Observables. |
| @cybox_minor_versionrequired | string |
The cybox_minor_version field specifies the minor version of the CybOX language utilized for this set of Observables. |
| @cybox_update_versionoptional | string |
The cybox_update_version field specifies the update version of the CybOX language utilized for this set of Observables. This field MUST be used when using an update version of CybOX. |
| Observable_Package_Source0..1 | MeasureSourceType |
The Observable_Package_Source field is optional and enables descriptive specification of how this package of Observables was identified and specified. |
| Observable1..n | ObservableType | |
| Pools0..1 | PoolsType |
The Pools construct enables the description of Events, Actions, Objects and Properties in a space-efficient pooled manner with the actual Observable structures defined in the CybOX schema containing references to the pooled elements. This reduces redundancy caused when identical observable elements occur multiple times within a set of defined Observables. |