spec_version="2.1")),
),
],
)
class SimpleObservable:
pass
@CustomObject(
"x-opencti-incident",
[
("name", properties.StringProperty(required=True)),
("description", properties.StringProperty()),
("aliases",
properties.ListProperty(contained=properties.StringProperty())),
("first_seen", properties.TimestampProperty()),
("last_seen", properties.TimestampProperty()),
("objective", properties.StringProperty()),
(
"created_by_ref",
properties.ReferenceProperty(valid_types="identity",
spec_version="2.1"),
),
("labels", properties.ListProperty(properties.StringProperty)),
("external_references", properties.ListProperty(ExternalReference)),
(
"object_marking_refs",
properties.ListProperty(
properties.ReferenceProperty(valid_types="marking-definition",
spec_version="2.1")),
),
import re
from stix2 import CustomObject, properties, KillChainPhase
from yeti.core.errors import ValidationError
from .indicator_base import Indicator
@CustomObject('x-regex',
[('labels', properties.StringProperty(required=True)),
('name', properties.StringProperty()),
('description', properties.StringProperty()),
('pattern', properties.StringProperty(required=True)),
('valid_from', properties.TimestampProperty(required=True)),
('valid_until', properties.TimestampProperty()),
('kill_chain_phases', properties.ListProperty(KillChainPhase))])
class StixRegex():
def __init__(self, pattern=None, **_):
try:
re.compile(pattern)
except re.error as e:
raise ValidationError('{0:s} is not a valid regular expression:'
' {1:s}'.format(pattern, str(e)))
class Regex(Indicator):
"""STIX Indicator Yeti object.
Extends the Indicator STIX2 definition.
"""