diff --git a/docs/guide/creating.ipynb b/docs/guide/creating.ipynb index 3e22061..d9464e7 100644 --- a/docs/guide/creating.ipynb +++ b/docs/guide/creating.ipynb @@ -4,7 +4,6 @@ "cell_type": "code", "execution_count": 1, "metadata": { - "collapsed": true, "nbsphinx": "hidden" }, "outputs": [], @@ -25,7 +24,6 @@ "cell_type": "code", "execution_count": 2, "metadata": { - "collapsed": true, "nbsphinx": "hidden" }, "outputs": [], @@ -146,15 +144,15 @@ ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n", ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
-       "    "created": "2017-09-26T23:33:39.829Z",\n",
-       "    "modified": "2017-09-26T23:33:39.829Z",\n",
-       "    "labels": [\n",
-       "        "malicious-activity"\n",
-       "    ],\n",
+       "    "id": "indicator--548af3be-39d7-4a3e-93c2-1a63cccf8951",\n",
+       "    "created": "2018-04-05T18:32:24.193Z",\n",
+       "    "modified": "2018-04-05T18:32:24.193Z",\n",
        "    "name": "File hash for malware variant",\n",
        "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-09-26T23:33:39.829952Z"\n",
+       "    "valid_from": "2018-04-05T18:32:24.193659Z",\n",
+       "    "labels": [\n",
+       "        "malicious-activity"\n",
+       "    ]\n",
        "}\n",
        "
\n" ], @@ -188,9 +186,7 @@ { "cell_type": "code", "execution_count": 4, - "metadata": { - "collapsed": true - }, + "metadata": {}, "outputs": [], "source": [ "indicator2 = Indicator(type='indicator',\n", @@ -295,7 +291,7 @@ { "data": { "text/plain": [ - "u'File hash for malware variant'" + "'File hash for malware variant'" ] }, "execution_count": 8, @@ -322,7 +318,7 @@ { "data": { "text/plain": [ - "u'File hash for malware variant'" + "'File hash for malware variant'" ] }, "execution_count": 9, @@ -469,9 +465,9 @@ ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n", ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "malware",\n",
-       "    "id": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2",\n",
-       "    "created": "2017-09-26T23:33:56.908Z",\n",
-       "    "modified": "2017-09-26T23:33:56.908Z",\n",
+       "    "id": "malware--3d7f0c1c-616a-4868-aa7b-150821d2a429",\n",
+       "    "created": "2018-04-05T18:32:46.584Z",\n",
+       "    "modified": "2018-04-05T18:32:46.584Z",\n",
        "    "name": "Poison Ivy",\n",
        "    "labels": [\n",
        "        "remote-access-trojan"\n",
@@ -592,12 +588,12 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "relationship",\n",
-       "    "id": "relationship--637aa3b1-d4b8-4bc4-85e7-77cc82b198a3",\n",
-       "    "created": "2017-09-26T23:34:01.765Z",\n",
-       "    "modified": "2017-09-26T23:34:01.765Z",\n",
+       "    "id": "relationship--34ddc7b4-4965-4615-b286-1c8bbaa1e7db",\n",
+       "    "created": "2018-04-05T18:32:49.474Z",\n",
+       "    "modified": "2018-04-05T18:32:49.474Z",\n",
        "    "relationship_type": "indicates",\n",
-       "    "source_ref": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
-       "    "target_ref": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2"\n",
+       "    "source_ref": "indicator--548af3be-39d7-4a3e-93c2-1a63cccf8951",\n",
+       "    "target_ref": "malware--3d7f0c1c-616a-4868-aa7b-150821d2a429"\n",
        "}\n",
        "
\n"
       ],
@@ -704,12 +700,12 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "relationship",\n",
-       "    "id": "relationship--70fe77c2-ab00-4181-a2dc-fe5567d971ca",\n",
-       "    "created": "2017-09-26T23:34:03.923Z",\n",
-       "    "modified": "2017-09-26T23:34:03.923Z",\n",
+       "    "id": "relationship--0a646403-f7e7-4cfd-b945-cab5cde05857",\n",
+       "    "created": "2018-04-05T18:32:51.417Z",\n",
+       "    "modified": "2018-04-05T18:32:51.417Z",\n",
        "    "relationship_type": "indicates",\n",
-       "    "source_ref": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
-       "    "target_ref": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2"\n",
+       "    "source_ref": "indicator--548af3be-39d7-4a3e-93c2-1a63cccf8951",\n",
+       "    "target_ref": "malware--3d7f0c1c-616a-4868-aa7b-150821d2a429"\n",
        "}\n",
        "
\n"
       ],
@@ -814,26 +810,26 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "bundle",\n",
-       "    "id": "bundle--2536c43d-c874-418e-886c-20a22120d8cb",\n",
+       "    "id": "bundle--f83477e5-f853-47e1-a267-43f3aa1bd5b0",\n",
        "    "spec_version": "2.0",\n",
        "    "objects": [\n",
        "        {\n",
        "            "type": "indicator",\n",
-       "            "id": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
-       "            "created": "2017-09-26T23:33:39.829Z",\n",
-       "            "modified": "2017-09-26T23:33:39.829Z",\n",
-       "            "labels": [\n",
-       "                "malicious-activity"\n",
-       "            ],\n",
+       "            "id": "indicator--548af3be-39d7-4a3e-93c2-1a63cccf8951",\n",
+       "            "created": "2018-04-05T18:32:24.193Z",\n",
+       "            "modified": "2018-04-05T18:32:24.193Z",\n",
        "            "name": "File hash for malware variant",\n",
        "            "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "            "valid_from": "2017-09-26T23:33:39.829952Z"\n",
+       "            "valid_from": "2018-04-05T18:32:24.193659Z",\n",
+       "            "labels": [\n",
+       "                "malicious-activity"\n",
+       "            ]\n",
        "        },\n",
        "        {\n",
        "            "type": "malware",\n",
-       "            "id": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2",\n",
-       "            "created": "2017-09-26T23:33:56.908Z",\n",
-       "            "modified": "2017-09-26T23:33:56.908Z",\n",
+       "            "id": "malware--3d7f0c1c-616a-4868-aa7b-150821d2a429",\n",
+       "            "created": "2018-04-05T18:32:46.584Z",\n",
+       "            "modified": "2018-04-05T18:32:46.584Z",\n",
        "            "name": "Poison Ivy",\n",
        "            "labels": [\n",
        "                "remote-access-trojan"\n",
@@ -841,12 +837,12 @@
        "        },\n",
        "        {\n",
        "            "type": "relationship",\n",
-       "            "id": "relationship--637aa3b1-d4b8-4bc4-85e7-77cc82b198a3",\n",
-       "            "created": "2017-09-26T23:34:01.765Z",\n",
-       "            "modified": "2017-09-26T23:34:01.765Z",\n",
+       "            "id": "relationship--34ddc7b4-4965-4615-b286-1c8bbaa1e7db",\n",
+       "            "created": "2018-04-05T18:32:49.474Z",\n",
+       "            "modified": "2018-04-05T18:32:49.474Z",\n",
        "            "relationship_type": "indicates",\n",
-       "            "source_ref": "indicator--dbcbd659-c927-4f9a-994f-0a2632274394",\n",
-       "            "target_ref": "malware--d7fd675d-94eb-4d95-b0bc-b3c5e28e8ed2"\n",
+       "            "source_ref": "indicator--548af3be-39d7-4a3e-93c2-1a63cccf8951",\n",
+       "            "target_ref": "malware--3d7f0c1c-616a-4868-aa7b-150821d2a429"\n",
        "        }\n",
        "    ]\n",
        "}\n",
@@ -871,21 +867,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/custom.ipynb b/docs/guide/custom.ipynb
index 7f30401..bc19749 100644
--- a/docs/guide/custom.ipynb
+++ b/docs/guide/custom.ipynb
@@ -4,7 +4,6 @@
    "cell_type": "code",
    "execution_count": 1,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -23,9 +22,8 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 1,
+   "execution_count": 2,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,23 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -70,7 +70,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 4,
+   "execution_count": 3,
    "metadata": {},
    "outputs": [
     {
@@ -99,7 +99,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 2,
+   "execution_count": 4,
    "metadata": {},
    "outputs": [
     {
@@ -175,9 +175,9 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "identity",\n",
-       "    "id": "identity--00c5743f-2d5e-4d66-88f1-1842584f4519",\n",
-       "    "created": "2017-11-09T16:17:44.596Z",\n",
-       "    "modified": "2017-11-09T16:17:44.596Z",\n",
+       "    "id": "identity--87aac643-341b-413a-b702-ea5820416155",\n",
+       "    "created": "2018-04-05T18:38:10.269Z",\n",
+       "    "modified": "2018-04-05T18:38:10.269Z",\n",
        "    "name": "John Smith",\n",
        "    "identity_class": "individual",\n",
        "    "x_foo": "bar"\n",
@@ -188,7 +188,7 @@
        ""
       ]
      },
-     "execution_count": 2,
+     "execution_count": 4,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -211,6 +211,117 @@
     "Alternatively, setting ``allow_custom`` to ``True`` will allow custom properties without requiring a ``custom_properties`` dictionary."
