pycti 5.12.13__py3-none-any.whl → 5.12.15__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pycti might be problematic. Click here for more details.

Files changed (64) hide show
  1. pycti/__init__.py +1 -1
  2. pycti/api/__init__.py +0 -3
  3. pycti/api/opencti_api_client.py +10 -56
  4. pycti/api/opencti_api_connector.py +1 -2
  5. pycti/api/opencti_api_playbook.py +3 -4
  6. pycti/api/opencti_api_work.py +15 -12
  7. pycti/connector/__init__.py +0 -3
  8. pycti/connector/opencti_connector_helper.py +63 -54
  9. pycti/connector/opencti_metric_handler.py +8 -5
  10. pycti/entities/__init__.py +0 -3
  11. pycti/entities/opencti_attack_pattern.py +17 -11
  12. pycti/entities/opencti_campaign.py +15 -9
  13. pycti/entities/opencti_case_incident.py +39 -43
  14. pycti/entities/opencti_case_rfi.py +34 -46
  15. pycti/entities/opencti_case_rft.py +35 -44
  16. pycti/entities/opencti_channel.py +15 -9
  17. pycti/entities/opencti_course_of_action.py +15 -9
  18. pycti/entities/opencti_data_component.py +17 -14
  19. pycti/entities/opencti_data_source.py +12 -16
  20. pycti/entities/opencti_event.py +15 -9
  21. pycti/entities/opencti_external_reference.py +20 -15
  22. pycti/entities/opencti_feedback.py +36 -46
  23. pycti/entities/opencti_grouping.py +22 -20
  24. pycti/entities/opencti_identity.py +15 -8
  25. pycti/entities/opencti_incident.py +13 -9
  26. pycti/entities/opencti_indicator.py +18 -15
  27. pycti/entities/opencti_infrastructure.py +15 -9
  28. pycti/entities/opencti_intrusion_set.py +12 -8
  29. pycti/entities/opencti_kill_chain_phase.py +16 -12
  30. pycti/entities/opencti_label.py +16 -12
  31. pycti/entities/opencti_language.py +13 -9
  32. pycti/entities/opencti_location.py +13 -9
  33. pycti/entities/opencti_malware.py +15 -9
  34. pycti/entities/opencti_malware_analysis.py +17 -9
  35. pycti/entities/opencti_marking_definition.py +15 -11
  36. pycti/entities/opencti_narrative.py +15 -9
  37. pycti/entities/opencti_note.py +35 -20
  38. pycti/entities/opencti_observed_data.py +34 -19
  39. pycti/entities/opencti_opinion.py +37 -20
  40. pycti/entities/opencti_report.py +36 -20
  41. pycti/entities/opencti_stix.py +8 -19
  42. pycti/entities/opencti_stix_core_object.py +15 -9
  43. pycti/entities/opencti_stix_core_relationship.py +69 -52
  44. pycti/entities/opencti_stix_cyber_observable.py +78 -62
  45. pycti/entities/opencti_stix_domain_object.py +75 -55
  46. pycti/entities/opencti_stix_nested_ref_relationship.py +21 -14
  47. pycti/entities/opencti_stix_object_or_stix_relationship.py +4 -7
  48. pycti/entities/opencti_stix_sighting_relationship.py +34 -26
  49. pycti/entities/opencti_task.py +37 -44
  50. pycti/entities/opencti_threat_actor.py +7 -4
  51. pycti/entities/opencti_threat_actor_group.py +10 -8
  52. pycti/entities/opencti_threat_actor_individual.py +10 -9
  53. pycti/entities/opencti_tool.py +15 -9
  54. pycti/entities/opencti_vocabulary.py +11 -13
  55. pycti/entities/opencti_vulnerability.py +15 -9
  56. pycti/utils/opencti_logger.py +64 -0
  57. pycti/utils/opencti_stix2.py +30 -24
  58. pycti/utils/opencti_stix2_update.py +2 -6
  59. {pycti-5.12.13.dist-info → pycti-5.12.15.dist-info}/METADATA +1 -1
  60. pycti-5.12.15.dist-info/RECORD +68 -0
  61. pycti-5.12.13.dist-info/RECORD +0 -67
  62. {pycti-5.12.13.dist-info → pycti-5.12.15.dist-info}/LICENSE +0 -0
  63. {pycti-5.12.13.dist-info → pycti-5.12.15.dist-info}/WHEEL +0 -0
  64. {pycti-5.12.13.dist-info → pycti-5.12.15.dist-info}/top_level.txt +0 -0
pycti/entities/opencti_stix_cyber_observable.py CHANGED
@@ -6,8 +6,6 @@ import os
6
6
 
