{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://api-evangelist.github.io/greynoise/json-schema/greynoise-cve-exploitation-activity-schema.json",
  "title": "CVEExploitationActivity",
  "type": "object",
  "properties": {
    "activity_seen": {
      "type": "boolean",
      "description": "Whether exploitation activity has been observed.",
      "example": true
    },
    "benign_ip_count_1d": {
      "type": "integer",
      "description": "The count of benign IPs in the last day.",
      "example": 100
    },
    "benign_ip_count_10d": {
      "type": "integer",
      "description": "The count of benign IPs in the last 10 days.",
      "example": 500
    },
    "benign_ip_count_30d": {
      "type": "integer",
      "description": "The count of benign IPs in the last 30 days.",
      "example": 1000
    },
    "threat_ip_count_1d": {
      "type": "integer",
      "description": "The count of threat IPs in the last day.",
      "example": 10
    },
    "threat_ip_count_10d": {
      "type": "integer",
      "description": "The count of threat IPs in the last 10 days.",
      "example": 50
    },
    "threat_ip_count_30d": {
      "type": "integer",
      "description": "The count of threat IPs in the last 30 days.",
      "example": 100
    }
  }
}