    ]
   },
+  {
+   "cell_type": "code",
+   "execution_count": 5,
+   "metadata": {},
+   "outputs": [
+    {
+     "data": {
+      "text/html": [
+       "
{\n",
+       "    "type": "identity",\n",
+       "    "id": "identity--a1ad0a6f-39ab-4642-9a72-aaa198b1eee2",\n",
+       "    "created": "2018-04-05T18:38:12.270Z",\n",
+       "    "modified": "2018-04-05T18:38:12.270Z",\n",
+       "    "name": "John Smith",\n",
+       "    "identity_class": "individual",\n",
+       "    "x_foo": "bar"\n",
+       "}\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 5,
+     "metadata": {},
+     "output_type": "execute_result"
+    }
+   ],
+   "source": [
+    "identity2 = Identity(name=\"John Smith\",\n",
+    "                     identity_class=\"individual\",\n",
+    "                     x_foo=\"bar\",\n",
+    "                     allow_custom=True)\n",
+    "print(identity2)"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "Likewise, when parsing STIX content with custom properties, pass ``allow_custom=True`` to [parse()](../api/stix2.core.rst#stix2.core.parse):"
+   ]
+  },
   {
    "cell_type": "code",
    "execution_count": 6,
@@ -287,15 +398,7 @@
        ".highlight .vg { color: #19177C } /* Name.Variable.Global */\n",
        ".highlight .vi { color: #19177C } /* Name.Variable.Instance */\n",
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
-       ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
-       "    "x_foo": "bar",\n",
-       "    "type": "identity",\n",
-       "    "id": "identity--1e8188eb-245f-400b-839d-7f612169c514",\n",
-       "    "created": "2017-09-26T21:02:22.708Z",\n",
-       "    "modified": "2017-09-26T21:02:22.708Z",\n",
-       "    "name": "John Smith",\n",
-       "    "identity_class": "individual"\n",
-       "}\n",
+       ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
bar\n",
        "
\n"
       ],
       "text/plain": [
@@ -307,34 +410,6 @@
      "output_type": "execute_result"
     }
    ],
-   "source": [
-    "identity2 = Identity(name=\"John Smith\",\n",
-    "                     identity_class=\"individual\",\n",
-    "                     x_foo=\"bar\",\n",
-    "                     allow_custom=True)\n",
-    "print(identity2)"
-   ]
-  },
-  {
-   "cell_type": "markdown",
-   "metadata": {},
-   "source": [
-    "Likewise, when parsing STIX content with custom properties, pass ``allow_custom=True`` to [parse()](../api/stix2.core.rst#stix2.core.parse):"
-   ]
-  },
-  {
-   "cell_type": "code",
-   "execution_count": 7,
-   "metadata": {},
-   "outputs": [
-    {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "bar\n"
-     ]
-    }
-   ],
    "source": [
     "from stix2 import parse\n",
     "\n",
@@ -364,10 +439,8 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 8,
-   "metadata": {
-    "collapsed": true
-   },
+   "execution_count": 7,
+   "metadata": {},
    "outputs": [],
    "source": [
     "from stix2 import CustomObject, properties\n",
@@ -391,7 +464,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 9,
+   "execution_count": 8,
    "metadata": {},
    "outputs": [
     {
@@ -467,9 +540,9 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "x-animal",\n",
-       "    "id": "x-animal--caebdf17-9d2a-4c84-8864-7406326618f0",\n",
-       "    "created": "2017-09-26T21:02:34.724Z",\n",
-       "    "modified": "2017-09-26T21:02:34.724Z",\n",
+       "    "id": "x-animal--b1e4fe7f-7985-451d-855c-6ba5c265b22a",\n",
+       "    "created": "2018-04-05T18:38:19.790Z",\n",
+       "    "modified": "2018-04-05T18:38:19.790Z",\n",
        "    "species": "lion",\n",
        "    "animal_class": "mammal"\n",
        "}\n",
@@ -479,7 +552,7 @@
        ""
       ]
      },
-     "execution_count": 9,
+     "execution_count": 8,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -499,7 +572,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 10,
+   "execution_count": 9,
    "metadata": {},
    "outputs": [
     {
@@ -525,15 +598,90 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 11,
+   "execution_count": 10,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "shark\n"
-     ]
+     "data": {
+      "text/html": [
+       "
shark\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 10,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [
@@ -558,7 +706,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 12,
+   "execution_count": 11,
    "metadata": {},
    "outputs": [
     {
@@ -593,7 +741,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 13,
+   "execution_count": 12,
    "metadata": {},
    "outputs": [
     {
@@ -678,7 +826,7 @@
        ""
       ]
      },
-     "execution_count": 13,
+     "execution_count": 12,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -709,16 +857,172 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 14,
+   "execution_count": 13,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "foobaz\n",
-      "5\n"
-     ]
+     "data": {
+      "text/html": [
+       "
foobaz\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 13,
+     "metadata": {},
+     "output_type": "execute_result"
+    },
+    {
+     "data": {
+      "text/html": [
+       "
5\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 13,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [
@@ -759,7 +1063,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 15,
+   "execution_count": 16,
    "metadata": {},
    "outputs": [
     {
@@ -843,7 +1147,7 @@
        ""
       ]
      },
-     "execution_count": 15,
+     "execution_count": 16,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -851,10 +1155,10 @@
    "source": [
     "from stix2 import File, CustomExtension\n",
     "\n",
-    "@CustomExtension(File, 'x-new-ext', [\n",
-    "    ('property1', properties.StringProperty(required=True)),\n",
-    "    ('property2', properties.IntegerProperty()),\n",
-    "])\n",
+    "@CustomExtension(File, 'x-new-ext', {\n",
+    "    'property1': properties.StringProperty(required=True),\n",
+    "    'property2': properties.IntegerProperty(),\n",
+    "})\n",
     "class NewExtension():\n",
     "    pass\n",
     "\n",
@@ -872,16 +1176,172 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 16,
+   "execution_count": 17,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "bla\n",
-      "50\n"
-     ]
+     "data": {
+      "text/html": [
+       "
bla\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 17,
+     "metadata": {},
+     "output_type": "execute_result"
+    },
+    {
+     "data": {
+      "text/html": [
+       "
50\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 17,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [
@@ -918,21 +1378,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/datastore.ipynb b/docs/guide/datastore.ipynb
index ac27a82..474c719 100644
--- a/docs/guide/datastore.ipynb
+++ b/docs/guide/datastore.ipynb
@@ -4,7 +4,6 @@
    "cell_type": "code",
    "execution_count": 1,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -23,9 +22,8 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 40,
+   "execution_count": 2,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,36 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
-   ]
-  },
-  {
-   "cell_type": "code",
-   "execution_count": 3,
-   "metadata": {
-    "collapsed": true
-   },
-   "outputs": [],
-   "source": [
-    "# without this configuration, only last print() call is outputted in cells\n",
-    "from IPython.core.interactiveshell import InteractiveShell\n",
-    "InteractiveShell.ast_node_interactivity = \"all\""
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -328,10 +315,10 @@
     "from stix2 import CompositeDataSource, FileSystemSource, TAXIICollectionSource\n",
     "\n",
     "# create FileSystemStore\n",
-    "fs = FileSystemSource(\"/home/michael/cti-python-stix2/stix2/test/stix2_data/\")\n",
+    "fs = FileSystemSource(\"/tmp/stix2_source\")\n",
     "\n",
     "# create TAXIICollectionSource\n",
-    "colxn = Collection('https://test.freetaxii.com:8000/osint/collections/a9c22eaf-0f3e-482c-8bb4-45ae09e75d9b/')\n",
+    "colxn = Collection('http://127.0.0.1:5000/trustgroup1/collections/91a7b528-80eb-42ed-a74d-c6fbd5a26116/')\n",
     "ts = TAXIICollectionSource(colxn)\n",
     "\n",
     "# add them both to the CompositeDataSource\n",
@@ -344,7 +331,7 @@
     "\n",
     "# get an object that is only in the TAXII collection\n",
     "ind = cs.get('indicator--02b90f02-a96a-43ee-88f1-1e87297941f2')\n",
-    "print(ind)\n"
+    "print(ind)"
    ]
   },
   {
@@ -389,10 +376,8 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 5,
-   "metadata": {
-    "collapsed": true
-   },
+   "execution_count": 7,
+   "metadata": {},
    "outputs": [],
    "source": [
     "import sys\n",
@@ -423,16 +408,14 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 6,
