COSSAS · MaartendeKruijf · May 7, 2026 · May 7, 2026 · May 7, 2026
diff --git a/extensions/soarca-assignment/expression/expression.json b/extensions/soarca-assignment/expression/expression.json
@@ -0,0 +1,28 @@
+{
+    "$id": "https://raw.githubusercontent.com/COSSAS/SOARCA/refs/heads/development/extensions/soarca-assignment/expression/expression.json",
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "title": "expression",
+    "description": "The expression is the part of the extension to manipulate the raw output of steps. Multiple engines can be selected.",
+    "type": "object",
+    "properties": {
+        "type": {
+            "type": "string",
+            "enum": [
+                "regex",
+                "jq",
+                "awk",
+                "sed",
+                "grep"
+            ],
+            "description": "The engine string that needs to be used with the expression"
+        },
+        "expression": {
+            "type": "string",
+            "description": "The verbatim expression to be used by SOARCA."
+        }
+    },
+    "required": [
+        "type",
+        "expression"
+    ]
+}
diff --git a/extensions/soarca-assignment/readme.md b/extensions/soarca-assignment/readme.md
@@ -0,0 +1,3 @@
+# SOARCA assignment extension
+
+This is the definition of the SOARCA assignment extension. This extension is used by SOARCA to allow for variable assignment based on step results. All SOARCA action steps have defined results. These defined results can be mapped into specific variables. To allow these variables to be useful the results can be processed by a expression engine. Currently SOARCA supports jq and regex.
diff --git a/extensions/soarca-assignment/soarca-variable-assgnment-extension.json b/extensions/soarca-assignment/soarca-variable-assgnment-extension.json
@@ -0,0 +1,33 @@
+{
+    "$id": "https://raw.githubusercontent.com/COSSAS/SOARCA/refs/heads/development/extensions/soarca-assignment/soarca-variable-assgnment-extension.json",
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "title": "soarca-assignment",
+    "description": "This extension is used by SOARCA to allow for variable assignment based on step results. All SOARCA action steps have defined results. These defined results can be mapped into specific variables. To allow these variables to be useful the results can be processed by a expression engine. Currently SOARCA supports jq and regex.",
+    "type": "object",
+    "properties": {
+        "type": {
+            "type": "string",
+            "enum": [
+                "soarca-assignment"
+            ],
+            "description": "The value of this property MUST be layout."
+        },
+        "step-result": {
+            "type": "string",
+            "description": "The step result from SOARCA that needs to passed to the regex and/or variable. This must be populated when the assignment is used."
+        },
+        "variable": {
+            "type": "string",
+            "description": "The variable name denoted like __YOUR_VAR_NAME__ to put the output into. This must be populated when the assignment is used."
+        },
+        "expression": {
+            "$ref": "./expression/expression.json",
+            "description": "The regular expression applied to the result before it's mapped into the variable. The expression is optional when the assignment is used."
+        }
+    },
+    "required": [
+        "type",
+        "step-result",
+        "variable"
+    ]
+}
diff --git a/pkg/models/validator/schemas/soarca-variable-assignment-extension/expression/expression.json b/pkg/models/validator/schemas/soarca-variable-assignment-extension/expression/expression.json
@@ -0,0 +1,28 @@
+{
+    "$id": "https://raw.githubusercontent.com/COSSAS/SOARCA/refs/heads/development/pkg/models/validator/schemas/soarca-variable-assignment-extension/expression/expression.json",
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "title": "expression",
+    "description": "The expression is the part of the extension to manipulate the raw output of steps. Multiple engines can be selected.",
+    "type": "object",
+    "properties": {
+        "type": {
+            "type": "string",
+            "enum": [
+                "regex",
+                "jq",
+                "awk",
+                "sed",
+                "grep"
+            ],
+            "description": "The engine string that needs to be used with the expression"
+        },
+        "expression": {
+            "type": "string",
+            "description": "The verbatim expression to be used by SOARCA."
+        }
+    },
+    "required": [
+        "type",
+        "expression"
+    ]
+}
diff --git a/...tor/schemas/soarca-variable-assignment-extension/soarca-variable-assgnment-extension.json b/...tor/schemas/soarca-variable-assignment-extension/soarca-variable-assgnment-extension.json
@@ -0,0 +1,33 @@
+{
+    "$id": "https://raw.githubusercontent.com/COSSAS/SOARCA/refs/heads/development/pkg/models/validator/schemas/soarca-variable-assignment-extension/soarca-variable-assgnment-extension.json",
+    "$schema": "http://json-schema.org/draft-07/schema#",
+    "title": "soarca-assignment",
+    "description": "This extension is used by SOARCA to allow for variable assignment based on step results. All SOARCA action steps have defined results. These defined results can be mapped into specific variables. To allow these variables to be useful the results can be processed by a expression engine. Currently SOARCA supports jq and regex.",
+    "type": "object",
+    "properties": {
+        "type": {
+            "type": "string",
+            "enum": [
+                "soarca-assignment"
+            ],
+            "description": "The value of this property MUST be layout."
+        },
+        "step-result": {
+            "type": "string",
+            "description": "The step result from SOARCA that needs to passed to the regex and/or variable. This must be populated when the assignment is used."
+        },
+        "variable": {
+            "type": "string",
+            "description": "The variable name denoted like __YOUR_VAR_NAME__ to put the output into. This must be populated when the assignment is used."
+        },
+        "expression": {
+            "$ref": "./expression/expression.json",
+            "description": "The regular expression applied to the result before it's mapped into the variable. The expression is optional when the assignment is used."
+        }
+    },
+    "required": [
+        "type",
+        "step-result",
+        "variable"
+    ]
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# SOARCA assignment extension

		This is the definition of the SOARCA assignment extension. This extension is used by SOARCA to allow for variable assignment based on step results. All SOARCA action steps have defined results. These defined results can be mapped into specific variables. To allow these variables to be useful the results can be processed by a expression engine. Currently SOARCA supports jq and regex.