pycti 6.2.7__py3-none-any.whl → 6.2.8__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pycti might be problematic. Click here for more details.
- pycti/__init__.py +1 -1
- pycti/api/opencti_api_playbook.py +6 -1
- pycti/entities/opencti_identity.py +22 -0
- pycti/entities/opencti_location.py +10 -0
- pycti/entities/opencti_report.py +24 -1
- pycti/entities/opencti_stix_cyber_observable.py +1 -1
- {pycti-6.2.7.dist-info → pycti-6.2.8.dist-info}/METADATA +2 -2
- {pycti-6.2.7.dist-info → pycti-6.2.8.dist-info}/RECORD +11 -11
- {pycti-6.2.7.dist-info → pycti-6.2.8.dist-info}/WHEEL +1 -1
- {pycti-6.2.7.dist-info → pycti-6.2.8.dist-info}/LICENSE +0 -0
- {pycti-6.2.7.dist-info → pycti-6.2.8.dist-info}/top_level.txt +0 -0
pycti/__init__.py
CHANGED
|
@@ -6,7 +6,12 @@ class OpenCTIApiPlaybook:
|
|
|
6
6
|
|
|
7
7
|
def playbook_step_execution(self, playbook: dict, bundle: str):
|
|
8
8
|
self.api.app_logger.info(
|
|
9
|
-
"Executing playbook step",
|
|
9
|
+
"Executing playbook step",
|
|
10
|
+
{
|
|
11
|
+
"playbook_id": playbook["playbook_id"],
|
|
12
|
+
"step_id": playbook["step_id"],
|
|
13
|
+
"data_instance_id": playbook["data_instance_id"],
|
|
14
|
+
},
|
|
10
15
|
)
|
|
11
16
|
query = """
|
|
12
17
|
mutation PlaybookStepExecution($execution_id: ID!, $event_id: ID!, $execution_start: DateTime!, $data_instance_id: ID!, $playbook_id: ID!, $previous_step_id: ID!, $step_id: ID!, $previous_bundle: String!, $bundle: String!) {
|
|
@@ -60,6 +60,11 @@ class Identity:
|
|
|
60
60
|
x_opencti_order
|
|
61
61
|
x_opencti_color
|
|
62
62
|
}
|
|
63
|
+
objectOrganization {
|
|
64
|
+
id
|
|
65
|
+
standard_id
|
|
66
|
+
name
|
|
67
|
+
}
|
|
63
68
|
objectLabel {
|
|
64
69
|
id
|
|
65
70
|
value
|
|
@@ -148,6 +153,11 @@ class Identity:
|
|
|
148
153
|
x_opencti_order
|
|
149
154
|
x_opencti_color
|
|
150
155
|
}
|
|
156
|
+
objectOrganization {
|
|
157
|
+
id
|
|
158
|
+
standard_id
|
|
159
|
+
name
|
|
160
|
+
}
|
|
151
161
|
objectLabel {
|
|
152
162
|
id
|
|
153
163
|
value
|
|
@@ -388,6 +398,7 @@ class Identity:
|
|
|
388
398
|
x_opencti_firstname = kwargs.get("x_opencti_firstname", None)
|
|
389
399
|
x_opencti_lastname = kwargs.get("x_opencti_lastname", None)
|
|
390
400
|
x_opencti_stix_ids = kwargs.get("x_opencti_stix_ids", None)
|
|
401
|
+
granted_refs = kwargs.get("objectOrganization", None)
|
|
391
402
|
x_opencti_workflow_id = kwargs.get("x_opencti_workflow_id", None)
|
|
392
403
|
update = kwargs.get("update", False)
|
|
393
404
|
|
|
@@ -440,6 +451,7 @@ class Identity:
|
|
|
440
451
|
}
|
|
441
452
|
}
|
|
442
453
|
"""
|
|
454
|
+
input_variables["objectOrganization"] = granted_refs
|
|
443
455
|