-   "metadata": {
-    "collapsed": true
-   },
+   "execution_count": 9,
+   "metadata": {},
    "outputs": [],
    "source": [
     "from stix2 import MemoryStore, FileSystemStore, FileSystemSource\n",
     "\n",
-    "fs = FileSystemStore(\"/home/michael/Desktop/sample_stix2_data\")\n",
-    "fs_source = FileSystemSource(\"/home/michael/Desktop/sample_stix2_data\")\n",
+    "fs = FileSystemStore(\"/tmp/stix2_store\")\n",
+    "fs_source = FileSystemSource(\"/tmp/stix2_source\")\n",
     "\n",
     "# attach filter to FileSystemStore\n",
     "fs.source.filters.add(f)\n",
@@ -466,7 +449,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 13,
+   "execution_count": 10,
    "metadata": {},
    "outputs": [],
    "source": [
@@ -492,7 +475,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 14,
+   "execution_count": 11,
    "metadata": {},
    "outputs": [
     {
@@ -568,9 +551,9 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "identity",\n",
-       "    "id": "identity--be3baac0-9aba-48a8-81e4-4408b1c379a8",\n",
-       "    "created": "2017-11-21T22:14:45.213Z",\n",
-       "    "modified": "2017-11-21T22:14:45.213Z",\n",
+       "    "id": "identity--b67cf8d4-cc1a-4bb7-9402-fffcff17c9a9",\n",
+       "    "created": "2018-04-05T20:43:54.117Z",\n",
+       "    "modified": "2018-04-05T20:43:54.117Z",\n",
        "    "name": "John Doe",\n",
        "    "identity_class": "individual"\n",
        "}\n",
@@ -580,7 +563,7 @@
        ""
       ]
      },
-     "execution_count": 14,
+     "execution_count": 11,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -598,7 +581,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 15,
+   "execution_count": 12,
    "metadata": {},
    "outputs": [
     {
@@ -607,7 +590,7 @@
        "3"
       ]
      },
-     "execution_count": 15,
+     "execution_count": 12,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -626,16 +609,16 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 27,
+   "execution_count": 13,
    "metadata": {},
    "outputs": [
     {
      "data": {
       "text/plain": [
-       "[Relationship(type='relationship', id='relationship--bd6fd399-c907-4feb-b1da-b90f15942f1d', created='2017-11-21T22:14:45.214Z', modified='2017-11-21T22:14:45.214Z', relationship_type=u'indicates', source_ref='indicator--5ee33ff0-c50d-456b-a8dd-b5d1b69a66e8', target_ref='malware--66c0bc78-4e27-4d80-a565-a07e6eb6fba4')]"
+       "[Relationship(type='relationship', id='relationship--3b9cb248-5c2c-425d-85d0-680bfef6e69d', created='2018-04-05T20:43:54.134Z', modified='2018-04-05T20:43:54.134Z', relationship_type='indicates', source_ref='indicator--61deb2a5-305a-490e-83b3-9839a9677368', target_ref='malware--9fe343d8-edf7-4f4a-bb6c-a221fb75142d')]"
       ]
      },
-     "execution_count": 27,
+     "execution_count": 13,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -653,16 +636,16 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 28,
+   "execution_count": 14,
    "metadata": {},
    "outputs": [
     {
      "data": {
       "text/plain": [
-       "[Relationship(type='relationship', id='relationship--7eb7f5cd-8bf2-4f7c-8756-84c0b5693b9a', created='2017-11-21T22:14:45.215Z', modified='2017-11-21T22:14:45.215Z', relationship_type=u'targets', source_ref='malware--66c0bc78-4e27-4d80-a565-a07e6eb6fba4', target_ref='identity--be3baac0-9aba-48a8-81e4-4408b1c379a8')]"
+       "[Relationship(type='relationship', id='relationship--8d322508-423b-4d51-be85-a95ad083f8af', created='2018-04-05T20:43:54.134Z', modified='2018-04-05T20:43:54.134Z', relationship_type='targets', source_ref='malware--9fe343d8-edf7-4f4a-bb6c-a221fb75142d', target_ref='identity--b67cf8d4-cc1a-4bb7-9402-fffcff17c9a9')]"
       ]
      },
-     "execution_count": 28,
+     "execution_count": 14,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -680,17 +663,17 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 30,
+   "execution_count": 15,
    "metadata": {},
    "outputs": [
     {
      "data": {
       "text/plain": [
-       "[Relationship(type='relationship', id='relationship--bd6fd399-c907-4feb-b1da-b90f15942f1d', created='2017-11-21T22:14:45.214Z', modified='2017-11-21T22:14:45.214Z', relationship_type=u'indicates', source_ref='indicator--5ee33ff0-c50d-456b-a8dd-b5d1b69a66e8', target_ref='malware--66c0bc78-4e27-4d80-a565-a07e6eb6fba4'),\n",
-       " Relationship(type='relationship', id='relationship--3c759d40-c92a-430e-aab6-77d5c5763302', created='2017-11-21T22:14:45.215Z', modified='2017-11-21T22:14:45.215Z', relationship_type=u'uses', source_ref='campaign--82ab7aa4-d13b-4e99-8a09-ebcba30668a7', target_ref='malware--66c0bc78-4e27-4d80-a565-a07e6eb6fba4')]"
+       "[Relationship(type='relationship', id='relationship--3b9cb248-5c2c-425d-85d0-680bfef6e69d', created='2018-04-05T20:43:54.134Z', modified='2018-04-05T20:43:54.134Z', relationship_type='indicates', source_ref='indicator--61deb2a5-305a-490e-83b3-9839a9677368', target_ref='malware--9fe343d8-edf7-4f4a-bb6c-a221fb75142d'),\n",
+       " Relationship(type='relationship', id='relationship--93e5afe0-d1fb-4315-8d08-10951f7a99b6', created='2018-04-05T20:43:54.134Z', modified='2018-04-05T20:43:54.134Z', relationship_type='uses', source_ref='campaign--edfd885c-bc31-4051-9bc2-08e057542d56', target_ref='malware--9fe343d8-edf7-4f4a-bb6c-a221fb75142d')]"
       ]
      },
-     "execution_count": 30,
+     "execution_count": 15,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -708,16 +691,16 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 42,
+   "execution_count": 16,
    "metadata": {},
    "outputs": [
     {
      "data": {
       "text/plain": [
-       "[Campaign(type='campaign', id='campaign--82ab7aa4-d13b-4e99-8a09-ebcba30668a7', created='2017-11-21T22:14:45.213Z', modified='2017-11-21T22:14:45.213Z', name=u'Charge', description=u'Attack!')]"
+       "[Campaign(type='campaign', id='campaign--edfd885c-bc31-4051-9bc2-08e057542d56', created='2018-04-05T20:43:54.117Z', modified='2018-04-05T20:43:54.117Z', name='Charge', description='Attack!')]"
       ]
      },
-     "execution_count": 42,
+     "execution_count": 16,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -729,21 +712,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "cti-python-stix2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "cti-python-stix2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/environment.ipynb b/docs/guide/environment.ipynb
index 3ece7c4..fdc57c8 100644
--- a/docs/guide/environment.ipynb
+++ b/docs/guide/environment.ipynb
@@ -4,7 +4,6 @@
    "cell_type": "code",
    "execution_count": 1,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -25,7 +24,6 @@
    "cell_type": "code",
    "execution_count": 2,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,23 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -68,9 +68,7 @@
   {
    "cell_type": "code",
    "execution_count": 3,
-   "metadata": {
-    "collapsed": true
-   },
+   "metadata": {},
    "outputs": [],
    "source": [
     "from stix2 import Environment, MemoryStore\n",
@@ -87,18 +85,16 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 4,
-   "metadata": {
-    "collapsed": true
-   },
+   "execution_count": 6,
+   "metadata": {},
    "outputs": [],
    "source": [
     "from stix2 import CompositeDataSource, FileSystemSink, FileSystemSource, MemorySource\n",
     "\n",
     "src = CompositeDataSource()\n",
-    "src.add_data_sources([MemorySource(), FileSystemSource(\"/tmp/stix_source\")])\n",
+    "src.add_data_sources([MemorySource(), FileSystemSource(\"/tmp/stix2_source\")])\n",
     "env2 = Environment(source=src,\n",
-    "                   sink=FileSystemSink(\"/tmp/stix_sink\"))"
+    "                   sink=FileSystemSink(\"/tmp/stix2_sink\"))"
    ]
   },
   {
@@ -110,10 +106,8 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 5,
-   "metadata": {
-    "collapsed": true
-   },
+   "execution_count": 7,
+   "metadata": {},
    "outputs": [],
    "source": [
     "from stix2 import Indicator\n",
@@ -131,139 +125,6 @@
     "You can retrieve STIX objects from the [DataSources](../api/stix2.datastore.rst#stix2.datastore.DataSource) in the [Environment](../api/stix2.environment.rst#stix2.environment.Environment) with [get()](../api/stix2.environment.rst#stix2.environment.Environment.get), [query()](../api/stix2.environment.rst#stix2.environment.Environment.query), [all_versions()](../api/stix2.environment.rst#stix2.environment.Environment.all_versions), [creator_of()](../api/stix2.datastore.rst#stix2.datastore.DataSource.creator_of), [related_to()](../api/stix2.datastore.rst#stix2.datastore.DataSource.related_to), and [relationships()](../api/stix2.datastore.rst#stix2.datastore.DataSource.relationships) just as you would for a [DataSource](../api/stix2.datastore.rst#stix2.datastore.DataSource)."
