pycti 6.5.9__py3-none-any.whl → 6.5.11__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pycti might be problematic. Click here for more details.
- pycti/__init__.py +1 -1
- pycti/api/opencti_api_client.py +1 -1
- pycti/api/opencti_api_connector.py +3 -0
- pycti/connector/opencti_connector_helper.py +5 -1
- pycti/entities/indicator/opencti_indicator_properties.py +8 -0
- pycti/entities/opencti_indicator.py +12 -5
- pycti/utils/constants.py +1 -3
- {pycti-6.5.9.dist-info → pycti-6.5.11.dist-info}/METADATA +1 -1
- {pycti-6.5.9.dist-info → pycti-6.5.11.dist-info}/RECORD +12 -12
- {pycti-6.5.9.dist-info → pycti-6.5.11.dist-info}/WHEEL +1 -1
- {pycti-6.5.9.dist-info → pycti-6.5.11.dist-info}/licenses/LICENSE +0 -0
- {pycti-6.5.9.dist-info → pycti-6.5.11.dist-info}/top_level.txt +0 -0
pycti/__init__.py
CHANGED
pycti/api/opencti_api_client.py
CHANGED
|
@@ -280,7 +280,7 @@ class OpenCTIApiClient:
|
|
|
280
280
|
if is_multiple_files:
|
|
281
281
|
# [(var_name + "." + i)] if is_multiple_files else
|
|
282
282
|
for _ in file_var_item["file"]:
|
|
283
|
-
file_vars[str(map_index)] = [
|
|
283
|
+
file_vars[str(map_index)] = [var_name + "." + str(map_index)]
|
|
284
284
|
map_index += 1
|
|
285
285
|
else:
|
|
286
286
|
file_vars[str(map_index)] = [var_name]
|
|
@@ -1102,7 +1102,11 @@ class OpenCTIConnectorHelper: # pylint: disable=too-many-public-methods
|
|
|
1102
1102
|
self.connect_auto,
|
|
1103
1103
|
self.connect_only_contextual,
|
|
1104
1104
|
playbook_compatible,
|
|
1105
|
-
|
|
1105
|
+
(
|
|
1106
|
+
self.listen_protocol_api_uri + self.listen_protocol_api_path
|
|
1107
|
+
if self.listen_protocol == "API"
|
|
1108
|
+
else None
|
|
1109
|
+
),
|
|
1106
1110
|
)
|
|
1107
1111
|
connector_configuration = self.api.connector.register(self.connector)
|
|
1108
1112
|
self.connector_logger.info(
|
|
@@ -95,6 +95,10 @@ INDICATOR_PROPERTIES = """
|
|
|
95
95
|
x_opencti_observable_values {
|
|
96
96
|
type
|
|
97
97
|
value
|
|
98
|
+
hashes {
|
|
99
|
+
algorithm
|
|
100
|
+
hash
|
|
101
|
+
}
|
|
98
102
|
}
|
|
99
103
|
x_mitre_platforms
|
|
100
104
|
observables {
|
|
@@ -227,6 +231,10 @@ INDICATOR_PROPERTIES_WITH_FILES = """
|
|
|
227
231
|
x_opencti_observable_values {
|
|
228
232
|
type
|
|
229
233
|
value
|
|
234
|
+
hashes {
|
|
235
|
+
algorithm
|
|
236
|
+
hash
|
|
237
|
+
}
|
|
230
238
|
}
|
|
231
239
|
x_mitre_platforms
|
|
232
240
|
observables {
|
|
@@ -48,6 +48,7 @@ class Indicator:
|
|
|
48
48
|
:param list customAttributes: (optional) list of attributes keys to return
|
|
49
49
|
:param bool getAll: (optional) switch to return all entries (be careful to use this without any other filters)
|
|
50
50
|
:param bool withPagination: (optional) switch to use pagination
|
|
51
|
+
:param bool toStix: (optional) get in STIX
|
|
51
52
|
|
|
52
53
|
:return: List of Indicators
|
|
53
54
|
:rtype: list
|
|
@@ -63,21 +64,26 @@ class Indicator:
|
|
|
63
64
|
get_all = kwargs.get("getAll", False)
|
|
64
65
|
with_pagination = kwargs.get("withPagination", False)
|
|
65
66
|
with_files = kwargs.get("withFiles", False)
