main/Domain Stats/100080-alienvault.xml

<group name="alienvault,">
<rule id="100080" level="12">
  <decoded_as>json</decoded_as>
  <field name="sections">\.+</field>
  <field name="type">\.+</field>
  <description>AlienVault OTX -Indicator(s) Found</description>
  <mitre>
   <id>T1036</id>
  </mitre>
  <options>no_full_log</options>
  <group>otx_ioc,</group>
</rule>
</group>