    ]
   },
-  {
-   "cell_type": "code",
-   "execution_count": 6,
-   "metadata": {},
-   "outputs": [
-    {
-     "data": {
-      "text/html": [
-       "
{\n",
-       "    "type": "indicator",\n",
-       "    "id": "indicator--01234567-89ab-cdef-0123-456789abcdef",\n",
-       "    "created": "2017-10-02T13:20:39.373Z",\n",
-       "    "modified": "2017-10-02T13:20:39.373Z",\n",
-       "    "labels": [\n",
-       "        "malicious-activity"\n",
-       "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-02T13:20:39.3737Z"\n",
-       "}\n",
-       "
\n"
-      ],
-      "text/plain": [
-       ""
-      ]
-     },
-     "execution_count": 6,
-     "metadata": {},
-     "output_type": "execute_result"
-    }
-   ],
-   "source": [
-    "print(env.get(\"indicator--01234567-89ab-cdef-0123-456789abcdef\"))"
-   ]
-  },
-  {
-   "cell_type": "markdown",
-   "metadata": {},
-   "source": [
-    "### Creating STIX Objects With Defaults\n",
-    "\n",
-    "To create STIX objects with default values for certain properties, use an [ObjectFactory](../api/stix2.environment.rst#stix2.environment.ObjectFactory). For instance, say we want all objects we create to have a ``created_by_ref`` property pointing to the ``Identity`` object representing our organization."
-   ]
-  },
-  {
-   "cell_type": "code",
-   "execution_count": 7,
-   "metadata": {
-    "collapsed": true
-   },
-   "outputs": [],
-   "source": [
-    "from stix2 import Indicator, ObjectFactory\n",
-    "\n",
-    "factory = ObjectFactory(created_by_ref=\"identity--311b2d2d-f010-5473-83ec-1edf84858f4c\")"
-   ]
-  },
-  {
-   "cell_type": "markdown",
-   "metadata": {
-    "collapsed": true
-   },
-   "source": [
-    "Once you've set up the [ObjectFactory](../api/stix2.environment.rst#stix2.environment.ObjectFactory), use its [create()](../api/stix2.environment.rst#stix2.environment.ObjectFactory.create) method, passing in the class for the type of object you wish to create, followed by the other properties and their values for the object."
-   ]
-  },
   {
    "cell_type": "code",
    "execution_count": 8,
@@ -342,15 +203,14 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--c92ad60d-449d-4adf-86b3-4e5951a8f480",\n",
-       "    "created_by_ref": "identity--311b2d2d-f010-5473-83ec-1edf84858f4c",\n",
-       "    "created": "2017-10-02T13:23:00.607Z",\n",
-       "    "modified": "2017-10-02T13:23:00.607Z",\n",
+       "    "id": "indicator--01234567-89ab-cdef-0123-456789abcdef",\n",
+       "    "created": "2018-04-05T19:27:53.923Z",\n",
+       "    "modified": "2018-04-05T19:27:53.923Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:27:53.923548Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
-       "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-02T13:23:00.607216Z"\n",
+       "    ]\n",
        "}\n",
        "
\n"
       ],
@@ -363,6 +223,138 @@
      "output_type": "execute_result"
     }
    ],
+   "source": [
+    "print(env.get(\"indicator--01234567-89ab-cdef-0123-456789abcdef\"))"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "### Creating STIX Objects With Defaults\n",
+    "\n",
+    "To create STIX objects with default values for certain properties, use an [ObjectFactory](../api/stix2.environment.rst#stix2.environment.ObjectFactory). For instance, say we want all objects we create to have a ``created_by_ref`` property pointing to the ``Identity`` object representing our organization."
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": 13,
+   "metadata": {},
+   "outputs": [],
+   "source": [
+    "from stix2 import Indicator, ObjectFactory\n",
+    "\n",
+    "factory = ObjectFactory(created_by_ref=\"identity--311b2d2d-f010-5473-83ec-1edf84858f4c\")"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {
+    "collapsed": true
+   },
+   "source": [
+    "Once you've set up the [ObjectFactory](../api/stix2.environment.rst#stix2.environment.ObjectFactory), use its [create()](../api/stix2.environment.rst#stix2.environment.ObjectFactory.create) method, passing in the class for the type of object you wish to create, followed by the other properties and their values for the object."
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": 14,
+   "metadata": {},
+   "outputs": [
+    {
+     "data": {
+      "text/html": [
+       "
{\n",
+       "    "type": "indicator",\n",
+       "    "id": "indicator--c1b421c0-9c6b-4276-9b73-1b8684a5a0d2",\n",
+       "    "created_by_ref": "identity--311b2d2d-f010-5473-83ec-1edf84858f4c",\n",
+       "    "created": "2018-04-05T19:28:48.776Z",\n",
+       "    "modified": "2018-04-05T19:28:48.776Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:28:48.776442Z",\n",
+       "    "labels": [\n",
+       "        "malicious-activity"\n",
+       "    ]\n",
+       "}\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 14,
+     "metadata": {},
+     "output_type": "execute_result"
+    }
+   ],
    "source": [
     "ind = factory.create(Indicator,\n",
     "                     labels=[\"malicious-activity\"],\n",
@@ -388,7 +380,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 9,
+   "execution_count": 15,
    "metadata": {},
    "outputs": [
     {
@@ -464,14 +456,14 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--ae206b9f-8723-4fcf-beb7-8b1b9a2570ab",\n",
+       "    "id": "indicator--30a3b39c-5f57-4e7f-9eaf-e1abcb643da4",\n",
        "    "created": "2017-09-25T18:07:46.255Z",\n",
        "    "modified": "2017-09-25T18:07:46.255Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:28:53.268567Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
-       "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-02T13:23:05.790562Z"\n",
+       "    ]\n",
        "}\n",
        "
\n"
       ],
@@ -479,7 +471,7 @@
        ""
       ]
      },
-     "execution_count": 9,
+     "execution_count": 15,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -498,7 +490,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 10,
+   "execution_count": 16,
    "metadata": {},
    "outputs": [
     {
@@ -574,15 +566,15 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--a8e2be68-b496-463f-9ff4-f620046e7cf2",\n",
+       "    "id": "indicator--6c5bbaaf-6dac-44b0-a0df-86c27b3f6ecb",\n",
        "    "created_by_ref": "identity--962cabe5-f7f3-438a-9169-585a8c971d12",\n",
        "    "created": "2017-09-25T18:07:46.255Z",\n",
        "    "modified": "2017-09-25T18:07:46.255Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:29:56.55129Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
-       "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-02T13:23:08.32424Z"\n",
+       "    ]\n",
        "}\n",
        "
\n"
       ],
@@ -590,7 +582,7 @@
        ""
       ]
      },
-     "execution_count": 10,
+     "execution_count": 16,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -614,7 +606,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 11,
+   "execution_count": 17,
    "metadata": {},
    "outputs": [
     {
@@ -690,15 +682,15 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--89ba04ea-cce9-47a3-acd3-b6379ce51581",\n",
+       "    "id": "indicator--d1b8c3f6-1de1-44c1-b079-3df307224a0d",\n",
        "    "created_by_ref": "identity--311b2d2d-f010-5473-83ec-1edf84858f4c",\n",
-       "    "created": "2017-10-02T13:23:29.629Z",\n",
-       "    "modified": "2017-10-02T13:23:29.629Z",\n",
+       "    "created": "2018-04-05T19:29:59.605Z",\n",
+       "    "modified": "2018-04-05T19:29:59.605Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:29:59.605463Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
-       "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-02T13:23:29.629857Z"\n",
+       "    ]\n",
        "}\n",
        "
\n"
       ],
@@ -706,7 +698,7 @@
        ""
       ]
      },
-     "execution_count": 11,
+     "execution_count": 17,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -725,21 +717,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/filesystem.ipynb b/docs/guide/filesystem.ipynb
index cff73d6..28a1843 100644
--- a/docs/guide/filesystem.ipynb
+++ b/docs/guide/filesystem.ipynb
@@ -4,7 +4,6 @@
    "cell_type": "code",
    "execution_count": 1,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -25,7 +24,6 @@
    "cell_type": "code",
    "execution_count": 2,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,23 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -120,57 +120,129 @@
     "### FileSystem Examples\n",
     "\n",
     "#### FileSystemStore\n",
-    "        "
+    "\n",
+    "Use the FileSystemStore when you want to both retrieve STIX content from the file system and push STIX content to it, too."