7
7
  import magic
8
8
 
9
- from pycti.entities import LOGGER
10
-
11
9
 
12
10
  class StixCyberObservable:
13
11
  def __init__(self, opencti, file):
@@ -647,8 +645,9 @@ class StixCyberObservable:
647
645
  if get_all:
648
646
  first = 100
649
647
 
650
- LOGGER.info(
651
- "Listing StixCyberObservables with filters %s.", json.dumps(filters)
648
+ self.opencti.app_logger.info(
649
+ "Listing StixCyberObservables with filters",
650
+ {"filters": json.dumps(filters)},
652
651
  )
653
652
  query = (
654
653
  """
@@ -695,7 +694,9 @@ class StixCyberObservable:
695
694
  final_data = final_data + data
696
695
  while result["data"]["stixCyberObservables"]["pageInfo"]["hasNextPage"]:
697
696
  after = result["data"]["stixCyberObservables"]["pageInfo"]["endCursor"]
698
- LOGGER.info("Listing StixCyberObservables after " + after)
697
+ self.opencti.app_logger.info(
698
+ "Listing StixCyberObservables", {"after": after}
699
+ )
699
700
  result = self.opencti.query(
700
701
  query,
701
702
  {
@@ -732,7 +733,7 @@ class StixCyberObservable:
732
733
  custom_attributes = kwargs.get("customAttributes", None)
733
734
  with_files = kwargs.get("withFiles", False)
734
735
  if id is not None:
735
- LOGGER.info("Reading StixCyberObservable {%s}.", id)
736
+ self.opencti.app_logger.info("Reading StixCyberObservable", {"id": id})
736
737
  query = (
737
738
  """
738
739
  query StixCyberObservable($id: String!) {
@@ -759,7 +760,7 @@ class StixCyberObservable:
759
760
  else:
760
761
  return None
761
762
  else:
762
- LOGGER.error(
763
+ self.opencti.app_logger.error(
763
764
  "[opencti_stix_cyber_observable] Missing parameters: id or filters"
764
765
  )
765
766
  return None
@@ -797,10 +798,9 @@ class StixCyberObservable:
797
798
  mime_type = "application/json"
798
799
  else:
799
800
  mime_type = magic.from_file(file_name, mime=True)
800
- LOGGER.info(
801
- "Uploading a file {%s} in Stix-Cyber-Observable {%s}.",
802
- final_file_name,
803
- id,
801
+ self.opencti.app_logger.info(
802
+ "Uploading a file in Stix-Cyber-Observable",
803
+ {"file": final_file_name, "id": id},
804
804
  )
805
805
  return self.opencti.query(
806
806
  query,
@@ -813,7 +813,7 @@ class StixCyberObservable:
813
813
  },
814
814
  )
815
815
  else:
816
- LOGGER.error(
816
+ self.opencti.app_logger.error(
817
817
  "[opencti_stix_cyber_observable Missing parameters: id or file_name"
818
818
  )
819
819
  return None
@@ -927,10 +927,9 @@ class StixCyberObservable:
927
927
  hashes.append({"algorithm": key, "hash": value})
928
928
 
929
929
  if type is not None:
930
- LOGGER.info(
931
- "Creating Stix-Cyber-Observable {%s} with indicator at %s.",
932
- type,
933
- create_indicator,
930
+ self.opencti.app_logger.info(
931
+ "Creating Stix-Cyber-Observable with indicator",
932
+ {"type": type, "create_indicator": create_indicator},
934
933
  )
935
934
  input_variables = {
936
935
  "type": type,
@@ -1494,7 +1493,7 @@ class StixCyberObservable:
1494
1493
  result["data"]["stixCyberObservableAdd"]
1495
1494
  )
1496
1495
  else:
1497
- LOGGER.error("Missing parameters: type")
1496
+ self.opencti.app_logger.error("Missing parameters: type")
1498
1497
 
