pycti 5.11.13__tar.gz → 5.12.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pycti might be problematic. Click here for more details.
- {pycti-5.11.13 → pycti-5.12.0}/PKG-INFO +6 -6
- {pycti-5.11.13 → pycti-5.12.0}/pycti/__init__.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/api/opencti_api_work.py +6 -4
- {pycti-5.11.13 → pycti-5.12.0}/pycti/connector/opencti_connector_helper.py +6 -5
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_attack_pattern.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_campaign.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_case_incident.py +24 -5
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_case_rfi.py +26 -5
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_case_rft.py +26 -5
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_channel.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_course_of_action.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_data_component.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_data_source.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_event.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_external_reference.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_feedback.py +9 -5
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_grouping.py +9 -5
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_identity.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_incident.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_indicator.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_infrastructure.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_intrusion_set.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_kill_chain_phase.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_label.py +8 -2
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_language.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_location.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_malware.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_malware_analysis.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_marking_definition.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_narrative.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_note.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_observed_data.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_opinion.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_report.py +9 -5
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_stix_core_object.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_stix_core_relationship.py +7 -3
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_stix_cyber_observable.py +15 -3
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_stix_domain_object.py +26 -6
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_stix_nested_ref_relationship.py +2 -2
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_stix_sighting_relationship.py +2 -2
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_task.py +9 -5
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_threat_actor.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_threat_actor_group.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_threat_actor_individual.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_tool.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_vocabulary.py +8 -2
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_vulnerability.py +1 -1
- {pycti-5.11.13 → pycti-5.12.0}/pycti/utils/opencti_stix2.py +52 -26
- {pycti-5.11.13 → pycti-5.12.0}/pycti.egg-info/PKG-INFO +6 -6
- {pycti-5.11.13 → pycti-5.12.0}/pycti.egg-info/requires.txt +5 -5
- {pycti-5.11.13 → pycti-5.12.0}/setup.cfg +5 -5
- {pycti-5.11.13 → pycti-5.12.0}/LICENSE +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/README.md +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/api/__init__.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/api/opencti_api_client.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/api/opencti_api_connector.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/api/opencti_api_playbook.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/connector/__init__.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/connector/opencti_connector.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/connector/opencti_metric_handler.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/__init__.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_stix.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/entities/opencti_stix_object_or_stix_relationship.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/utils/__init__.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/utils/constants.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/utils/opencti_stix2_splitter.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/utils/opencti_stix2_update.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti/utils/opencti_stix2_utils.py +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti.egg-info/SOURCES.txt +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti.egg-info/dependency_links.txt +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pycti.egg-info/top_level.txt +0 -0
- {pycti-5.11.13 → pycti-5.12.0}/pyproject.toml +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: pycti
|
|
3
|
-
Version: 5.
|
|
3
|
+
Version: 5.12.0
|
|
4
4
|
Summary: Python API client for OpenCTI.
|
|
5
5
|
Home-page: https://github.com/OpenCTI-Platform/client-python
|
|
6
6
|
Author: Filigran
|
|
@@ -24,12 +24,12 @@ License-File: LICENSE
|
|
|
24
24
|
Requires-Dist: datefinder~=0.7.3
|
|
25
25
|
Requires-Dist: pika~=1.3.1
|
|
26
26
|
Requires-Dist: python-magic~=0.4.27; sys_platform == "linux" or sys_platform == "darwin"
|
|
27
|
-
Requires-Dist: prometheus-client~=0.
|
|
27
|
+
Requires-Dist: prometheus-client~=0.19.0
|
|
28
28
|
Requires-Dist: python-magic-bin~=0.4.14; sys_platform == "win32"
|
|
29
29
|
Requires-Dist: python_json_logger~=2.0.4
|
|
30
30
|
Requires-Dist: pyyaml~=6.0
|
|
31
31
|
Requires-Dist: requests~=2.31.0
|
|
32
|
-
Requires-Dist: setuptools~=
|
|
32
|
+
Requires-Dist: setuptools~=69.0.2
|
|
33
33
|
Requires-Dist: filigran-sseclient~=1.0.0
|
|
34
34
|
Requires-Dist: stix2~=3.0.1
|
|
35
35
|
Requires-Dist: cachetools~=5.3.0
|
|
@@ -44,11 +44,11 @@ Requires-Dist: pytest-cov~=4.1.0; extra == "dev"
|
|
|
44
44
|
Requires-Dist: pytest_randomly~=3.15.0; extra == "dev"
|
|
45
45
|
Requires-Dist: pytest~=7.4.0; extra == "dev"
|
|
46
46
|
Requires-Dist: types-python-dateutil~=2.8.19; extra == "dev"
|
|
47
|
-
Requires-Dist: wheel~=0.