    ]
   },
   {
    "cell_type": "code",
-   "execution_count": 10,
+   "execution_count": 4,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "{\n",
-      "    \"type\": \"malware\",\n",
-      "    \"id\": \"malware--00c3bfcb-99bd-4767-8c03-b08f585f5c8a\",\n",
-      "    \"created_by_ref\": \"identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\",\n",
-      "    \"created\": \"2017-05-31T21:33:19.746Z\",\n",
-      "    \"modified\": \"2017-05-31T21:33:19.746Z\",\n",
-      "    \"name\": \"PowerDuke\",\n",
-      "    \"description\": \"PowerDuke is a backdoor that was used by APT29 in 2016. It has primarily been delivered through Microsoft Word or Excel attachments containing malicious macros.[[Citation: Volexity PowerDuke November 2016]]\",\n",
-      "    \"labels\": [\n",
-      "        \"malware\"\n",
-      "    ],\n",
-      "    \"external_references\": [\n",
-      "        {\n",
-      "            \"source_name\": \"mitre-attack\",\n",
-      "            \"url\": \"https://attack.mitre.org/wiki/Software/S0139\",\n",
-      "            \"external_id\": \"S0139\"\n",
-      "        },\n",
-      "        {\n",
-      "            \"source_name\": \"Volexity PowerDuke November 2016\",\n",
-      "            \"description\": \"Adair, S.. (2016, November 9). PowerDuke: Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks and NGOs. Retrieved January 11, 2017.\",\n",
-      "            \"url\": \"https://www.volexity.com/blog/2016/11/09/powerduke-post-election-spear-phishing-campaigns-targeting-think-tanks-and-ngos/\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"object_marking_refs\": [\n",
-      "        \"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168\"\n",
-      "    ]\n",
-      "}\n"
-     ]
+     "data": {
+      "text/html": [
+       "
{\n",
+       "    "type": "malware",\n",
+       "    "id": "malware--00c3bfcb-99bd-4767-8c03-b08f585f5c8a",\n",
+       "    "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",\n",
+       "    "created": "2017-05-31T21:33:19.746Z",\n",
+       "    "modified": "2017-05-31T21:33:19.746Z",\n",
+       "    "name": "PowerDuke",\n",
+       "    "description": "PowerDuke is a backdoor that was used by APT29 in 2016. It has primarily been delivered through Microsoft Word or Excel attachments containing malicious macros.[[Citation: Volexity PowerDuke November 2016]]",\n",
+       "    "labels": [\n",
+       "        "malware"\n",
+       "    ],\n",
+       "    "external_references": [\n",
+       "        {\n",
+       "            "source_name": "mitre-attack",\n",
+       "            "url": "https://attack.mitre.org/wiki/Software/S0139",\n",
+       "            "external_id": "S0139"\n",
+       "        },\n",
+       "        {\n",
+       "            "source_name": "Volexity PowerDuke November 2016",\n",
+       "            "description": "Adair, S.. (2016, November 9). PowerDuke: Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks and NGOs. Retrieved January 11, 2017.",\n",
+       "            "url": "https://www.volexity.com/blog/2016/11/09/powerduke-post-election-spear-phishing-campaigns-targeting-think-tanks-and-ngos/"\n",
+       "        }\n",
+       "    ],\n",
+       "    "object_marking_refs": [\n",
+       "        "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"\n",
+       "    ]\n",
+       "}\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 4,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [
     "from stix2 import FileSystemStore\n",
     "\n",
-    "\"\"\"\n",
-    "Working with the FileSystemStore, where STIX content can be retrieved and pushed to a file system.\n",
-    "\"\"\"\n",
-    "\n",
     "# create FileSystemStore\n",
-    "fs = FileSystemStore(\"/home/michael/Desktop/sample_stix2_data\")\n",
+    "fs = FileSystemStore(\"/tmp/stix2_store\")\n",
     "\n",
     "# retrieve STIX2 content from FileSystemStore\n",
     "ap = fs.get(\"attack-pattern--00d0b012-8a03-410e-95de-5826bf542de6\")\n",
@@ -221,54 +293,128 @@
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "#### FileSystemSource - (if STIX content is only to be retrieved from FileSystem)"
+    "#### FileSystemSource\n",
+    "\n",
+    "Use the FileSystemSource when you only want to retrieve STIX content from the file system."
    ]
   },
   {
    "cell_type": "code",
-   "execution_count": 4,
+   "execution_count": 6,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "{\n",
-      "    \"type\": \"attack-pattern\",\n",
-      "    \"id\": \"attack-pattern--00d0b012-8a03-410e-95de-5826bf542de6\",\n",
-      "    \"created_by_ref\": \"identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\",\n",
-      "    \"created\": \"2017-05-31T21:30:54.176Z\",\n",
-      "    \"modified\": \"2017-05-31T21:30:54.176Z\",\n",
-      "    \"name\": \"Indicator Removal from Tools\",\n",
-      "    \"description\": \"If a malicious...command-line parameters, Process monitoring\",\n",
-      "    \"kill_chain_phases\": [\n",
-      "        {\n",
-      "            \"kill_chain_name\": \"mitre-attack\",\n",
-      "            \"phase_name\": \"defense-evasion\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"external_references\": [\n",
-      "        {\n",
-      "            \"source_name\": \"mitre-attack\",\n",
-      "            \"url\": \"https://attack.mitre.org/wiki/Technique/T1066\",\n",
-      "            \"external_id\": \"T1066\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"object_marking_refs\": [\n",
-      "        \"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168\"\n",
-      "    ]\n",
-      "}\n"
-     ]
+     "data": {
+      "text/html": [
+       "
{\n",
+       "    "type": "attack-pattern",\n",
+       "    "id": "attack-pattern--00d0b012-8a03-410e-95de-5826bf542de6",\n",
+       "    "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",\n",
+       "    "created": "2017-05-31T21:30:54.176Z",\n",
+       "    "modified": "2017-05-31T21:30:54.176Z",\n",
+       "    "name": "Indicator Removal from Tools",\n",
+       "    "description": "If a malicious...command-line parameters, Process monitoring",\n",
+       "    "kill_chain_phases": [\n",
+       "        {\n",
+       "            "kill_chain_name": "mitre-attack",\n",
+       "            "phase_name": "defense-evasion"\n",
+       "        }\n",
+       "    ],\n",
+       "    "external_references": [\n",
+       "        {\n",
+       "            "source_name": "mitre-attack",\n",
+       "            "url": "https://attack.mitre.org/wiki/Technique/T1066",\n",
+       "            "external_id": "T1066"\n",
+       "        }\n",
+       "    ],\n",
+       "    "object_marking_refs": [\n",
+       "        "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"\n",
+       "    ]\n",
+       "}\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 6,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [
     "from stix2 import FileSystemSource\n",
-    "\"\"\"\n",
-    "Working with FileSystemSource for retrieving STIX content.\n",
-    "\"\"\"\n",
     "\n",
     "# create FileSystemSource\n",
-    "fs_source = FileSystemSource(\"/home/michael/Desktop/sample_stix2_data\")\n",
+    "fs_source = FileSystemSource(\"/tmp/stix2_source\")\n",
     "\n",
     "# retrieve STIX 2 objects\n",
     "ap = fs_source.get(\"attack-pattern--00d0b012-8a03-410e-95de-5826bf542de6\")\n",
@@ -279,149 +425,336 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 5,
+   "execution_count": 7,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "{\n",
-      "    \"type\": \"malware\",\n",
-      "    \"id\": \"malware--0f862b01-99da-47cc-9bdb-db4a86a95bb1\",\n",
-      "    \"created_by_ref\": \"identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\",\n",
-      "    \"created\": \"2017-05-31T21:32:54.772Z\",\n",
-      "    \"modified\": \"2017-05-31T21:32:54.772Z\",\n",
-      "    \"name\": \"Emissary\",\n",
-      "    \"description\": \"Emissary is a Trojan that has been used by Lotus Blossom. It shares code with Elise, with both Trojans being part of a malware group referred to as LStudio.[[Citation: Lotus Blossom Dec 2015]]\",\n",
-      "    \"labels\": [\n",
-      "        \"malware\"\n",
-      "    ],\n",
-      "    \"external_references\": [\n",
-      "        {\n",
-      "            \"source_name\": \"mitre-attack\",\n",
-      "            \"url\": \"https://attack.mitre.org/wiki/Software/S0082\",\n",
-      "            \"external_id\": \"S0082\"\n",
-      "        },\n",
-      "        {\n",
-      "            \"source_name\": \"Lotus Blossom Dec 2015\",\n",
-      "            \"description\": \"Falcone, R. and Miller-Osborn, J.. (2015, December 18). Attack on French Diplomat Linked to Operation Lotus Blossom. Retrieved February 15, 2016.\",\n",
-      "            \"url\": \"http://researchcenter.paloaltonetworks.com/2015/12/attack-on-french-diplomat-linked-to-operation-lotus-blossom/\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"object_marking_refs\": [\n",
-      "        \"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168\"\n",
-      "    ]\n",
-      "}\n",
-      "{\n",
-      "    \"type\": \"malware\",\n",
-      "    \"id\": \"malware--2a6f4c7b-e690-4cc7-ab6b-1f821fb6b80b\",\n",