1499
1498
  """
1500
1499
  Upload an artifact
@@ -1515,9 +1514,9 @@ class StixCyberObservable:
1515
1514
 
1516
1515
  if file_name is not None and mime_type is not None:
1517
1516
  final_file_name = os.path.basename(file_name)
1518
- LOGGER.info(
1519
- "Creating Stix-Cyber-Observable {artifact} with indicator at %s.",
1520
- create_indicator,
1517
+ self.opencti.app_logger.info(
1518
+ "Creating Stix-Cyber-Observable {artifact} with indicator",
1519
+ {"create_indicator": create_indicator},
1521
1520
  )
1522
1521
  query = """
1523
1522
  mutation ArtifactImport($file: Upload!, $x_opencti_description: String, $createdBy: String, $objectMarking: [String], $objectLabel: [String]) {
@@ -1656,7 +1655,7 @@ class StixCyberObservable:
1656
1655
  result["data"]["artifactImport"]
1657
1656
  )
1658
1657
  else:
1659
- LOGGER.error("Missing parameters: type")
1658
+ self.opencti.app_logger.error("Missing parameters: type")
1660
1659
 
1661
1660
  """
1662
1661
  Update a Stix-Observable object field
@@ -1670,7 +1669,7 @@ class StixCyberObservable:
1670
1669
  id = kwargs.get("id", None)
1671
1670
  input = kwargs.get("input", None)
1672
1671
  if id is not None and input is not None:
1673
- LOGGER.info("Updating Stix-Observable {%s}.", id)
1672
+ self.opencti.app_logger.info("Updating Stix-Observable", {"id": id})
1674
1673
  query = """
1675
1674
  mutation StixCyberObservableEdit($id: ID!, $input: [EditInput]!) {
1676
1675
  stixCyberObservableEdit(id: $id) {
@@ -1693,7 +1692,7 @@ class StixCyberObservable:
1693
1692
  result["data"]["stixCyberObservableEdit"]["fieldPatch"]
1694
1693
  )
1695
1694
  else:
1696
- LOGGER.error(
1695
+ self.opencti.app_logger.error(
1697
1696
  "[opencti_stix_cyber_observable_update_field] Missing parameters: id and input",
1698
1697
  )
1699
1698
  return None
@@ -1710,7 +1709,7 @@ class StixCyberObservable:
1710
1709
  custom_attributes = kwargs.get("customAttributes", None)
1711
1710
  with_files = kwargs.get("withFiles", False)
1712
1711
  if id is not None:
1713
- LOGGER.info("Promoting Stix-Observable {" + id + "}.")
1712
+ self.opencti.app_logger.info("Promoting Stix-Observable", {"id": id})
1714
1713
  query = (
1715
1714
  """
1716
1715
  mutation StixCyberObservableEdit($id: ID!) {
@@ -1733,7 +1732,7 @@ class StixCyberObservable:
1733
1732
  result["data"]["stixCyberObservableEdit"]["promote"]
1734
1733
  )
1735
1734
  else:
1736
- LOGGER.error(
1735
+ self.opencti.app_logger.error(
1737
1736
  "[opencti_stix_cyber_observable_promote] Missing parameters: id"
1738
1737
  )
1739
1738
  return None
@@ -1748,7 +1747,7 @@ class StixCyberObservable:
1748
1747
  def delete(self, **kwargs):
1749
1748
  id = kwargs.get("id", None)
1750
1749
  if id is not None:
1751
- LOGGER.info("Deleting Stix-Observable {%s}.", id)
1750
+ self.opencti.app_logger.info("Deleting Stix-Observable", {"id": id})
1752
1751
  query = """
1753
1752
  mutation StixCyberObservableEdit($id: ID!) {
1754
1753
  stixCyberObservableEdit(id: $id) {
@@ -1758,7 +1757,7 @@ class StixCyberObservable:
1758
1757
  """
1759
1758
  self.opencti.query(query, {"id": id})
1760
1759
  else:
1761
- LOGGER.error(
1760
+ self.opencti.app_logger.error(
1762
1761
  "[opencti_stix_cyber_observable_delete] Missing parameters: id"
1763
1762
  )
1764
1763
  return None
@@ -1775,10 +1774,9 @@ class StixCyberObservable:
1775
1774
  id = kwargs.get("id", None)
1776
1775
  identity_id = kwargs.get("identity_id", None)
1777
1776
  if id is not None:
1778
- LOGGER.info(
1779
- "Updating author of Stix-Cyber-Observable {%s} with Identity {%s}",
1780
- id,
1781
- identity_id,
1777
+ self.opencti.app_logger.info(
1778
+ "Updating author of Stix-Cyber-Observable with Identity",
1779
+ {"id": id, "identity_id": identity_id},
1782
1780
  )
1783
1781
  custom_attributes = """
1784
1782
  id
@@ -1843,7 +1841,7 @@ class StixCyberObservable:
1843
1841
  }
1844
1842
  self.opencti.query(query, variables)
1845
1843
  else:
1846
- LOGGER.error("Missing parameters: id")
1844
+ self.opencti.app_logger.error("Missing parameters: id")
1847
1845
  return False
1848
1846
 