|
|
47
|
+
Requires-Dist: wheel~=0.42.0; extra == "dev"
|
|
48
48
|
Provides-Extra: doc
|
|
49
49
|
Requires-Dist: autoapi~=2.0.1; extra == "doc"
|
|
50
|
-
Requires-Dist: sphinx-autodoc-typehints~=1.
|
|
51
|
-
Requires-Dist: sphinx-rtd-theme~=
|
|
50
|
+
Requires-Dist: sphinx-autodoc-typehints~=1.25.2; extra == "doc"
|
|
51
|
+
Requires-Dist: sphinx-rtd-theme~=2.0.0; extra == "doc"
|
|
52
52
|
|
|
53
53
|
# OpenCTI client for Python
|
|
54
54
|
|
|
@@ -161,7 +161,7 @@ class OpenCTIApiWork:
|
|
|
161
161
|
$count: Int
|
|
162
162
|
$orderBy: WorksOrdering
|
|
163
163
|
$orderMode: OrderingMode
|
|
164
|
-
$filters:
|
|
164
|
+
$filters: FilterGroup
|
|
165
165
|
) {
|
|
166
166
|
works(
|
|
167
167
|
first: $count
|
|
@@ -207,9 +207,11 @@ class OpenCTIApiWork:
|
|
|
207
207
|
query,
|
|
208
208
|
{
|
|
209
209
|
"count": 50,
|
|
210
|
-
"filters":
|
|
211
|
-
|
|
212
|
-
|
|
210
|
+
"filters": {
|
|
211
|
+
"mode": "and",
|
|
212
|
+
"filters": [{"key": "connector_id", "values": [connector_id]}],
|
|
213
|
+
"filterGroups": [],
|
|
214
|
+
},
|
|
213
215
|
},
|
|
214
216
|
)
|
|
215
217
|
result = result["data"]["works"]["edges"]
|
|
@@ -315,14 +315,17 @@ class ListenQueue(threading.Thread):
|
|
|
315
315
|
self.channel.start_consuming()
|
|
316
316
|
except (KeyboardInterrupt, SystemExit):
|
|
317
317
|
self.channel.stop_consuming()
|
|
318
|
+
self.pika_connection.close()
|
|
318
319
|
LOGGER.info("Connector stop")
|
|
319
320
|
sys.exit(0)
|
|
320
321
|
except Exception as err: # pylint: disable=broad-except
|
|
322
|
+
self.pika_connection.close()
|
|
321
323
|
LOGGER.error("%s", err)
|
|
322
|
-
|
|
324
|
+
sys.exit(1)
|
|
323
325
|
|
|
324
326
|
def stop(self):
|
|
325
327
|
self.exit_event.set()
|
|
328
|
+
self.pika_connection.close()
|
|
326
329
|
if self.thread:
|
|
327
330
|
self.thread.join()
|
|
328
331
|
|
|
@@ -433,7 +436,6 @@ class ListenStream(threading.Thread):
|
|
|
433
436
|
self.recover_iso_date = recover_iso_date
|
|
434
437
|
self.with_inferences = with_inferences
|
|
435
438
|
self.exit_event = threading.Event()
|
|
436
|
-
self.exit = False
|
|
437
439
|
|
|
438
440
|
def run(self) -> None: # pylint: disable=too-many-branches
|
|
439
441
|
try:
|
|
@@ -503,7 +505,7 @@ class ListenStream(threading.Thread):
|
|
|
503
505
|
)
|
|
504
506
|
# Iter on stream messages
|
|
505
507
|
for msg in messages:
|
|
506
|
-
if self.
