def resolve_pattern_observable(indicator, attribute): if attribute.type == "pattern-in-file": byte_run = ByteRun() byte_run.byte_run_data = attribute.value new_object = File() new_object.byte_runs = ByteRuns(byte_run) return new_object return None
def resolvePatternObservable(indicator, attribute): new_object = None if attribute["type"] == "pattern-in-file": byte_run = ByteRun() byte_run.byte_run_data = attribute["value"] new_object = File() new_object.byte_runs = ByteRuns(byte_run) # custom properties are not implemented in the API yet # elif attribute["type"] == "pattern-in-memory": # elif attribute["type"] == "pattern-in-traffic": return new_object
def resolvePatternObservable(attribute): new_object = None if attribute["type"] == "pattern-in-file": byte_run = ByteRun() byte_run.byte_run_data = attribute["value"] new_object = File() new_object.byte_runs = ByteRuns(byte_run) # custom properties are not implemented in the API yet # elif attribute["type"] == "pattern-in-memory": # elif attribute["type"] == "pattern-in-traffic": return new_object