1849
1847
  """
@@ -1878,14 +1876,16 @@ class StixCyberObservable:
1878
1876
  """
1879
1877
  stix_cyber_observable = self.read(id=id, customAttributes=custom_attributes)
1880
1878
  if stix_cyber_observable is None:
1881
- LOGGER.error("Cannot add Marking-Definition, entity not found")
1879
+ self.opencti.app_logger.error(
1880
+ "Cannot add Marking-Definition, entity not found"
1881
+ )
1882
1882
  return False
1883
1883
  if marking_definition_id in stix_cyber_observable["objectMarkingIds"]:
1884
1884
  return True
1885
1885
  else:
1886
- LOGGER.info(
1887
- "Adding Marking-Definition {%s} to Stix-Cyber-Observable {%s}",
1888
- *(marking_definition_id, id),
1886
+ self.opencti.app_logger.info(
1887
+ "Adding Marking-Definition to Stix-Cyber-Observable",
1888
+ {"marking_definition_id": marking_definition_id, "id": id},
1889
1889
  )
1890
1890
  query = """
1891
1891
  mutation StixCyberObservableAddRelation($id: ID!, $input: StixRefRelationshipAddInput!) {
@@ -1908,7 +1908,9 @@ class StixCyberObservable:
1908
1908
  )
1909
1909
  return True
1910
1910
  else:
1911
- LOGGER.error("Missing parameters: id and marking_definition_id")
1911
+ self.opencti.app_logger.error(
1912
+ "Missing parameters: id and marking_definition_id"
1913
+ )
1912
1914
  return False
1913
1915
 
1914
1916
  """
@@ -1923,9 +1925,9 @@ class StixCyberObservable:
1923
1925
  id = kwargs.get("id", None)
1924
1926
  marking_definition_id = kwargs.get("marking_definition_id", None)
1925
1927
  if id is not None and marking_definition_id is not None:
1926
- LOGGER.info(
1927
- "Removing Marking-Definition {%s} from Stix-Cyber-Observable {%s}",
1928
- *(marking_definition_id, id),
1928
+ self.opencti.app_logger.info(
1929
+ "Removing Marking-Definition from Stix-Cyber-Observable",
1930
+ {"marking_definition_id": marking_definition_id, "id": id},
1929
1931
  )
1930
1932
  query = """
1931
1933
  mutation StixCyberObservableRemoveRelation($id: ID!, $toId: StixRef!, $relationship_type: String!) {
@@ -1946,7 +1948,7 @@ class StixCyberObservable:
1946
1948
  )
1947
1949
  return True
1948
1950
  else:
1949
- LOGGER.error("Missing parameters: id and label_id")
1951
+ self.opencti.app_logger.error("Missing parameters: id and label_id")
1950
1952
  return False
1951
1953
 