|
|
508
|
+
if self.exit_event.is_set():
|
|
507
509
|
stream_alive.stop()
|
|
508
510
|
break
|
|
509
511
|
if msg.id is not None:
|
|
@@ -516,7 +518,7 @@ class ListenStream(threading.Thread):
|
|
|
516
518
|
# state can be None if reset from the UI
|
|
517
519
|
# In this case, default parameters will be used but SSE Client needs to be restarted
|
|
518
520
|
if state is None:
|
|
519
|
-
self.
|
|
521
|
+
self.exit_event.set()
|
|
520
522
|
else:
|
|
521
523
|
state["start_from"] = str(msg.id)
|
|
522
524
|
self.helper.set_state(state)
|
|
@@ -533,7 +535,6 @@ class ListenStream(threading.Thread):
|
|
|
533
535
|
sys.excepthook(*sys.exc_info())
|
|
534
536
|
|
|
535
537
|
def stop(self):
|
|
536
|
-
self.exit = True
|
|
537
538
|
self.exit_event.set()
|
|
538
539
|
|
|
539
540
|
|
|
@@ -292,7 +292,7 @@ class AttackPattern:
|
|
|
292
292
|
LOGGER.info("Listing Attack-Patterns with filters %s.", json.dumps(filters))
|
|
293
293
|
query = (
|
|
294
294
|
"""
|
|
295
|
-
query AttackPatterns($filters:
|
|
295
|
+
query AttackPatterns($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: AttackPatternsOrdering, $orderMode: OrderingMode) {
|
|
296
296
|
attackPatterns(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
297
297
|
edges {
|
|
298
298
|
node {
|
|
@@ -259,7 +259,7 @@ class Campaign:
|
|
|
259
259
|
LOGGER.info("Listing Campaigns with filters %s.", json.dumps(filters))
|
|
260
260
|
query = (
|
|
261
261
|
"""
|
|
262
|
-
query Campaigns($filters:
|
|
262
|
+
query Campaigns($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: CampaignsOrdering, $orderMode: OrderingMode) {
|
|
263
263
|
campaigns(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
264
264
|
edges {
|
|
265
265
|
node {
|
|
@@ -103,6 +103,21 @@ class CaseIncident:
|
|
|
103
103
|
severity
|
|
104
104
|
priority
|
|
105
105
|
response_types
|
|
106
|
+
tasks {
|
|
107
|
+
edges {
|
|
108
|
+
node {
|
|
109
|
+
name
|
|
110
|
+
description
|
|
111
|
+
due_date
|
|
112
|
+
status {
|
|
113
|
+
template {
|
|
114
|
+
name
|
|
115
|
+
color
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
}
|
|
106
121
|
objects(all: true) {
|
|
107
122
|
edges {
|
|
108
123
|
node {
|
|
@@ -487,7 +502,7 @@ class CaseIncident:
|
|
|
487
502
|
LOGGER.info("Listing Case Incidents with filters " + json.dumps(filters) + ".")
