idioms-xml-from-2.0/socket-observed-data.xml

<stix:STIX_Package
	xmlns:cybox="http://cybox.mitre.org/cybox-2"
	xmlns:stix="http://stix.mitre.org/stix-1"
	xmlns:NetworkSocketObj="http://cybox.mitre.org/objects#NetworkSocketObject-2"
	xmlns:cyboxVocabs="http://cybox.mitre.org/default_vocabularies-2"
	xmlns:xs="http://www.w3.org/2001/XMLSchema"
	xmlns:cyboxCommon="http://cybox.mitre.org/common-2"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2"
	xmlns:xlink="http://www.w3.org/1999/xlink"
	xmlns:NetworkConnectionObj="http://cybox.mitre.org/objects#NetworkConnectionObject-2"
	xmlns:example="http://example.com"
	xmlns:SocketAddressObj="http://cybox.mitre.org/objects#SocketAddressObject-1"
	xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2"
	xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
	 id="example:STIXPackage-8fb48930-41e7-45d9-9ab7-171be0385f20" version="1.2">
    <stix:Observables cybox_major_version="2" cybox_minor_version="1" cybox_update_version="0">
        <cybox:Observable id="example:observable-8647e9be-c8df-44d5-af4a-9dd4ae43c641">
            <cybox:Object id="example:NetworkConnection-97b0fa3e-bd8e-4573-ac7f-26c42b099b91">
                <cybox:Properties xsi:type="NetworkConnectionObj:NetworkConnectionObjectType">
                    <NetworkConnectionObj:Source_Socket_Address xsi:type="SocketAddressObj:SocketAddressObjectType">
                        <SocketAddressObj:IP_Address xsi:type="AddressObj:AddressObjectType" category="ipv4-addr">
                            <AddressObj:Address_Value>198.51.100.2</AddressObj:Address_Value>
                        </SocketAddressObj:IP_Address>
                        <SocketAddressObj:Port xsi:type="PortObj:PortObjectType">
                            <PortObj:Port_Value>223</PortObj:Port_Value>
                        </SocketAddressObj:Port>
                    </NetworkConnectionObj:Source_Socket_Address>
                </cybox:Properties>
                <cybox:Related_Objects>
                    <cybox:Related_Object id="example:NetworkSocket-95a31b29-b898-4bd9-807f-8614eb5c7eb9">
                        <cybox:Properties xsi:type="NetworkSocketObj:NetworkSocketObjectType" is_listening="true">
                            <NetworkSocketObj:Address_Family>AF_INET</NetworkSocketObj:Address_Family>
                            <NetworkSocketObj:Domain>PF_INET</NetworkSocketObj:Domain>
                            <NetworkSocketObj:Options>
                                <NetworkSocketObj:SO_LINGER>5</NetworkSocketObj:SO_LINGER>
                            </NetworkSocketObj:Options>
                            <NetworkSocketObj:Type>SOCK_STREAM</NetworkSocketObj:Type>
                        </cybox:Properties>
                        <cybox:Relationship>Related_Socket</cybox:Relationship>
                    </cybox:Related_Object>
                </cybox:Related_Objects>
            </cybox:Object>
        </cybox:Observable>
    </stix:Observables>
</stix:STIX_Package>