VirusTotal · Schema

LivehuntRulesetObject

A YARA ruleset deployed to Livehunt (real-time hunting on incoming corpus).

Anti-MalwareThreat IntelligenceSecurityFile AnalysisURL AnalysisYARAIoCSandboxMITRE ATT&CKGoogle Cloud

Properties

Name Type Description
id string Object identifier.
type string Object type discriminator.
links object Hypermedia links.
attributes object Type-specific attributes for LivehuntRulesetObject.
relationships object Pre-expanded relationships, keyed by relationship name.
View JSON Schema on GitHub

JSON Schema

virustotal-livehunt-ruleset-object-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/virustotal/refs/heads/main/json-schema/LivehuntRulesetObject-schema.json",
  "title": "LivehuntRulesetObject",
  "description": "A YARA ruleset deployed to Livehunt (real-time hunting on incoming corpus).",
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "description": "Object identifier."
    },
    "type": {
      "type": "string",
      "description": "Object type discriminator."
    },
    "links": {
      "type": "object",
      "description": "Hypermedia links.",
      "properties": {
        "self": {
          "type": "string",
          "format": "uri"
        }
      }
    },
    "attributes": {
      "type": "object",
      "description": "Type-specific attributes for LivehuntRulesetObject.",
      "properties": {
        "name": {
          "type": "string",
          "example": "emotet-loaders"
        },
        "creation_date": {
          "type": "integer"
        },
        "modification_date": {
          "type": "integer"
        },
        "enabled": {
          "type": "boolean"
        },
        "rules": {
          "type": "string",
          "description": "Raw YARA rule text."
        },
        "rule_names": {
          "type": "array",
          "items": {
            "type": "string"
          }
        },
        "number_of_rules": {
          "type": "integer"
        },
        "notification_emails": {
          "type": "array",
          "items": {
            "type": "string",
            "format": "email"
          }
        },
        "limit": {
          "type": "integer",
          "description": "Daily notification limit."
        },
        "match_object_type": {
          "type": "string",
          "enum": [
            "file",
            "url",
            "domain",
            "ip_address"
          ]
        },
        "tags": {
          "type": "array",
          "items": {
            "type": "string"
          }
        }
      }
    },
    "relationships": {
      "type": "object",
      "description": "Pre-expanded relationships, keyed by relationship name.",
      "additionalProperties": true
    }
  },
  "required": [
    "id",
    "type",
    "attributes"
  ]
}