|
|
488
503
|
query = (
|
|
489
504
|
"""
|
|
490
|
-
query CaseIncidents($filters:
|
|
505
|
+
query CaseIncidents($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: CaseIncidentsOrdering, $orderMode: OrderingMode) {
|
|
491
506
|
caseIncidents(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
492
507
|
edges {
|
|
493
508
|
node {
|
|
@@ -607,10 +622,14 @@ class CaseIncident:
|
|
|
607
622
|
if object_result is None and name is not None and created is not None:
|
|
608
623
|
created_final = parse(created).strftime("%Y-%m-%d")
|
|
609
624
|
object_result = self.read(
|
|
610
|
-
filters=
|
|
611
|
-
|
|
612
|
-
|
|
613
|
-
|
|
625
|
+
filters={
|
|
626
|
+
"mode": "and",
|
|
627
|
+
"filters": [
|
|
628
|
+
{"key": "name", "values": [name]},
|
|
629
|
+
{"key": "created_day", "values": [created_final]},
|
|
630
|
+
],
|
|
631
|
+
"filterGroups": [],
|
|
632
|
+
},
|
|
614
633
|
customAttributes=custom_attributes,
|
|
615
634
|
)
|
|
616
635
|
return object_result
|
|
@@ -100,6 +100,23 @@ class CaseRfi:
|
|
|
100
100
|
name
|
|
101
101
|
description
|
|
102
102
|
information_types
|
|
103
|
+
severity
|
|
104
|
+
priority
|
|
105
|
+
tasks {
|
|
106
|
+
edges {
|
|
107
|
+
node {
|
|
108
|
+
name
|
|
109
|
+
description
|
|
110
|
+
due_date
|
|
111
|
+
status {
|
|
112
|
+
template {
|
|
113
|
+
name
|
|
114
|
+
color
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
}
|
|
103
120
|
objects(all: true) {
|
|
104
121
|
edges {
|
|
105
122
|
node {
|
|
@@ -484,7 +501,7 @@ class CaseRfi:
|
|
|
484
501
|
)
|
|
485
502
|
query = (
|
|
486
503
|
"""
|
|
487
|
-
query CaseRfis($filters:
|
|
504
|
+
query CaseRfis($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: CaseRfisOrdering, $orderMode: OrderingMode) {
|
|
488
505
|
caseRfis(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
489
506
|
edges {
|
|
490
507
|
node {
|
|
@@ -604,10 +621,14 @@ class CaseRfi:
|
|
|
604
621
|
if object_result is None and name is not None and created is not None:
|
|
605
622
|
created_final = parse(created).strftime("%Y-%m-%d")
|
|
606
623
|
object_result = self.read(
|
|
607
|
-
filters=
|
|
608
|
-
|
|
609
|
-
|
|
610
|
-
|
|
624
|
+
filters={
|
|
625
|
+
"mode": "and",
|
|
626
|
+
"filters": [
|
|
627
|
+
{"key": "name", "values": [name]},
|
|
628
|
+
{"key": "created_day", "values": [created_final]},
|
|
629
|
+
],
|
|
630
|
+
"filterGroups": [],
|
|
631
|
+
},
|
|
611
632
|
customAttributes=custom_attributes,
|
|
612
633
|
)
|
|
613
634
|
return object_result
|
|
@@ -100,6 +100,23 @@ class CaseRft:
|
|
|
100
100
|
name
|
|
101
101
|
description
|
|
102
102
|
takedown_types
|
|
103
|
+
severity
|
|
104
|
+
priority
|
|
105
|
+
tasks {
|
|
106
|
+
edges {
|
|
107
|
+
node {
|
|
108
|
+
name
|
|
109
|
+
description
|
|
110
|
+
due_date
|
|
111
|
+
status {
|
|
112
|
+
template {
|
|
113
|
+
name
|
|
114
|
+
color
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
}
|
|
103
120
|
objects(all: true) {
|
|
104
121
|
edges {
|
|
105
122
|
node {
|
|
@@ -480,7 +497,7 @@ class CaseRft:
|
|
|
480
497
|
LOGGER.info("Listing Case Rfts with filters " + json.dumps(filters) + ".")