|
|
67
|
+
to_stix = kwargs.get("toStix", False)
|
|
66
68
|
|
|
67
69
|
self.opencti.app_logger.info(
|
|
68
70
|
"Listing Indicators with filters", {"filters": json.dumps(filters)}
|
|
69
71
|
)
|
|
70
72
|
query = (
|
|
71
73
|
"""
|
|
72
|
-
query Indicators($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: IndicatorsOrdering, $orderMode: OrderingMode) {
|
|
73
|
-
indicators(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode) {
|
|
74
|
+
query Indicators($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: IndicatorsOrdering, $orderMode: OrderingMode, $toStix: Boolean) {
|
|
75
|
+
indicators(filters: $filters, search: $search, first: $first, after: $after, orderBy: $orderBy, orderMode: $orderMode, toStix: $toStix) {
|
|
74
76
|
edges {
|
|
75
77
|
node {
|
|
76
78
|
"""
|
|
77
79
|
+ (
|
|
78
|
-
|
|
79
|
-
if
|
|
80
|
-
else (
|
|
80
|
+
"toStix"
|
|
81
|
+
if to_stix
|
|
82
|
+
else (
|
|
83
|
+
custom_attributes
|
|
84
|
+
if custom_attributes is not None
|
|
85
|
+
else (self.properties_with_files if with_files else self.properties)
|
|
86
|
+
)
|
|
81
87
|
)
|
|
82
88
|
+ """
|
|
83
89
|
}
|
|
@@ -102,6 +108,7 @@ class Indicator:
|
|
|
102
108
|
"after": after,
|
|
103
109
|
"orderBy": order_by,
|
|
104
110
|
"orderMode": order_mode,
|
|
111
|
+
"toStix": to_stix,
|
|
105
112
|
},
|
|
106
113
|
)
|
|
107
114
|
if get_all:
|
pycti/utils/constants.py
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
pycti/__init__.py,sha256=
|
|
1
|
+
pycti/__init__.py,sha256=JNwV6ItYqfE23jEOzRbt0Txjfcj286tCyATTf_1U9sE,5219
|
|
2
2
|
pycti/api/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
3
|
-
pycti/api/opencti_api_client.py,sha256=
|
|
4
|
-
pycti/api/opencti_api_connector.py,sha256=
|
|
3
|
+
pycti/api/opencti_api_client.py,sha256=3_opNMGfx90QNMw4_ULQEKazsblLYBtJLVaTHo2_I9A,32846
|
|
4
|
+
pycti/api/opencti_api_connector.py,sha256=8xwHuLINP3ZCImzE9_K_iCR9QEA3K6aHpK4bJhcZf20,5582
|
|
5
5
|
pycti/api/opencti_api_playbook.py,sha256=456We78vESukfSOi_CctfZ9dbBJEi76EHClRc2f21Js,1628
|
|
6
6
|
pycti/api/opencti_api_work.py,sha256=qIRJMCfyC9odXf7LMRg9ImYizqF2WHUOU7Ty5IUFGg8,8351
|
|
7
7
|
pycti/connector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
8
8
|
pycti/connector/opencti_connector.py,sha256=8lCZFvcA9-S1x6vFl756hgWAlzKfrnq-C4AIdDJr-Kg,2715
|
|
9
|
-
pycti/connector/opencti_connector_helper.py,sha256=
|
|
9
|
+
pycti/connector/opencti_connector_helper.py,sha256=GlWxo2npQjg2R3Ey2WRqLp3M2DtKPNL71we0tUap6P4,87795
|
|
10
10
|
pycti/connector/opencti_metric_handler.py,sha256=4jXHeJflomtHjuQ_YU0b36TG7o26vOWbY_jvU8Ezobs,3725
|
|
11
11
|
pycti/entities/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
12
12
|
pycti/entities/opencti_attack_pattern.py,sha256=QXJaMMZlnVCxxHGZNGSKPLmHL3TgM08aUIS8SypmIek,22193
|
|
@@ -24,7 +24,7 @@ pycti/entities/opencti_feedback.py,sha256=Duu3oXiQcTbJ6Tyk7k8wWt0wTK0U1Dtow1Hhht
|
|
|
24
24
|
pycti/entities/opencti_grouping.py,sha256=WPLIt3dB4jMFkai4sDxaUq27VxjouOP1FT6LJQ8td2E,30235
|
|
25
25
|
