def _generate_stix_bundle(self, country, city, loc, observable_id):
# Generate stix bundle
country_location = Location(
id=OpenCTIStix2Utils.generate_random_stix_id("location"),
name=country.name,
country=country.official_name
if hasattr(country, "official_name") else country.name,
custom_properties={
"x_opencti_location_type":
"Country",
"x_opencti_aliases": [
country.official_name
if hasattr(country, "official_name") else country.name
],
},
)
loc_split = loc.split(",")
city_location = Location(
id=OpenCTIStix2Utils.generate_random_stix_id("location"),
name=city,
country=country.official_name
if hasattr(country, "official_name") else country.name,
latitude=loc_split[0],
longitude=loc_split[1],
custom_properties={"x_opencti_location_type": "City"},
)
city_to_country = Relationship(
id=OpenCTIStix2Utils.generate_random_stix_id("relationship"),
relationship_type="located-at",
source_ref=city_location.id,
target_ref=country_location.id,
)
observable_to_city = Relationship(
id=OpenCTIStix2Utils.generate_random_stix_id("relationship"),
relationship_type="located-at",
source_ref=observable_id,
target_ref=city_location.id,
confidence=self.helper.connect_confidence_level,
)
return Bundle(
objects=[
country_location,
city_location,
city_to_country,
observable_to_city,
],
allow_custom=True,
).serialize()
def create_country(name: str, created_by: Identity) -> Location:
"""Create a country."""
return Location(
id=_create_random_identifier("location"),
created_by_ref=created_by,
name=name,
country="ZZ", # TODO: Country code is required by STIX2!
custom_properties={X_OPENCTI_LOCATION_TYPE: LocationTypes.COUNTRY.value},
)
def create_region(entity: Entity, author: Identity) -> Identity:
"""Create a region"""
custom_properties: Dict[str, Any] = {"x_opencti_location_type": "Region"}
return Location(
created_by_ref=author,
name=entity.value,
region=entity.value,
custom_properties=custom_properties,
)
def _generate_stix_bundle(self, country, city, observable_id):
# Generate stix bundle
country_identity = Location(
name=country.name,
country=country.official_name
if hasattr(country, "official_name") else country.name,
custom_properties={
"x_opencti_location_type":
"Country",
"x_opencti_aliases": [
country.official_name
if hasattr(country, "official_name") else country.name
],
},
)
city_identity = Location(
name=city,
country=country.official_name
if hasattr(country, "official_name") else country.name,
custom_properties={"x_opencti_location_type": "city"},
)
city_to_country = Relationship(
relationship_type="located-at",
source_ref=city_identity.id,
target_ref=country_identity.id,
)
observable_to_city = Relationship(
relationship_type="located-at",
source_ref=observable_id,
target_ref=city_identity.id,
confidence=self.helper.connect_confidence_level,
)
return Bundle(objects=[
country_identity,
city_identity,
city_to_country,
observable_to_city,
]).serialize()
def create_location(
name: str,
created_by: Optional[Identity] = None,
region: Optional[str] = None,
country: Optional[str] = None,
custom_properties: Optional[Mapping[str, Any]] = None,
) -> Location:
"""Create a location."""
if custom_properties is None:
custom_properties = {}
return Location(
id=_create_random_identifier("location"),
created_by_ref=created_by,
name=name,
region=region,
country=country,
custom_properties=custom_properties,
)
country = row[6]
country_code = row[7]
country_code2 = row[8]
country_lat = row[9]
country_lng = row[10]
regionlat = row[11]
regionlng = row[12]
subregionlat = row[13]
subregionlng = row[14]
if region:
if region not in regions:
stix_region = Location(
id='location--' + id_region,
name=region,
region=region,
latitude=float(regionlat) if len(regionlat) > 0 else None,
longitude=float(regionlng) if len(regionlng) > 0 else None,
created_by_ref=anssi,
object_marking_refs=[TLP_WHITE],
custom_properties={'x_opencti_location_type': 'Region'})
regions[region] = stix_region
bundle_objects.append(stix_region)
if subregion:
if subregion not in subregions:
stix_subregion = Location(
id='location--' + id_subregion,
name=subregion,
region=subregion,
latitude=float(subregionlat)
if len(subregionlat) > 0 else None,
longitude=float(subregionlng)
