GreyNoise Intelligence · JSON Structure

Greynoise Cve Exploitation Activity Structure

Type: object Properties: 7
SecurityThreat IntelligenceCybersecurityIP ReputationVulnerability ManagementNetwork TelemetrySOC AutomationPublic APIs

CVEExploitationActivity is a JSON Structure definition published by GreyNoise Intelligence, describing 7 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

activity_seen benign_ip_count_1d benign_ip_count_10d benign_ip_count_30d threat_ip_count_1d threat_ip_count_10d threat_ip_count_30d

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://api-evangelist.github.io/greynoise/json-structure/greynoise-cve-exploitation-activity-structure.json",
  "name": "CVEExploitationActivity",
  "type": "object",
  "properties": {
    "activity_seen": {
      "type": "boolean",
      "description": "Whether exploitation activity has been observed.",
      "example": true
    },
    "benign_ip_count_1d": {
      "type": "int32",
      "description": "The count of benign IPs in the last day.",
      "example": 100
    },
    "benign_ip_count_10d": {
      "type": "int32",
      "description": "The count of benign IPs in the last 10 days.",
      "example": 500
    },
    "benign_ip_count_30d": {
      "type": "int32",
      "description": "The count of benign IPs in the last 30 days.",
      "example": 1000
    },
    "threat_ip_count_1d": {
      "type": "int32",
      "description": "The count of threat IPs in the last day.",
      "example": 10
    },
    "threat_ip_count_10d": {
      "type": "int32",
      "description": "The count of threat IPs in the last 10 days.",
      "example": 50
    },
    "threat_ip_count_30d": {
      "type": "int32",
      "description": "The count of threat IPs in the last 30 days.",
      "example": 100
    }
  }
}