-      "    \"created_by_ref\": \"identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\",\n",
-      "    \"created\": \"2017-05-31T21:32:33.348Z\",\n",
-      "    \"modified\": \"2017-05-31T21:32:33.348Z\",\n",
-      "    \"name\": \"LOWBALL\",\n",
-      "    \"description\": \"LOWBALL is malware used by admin@338. It was used in August 2015 in email messages targeting Hong Kong-based media organizations.[[Citation: FireEye admin@338]]\",\n",
-      "    \"labels\": [\n",
-      "        \"malware\"\n",
-      "    ],\n",
-      "    \"external_references\": [\n",
-      "        {\n",
-      "            \"source_name\": \"mitre-attack\",\n",
-      "            \"url\": \"https://attack.mitre.org/wiki/Software/S0042\",\n",
-      "            \"external_id\": \"S0042\"\n",
-      "        },\n",
-      "        {\n",
-      "            \"source_name\": \"FireEye admin@338\",\n",
-      "            \"description\": \"FireEye Threat Intelligence. (2015, December 1). China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets. Retrieved December 4, 2015.\",\n",
-      "            \"url\": \"https://www.fireeye.com/blog/threat-research/2015/11/china-based-threat.html\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"object_marking_refs\": [\n",
-      "        \"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168\"\n",
-      "    ]\n",
-      "}\n",
-      "{\n",
-      "    \"type\": \"malware\",\n",
-      "    \"id\": \"malware--00c3bfcb-99bd-4767-8c03-b08f585f5c8a\",\n",
-      "    \"created_by_ref\": \"identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\",\n",
-      "    \"created\": \"2017-05-31T21:33:19.746Z\",\n",
-      "    \"modified\": \"2017-05-31T21:33:19.746Z\",\n",
-      "    \"name\": \"PowerDuke\",\n",
-      "    \"description\": \"PowerDuke is a backdoor that was used by APT29 in 2016. It has primarily been delivered through Microsoft Word or Excel attachments containing malicious macros.[[Citation: Volexity PowerDuke November 2016]]\",\n",
-      "    \"labels\": [\n",
-      "        \"malware\"\n",
-      "    ],\n",
-      "    \"external_references\": [\n",
-      "        {\n",
-      "            \"source_name\": \"mitre-attack\",\n",
-      "            \"url\": \"https://attack.mitre.org/wiki/Software/S0139\",\n",
-      "            \"external_id\": \"S0139\"\n",
-      "        },\n",
-      "        {\n",
-      "            \"source_name\": \"Volexity PowerDuke November 2016\",\n",
-      "            \"description\": \"Adair, S.. (2016, November 9). PowerDuke: Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks and NGOs. Retrieved January 11, 2017.\",\n",
-      "            \"url\": \"https://www.volexity.com/blog/2016/11/09/powerduke-post-election-spear-phishing-campaigns-targeting-think-tanks-and-ngos/\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"object_marking_refs\": [\n",
-      "        \"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168\"\n",
-      "    ]\n",
-      "}\n",
-      "{\n",
-      "    \"type\": \"malware\",\n",
-      "    \"id\": \"malware--0db09158-6e48-4e7c-8ce7-2b10b9c0c039\",\n",
-      "    \"created_by_ref\": \"identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\",\n",
-      "    \"created\": \"2017-05-31T21:32:55.126Z\",\n",
-      "    \"modified\": \"2017-05-31T21:32:55.126Z\",\n",
-      "    \"name\": \"Misdat\",\n",
-      "    \"description\": \"Misdat is a backdoor that was used by Dust Storm from 2010 to 2011.[[Citation: Cylance Dust Storm]]\",\n",
-      "    \"labels\": [\n",
-      "        \"malware\"\n",
-      "    ],\n",
-      "    \"external_references\": [\n",
-      "        {\n",
-      "            \"source_name\": \"mitre-attack\",\n",
-      "            \"url\": \"https://attack.mitre.org/wiki/Software/S0083\",\n",
-      "            \"external_id\": \"S0083\"\n",
-      "        },\n",
-      "        {\n",
-      "            \"source_name\": \"Cylance Dust Storm\",\n",
-      "            \"description\": \"Gross, J. (2016, February 23). Operation Dust Storm. Retrieved February 25, 2016.\",\n",
-      "            \"url\": \"https://www.cylance.com/hubfs/2015%20cylance%20website/assets/operation-dust-storm/Op%20Dust%20Storm%20Report.pdf?t=1456259131512\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"object_marking_refs\": [\n",
-      "        \"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168\"\n",
-      "    ]\n",
-      "}\n",
-      "{\n",
-      "    \"type\": \"malware\",\n",
-      "    \"id\": \"malware--1d808f62-cf63-4063-9727-ff6132514c22\",\n",
-      "    \"created_by_ref\": \"identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\",\n",
-      "    \"created\": \"2017-05-31T21:33:06.433Z\",\n",
-      "    \"modified\": \"2017-05-31T21:33:06.433Z\",\n",
-      "    \"name\": \"WEBC2\",\n",
-      "    \"description\": \"WEBC2 is a backdoor used by APT1 to retrieve a Web page from a predetermined C2 server.[[Citation: Mandiant APT1 Appendix]]\",\n",
-      "    \"labels\": [\n",
-      "        \"malware\"\n",
-      "    ],\n",
-      "    \"external_references\": [\n",
-      "        {\n",
-      "            \"source_name\": \"mitre-attack\",\n",
-      "            \"url\": \"https://attack.mitre.org/wiki/Software/S0109\",\n",
-      "            \"external_id\": \"S0109\"\n",
-      "        },\n",
-      "        {\n",
-      "            \"source_name\": \"Mandiant APT1 Appendix\",\n",
-      "            \"description\": \"Mandiant. (n.d.). Appendix C (Digital) - The Malware Arsenal. Retrieved July 18, 2016.\",\n",
-      "            \"url\": \"https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report-appendix.zip\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"object_marking_refs\": [\n",
-      "        \"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168\"\n",
-      "    ]\n",
-      "}\n"
-     ]
+     "data": {
+      "text/html": [
+       "
malware--96b08451-b27a-4ff6-893f-790e26393a8e\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 7,
+     "metadata": {},
+     "output_type": "execute_result"
+    },
+    {
+     "data": {
+      "text/html": [
+       "
malware--b42378e0-f147-496f-992a-26a49705395b\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 7,
+     "metadata": {},
+     "output_type": "execute_result"
+    },
+    {
+     "data": {
+      "text/html": [
+       "
malware--6b616fc1-1505-48e3-8b2c-0d19337bff38\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 7,
+     "metadata": {},
+     "output_type": "execute_result"
+    },
+    {
+     "data": {
+      "text/html": [
+       "
malware--92ec0cbd-2c30-44a2-b270-73f4ec949841\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 7,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [
@@ -434,46 +767,95 @@
     "mals = fs_source.query(query)\n",
     "\n",
     "for mal in mals:\n",
-    "    print(mal)"
+    "    print(mal.id)"
    ]
   },
   {
    "cell_type": "code",
-   "execution_count": 6,
+   "execution_count": 8,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "{\n",
-      "    \"type\": \"malware\",\n",
-      "    \"id\": \"malware--00c3bfcb-99bd-4767-8c03-b08f585f5c8a\",\n",
-      "    \"created_by_ref\": \"identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5\",\n",
-      "    \"created\": \"2017-05-31T21:33:19.746Z\",\n",
-      "    \"modified\": \"2017-05-31T21:33:19.746Z\",\n",
-      "    \"name\": \"PowerDuke\",\n",
-      "    \"description\": \"PowerDuke is a backdoor that was used by APT29 in 2016. It has primarily been delivered through Microsoft Word or Excel attachments containing malicious macros.[[Citation: Volexity PowerDuke November 2016]]\",\n",
-      "    \"labels\": [\n",
-      "        \"malware\"\n",
-      "    ],\n",
-      "    \"external_references\": [\n",
-      "        {\n",
-      "            \"source_name\": \"mitre-attack\",\n",
-      "            \"url\": \"https://attack.mitre.org/wiki/Software/S0139\",\n",
-      "            \"external_id\": \"S0139\"\n",
-      "        },\n",
-      "        {\n",
-      "            \"source_name\": \"Volexity PowerDuke November 2016\",\n",
-      "            \"description\": \"Adair, S.. (2016, November 9). PowerDuke: Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks and NGOs. Retrieved January 11, 2017.\",\n",
-      "            \"url\": \"https://www.volexity.com/blog/2016/11/09/powerduke-post-election-spear-phishing-campaigns-targeting-think-tanks-and-ngos/\"\n",
-      "        }\n",
-      "    ],\n",
-      "    \"object_marking_refs\": [\n",
-      "        \"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168\"\n",
-      "    ]\n",
-      "}\n"
-     ]
+     "data": {
+      "text/html": [
+       "
malware--92ec0cbd-2c30-44a2-b270-73f4ec949841\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 8,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [
@@ -484,30 +866,28 @@
     "\n",
     "# for visual purposes\n",
     "for mal in mals:\n",
-    "    print(mal)"
+    "    print(mal.id)"
    ]
   },
   {
    "cell_type": "markdown",
    "metadata": {},
    "source": [
-    "#### FileSystemSink - (if STIX content is only to be pushed to FileSystem)"
+    "#### FileSystemSink\n",
+    "\n",
+    "Use the FileSystemSink when you only want to push STIX content to the file system."
