define Incident stub
Emmanuelle Vargas-Gonzalez
parent
aa77f2b174
commit
33a472d8f5
|
|
@ -36,7 +36,7 @@ from .observables import (
|
||||||
)
|
)
|
||||||
from .sdo import (
|
from .sdo import (
|
||||||
AttackPattern, Campaign, CourseOfAction, CustomObject, Grouping, Identity,
|
AttackPattern, Campaign, CourseOfAction, CustomObject, Grouping, Identity,
|
||||||
Indicator, Infrastructure, IntrusionSet, Location, Malware,
|
Incident, Indicator, Infrastructure, IntrusionSet, Location, Malware,
|
||||||
MalwareAnalysis, Note, ObservedData, Opinion, Report, ThreatActor, Tool,
|
MalwareAnalysis, Note, ObservedData, Opinion, Report, ThreatActor, Tool,
|
||||||
Vulnerability,
|
Vulnerability,
|
||||||
)
|
)
|
||||||
|
|
@ -49,6 +49,7 @@ OBJ_MAP = {
|
||||||
'course-of-action': CourseOfAction,
|
'course-of-action': CourseOfAction,
|
||||||
'grouping': Grouping,
|
'grouping': Grouping,
|
||||||
'identity': Identity,
|
'identity': Identity,
|
||||||
|
'incident': Incident,
|
||||||
'indicator': Indicator,
|
'indicator': Indicator,
|
||||||
'infrastructure': Infrastructure,
|
'infrastructure': Infrastructure,
|
||||||
'intrusion-set': IntrusionSet,
|
'intrusion-set': IntrusionSet,
|
||||||
|
|
@ -126,7 +127,7 @@ __all__ = """
|
||||||
X509Certificate, X509V3ExtensionsType,
|
X509Certificate, X509V3ExtensionsType,
|
||||||
|
|
||||||
AttackPattern, Campaign, CourseOfAction, CustomObject, Grouping, Identity,
|
AttackPattern, Campaign, CourseOfAction, CustomObject, Grouping, Identity,
|
||||||
Indicator, Infrastructure, IntrusionSet, Location, Malware,
|
Incident, Indicator, Infrastructure, IntrusionSet, Location, Malware,
|
||||||
MalwareAnalysis, Note, ObservedData, Opinion, Report, ThreatActor, Tool,
|
MalwareAnalysis, Note, ObservedData, Opinion, Report, ThreatActor, Tool,
|
||||||
Vulnerability,
|
Vulnerability,
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -175,6 +175,33 @@ class Identity(_DomainObject):
|
||||||
])
|
])
|
||||||
|
|
||||||
|
|
||||||
|
class Incident(_DomainObject):
|
||||||
|
"""For more detailed information on this object's properties, see
|
||||||
|
`the STIX 2.1 specification <link here>`__.
|
||||||
|
"""
|
||||||
|
|
||||||
|
_type = 'incident'
|
||||||
|
_properties = OrderedDict([
|
||||||
|
('type', TypeProperty(_type, spec_version='2.1')),
|
||||||
|
('spec_version', StringProperty(fixed='2.1')),
|
||||||
|
('id', IDProperty(_type, spec_version='2.1')),
|
||||||
|
('created_by_ref', ReferenceProperty(valid_types='identity', spec_version='2.1')),
|
||||||
|
('created', TimestampProperty(default=lambda: NOW, precision='millisecond', precision_constraint='min')),
|
||||||
|
('modified', TimestampProperty(default=lambda: NOW, precision='millisecond', precision_constraint='min')),
|
||||||
|
('name', StringProperty(required=True)),
|
||||||
|
('description', StringProperty()),
|
||||||
|
('kill_chain_phases', ListProperty(KillChainPhase)),
|
||||||
|
('revoked', BooleanProperty(default=lambda: False)),
|
||||||
|
('labels', ListProperty(StringProperty)),
|
||||||
|
('confidence', IntegerProperty()),
|
||||||
|
('lang', StringProperty()),
|
||||||
|
('external_references', ListProperty(ExternalReference)),
|
||||||
|
('object_marking_refs', ListProperty(ReferenceProperty(valid_types='marking-definition', spec_version='2.1'))),
|
||||||
|
('granular_markings', ListProperty(GranularMarking)),
|
||||||
|
('extensions', ExtensionsProperty(spec_version='2.1')),
|
||||||
|
])
|
||||||
|
|
||||||
|
|
||||||
class Indicator(_DomainObject):
|
class Indicator(_DomainObject):
|
||||||
"""For more detailed information on this object's properties, see
|
"""For more detailed information on this object's properties, see
|
||||||
`the STIX 2.1 specification <https://docs.oasis-open.org/cti/stix/v2.1/cs01/stix-v2.1-cs01.html#_wfiae74706sw>`__.
|
`the STIX 2.1 specification <https://docs.oasis-open.org/cti/stix/v2.1/cs01/stix-v2.1-cs01.html#_wfiae74706sw>`__.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue