def setDates(incident, date, published):
timestamp=getDateFromTimestamp(published)
incident.timestamp=timestamp
incident_time = Time()
incident_time.incident_discovery = convertToStixDate(date)
incident_time.incident_reported = timestamp
incident.time = incident_time
def setDates(incident, date, published):
timestamp = getDateFromTimestamp(published)
incident.timestamp = timestamp
incident_time = Time()
incident_time.incident_discovery = convertToStixDate(date)
incident_time.incident_reported = timestamp
incident.time = incident_time
from stix.coa import CourseOfAction
fake = Faker()
# Basics
incident = Incident(title='We got hacked')
incident.description = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit.'
# Dates/Times
t1 = '2018-08-23T14:00:05.470947+00:00'
t2 = '2018-08-22T14:00:05.470947+00:00'
t3 = '2018-08-24T14:00:05.470947+00:00'
t = Time()
t.incident_opened = t1
t.incident_discovery = t1
t.incident_reported = t1
t.first_malicious_action = t2
t.initial_compromise = t2
t.first_data_exfiltration = t2
t.containment_achieved = t3
t.restoration_achieved = t3
t.incident_closed = t3
incident.time = t
# Additional Attributes
incident.add_category('Unauthorized Access')
incident.add_intended_effect('Destruction')
incident.confidence = 'High'
incident.add_discovery_method('NIDS')
# People
