diff --git a/docs/guide/filesystem.ipynb b/docs/guide/filesystem.ipynb index 845ded4..ec09422 100644 --- a/docs/guide/filesystem.ipynb +++ b/docs/guide/filesystem.ipynb @@ -65,43 +65,53 @@ "\n", "```\n", "stix2_content/\n", - " /STIX2 Domain Object type\n", - " STIX2 Domain Object\n", - " STIX2 Domain Object\n", + " STIX2 Domain Object type/\n", + " STIX2 Domain Object ID/\n", + " 'modified' timestamp.json\n", + " 'modified' timestamp.json\n", + " STIX2 Domain Object ID/\n", + " 'modified' timestamp.json\n", " .\n", " .\n", - " .\n", - " /STIX2 Domain Object type\n", - " STIX2 Domain Object\n", - " STIX2 Domain Object\n", + " STIX2 Domain Object type/\n", + " STIX2 Domain Object ID/\n", + " 'modified' timestamp.json\n", " .\n", " .\n", " .\n", " .\n", " .\n", " .\n", - " /STIX2 Domain Object type\n", + " STIX2 Domain Object type/\n", "```\n", "\n", - "The master STIX 2 content directory contains subdirectories, each of which aligns to a STIX 2 domain object type (i.e. \"attack-pattern\", \"campaign\", \"malware\", etc.). Within each STIX 2 domain object subdirectory are JSON files that are STIX 2 domain objects of the specified type. The name of the json files correspond to the ID of the STIX 2 domain object found within that file. A real example of the FileSystem directory structure:\n", + "The master STIX 2 content directory contains subdirectories, each of which aligns to a STIX 2 domain object type (i.e. \"attack-pattern\", \"campaign\", \"malware\", etc.). Within each STIX 2 domain object type's subdirectory are further subdirectories containing JSON files that are STIX 2 domain objects of the specified type; the name of each of these subdirectories is the ID of the associated STIX 2 domain object. Inside each of these subdirectories are JSON files, the names of which correspond to the ``modified`` timestamp of the STIX 2 domain object found within that file. A real example of the FileSystem directory structure:\n", "\n", "```\n", "stix2_content/\n", " /attack-pattern\n", - " attack-pattern--00d0b012-8a03-410e-95de-5826bf542de6.json\n", - " attack-pattern--0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22.json\n", - " attack-pattern--1b7ba276-eedc-4951-a762-0ceea2c030ec.json\n", + " /attack-pattern--00d0b012-8a03-410e-95de-5826bf542de6\n", + " 20201211035036648071.json\n", + " /attack-pattern--0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22\n", + " 20201210035036648071.json\n", + " /attack-pattern--1b7ba276-eedc-4951-a762-0ceea2c030ec\n", + " 20201111035036648071.json\n", " /campaign\n", " /course-of-action\n", - " course-of-action--2a8de25c-f743-4348-b101-3ee33ab5871b.json\n", - " course-of-action--2c3ce852-06a2-40ee-8fe6-086f6402a739.json\n", + " /course-of-action--2a8de25c-f743-4348-b101-3ee33ab5871b\n", + " 20201011035036648071.json\n", + " /course-of-action--2c3ce852-06a2-40ee-8fe6-086f6402a739\n", + " 20201010035036648071.json\n", " /identity\n", - " identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5.json\n", + " /identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\n", + " 20201215035036648071.json\n", " /indicator\n", " /intrusion-set\n", " /malware\n", - " malware--1d808f62-cf63-4063-9727-ff6132514c22.json\n", - " malware--2eb9b131-d333-4a48-9eb4-d8dec46c19ee.json\n", + " /malware--1d808f62-cf63-4063-9727-ff6132514c22\n", + " 20201211045036648071.json\n", + " /malware--2eb9b131-d333-4a48-9eb4-d8dec46c19ee\n", + " 20201211035036648072.json\n", " /observed-data\n", " /report\n", " /threat-actor\n", @@ -1408,7 +1418,7 @@ "# add Campaign object to FileSystemSink\n", "fs_sink.add(camp)\n", "\n", - "# can also add STIX objects to FileSystemSink in on call\n", + "# can also add STIX objects to FileSystemSink in one call\n", "fs_sink.add([ind, ind1])" ] } @@ -1429,7 +1439,7 @@ "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", - "version": "3.9.0a6" + "version": "3.6.7" } }, "nbformat": 4,