def add_analyst_item(analyst_item, incident):
insrc = InformationSource()
analyst_identity = CIQIdentity3_0Instance()
identity_spec = STIXCIQIdentity3_0()
analyst_identity.specification = identity_spec
if analyst_item:
partyName = PartyName()
partyName.add_name_line(analyst_item)
identity_spec.party_name = partyName
insrc.identity = analyst_identity
incident.reporter = insrc
def add_victim_item(victim_item, incident):
global targets_item
victim_identity = CIQIdentity3_0Instance()
identity_spec = STIXCIQIdentity3_0()
victim_identity.specification = identity_spec
if targets_item:
for item in targets_item:
victim_identity.add_role(item)
country_item = victim_item.get('country')
if not country_item:
error("Required 'country' item is missing in 'victim' item")
else:
for c in country_item:
address = Address()
address.country = Country()
address.country.add_name_element(c)
state_item = victim_item.get('state')
if state_item:
address.administrative_area = AdministrativeArea()
address.administrative_area.add_name_element(state_item)
identity_spec.add_address(address)
# no organisationInfo details - https://github.com/STIXProject/python-stix/issues/108
if victim_item.get("employee_count"):
warn("'victim/employee_count' item not handled, yet")
if victim_item.get("industry"):
warn("'victim/industry' item not handled, yet")
if victim_item.get("revenue"):
warn("'victim/revenue' item not handled, yet")
victim_id_item = victim_item.get('victim_id')
if victim_id_item:
partyName = PartyName()
# id might be inappropriate for name
partyName.add_name_line(victim_id_item)
identity_spec.party_name = partyName
incident.add_victim(victim_identity)