1952
1954
  """
@@ -1975,7 +1977,10 @@ class StixCyberObservable:
1975
1977
  label = self.opencti.label.create(value=label_name)
1976
1978
  label_id = label["id"]
1977
1979
  if id is not None and label_id is not None:
1978
- LOGGER.info("Adding label {%s} to Stix-Cyber-Observable {%s}", label_id, id)
1980
+ self.opencti.app_logger.info(
1981
+ "Adding label to Stix-Cyber-Observable",
1982
+ {"label_id": label_id, "id": id},
1983
+ )
1979
1984
  query = """
1980
1985
  mutation StixCyberObservableAddRelation($id: ID!, $input: StixRefRelationshipAddInput!) {
1981
1986
  stixCyberObservableEdit(id: $id) {
@@ -1997,7 +2002,7 @@ class StixCyberObservable:
1997
2002
  )
1998
2003
  return True
1999
2004
  else:
2000
- LOGGER.error("Missing parameters: id and label_id")
2005
+ self.opencti.app_logger.error("Missing parameters: id and label_id")
2001
2006
  return False
2002
2007
 
2003
2008
  """
@@ -2023,8 +2028,9 @@ class StixCyberObservable:
2023
2028
  if label:
2024
2029
  label_id = label["id"]
2025
2030
  if id is not None and label_id is not None:
2026
- LOGGER.info(
2027
- "Removing label {%s} from Stix-Cyber-Observable {%s}", label_id, id
2031
+ self.opencti.app_logger.info(
2032
+ "Removing label from Stix-Cyber-Observable",
2033
+ {"label_id": label_id, "id": id},
2028
2034
  )
2029
2035
  query = """
2030
2036
  mutation StixCyberObservableRemoveRelation($id: ID!, $toId: StixRef!, $relationship_type: String!) {
@@ -2045,7 +2051,7 @@ class StixCyberObservable:
2045
2051
  )
2046
2052
  return True
2047
2053
  else:
2048
- LOGGER.error("Missing parameters: id and label_id")
2054
+ self.opencti.app_logger.error("Missing parameters: id and label_id")
2049
2055
  return False
2050
2056
 
2051
2057
  """
@@ -2081,14 +2087,16 @@ class StixCyberObservable:
2081
2087
  """
2082
2088
  stix_domain_object = self.read(id=id, customAttributes=custom_attributes)
2083
2089
  if stix_domain_object is None:
2084
- LOGGER.error("Cannot add External-Reference, entity not found")
2090
+ self.opencti.app_logger.error(
2091
+ "Cannot add External-Reference, entity not found"
2092
+ )
2085
2093
  return False
2086
2094
  if external_reference_id in stix_domain_object["externalReferencesIds"]:
2087
2095
  return True
2088
2096
  else:
2089
- LOGGER.info(
2090
- "Adding External-Reference {%s} to Stix-Cyber-Observable {%s}",
2091
- *(external_reference_id, id),
2097
+ self.opencti.app_logger.info(
2098
+ "Adding External-Reference to Stix-Cyber-Observable",
2099
+ {"external_reference_id": external_reference_id, "id": id},
2092
2100
  )
2093
2101
  query = """
2094
2102
  mutation StixCyberObservabletEditRelationAdd($id: ID!, $input: StixRefRelationshipAddInput!) {
@@ -2111,7 +2119,9 @@ class StixCyberObservable:
2111
2119
  )
2112
2120
  return True
2113
2121
  else:
2114
- LOGGER.error("Missing parameters: id and external_reference_id")
2122
+ self.opencti.app_logger.error(
2123
+ "Missing parameters: id and external_reference_id"
2124
+ )
2115
2125
  return False
2116
2126
 
