Create a new event.

External Documentation

To learn more, visit the MISP documentation.

Basic Parameters

ParameterDescription
DateThe date of the event.
Distribution-
Event Creator EmailThe email of the creator of the event.
InfoInformation about the event. Max length is 65535.
Organization IDThe organisation identifier.
PublishedRepresents whether the event was published.
Sighting TimestampThe sighting timestamp.
Threat Level ID-
UUIDUUID of the event.

Advanced Parameters

ParameterDescription
AnalysisThe analysis maturity level.
Attribute CountThe attribute count.
Disable CorrelationPrevents correlation with other events.
Extended UUIDThe extended UUID.
LockedRepresents whether the event is locked.
Orgc IDThe orgc id.
Proposal Email LockRepresents whether there will be an ability to send proposal emails for the event.
Publish TimestampThe publish timestamp.
Sharing Group IDThe ID of the sharing group.
TimestampTimestamp of the event.

Example Output

{
	"Event": {
		"id": "<string>",
		"orgc_id": "<string>",
		"org_id": "<string>",
		"date": "2010-07-15",
		"threat_level_id": "<string>",
		"info": "<string>",
		"published": false,
		"uuid": "<string>",
		"attribute_count": "<string>",
		"analysis": "<string>",
		"timestamp": "<string>",
		"distribution": "<string>",
		"proposal_email_lock": false,
		"locked": false,
		"publish_timestamp": "<string>",
		"sharing_group_id": "<string>",
		"disable_correlation": false,
		"extends_uuid": "<string>",
		"protected": null,
		"event_creator_email": "<string>",
		"Org": {
			"id": "<string>",
			"name": "<string>",
			"uuid": "<string>",
			"local": true
		},
		"Orgc": {
			"id": "<string>",
			"name": "<string>",
			"uuid": "<string>",
			"local": true
		},
		"Attribute": [],
		"ShadowAttribute": [],
		"RelatedEvent": [],
		"Galaxy": [],
		"Object": [],
		"EventReport": [],
		"CryptographicKey": []
	}
}

Workflow Library Example

Create Event with Misp and Send Results Via Email

Preview this Workflow on desktop