input_variables["x_opencti_firstname"] = x_opencti_firstname
|
|
444
456
|
input_variables["x_opencti_lastname"] = x_opencti_lastname
|
|
445
457
|
input_variables["x_opencti_reliability"] = x_opencti_reliability
|
|
@@ -455,6 +467,7 @@ class Identity:
|
|
|
455
467
|
}
|
|
456
468
|
}
|
|
457
469
|
"""
|
|
470
|
+
input_variables["objectOrganization"] = granted_refs
|
|
458
471
|
input_variables["x_opencti_firstname"] = x_opencti_firstname
|
|
459
472
|
input_variables["x_opencti_lastname"] = x_opencti_lastname
|
|
460
473
|
input_variables["x_opencti_reliability"] = x_opencti_reliability
|
|
@@ -540,6 +553,10 @@ class Identity:
|
|
|
540
553
|
stix_object["x_opencti_stix_ids"] = (
|
|
541
554
|
self.opencti.get_attribute_in_extension("stix_ids", stix_object)
|
|
542
555
|
)
|
|
556
|
+
if "x_opencti_granted_refs" not in stix_object:
|
|
557
|
+
stix_object["x_opencti_granted_refs"] = (
|
|
558
|
+
self.opencti.get_attribute_in_extension("granted_refs", stix_object)
|
|
559
|
+
)
|
|
543
560
|
if "x_opencti_workflow_id" not in stix_object:
|
|
544
561
|
stix_object["x_opencti_workflow_id"] = (
|
|
545
562
|
self.opencti.get_attribute_in_extension("workflow_id", stix_object)
|
|
@@ -611,6 +628,11 @@ class Identity:
|
|
|
611
628
|
if "x_opencti_stix_ids" in stix_object
|
|
612
629
|
else None
|
|
613
630
|
),
|
|
631
|
+
objectOrganization=(
|
|
632
|
+
stix_object["x_opencti_granted_refs"]
|
|
633
|
+
if "x_opencti_granted_refs" in stix_object
|
|
634
|
+
else None
|
|
635
|
+
),
|
|
614
636
|
x_opencti_workflow_id=(
|
|
615
637
|
stix_object["x_opencti_workflow_id"]
|
|
616
638
|
if "x_opencti_workflow_id" in stix_object
|
|
@@ -58,6 +58,11 @@ class Location:
|
|
|
58
58
|
x_opencti_order
|
|
59
59
|
x_opencti_color
|
|
60
60
|
}
|
|
61
|
+
objectOrganization {
|
|
62
|
+
id
|
|
63
|
+
standard_id
|
|
64
|
+
name
|
|
65
|
+
}
|
|
61
66
|
objectLabel {
|
|
62
67
|
id
|
|
63
68
|
value
|
|
@@ -139,6 +144,11 @@ class Location:
|
|
|
139
144
|
x_opencti_order
|
|
140
145
|
x_opencti_color
|
|
141
146
|
}
|
|
147
|
+
objectOrganization {
|
|
148
|
+
id
|
|
149
|
+
standard_id
|
|
150
|
+
name
|
|
151
|
+
}
|
|
142
152
|
objectLabel {
|
|
143
153
|
id
|
|
144
154
|
value
|
pycti/entities/opencti_report.py
CHANGED
|
@@ -694,6 +694,8 @@ class Report:
|
|
|
694
694
|
created_by = kwargs.get("createdBy", None)
|
|
695
695
|
objects = kwargs.get("objects", None)
|
|
696
696
|
object_marking = kwargs.get("objectMarking", None)
|
|
697
|
+
object_assignee = kwargs.get("objectAssignee", None)
|
|
698
|
+
object_participant = kwargs.get("objectParticipant", None)
|
|
697
699
|
object_label = kwargs.get("objectLabel", None)
|
|
698
700
|