pycti/entities/opencti_identity.py,sha256=trQsvyzc2kIoZcZQn5GMQmutCNt7qRt39twg1EmWD2o,23759
|
|
26
26
|
pycti/entities/opencti_incident.py,sha256=OFWUX1mtQ2lM2f15DU6FlriTZ9bXkb3Ql7oLCVLEmFk,18632
|
|
27
|
-
pycti/entities/opencti_indicator.py,sha256=
|
|
27
|
+
pycti/entities/opencti_indicator.py,sha256=h_WW5OXTkvTJx_Iq8pXvkGZKSUH1ccti1q-WaZjKBCo,21180
|
|
28
28
|
pycti/entities/opencti_infrastructure.py,sha256=TXnofpQskioYSKAhVzH5bj17aWk2y7rsmlG57uhoxK4,19997
|
|
29
29
|
pycti/entities/opencti_intrusion_set.py,sha256=2vIk2jfvrTL8H83UkpdpHwax_DYhO4lUAAlz_Ec1N3k,19023
|
|
30
30
|
pycti/entities/opencti_kill_chain_phase.py,sha256=acNzuFdxhwI_8fvZOTEHhP8fC6EGY_r6jcKpA-nKa8Q,7991
|
|
@@ -55,20 +55,20 @@ pycti/entities/opencti_tool.py,sha256=YbOp0Ur5Do7ToLzfIKGX-MtlBQf-Dt9Qtgk1lI9Q7a
|
|
|
55
55
|
pycti/entities/opencti_vocabulary.py,sha256=xupdHJ6TznCmvI3sVYU261SnfblSNc1nwg19MG9yrao,6499
|
|
56
56
|
pycti/entities/opencti_vulnerability.py,sha256=ssMH7EB7WC--Nv2bq-D-_wLBGXMgP3ZLK-X8SslpVJQ,22614
|
|
57
57
|
pycti/entities/indicator/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
58
|
-
pycti/entities/indicator/opencti_indicator_properties.py,sha256=
|
|
58
|
+
pycti/entities/indicator/opencti_indicator_properties.py,sha256=iQvSeMHB-vSTzINnRxqIJfC3OgMHyhbXUVF2juU7DoE,5219
|
|
59
59
|
pycti/entities/stix_cyber_observable/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
60
60
|
pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_deprecated.py,sha256=q-2G6OOqvUC1U2hSKxD8uT5T18M_IDkl72Tn1KoumQI,1847
|
|
61
61
|
pycti/entities/stix_cyber_observable/opencti_stix_cyber_observable_properties.py,sha256=MN56CW8RWZwB0Pr8UiHZy_4nSzbgFbwdhSFKpsZ_d1Y,11293
|
|
62
62
|
pycti/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
63
|
-
pycti/utils/constants.py,sha256=
|
|
63
|
+
pycti/utils/constants.py,sha256=zlt4nPytB-PIVd91X0RGh3bY6qWcCOn3hnuM9TuDWEw,11829
|
|
64
64
|
pycti/utils/opencti_logger.py,sha256=BHNy9fJuTUTn_JEYSCmyvVwd6y-9ZJKxO40mY4iZ0bc,2226
|
|
65
65
|
pycti/utils/opencti_stix2.py,sha256=pUx1Oglb1EnREheMzmJBrmRS17vGnZzF8PCmB-pjNM0,117680
|
|
66
66
|
pycti/utils/opencti_stix2_identifier.py,sha256=k8L1z4q1xdCBfxqUba4YS_kT-MmbJFxYh0RvfGOmrOs,837
|
|
67
67
|
pycti/utils/opencti_stix2_splitter.py,sha256=etnAWMDzNi2JCovSUJ5Td-XLVdzgKRdsV1XfpXOGols,11070
|
|
68
68
|
pycti/utils/opencti_stix2_update.py,sha256=CnMyqkeVA0jgyxEcgqna8sABU4YPMjkEJ228GVurIn4,14658
|
|
69
69
|
pycti/utils/opencti_stix2_utils.py,sha256=xgBZzm7HC76rLQYwTKkaUd_w9jJnVMoryHx7KDDIB_g,5065
|
|
70
|
-
pycti-6.5.
|
|
71
|
-
pycti-6.5.
|
|
72
|
-
pycti-6.5.
|
|
73
|
-
pycti-6.5.
|
|
74
|
-
pycti-6.5.
|
|
70
|
+
pycti-6.5.11.dist-info/licenses/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
|
|
71
|
+
pycti-6.5.11.dist-info/METADATA,sha256=BzaGtd1tfiCVUSo2K1bwFgZ_EHedIeI0AmhgFKizWdk,5565
|
|
72
|
+
pycti-6.5.11.dist-info/WHEEL,sha256=CmyFI0kx5cdEMTLiONQRbGQwjIoR1aIYB7eCAQ4KPJ0,91
|
|
73
|
+
pycti-6.5.11.dist-info/top_level.txt,sha256=cqEpxitAhHP4VgSA6xmrak6Yk9MeBkwoMTB6k7d2ZnE,6
|
|
74
|
+
pycti-6.5.11.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|