chg: [mitre] add support for Analytics references in Detection Strategies

[fukusuket]

Thank you for maintaining misp-galaxy :)

I added an Analytics reference to Detection Strategy Galaxy. I would appreciate your candid feedback.
Thank you for your time.

https://attack.mitre.org/detectionstrategies/DET0210/

[fukusuket]

[fukusuket]

Is analyzes appropriate as the verb to use for the relation? I wasn’t sure what the most suitable verb would be here, so I would appreciate your advice.

[adulau]

Thanks, that’s a good question. We might need a new relationship such as composed-of, but I’m not sure what the best option is. It seems that Analytics is more of a composition of elements, while the log source could be linked with detected-by.

We could also introduce new relationships to achieve a better fit.

https://www.misp-project.org/objects.html#_relationships

[fukusuket]

@adulau
Thank you for the quick feedback!

I like the idea of using the predicate composed-of. I’ve gone ahead and updated analyzes to composed-of.
Adding a relation detected-by for the log source makes a lot of sense, too. I’ll definitely implement that in my next pull request!

Also, I wasn't aware of the MISP Object relationships — thanks for sharing that!
One quick question: how will it look once it's defined in the Object? Will it be automatically reflected in the Galaxy relation graph as well?

[fukusuket]