external_references = kwargs.get("externalReferences", None)
|
|
699
701
|
revoked = kwargs.get("revoked", None)
|
|
@@ -733,6 +735,8 @@ class Report:
|
|
|
733
735
|
"objectMarking": object_marking,
|
|
734
736
|
"objectLabel": object_label,
|
|
735
737
|
"objectOrganization": granted_refs,
|
|
738
|
+
"objectAssignee": object_assignee,
|
|
739
|
+
"objectParticipant": object_participant,
|
|
736
740
|
"objects": objects,
|
|
737
741
|
"externalReferences": external_references,
|
|
738
742
|
"revoked": revoked,
|
|
@@ -886,7 +890,16 @@ class Report:
|
|
|
886
890
|
)
|
|
887
891
|
if "x_opencti_content" in stix_object:
|
|
888
892
|
stix_object["content"] = stix_object["x_opencti_content"]
|
|
889
|
-
|
|
893
|
+
if "x_opencti_assignee_ids" not in stix_object:
|
|
894
|
+
stix_object["x_opencti_assignee_ids"] = (
|
|
895
|
+
self.opencti.get_attribute_in_extension("assignee_ids", stix_object)
|
|
896
|
+
)
|
|
897
|
+
if "x_opencti_participant_ids" not in stix_object:
|
|
898
|
+
stix_object["x_opencti_participant_ids"] = (
|
|
899
|
+
self.opencti.get_attribute_in_extension(
|
|
900
|
+
"participant_ids", stix_object
|
|
901
|
+
)
|
|
902
|
+
)
|
|
890
903
|
return self.create(
|
|
891
904
|
stix_id=stix_object["id"],
|
|
892
905
|
createdBy=(
|
|
@@ -897,6 +910,16 @@ class Report:
|
|
|
897
910
|
if "object_marking_ids" in extras
|
|
898
911
|
else None
|
|
899
912
|
),
|
|
913
|
+
objectAssignee=(
|
|
914
|
+
stix_object["x_opencti_assignee_ids"]
|
|
915
|
+
if "x_opencti_assignee_ids" in stix_object
|
|
916
|
+
else None
|
|
917
|
+
),
|
|
918
|
+
objectParticipant=(
|
|
919
|
+
stix_object["x_opencti_participant_ids"]
|
|
920
|
+
if "x_opencti_participant_ids" in stix_object
|
|
921
|
+
else None
|
|
922
|
+
),
|
|
900
923
|
objectLabel=(
|
|
901
924
|
extras["object_label_ids"] if "object_label_ids" in extras else None
|
|
902
925
|
),
|
|
@@ -347,7 +347,7 @@ class StixCyberObservable(StixCyberObservableDeprecatedMixin):
|
|
|
347
347
|
|
|
348
348
|
if type is not None:
|
|
349
349
|
self.opencti.app_logger.info(
|
|
350
|
-
"Creating Stix-Cyber-Observable
|
|
350
|
+
"Creating Stix-Cyber-Observable",
|
|
351
351
|
{"type": type, "create_indicator": create_indicator},
|
|
352
352
|
)
|
|
353
353
|
input_variables = {
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: pycti
|
|
3
|
-
Version: 6.2.
|
|
3
|
+
Version: 6.2.8
|
|
4
4
|
Summary: Python API client for OpenCTI.
|
|
5
5
|
Home-page: https://github.com/OpenCTI-Platform/client-python
|
|
6
6
|
Author: Filigran
|
|
@@ -26,7 +26,7 @@ Requires-Dist: pika ~=1.3.0
|
|
|
26
26
|
Requires-Dist: python-json-logger ~=2.0.4
|
|
27
27
|
Requires-Dist: PyYAML ~=6.0
|
|
28
28
|