|
|
481
498
|
query = (
|
|
482
499
|
"""
|
|
483
|
-
query CaseRfts($filters:
|
|
500
|
+
query CaseRfts($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: CaseRftsOrdering, $orderMode: OrderingMode) {
|
|
484
501
|
caseRfts(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
485
502
|
edges {
|
|
486
503
|
node {
|
|
@@ -600,10 +617,14 @@ class CaseRft:
|
|
|
600
617
|
if object_result is None and name is not None and created is not None:
|
|
601
618
|
created_final = parse(created).strftime("%Y-%m-%d")
|
|
602
619
|
object_result = self.read(
|
|
603
|
-
filters=
|
|
604
|
-
|
|
605
|
-
|
|
606
|
-
|
|
620
|
+
filters={
|
|
621
|
+
"mode": "and",
|
|
622
|
+
"filters": [
|
|
623
|
+
{"key": "name", "values": [name]},
|
|
624
|
+
{"key": "created_day", "values": [created_final]},
|
|
625
|
+
],
|
|
626
|
+
"filterGroups": [],
|
|
627
|
+
},
|
|
607
628
|
customAttributes=custom_attributes,
|
|
608
629
|
)
|
|
609
630
|
return object_result
|
|
@@ -255,7 +255,7 @@ class Channel:
|
|
|
255
255
|
LOGGER.info("Listing Channels with filters %s.", json.dumps(filters))
|
|
256
256
|
query = (
|
|
257
257
|
"""
|
|
258
|
-
query Channels($filters:
|
|
258
|
+
query Channels($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: ChannelsOrdering, $orderMode: OrderingMode) {
|
|
259
259
|
channels(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
260
260
|
edges {
|
|
261
261
|
node {
|
|
@@ -258,7 +258,7 @@ class CourseOfAction:
|
|
|
258
258
|
LOGGER.info("Listing Courses-Of-Action with filters %s.", json.dumps(filters))
|
|
259
259
|
query = (
|
|
260
260
|
"""
|
|
261
|
-
query CoursesOfAction($filters:
|
|
261
|
+
query CoursesOfAction($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: CoursesOfActionOrdering, $orderMode: OrderingMode) {
|
|
262
262
|
coursesOfAction(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
263
263
|
edges {
|
|
264
264
|
node {
|
|
@@ -289,7 +289,7 @@ class DataComponent:
|
|
|
289
289
|
LOGGER.info("Listing Data-Components with filters " + json.dumps(filters) + ".")
|
|
290
290
|
query = (
|
|
291
291
|
"""
|
|
292
|
-
query DataComponents($filters:
|
|
292
|
+
query DataComponents($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: DataComponentsOrdering, $orderMode: OrderingMode) {
|
|
293
293
|
dataComponents(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
294
294
|
edges {
|
|
295
295
|
node {
|
|
@@ -260,7 +260,7 @@ class DataSource:
|
|
|
260
260
|
)
|
|
261
261
|
query = (
|
|
262
262
|
"""
|
|
263
|
-
query DataSources($filters:
|
|
263
|
+
query DataSources($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: DataSourcesOrdering, $orderMode: OrderingMode) {
|
|
264
264
|
dataSources(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
265
265
|
edges {
|
|
266
266
|
node {
|
|
@@ -259,7 +259,7 @@ class Event:
|
|
|
259
259
|
LOGGER.info("Listing Events with filters %s", json.dumps(filters))
|
|
260
260
|
query = (
|
|
261
261
|
"""
|
|
262
|
-
query Events($filters:
|
|
262
|
+
query Events($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: EventsOrdering, $orderMode: OrderingMode) {
|
|
263
263
|
events(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
264
264
|
edges {
|
|
265
265
|
node {
|
|
@@ -95,7 +95,7 @@ class ExternalReference:
|
|
|
95
95
|
LOGGER.info("Listing External-Reference with filters %s.", json.dumps(filters))
|
|
96
96
|
query = (
|
|
97
97
|
"""
|
|
98
|
-
query ExternalReferences($filters:
|
|
98
|
+
query ExternalReferences($filters: FilterGroup, $first: Int, $after: ID, $orderBy: ExternalReferencesOrdering, $orderMode: OrderingMode) {
|
|
99
99
|
externalReferences(filters: $filters, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
100
100
|
edges {
|
|
101
101
|