2117
2127
  """
@@ -2126,9 +2136,9 @@ class StixCyberObservable:
2126
2136
  id = kwargs.get("id", None)
2127
2137
  external_reference_id = kwargs.get("external_reference_id", None)
2128
2138
  if id is not None and external_reference_id is not None:
2129
- LOGGER.info(
2130
- "Removing External-Reference {%s} from Stix-Cyber-Observable {%s}",
2131
- *(external_reference_id, id),
2139
+ self.opencti.app_logger.info(
2140
+ "Removing External-Reference from Stix-Cyber-Observable",
2141
+ {"external_reference_id": external_reference_id, "id": id},
2132
2142
  )
2133
2143
  query = """
2134
2144
  mutation StixCyberObservableRemoveRelation($id: ID!, $toId: StixRef!, $relationship_type: String!) {
@@ -2149,7 +2159,7 @@ class StixCyberObservable:
2149
2159
  )
2150
2160
  return True
2151
2161
  else:
2152
- LOGGER.error("Missing parameters: id and label_id")
2162
+ self.opencti.app_logger.error("Missing parameters: id and label_id")
2153
2163
  return False
2154
2164
 
2155
2165
  def push_list_export(self, file_name, data, list_filters="", mime_type=None):
@@ -2175,7 +2185,7 @@ class StixCyberObservable:
2175
2185
  connector_id = kwargs.get("connector_id", None)
2176
2186
 
2177
2187
  if id is None or connector_id is None:
2178
- LOGGER.error("Missing parameters: id and connector_id")
2188
+ self.opencti.app_logger.error("Missing parameters: id and connector_id")
2179
2189
  return ""
2180
2190
 
2181
2191
  query = """
@@ -2208,7 +2218,9 @@ class StixCyberObservable:
2208
2218
  def reports(self, **kwargs):
2209
2219
  id = kwargs.get("id", None)
2210
2220
  if id is not None:
2211
- LOGGER.info("Getting reports of the Stix-Cyber-Observable {%s}.", id)
2221
+ self.opencti.app_logger.info(
2222
+ "Getting reports of the Stix-Cyber-Observable", {"id": id}
2223
+ )
2212
2224
  query = """
2213
2225
  query StixCyberObservable($id: String!) {
2214
2226
  stixCyberObservable(id: $id) {
@@ -2332,7 +2344,7 @@ class StixCyberObservable:
2332
2344
  else:
2333
2345
  return []
2334
2346
  else:
2335
- LOGGER.error("Missing parameters: id")
2347
+ self.opencti.app_logger.error("Missing parameters: id")
2336
2348
  return None
2337
2349
 
2338
2350
  """
@@ -2345,7 +2357,9 @@ class StixCyberObservable:
2345
2357
  def notes(self, **kwargs):
2346
2358
  id = kwargs.get("id", None)
2347
2359
  if id is not None:
2348
- LOGGER.info("Getting notes of the Stix-Cyber-Observable {%s}.", id)
2360
+ self.opencti.app_logger.info(
2361
+ "Getting notes of the Stix-Cyber-Observable", {"id": id}
2362
+ )
2349
2363
  query = """
2350
2364
  query StixCyberObservable($id: String!) {
2351
2365
  stixCyberObservable(id: $id) {
@@ -2470,7 +2484,7 @@ class StixCyberObservable:
2470
2484
  else:
2471
2485
  return []
2472
2486
  else:
2473
- LOGGER.error("Missing parameters: id")
2487
+ self.opencti.app_logger.error("Missing parameters: id")
2474
2488
  return None
2475
2489
 
2476
2490
  """
@@ -2483,7 +2497,9 @@ class StixCyberObservable:
2483
2497
  def observed_data(self, **kwargs):
2484
2498
  id = kwargs.get("id", None)
2485
2499
  if id is not None:
2486
- LOGGER.info("Getting Observed-Data of the Stix-Cyber-Observable {%s}.", id)
2500
+ self.opencti.app_logger.info(
2501
+ "Getting Observed-Data of the Stix-Cyber-Observable", {"id": id}
2502
+ )
2487
2503
  query = """
2488
2504
  query StixCyberObservable($id: String!) {
2489
2505
  stixCyberObservable(id: $id) {
@@ -2619,5 +2635,5 @@ class StixCyberObservable:
2619
2635
  else:
2620
2636
  return []
2621
2637
  else:
2622
- LOGGER.error("Missing parameters: id")
2638
+ self.opencti.app_logger.error("Missing parameters: id")
2623
2639
  return None