Requires-Dist: requests ~=2.32.2
|
|
29
|
-
Requires-Dist: setuptools ~=
|
|
29
|
+
Requires-Dist: setuptools ~=71.1.0
|
|
30
30
|
Requires-Dist: cachetools ~=5.4.0
|
|
31
31
|
Requires-Dist: prometheus-client ~=0.20.0
|
|
32
32
|
Requires-Dist: opentelemetry-api ~=1.22.0
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
pycti/__init__.py,sha256=
|
|
1
|
+
pycti/__init__.py,sha256=9zYFELXJkRvqWZeKz6_a4QP0Vle4GUqBkzeQWOyZ2DI,5218
|
|
2
2
|
pycti/api/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
3
3
|
pycti/api/opencti_api_client.py,sha256=c-xyfmas2LkYNIY8j4-dHBJepHNL6uNhageyJOvYdQc,29834
|
|
4
4
|
pycti/api/opencti_api_connector.py,sha256=fYF0Jy9KIMFNt1RC_A1rpWomVJ-oj5HiSsBem4W0J5U,3549
|
|
5
|
-
pycti/api/opencti_api_playbook.py,sha256=
|
|
5
|
+
pycti/api/opencti_api_playbook.py,sha256=456We78vESukfSOi_CctfZ9dbBJEi76EHClRc2f21Js,1628
|
|
6
6
|
pycti/api/opencti_api_work.py,sha256=JLfl7oy6Cq9IrYW_kUrqwzN46FoVzyIn1JJQKyK0h_w,7615
|
|
7
7
|
pycti/connector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
8
8
|
pycti/connector/opencti_connector.py,sha256=5oVvS27KWhzRiofJAeQPDtba-EP83FziSistyEd5l-U,2561
|
|
@@ -22,7 +22,7 @@ pycti/entities/opencti_event.py,sha256=Pam3eeR_Ytl_the-kV9IxXcfJKs2vRqN61igyDAlV
|
|
|
22
22
|
pycti/entities/opencti_external_reference.py,sha256=9Vz6ZIaE6im1f5hoEqizq5E31DQ7oFuqlXb-9JGy3Ao,13216
|
|
23
23
|
pycti/entities/opencti_feedback.py,sha256=tK_Y3ZK2h33xQTzsjxu3x8Za3cBsgkBth_xNzEj2Hms,32314
|
|
24
24
|
pycti/entities/opencti_grouping.py,sha256=Er4931oZy4rQzH4HOOOPOQotqH9HsDFoVKFXRNF-5J4,30034
|
|
25
|
-
pycti/entities/opencti_identity.py,sha256=
|
|
25
|
+
pycti/entities/opencti_identity.py,sha256=Bt6z8cNNnmPdV4iPSHb_FvO_9CGZdOHvhw9pT0llWH4,23685
|
|
26
26
|
pycti/entities/opencti_incident.py,sha256=KAaqn0mnlyIKJ2whtbK0Eg8AbfQfxKvppS9hyfn_04s,18553
|
|
27
27
|
pycti/entities/opencti_indicator.py,sha256=gh69C4Wu2Z08PcI2LC9p_FtKC1Qq8I1DjVsukz17kGI,20842
|
|
28
28
|
pycti/entities/opencti_infrastructure.py,sha256=-hgDXR3ld2B6Man9WkFFuXOY8ELprLgNIUcyE03TSDA,19929
|
|
@@ -30,7 +30,7 @@ pycti/entities/opencti_intrusion_set.py,sha256=MXubQhDZ6LE69z1Wj8agAZNOrGeKiXU4I
|
|
|
30
30
|
pycti/entities/opencti_kill_chain_phase.py,sha256=a509rFeIchPRlO5rMHPVxrxfUuTbV4znh6e_NJHC66I,8062
|
|
31
31
|
pycti/entities/opencti_label.py,sha256=6RZJPIa_dXf_YNNU4xXKghfBnpNjhU5YXOaSIcB4YrM,8800
|
|
32
32
|
pycti/entities/opencti_language.py,sha256=eHB7qzf_l2Mno_Wy9kF0QUdcBktWgr4kRHhb9AxT0c0,16176
|
|
33
|
-
pycti/entities/opencti_location.py,sha256=
|
|
33
|
+
pycti/entities/opencti_location.py,sha256=QSC8klDklTcXziulPFCpn8-UqeSIzPX287vfUYVDVbY,17776
|
|
34
34
|
pycti/entities/opencti_malware.py,sha256=T8P3cuG_5wVqpD8ArNnfZ1vk5CKfMCvaY8ZjskQHGnY,20355
