Python buildAttribute Exemples

Langage de programmation: Python

Espace de nommage/Pack: misp_stix_converter.converters.buildSTIXAttribute

Méthode/Fonction: buildAttribute

Exemples au hotexamples.com: 2

Python buildAttribute - 2 exemples trouvés. Ce sont les exemples réels les mieux notés de misp_stix_converter.converters.buildSTIXAttribute.buildAttribute extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Exemple #1

0

Afficher le fichier

def MISPtoSTIX(mispJSON): """ Function to convert from a MISP JSON to a STIX stix :param mispJSON: A dict (json) containing a misp Event. :returns stix: A STIX stix with as much of the original data as we could convert. """ if isinstance(mispJSON, mispevent.MISPEvent): misp_event = mispJSON else: misp_event = mispevent.MISPEvent() misp_event.load(mispJSON) # We should now have a proper MISP JSON loaded. # Create a base stix stix = STIXPackage() # Create a header for the new stix stix.stix_header = STIXHeader() # Try to use the event title as the stix title stix.stix_header.title = misp_event.info # We're going to store our observables inside an indicator indicator = Indicator() # Go through each attribute and transfer what we can. for one_attrib in misp_event.attributes: # Build an attribute from the JSON. Is all nice. buildSTIXAttribute.buildAttribute(one_attrib, stix, indicator) stix.add_indicator(indicator) return stix

Exemple #2

0

Afficher le fichier

def MISPtoSTIX(mispJSON): """ Function to convert from a MISP JSON to a STIX stix :param mispJSON: A dict (json) containing a misp Event. :returns stix: A STIX stix with as much of the original data as we could convert. """ if isinstance(mispJSON, mispevent.MISPEvent): misp_event = mispJSON else: misp_event = mispevent.MISPEvent() misp_event.load(mispJSON) # We should now have a proper MISP JSON loaded. # Create a base stix stix = STIXPackage() try: stix.MISPID = mispJSON["Event"]["id"] except Exception: # We don't have an ID? # Generate a random number and use that stix.MISPID = random.randint(1, 9000) # it's being silly # backup the ID backupID = stix.MISPID # Create a header for the new stix stix.stix_header = STIXHeader() # Try to use the event title as the stix title stix.stix_header.title = misp_event.info # Go through each attribute and transfer what we can. for one_attrib in misp_event.attributes: # We're going to store our observables inside an indicator # One for each attribute because @iglocska said so # I swear STIX is gonna be the death of me. indicator = Indicator() # Build an attribute from the JSON. Is all nice. buildSTIXAttribute.buildAttribute(one_attrib, stix, indicator) stix.add_indicator(indicator) stix.MISPID = backupID return stix