def _create_report(self, object_refs: List[STIXDomainObject]) -> Report:
external_references = []
for reference in self.pulse.references:
if not reference:
continue
external_reference = create_external_reference(
self.source_name, reference)
external_references.append(external_reference)
tags = []
for pulse_tag in self.pulse.tags:
tag = create_tag(self.source_name, pulse_tag,
"#" + "%06x" % random.randint(0, 0xFFFFFF))
tags.append(tag)
return Report(
created_by_ref=self.author,
name=self.pulse.name,
description=self.pulse.description,
published=self.pulse.created,
object_refs=object_refs,
labels=["threat-report"],
external_references=external_references,
object_marking_refs=self.object_marking_refs,
custom_properties={
CustomProperties.REPORT_CLASS: self.report_type,
CustomProperties.OBJECT_STATUS: self.report_status,
CustomProperties.SRC_CONF_LEVEL: self.confidence_level,
CustomProperties.TAG_TYPE: tags,
},
)
def _create_external_reference(
self,
url: str,
external_id: Optional[str] = None) -> ExternalReference:
return create_external_reference(self.source_name,
url,
external_id=external_id)
def _create_report_external_references(self) -> List[ExternalReference]:
external_references = [self._create_pulse_external_reference()]
for reference in self.pulse.references:
if not reference:
continue
external_reference = create_external_reference(self.source_name, reference)
external_references.append(external_reference)
return external_references
def _create_pulse_external_reference(self) -> ExternalReference:
pulse_id = self.pulse.id
pulse_url = self.pulse.url
return create_external_reference(self.source_name, pulse_url, pulse_id)