node {
|
|
@@ -475,7 +475,7 @@ class Feedback:
|
|
|
475
475
|
)
|
|
476
476
|
query = (
|
|
477
477
|
"""
|
|
478
|
-
query Feedbacks($filters:
|
|
478
|
+
query Feedbacks($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: FeedbacksOrdering, $orderMode: OrderingMode) {
|
|
479
479
|
feedbacks(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
480
480
|
edges {
|
|
481
481
|
node {
|
|
@@ -597,10 +597,14 @@ class Feedback:
|
|
|
597
597
|
if object_result is None and name is not None and created is not None:
|
|
598
598
|
created_final = parse(created).strftime("%Y-%m-%d")
|
|
599
599
|
object_result = self.read(
|
|
600
|
-
filters=
|
|
601
|
-
|
|
602
|
-
|
|
603
|
-
|
|
600
|
+
filters={
|
|
601
|
+
"mode": "and",
|
|
602
|
+
"filters": [
|
|
603
|
+
{"key": "name", "values": [name]},
|
|
604
|
+
{"key": "created_day", "values": [created_final]},
|
|
605
|
+
],
|
|
606
|
+
"filterGroups": [],
|
|
607
|
+
},
|
|
604
608
|
customAttributes=custom_attributes,
|
|
605
609
|
)
|
|
606
610
|
return object_result
|
|
@@ -446,7 +446,7 @@ class Grouping:
|
|
|
446
446
|
LOGGER.info("Listing Groupings with filters %s.", json.dumps(filters))
|
|
447
447
|
query = (
|
|
448
448
|
"""
|
|
449
|
-
query Groupings($filters:
|
|
449
|
+
query Groupings($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: GroupingsOrdering, $orderMode: OrderingMode) {
|
|
450
450
|
groupings(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
451
451
|
edges {
|
|
452
452
|
node {
|
|
@@ -565,10 +565,14 @@ class Grouping:
|
|
|
565
565
|
object_result = self.read(id=stix_id, customAttributes=custom_attributes)
|
|
566
566
|
if object_result is None and name is not None and context is not None:
|
|
567
567
|
object_result = self.read(
|
|
568
|
-
filters=
|
|
569
|
-
|
|
570
|
-
|
|
571
|
-
|
|
568
|
+
filters={
|
|
569
|
+
"mode": "and",
|
|
570
|
+
"filters": [
|
|
571
|
+
{"key": "name", "values": [name]},
|
|
572
|
+
{"key": "context", "values": [context]},
|
|
573
|
+
],
|
|
574
|
+
"filterGroups": [],
|
|
575
|
+
},
|
|
572
576
|
customAttributes=custom_attributes,
|
|
573
577
|
)
|
|
574
578
|
return object_result
|
|
@@ -276,7 +276,7 @@ class Identity:
|
|
|
276
276
|
LOGGER.info("Listing Identities with filters %s.", json.dumps(filters))
|
|
277
277
|
query = (
|
|
278
278
|
"""
|
|
279
|
-
query Identities($types: [String], $filters:
|
|
279
|
+
query Identities($types: [String], $filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: IdentitiesOrdering, $orderMode: OrderingMode) {
|
|
280
280
|
identities(types: $types, filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
281
281
|
edges {
|
|
282
282
|
node {
|
|
@@ -268,7 +268,7 @@ class Incident:
|
|
|
268
268
|
LOGGER.info("Listing Incidents with filters %s.", json.dumps(filters))
|
|
269
269
|
query = (
|
|
270
270
|
"""
|
|
271
|
-
query Incidents($filters:
|
|
271
|
+
query Incidents($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: IncidentsOrdering, $orderMode: OrderingMode) {
|
|
272
272
|
incidents(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
273
273
|
edges {
|
|
274
274
|
node {
|
|
@@ -338,7 +338,7 @@ class Indicator:
|
|
|
338
338
|
LOGGER.info("Listing Indicators with filters %s.", json.dumps(filters))
|
|
339
339
|
query = (
|
|
340
340
|
"""
|
|
341
|
-
query Indicators($filters:
|
|
341
|
+
query Indicators($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: IndicatorsOrdering, $orderMode: OrderingMode) {
|
|
342
342
|
indicators(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
343
343
|
edges {
|
|
344
344
|
node {
|
|
@@ -296,7 +296,7 @@ class Infrastructure:
|
|
|
296
296
|
LOGGER.info("Listing Infrastructures with filters %s.", json.dumps(filters))
|
|
297
297
|
query = (