|
|
35
35
|
pycti/entities/opencti_malware_analysis.py,sha256=iHw5G1mK9LGGuuFP7Wb0740336GR5btedK2lmy8lX84,21480
|
|
36
36
|
pycti/entities/opencti_marking_definition.py,sha256=2HkU58XWOZHuEFXrscshQIHW-KVyZSr02JRzBQYZirI,12862
|
|
@@ -38,11 +38,11 @@ pycti/entities/opencti_narrative.py,sha256=tUoq5h9VleK6Q-Wt1KSXAtcLsBUEvQ559rDhg
|
|
|
38
38
|
pycti/entities/opencti_note.py,sha256=2VzLIxiOIT5MVWQbfNkSyooTuKvwJH7sguRrUOVNpTY,30514
|
|
39
39
|
pycti/entities/opencti_observed_data.py,sha256=123sp3_Xbu1HVZW5-5_Tu8DYo_wBf6RVGPYyCIuDBtw,31126
|
|
40
40
|
pycti/entities/opencti_opinion.py,sha256=SPcY8-0zRJCMle-eDLka-CFPyAqU3CnVVBtfVYhzyJE,21837
|
|
41
|
-
pycti/entities/opencti_report.py,sha256=
|
|
41
|
+
pycti/entities/opencti_report.py,sha256=y-in19XqQ1BN0MZjKfxiOWe_0Q4Wakrj2MLrqzFpokU,35224
|
|
42
42
|
pycti/entities/opencti_stix.py,sha256=uMheSg8i1f2Ozx2Mk0iShWzHHjj6MMWDtV5nDjVxKEE,2275
|
|
43
43
|
pycti/entities/opencti_stix_core_object.py,sha256=BXUCdIcDMFQXQyOu25MpGB0zAjLFUHeL_OpddCijHrU,50560
|
|
44
44
|
pycti/entities/opencti_stix_core_relationship.py,sha256=ldhS0rJ9L6LrY1wvX28f9TMpVD1rVxsK-GYhH06qJFo,43944
|
|
45
|
-
pycti/entities/opencti_stix_cyber_observable.py,sha256=
|
|
45
|
+
pycti/entities/opencti_stix_cyber_observable.py,sha256=TMdBMLJLcmfdVyQtzjb0CEcVts6avqgStWGFoxH6OLQ,91250
|
|
46
46
|
pycti/entities/opencti_stix_domain_object.py,sha256=QI6uBbefNC_PQSwl0O5KpG4cWqa-15mIju8dwREzooU,78504
|
|
47
47
|
pycti/entities/opencti_stix_nested_ref_relationship.py,sha256=eGCF7yaEDqMsJbgvTDle0tVzRCF78CmEhE02jioUTCc,12605
|
|
48
48
|
pycti/entities/opencti_stix_object_or_stix_relationship.py,sha256=9P-yVkexzd-8sA_U5DhcgC6JzGtawZ8pQ_CPdbrTgy8,17935
|
|
@@ -66,8 +66,8 @@ pycti/utils/opencti_stix2.py,sha256=WAVgvTcj8P0QfN_K2-avCeFwSkxVtBz1nh0dA63Nlr4,
|
|
|
66
66
|
pycti/utils/opencti_stix2_splitter.py,sha256=A2GqoiFzEga8hslgA3mm4FDoObFsWgx4zK4DdcWTguc,4907
|
|
67
67
|
pycti/utils/opencti_stix2_update.py,sha256=CnMyqkeVA0jgyxEcgqna8sABU4YPMjkEJ228GVurIn4,14658
|
|
68
68
|
pycti/utils/opencti_stix2_utils.py,sha256=4r9qglN3AIN8JH1B9Ts2o20Qn3K203M4c5-lIPzRpZ4,4138
|
|
69
|
-
pycti-6.2.
|
|
70
|
-
pycti-6.2.
|
|
71
|
-
pycti-6.2.
|
|
72
|
-
pycti-6.2.
|
|
73
|
-
pycti-6.2.
|
|
69
|
+
pycti-6.2.8.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
70
|
+
pycti-6.2.8.dist-info/METADATA,sha256=KOACtQ30Z68TP__Jllwre-TUj-e7R4SvqYzOPCtfTbI,5432
|
|
71
|
+
pycti-6.2.8.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
72
|
+
pycti-6.2.8.dist-info/top_level.txt,sha256=cqEpxitAhHP4VgSA6xmrak6Yk9MeBkwoMTB6k7d2ZnE,6
|
|
73
|
+
pycti-6.2.8.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|