def buildCampaign(input_dict): campaign = Campaign() campaign.title = input_dict['title'] campaign.description = input_dict['description'] if input_dict['intendedEffect']: campaign.add_intended_effect(input_dict['intendedEffect']) if input_dict['names']: campaign.names = Names(input_dict['names']) if input_dict['status']: campaign.status = input_dict['status'] if input_dict['confidence']: campaign.confidence = Confidence(input_dict['confidence']) if input_dict['informationSource']: campaign.information_source = InformationSource(input_dict['informationSource']) return campaign
from stix.common import CampaignRef # Basics campaign = Campaign(title='Compromise Machines') campaign.description = 'Vestibulum id ligula porta felis euismod semper. Cras mattis consectetur purus sit amet fermentum.' campaign.short_description = 'Mattis Ipsum Ultricies Quam Malesuada' # Attributes names = Names() names.name = ['Operation Sparky', 'Operation Dingo'] campaign.names = names activity = Activity() activity.description = 'Foo' campaign.add_activity(activity) campaign.add_intended_effect(IntendedEffect('Extortion')) campaign.status = CampaignStatus('Ongoing') campaign.confidence = HighMediumLow('Medium') # Related TTP (basic; by id) ttp = TTP(title="Malware Variant XYZ") related_ttp = RelatedTTP(TTP(idref=ttp.id_)) campaign.related_ttps.append(related_ttp) # Related Incident (basic; by id) incident = Incident(title='We got hacked') t = Time() t.incident_opened = '2018-09-11' incident.time = t related_incident = RelatedIncident(Incident(idref=incident.id_)) campaign.related_incidents.append(related_incident)