    ]
   },
   {
    "cell_type": "code",
-   "execution_count": 7,
-   "metadata": {
-    "collapsed": true
-   },
+   "execution_count": 10,
+   "metadata": {},
    "outputs": [],
    "source": [
-    "from stix2 import FileSystemSink, Campaign\n",
-    "\"\"\"\n",
-    "Working with FileSystemSink for pushing STIX content.\n",
-    "\"\"\"\n",
+    "from stix2 import FileSystemSink, Campaign, Indicator\n",
+    "\n",
     "# create FileSystemSink\n",
-    "fs_sink = FileSystemSink(\"/home/michael/Desktop/sample_stix2_data\")\n",
+    "fs_sink = FileSystemSink(\"/tmp/stix2_sink\")\n",
     "\n",
     "# create STIX objects and add to sink\n",
     "camp = Campaign(name=\"The Crusades\",\n",
@@ -532,21 +912,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/markings.ipynb b/docs/guide/markings.ipynb
index fcacf47..8230daf 100644
--- a/docs/guide/markings.ipynb
+++ b/docs/guide/markings.ipynb
@@ -2,9 +2,8 @@
  "cells": [
   {
    "cell_type": "code",
-   "execution_count": 1,
+   "execution_count": 6,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -23,9 +22,8 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 2,
+   "execution_count": 5,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,23 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -68,127 +68,127 @@
     "To create an object with a (predefined) TLP marking to an object, just provide it as a keyword argument to the constructor. The TLP markings can easily be imported from python-stix2."
    ]
   },
-  {
-   "cell_type": "code",
-   "execution_count": 3,
-   "metadata": {},
-   "outputs": [
-    {
-     "data": {
-      "text/html": [
-       "
{\n",
-       "    "type": "indicator",\n",
-       "    "id": "indicator--65ff0082-bb92-4812-9b74-b144b858297f",\n",
-       "    "created": "2017-11-13T14:42:14.641Z",\n",
-       "    "modified": "2017-11-13T14:42:14.641Z",\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-11-13T14:42:14.641818Z",\n",
-       "    "labels": [\n",
-       "        "malicious-activity"\n",
-       "    ],\n",
-       "    "object_marking_refs": [\n",
-       "        "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
-       "    ]\n",
-       "}\n",
-       "
\n"
-      ],
-      "text/plain": [
-       ""
-      ]
-     },
-     "execution_count": 3,
-     "metadata": {},
-     "output_type": "execute_result"
-    }
-   ],
-   "source": [
-    "from stix2 import Indicator, TLP_AMBER\n",
-    "\n",
-    "indicator = Indicator(labels=[\"malicious-activity\"],\n",
-    "                      pattern=\"[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']\",\n",
-    "                      object_marking_refs=TLP_AMBER)\n",
-    "print(indicator)"
-   ]
-  },
-  {
-   "cell_type": "markdown",
-   "metadata": {},
-   "source": [
-    "If you’re creating your own marking (for example, a ``Statement`` marking), first create the statement marking:"
-   ]
-  },
   {
    "cell_type": "code",
    "execution_count": 7,
    "metadata": {},
+   "outputs": [
+    {
+     "data": {
+      "text/html": [
+       "
{\n",
+       "    "type": "indicator",\n",
+       "    "id": "indicator--95a71cff-fad0-4ffb-a641-8a6eaa642290",\n",
+       "    "created": "2018-04-05T19:49:47.924Z",\n",
+       "    "modified": "2018-04-05T19:49:47.924Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:49:47.924708Z",\n",
+       "    "labels": [\n",
+       "        "malicious-activity"\n",
+       "    ],\n",
+       "    "object_marking_refs": [\n",
+       "        "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
+       "    ]\n",
+       "}\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 7,
+     "metadata": {},
+     "output_type": "execute_result"
+    }
+   ],
+   "source": [
+    "from stix2 import Indicator, TLP_AMBER\n",
+    "\n",
+    "indicator = Indicator(labels=[\"malicious-activity\"],\n",
+    "                      pattern=\"[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']\",\n",
+    "                      object_marking_refs=TLP_AMBER)\n",
+    "print(indicator)"
+   ]
+  },
+  {
+   "cell_type": "markdown",
+   "metadata": {},
+   "source": [
+    "If you’re creating your own marking (for example, a ``Statement`` marking), first create the statement marking:"
+   ]
+  },
+  {
+   "cell_type": "code",
+   "execution_count": 8,
+   "metadata": {},
    "outputs": [
     {
      "data": {
@@ -263,8 +263,8 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "marking-definition",\n",
-       "    "id": "marking-definition--d16f0975-c5dd-4b25-a41d-af4afcc5da92",\n",
-       "    "created": "2017-11-13T14:43:30.558058Z",\n",
+       "    "id": "marking-definition--13680b12-3d19-4b42-abe6-0d31effe5368",\n",
+       "    "created": "2018-04-05T19:49:53.98008Z",\n",
        "    "definition_type": "statement",\n",
        "    "definition": {\n",
        "        "statement": "Copyright 2017, Example Corp"\n",
@@ -276,7 +276,7 @@
        ""
       ]
      },
-     "execution_count": 7,
+     "execution_count": 8,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -300,7 +300,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 5,
+   "execution_count": 9,
    "metadata": {},
    "outputs": [
     {
@@ -376,16 +376,16 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--526cda4e-6745-4cd6-852f-0750c6a79784",\n",
-       "    "created": "2017-10-04T14:43:09.586Z",\n",
-       "    "modified": "2017-10-04T14:43:09.586Z",\n",
+       "    "id": "indicator--7caeab49-2472-41bb-a988-2f990aea99bd",\n",
+       "    "created": "2018-04-05T19:49:55.763Z",\n",
+       "    "modified": "2018-04-05T19:49:55.763Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:49:55.763364Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
        "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-04T14:43:09.586133Z",\n",
        "    "object_marking_refs": [\n",
-       "        "marking-definition--030bb5c6-c5eb-4e9c-8e7a-b9aab08ded53"\n",
+       "        "marking-definition--13680b12-3d19-4b42-abe6-0d31effe5368"\n",
        "    ]\n",
        "}\n",
        "
\n"
@@ -394,7 +394,7 @@
        ""
       ]
      },
-     "execution_count": 5,
+     "execution_count": 9,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -408,7 +408,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 6,
+   "execution_count": 10,
    "metadata": {},
    "outputs": [
     {
@@ -484,14 +484,14 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--1505b789-fcd2-48ee-bea9-3b20627a4abd",\n",
-       "    "created": "2017-10-04T14:43:20.049Z",\n",
-       "    "modified": "2017-10-04T14:43:20.049Z",\n",
+       "    "id": "indicator--4eb21bbe-b8a9-4348-86cf-1ed52f9abdd7",\n",
+       "    "created": "2018-04-05T19:49:57.248Z",\n",
+       "    "modified": "2018-04-05T19:49:57.248Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:49:57.248658Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
        "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-04T14:43:20.049166Z",\n",
        "    "object_marking_refs": [\n",
        "        "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
        "    ]\n",
@@ -502,7 +502,7 @@
        ""
       ]
      },
-     "execution_count": 6,
+     "execution_count": 10,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -523,7 +523,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 8,
+   "execution_count": 11,
    "metadata": {},
    "outputs": [
     {
@@ -599,9 +599,9 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "malware",\n",
-       "    "id": "malware--f7128008-f6ab-4d43-a8a2-a681651268f8",\n",
-       "    "created": "2017-11-13T14:43:34.857Z",\n",
-       "    "modified": "2017-11-13T14:43:34.857Z",\n",
+       "    "id": "malware--ef1eddbb-b5a5-47e0-b607-75b9870d8d91",\n",
+       "    "created": "2018-04-05T19:49:59.103Z",\n",
+       "    "modified": "2018-04-05T19:49:59.103Z",\n",
        "    "name": "Poison Ivy",\n",
        "    "description": "A ransomware related to ...",\n",
        "    "labels": [\n",
@@ -609,7 +609,7 @@
        "    ],\n",
        "    "granular_markings": [\n",
        "        {\n",
-       "            "marking_ref": "marking-definition--d16f0975-c5dd-4b25-a41d-af4afcc5da92",\n",
+       "            "marking_ref": "marking-definition--13680b12-3d19-4b42-abe6-0d31effe5368",\n",
        "            "selectors": [\n",
        "                "description"\n",
        "            ]\n",
@@ -628,7 +628,7 @@
        ""
       ]
      },
-     "execution_count": 8,
+     "execution_count": 11,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -661,7 +661,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 8,
