2016-10-27 22:25:17 +02:00
|
|
|
#!/usr/bin/env python
|
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
|
|
|
try:
|
2016-11-21 12:57:49 +01:00
|
|
|
from misp_stix_converter.converters.buildMISPAttribute import buildEvent
|
|
|
|
from misp_stix_converter.converters import convert
|
2016-10-27 22:25:17 +02:00
|
|
|
from misp_stix_converter.converters.convert import MISPtoSTIX
|
|
|
|
has_misp_stix_converter = True
|
|
|
|
except ImportError:
|
|
|
|
has_misp_stix_converter = False
|
|
|
|
|
|
|
|
|
|
|
|
def load_stix(stix, distribution=3, threat_level_id=2, analysis=0):
|
|
|
|
'''Returns a MISPEvent object from a STIX package'''
|
|
|
|
if not has_misp_stix_converter:
|
2016-11-16 16:35:06 +01:00
|
|
|
raise Exception('You need to install misp_stix_converter: pip install git+https://github.com/MISP/MISP-STIX-Converter.git')
|
2016-11-21 12:57:49 +01:00
|
|
|
stix = convert.load_stix(stix)
|
2016-10-27 22:25:17 +02:00
|
|
|
return buildEvent(stix, distribution=distribution,
|
|
|
|
threat_level_id=threat_level_id, analysis=analysis)
|
|
|
|
|
|
|
|
|
|
|
|
def make_stix_package(misp_event, to_json=False, to_xml=False):
|
|
|
|
'''Returns a STIXPackage from a MISPEvent.
|
|
|
|
|
|
|
|
Optionally can return the package in json or xml.
|
|
|
|
|
|
|
|
'''
|
|
|
|
if not has_misp_stix_converter:
|
2016-11-16 16:35:06 +01:00
|
|
|
raise Exception('You need to install misp_stix_converter: pip install git+https://github.com/MISP/MISP-STIX-Converter.git')
|
2016-10-27 22:25:17 +02:00
|
|
|
package = MISPtoSTIX(misp_event)
|
|
|
|
if to_json:
|
|
|
|
return package.to_json()
|
|
|
|
elif to_xml:
|
|
|
|
return package.to_xml()
|
|
|
|
else:
|
|
|
|
return package
|