def create_discovery_method_env_var(self,name=None,value=None):
envvar = EnvironmentVariable()
envvar.name = String(name)
envvar.value = String(value)
return envvar
def convert_process_c_o(process20, process1x, obs20_id):
convert_obj(process20, process1x, PROCESS_MAP, obs20_id)
if "cwd" in process20:
if not process1x.image_info:
process1x.image_info = ImageInfo()
process1x.image_info.current_directory = process20["cwd"]
if "arguments" in process20:
process1x.argument_list = ArgumentList()
for a in process20["arguments"]:
process1x.argument_list.append(a)
if "command_line" in process20:
if not process1x.image_info:
process1x.image_info = ImageInfo()
process1x.image_info.command_line = process20["command_line"]
if "environment_variables" in process20:
process1x.environment_variable_list = EnvironmentVariableList()
for k, v in process20["environment_variables"].items():
ev = EnvironmentVariable()
process1x.environment_variable_list.append(ev)
ev.name = k
ev.value = v
if "opened_connection_refs" in process20:
process1x.network_connection_list = NetworkConnectionList()
for conn_ref in process20["opened_connection_refs"]:
if conn_ref in _STIX1X_OBJS:
process1x.network_connection_list.append(
_STIX1X_OBJS[conn_ref])
else:
warn("%s is not an index found in %s", 306, conn_ref, obs20_id)
if "creator_user_ref" in process20:
if process20["creator_user_ref"] in _STIX1X_OBJS:
account_object = _STIX1X_OBJS[process20["creator_user_ref"]]
if "account_login" in account_object:
process1x.username = account_object.username
else:
warn("%s is not an index found in %s", 306,
process20["creator_user_ref"], obs20_id)
if "binary_ref" in process20:
if process20["binary_ref"] in _STIX1X_OBJS:
file_obj = _STIX1X_OBJS[process20["binary_ref"]]
if file_obj.file_name:
if not process1x.image_info:
process1x.image_info = ImageInfo()
process1x.image_info.file_name = file_obj.file_name
# TODO: file_obj.full_path
if file_obj.hashes:
warn(
"Hashes of the binary_ref of %s process cannot be represented in the STIX 1.x Process object",
517, obs20_id)
else:
warn(
"No file name provided for binary_ref of %s, therefore it cannot be represented in the STIX 1.x Process object",
516, obs20_id)
else:
warn("%s is not an index found in %s", 306,
process20["binary_ref"], obs20_id)
if "parent_ref" in process20:
if process20["parent_ref"] in _STIX1X_OBJS:
process_object = _STIX1X_OBJS[process20["parent_ref"]]
if "pid" in process_object:
process1x.parent_pid = process_object.pid
else:
warn("%s is not an index found in %s", 306,
process20["parent_ref"], obs20_id)
if "child_refs" in process20:
process1x.child_pid_list = ChildPIDList()
for cr in process20["child_refs"]:
process_object = _STIX1X_OBJS[cr]
if "pid" in process_object:
process1x.child_pid_list.append(process_object.pid)
if "extensions" in process20:
convert_process_extensions(process20, process1x, obs20_id)
def createanalysisenvironmentsystemEnvVar(self,name=None,value=None):
envvar = EnvironmentVariable()
envvar.name = String(name)
envvar.value = String(value)
return envvar