|
|
298
298
|
"""
|
|
299
|
-
query Infrastructures($filters:
|
|
299
|
+
query Infrastructures($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: InfrastructuresOrdering, $orderMode: OrderingMode) {
|
|
300
300
|
infrastructures(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
301
301
|
edges {
|
|
302
302
|
node {
|
|
@@ -265,7 +265,7 @@ class IntrusionSet:
|
|
|
265
265
|
LOGGER.info("Listing Intrusion-Sets with filters %s.", json.dumps(filters))
|
|
266
266
|
query = (
|
|
267
267
|
"""
|
|
268
|
-
query IntrusionSets($filters:
|
|
268
|
+
query IntrusionSets($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: IntrusionSetsOrdering, $orderMode: OrderingMode) {
|
|
269
269
|
intrusionSets(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
270
270
|
edges {
|
|
271
271
|
node {
|
|
@@ -58,7 +58,7 @@ class KillChainPhase:
|
|
|
58
58
|
)
|
|
59
59
|
query = (
|
|
60
60
|
"""
|
|
61
|
-
query KillChainPhases($filters:
|
|
61
|
+
query KillChainPhases($filters: FilterGroup, $first: Int, $after: ID, $orderBy: KillChainPhasesOrdering, $orderMode: OrderingMode) {
|
|
62
62
|
killChainPhases(filters: $filters, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
63
63
|
edges {
|
|
64
64
|
node {
|
|
@@ -52,7 +52,7 @@ class Label:
|
|
|
52
52
|
LOGGER.info("Listing Labels with filters %s.", json.dumps(filters))
|
|
53
53
|
query = (
|
|
54
54
|
"""
|
|
55
|
-
query Labels($filters:
|
|
55
|
+
query Labels($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: LabelsOrdering, $orderMode: OrderingMode) {
|
|
56
56
|
labels(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
57
57
|
edges {
|
|
58
58
|
node {
|
|
@@ -197,7 +197,13 @@ class Label:
|
|
|
197
197
|
|
|
198
198
|
def read_or_create_unchecked(self, **kwargs):
|
|
199
199
|
value = kwargs.get("value", None)
|
|
200
|
-
label = self.read(
|
|
200
|
+
label = self.read(
|
|
201
|
+
filters={
|
|
202
|
+
"mode": "and",
|
|
203
|
+
"filters": [{"key": "value", "values": [value]}],
|
|
204
|
+
"filterGroups": [],
|
|
205
|
+
}
|
|
206
|
+
)
|
|
201
207
|
if label is None:
|
|
202
208
|
try:
|
|
203
209
|
return self.create(**kwargs)
|
|
@@ -277,7 +277,7 @@ class Language:
|
|
|
277
277
|
LOGGER.info("Listing Languages with filters %s.", json.dumps(filters))
|
|
278
278
|
query = (
|
|
279
279
|
"""
|
|
280
|
-
query Languages($filters:
|
|
280
|
+
query Languages($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: LanguagesOrdering, $orderMode: OrderingMode) {
|
|
281
281
|
languages(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
282
282
|
edges {
|
|
283
283
|
node {
|
|
@@ -264,7 +264,7 @@ class Location:
|
|
|
264
264
|
LOGGER.info("Listing Locations with filters %s.", json.dumps(filters))
|
|
265
265
|
query = (
|
|
266
266
|
"""
|
|
267
|
-
query Locations($types: [String], $filters:
|
|
267
|
+
query Locations($types: [String], $filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: LocationsOrdering, $orderMode: OrderingMode) {
|
|
268
268
|
locations(types: $types, filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
269
269
|
edges {
|
|
270
270
|
node {
|
|
@@ -295,7 +295,7 @@ class Malware:
|
|
|
295
295
|
LOGGER.info("Listing Malwares with filters %s.", json.dumps(filters))
|
|
296
296
|
query = (
|
|
297
297
|
"""
|
|
298
|
-
query Malwares($filters:
|
|
298
|
+
query Malwares($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: MalwaresOrdering, $orderMode: OrderingMode) {
|
|
299
299
|
malwares(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
300
300
|
edges {
|
|
301
301
|
node {
|
|
@@ -269,7 +269,7 @@ class MalwareAnalysis:
|
|
|
269
269
|
LOGGER.info("Listing Malware analyses with filters %s.", json.dumps(filters))
|
|
270
270
|
query = (
|
|
271
271
|
"""
|
|
272
|
-
query MalwareAnalyses($filters:
|
|
272
|
+
query MalwareAnalyses($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: MalwareAnalysesOrdering, $orderMode: OrderingMode) {
|
|
273
273
|
malwareAnalyses(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
274
274
|
edges {
|
|
275
275
|
node {
|
|
@@ -57,7 +57,7 @@ class MarkingDefinition:
|
|
|
57
57
|
LOGGER.info("Listing Marking-Definitions with filters %s.", json.dumps(filters))
|
|
58
58
|
query = (
|
|
59
59
|
"""
|
|
60
|
-
query MarkingDefinitions($filters:
|
|
60
|
+
query MarkingDefinitions($filters: FilterGroup, $first: Int, $after: ID, $orderBy: MarkingDefinitionsOrdering, $orderMode: OrderingMode) {
|
|
61
61
|
markingDefinitions(filters: $filters, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
62
62
|
edges {
|
|
63
63
|
node {
|
|
@@ -255,7 +255,7 @@ class Narrative:
|
|
|
255
255
|
LOGGER.info("Listing Narratives with filters %s.", json.dumps(filters))
|
|
256
256
|
query = (
|
|
257
257
|
"""
|
|
258
|
-
query Narratives($filters:
|
|
258
|
+
query Narratives($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: NarrativesOrdering, $orderMode: OrderingMode) {
|
|
259
259
|
narratives(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
260
260
|
edges {
|
|
261
261
|
node {
|
|
@@ -492,7 +492,7 @@ class Note:
|
|
|
492
492
|
LOGGER.info("Listing Notes with filters %s.", json.dumps(filters))
|
|
493
493
|
query = (
|
|
494
494
|
"""
|
|
495
|
-
query Notes($filters:
|
|
495
|
+
query Notes($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: NotesOrdering, $orderMode: OrderingMode) {
|
|
496
496
|
notes(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
497
497
|
edges {
|
|
498
498
|
node {
|
|
@@ -482,7 +482,7 @@ class ObservedData:
|
|
|
482
482
|
LOGGER.info("Listing ObservedDatas with filters %s.", json.dumps(filters))
|
|
483
483
|
query = (
|
|
484
484
|
"""
|
|
485
|
-
query ObservedDatas($filters:
|
|
485
|
+
query ObservedDatas($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: ObservedDatasOrdering, $orderMode: OrderingMode) {
|
|
486
486
|
observedDatas(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
487
487
|
edges {
|
|
488
488
|
node {
|
|
@@ -254,7 +254,7 @@ class Opinion:
|
|
|
254
254
|
LOGGER.info("Listing Opinions with filters %s.", json.dumps(filters))
|
|
255
255
|
query = (
|
|
256
256
|
"""
|
|
257
|
-
query Opinions($filters:
|
|
257
|
+
query Opinions($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: OpinionsOrdering, $orderMode: OrderingMode) {
|
|
258
258
|
opinions(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
259
259
|
edges {
|
|
260
260
|
node {
|
|
@@ -493,7 +493,7 @@ class Report:
|
|
|
493
493
|
LOGGER.info("Listing Reports with filters %s.", json.dumps(filters))
|
|
494
494
|
query = (
|
|
495
495
|
"""
|
|
496
|
-
query Reports($filters:
|
|
496
|
+
query Reports($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: ReportsOrdering, $orderMode: OrderingMode) {
|
|
497
497
|
reports(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
498
498
|
edges {
|
|
499
499
|
node {
|
|
@@ -613,10 +613,14 @@ class Report:
|
|
|
613
613
|
if object_result is None and name is not None and published is not None:
|
|
614
614
|
published_final = parse(published).strftime("%Y-%m-%d")
|
|
615
615
|
object_result = self.read(
|
|
616
|
-
filters=
|
|
617
|
-
|
|
618
|
-
|
|
619
|
-
|
|
616
|
+
filters={
|
|
617
|
+
"mode": "and",
|
|
618
|
+
"filters": [
|
|
619
|
+
{"key": "name", "values": [name]},
|
|
620
|
+
{"key": "published_day", "values": [published_final]},
|
|
621
|
+
],
|
|
622
|
+
"filterGroups": [],
|
|
623
|
+
},
|
|
620
624
|
customAttributes=custom_attributes,
|
|
621
625
|
)
|
|
622
626
|
return object_result
|