+   "execution_count": 12,
    "metadata": {},
    "outputs": [
     {
@@ -705,7 +705,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 21,
+   "execution_count": 13,
    "metadata": {},
    "outputs": [
     {
@@ -781,17 +781,17 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--409a0b15-1108-4251-8aee-a08995976561",\n",
-       "    "created": "2017-10-04T14:42:54.685Z",\n",
-       "    "modified": "2017-10-04T15:03:46.599Z",\n",
+       "    "id": "indicator--95a71cff-fad0-4ffb-a641-8a6eaa642290",\n",
+       "    "created": "2018-04-05T19:49:47.924Z",\n",
+       "    "modified": "2018-04-05T19:50:03.387Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:49:47.924708Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
        "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-04T14:42:54.685184Z",\n",
        "    "object_marking_refs": [\n",
-       "        "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82",\n",
-       "        "marking-definition--030bb5c6-c5eb-4e9c-8e7a-b9aab08ded53"\n",
+       "        "marking-definition--13680b12-3d19-4b42-abe6-0d31effe5368",\n",
+       "        "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
        "    ]\n",
        "}\n",
        "
\n"
@@ -800,7 +800,7 @@
        ""
       ]
      },
-     "execution_count": 21,
+     "execution_count": 13,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -819,7 +819,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 22,
+   "execution_count": 14,
    "metadata": {},
    "outputs": [
     {
@@ -895,14 +895,14 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--409a0b15-1108-4251-8aee-a08995976561",\n",
-       "    "created": "2017-10-04T14:42:54.685Z",\n",
-       "    "modified": "2017-10-04T15:03:54.290Z",\n",
+       "    "id": "indicator--95a71cff-fad0-4ffb-a641-8a6eaa642290",\n",
+       "    "created": "2018-04-05T19:49:47.924Z",\n",
+       "    "modified": "2018-04-05T19:50:05.109Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:49:47.924708Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
        "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-04T14:42:54.685184Z",\n",
        "    "object_marking_refs": [\n",
        "        "marking-definition--f88d31f6-486f-44da-b317-01333bde0b82"\n",
        "    ]\n",
@@ -913,7 +913,7 @@
        ""
       ]
      },
-     "execution_count": 22,
+     "execution_count": 14,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -932,7 +932,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 23,
+   "execution_count": 15,
    "metadata": {},
    "outputs": [
     {
@@ -1008,17 +1008,17 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--409a0b15-1108-4251-8aee-a08995976561",\n",
-       "    "created": "2017-10-04T14:42:54.685Z",\n",
-       "    "modified": "2017-10-04T15:04:04.218Z",\n",
+       "    "id": "indicator--95a71cff-fad0-4ffb-a641-8a6eaa642290",\n",
+       "    "created": "2018-04-05T19:49:47.924Z",\n",
+       "    "modified": "2018-04-05T19:50:06.773Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:49:47.924708Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
        "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-04T14:42:54.685184Z",\n",
        "    "object_marking_refs": [\n",
-       "        "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",\n",
-       "        "marking-definition--030bb5c6-c5eb-4e9c-8e7a-b9aab08ded53"\n",
+       "        "marking-definition--13680b12-3d19-4b42-abe6-0d31effe5368",\n",
+       "        "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da"\n",
        "    ]\n",
        "}\n",
        "
\n"
@@ -1027,7 +1027,7 @@
        ""
       ]
      },
-     "execution_count": 23,
+     "execution_count": 15,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -1048,7 +1048,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 12,
+   "execution_count": 16,
    "metadata": {},
    "outputs": [
     {
@@ -1124,14 +1124,14 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--409a0b15-1108-4251-8aee-a08995976561",\n",
-       "    "created": "2017-10-04T14:42:54.685Z",\n",
-       "    "modified": "2017-10-04T14:54:39.331Z",\n",
+       "    "id": "indicator--95a71cff-fad0-4ffb-a641-8a6eaa642290",\n",
+       "    "created": "2018-04-05T19:49:47.924Z",\n",
+       "    "modified": "2018-04-05T19:50:08.616Z",\n",
+       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
+       "    "valid_from": "2018-04-05T19:49:47.924708Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
-       "    ],\n",
-       "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-10-04T14:42:54.685184Z"\n",
+       "    ]\n",
        "}\n",
        "
\n"
       ],
@@ -1139,7 +1139,7 @@
        ""
       ]
      },
-     "execution_count": 12,
+     "execution_count": 16,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -1167,17 +1167,17 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 19,
+   "execution_count": 17,
    "metadata": {},
    "outputs": [
     {
      "data": {
       "text/plain": [
-       "['marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da',\n",
-       " 'marking-definition--030bb5c6-c5eb-4e9c-8e7a-b9aab08ded53']"
+       "['marking-definition--13680b12-3d19-4b42-abe6-0d31effe5368',\n",
+       " 'marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da']"
       ]
      },
-     "execution_count": 19,
+     "execution_count": 17,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -1195,7 +1195,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 9,
+   "execution_count": 18,
    "metadata": {},
    "outputs": [
     {
@@ -1204,7 +1204,7 @@
        "['marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9']"
       ]
      },
-     "execution_count": 9,
+     "execution_count": 18,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -1224,7 +1224,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 14,
+   "execution_count": 19,
    "metadata": {},
    "outputs": [
     {
@@ -1233,7 +1233,7 @@
        "['marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9']"
       ]
      },
-     "execution_count": 14,
+     "execution_count": 19,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -1251,7 +1251,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 16,
+   "execution_count": 20,
    "metadata": {},
    "outputs": [
     {
@@ -1260,7 +1260,7 @@
        "True"
       ]
      },
-     "execution_count": 16,
+     "execution_count": 20,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -1271,7 +1271,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 17,
+   "execution_count": 21,
    "metadata": {},
    "outputs": [
     {
@@ -1280,7 +1280,7 @@
        "True"
       ]
      },
-     "execution_count": 17,
+     "execution_count": 21,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -1291,7 +1291,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 18,
+   "execution_count": 22,
    "metadata": {
     "scrolled": true
    },
@@ -1302,7 +1302,7 @@
        "False"
       ]
      },
-     "execution_count": 18,
+     "execution_count": 22,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -1314,21 +1314,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/memory.ipynb b/docs/guide/memory.ipynb
index 79a8f33..6b6d5cb 100644
--- a/docs/guide/memory.ipynb
+++ b/docs/guide/memory.ipynb
@@ -4,7 +4,6 @@
    "cell_type": "code",
    "execution_count": 1,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -25,7 +24,6 @@
    "cell_type": "code",
    "execution_count": 2,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,23 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -151,12 +151,12 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--2f61e4e7-0891-4e09-b79a-66f5e594fec0",\n",
-       "    "created": "2017-11-17T17:01:31.590Z",\n",
-       "    "modified": "2017-11-17T17:01:31.590Z",\n",
+       "    "id": "indicator--41a960c7-a6d4-406d-9156-0069cb3bd40d",\n",
+       "    "created": "2018-04-05T19:50:41.222Z",\n",
+       "    "modified": "2018-04-05T19:50:41.222Z",\n",
        "    "description": "Crusades C2 implant",\n",
        "    "pattern": "[file:hashes.'SHA-256' = '54b7e05e39a59428743635242e4a867c932140a999f52a1e54fa7ee6a440c73b']",\n",
-       "    "valid_from": "2017-11-17T17:01:31.590939Z",\n",
+       "    "valid_from": "2018-04-05T19:50:41.222522Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
        "    ]\n",
@@ -267,12 +267,12 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--ddb765ba-ff1e-4285-bf33-1f6d08f583d6",\n",
-       "    "created": "2017-11-17T17:01:31.799Z",\n",
-       "    "modified": "2017-11-17T17:01:31.799Z",\n",
+       "    "id": "indicator--ba2a7acb-a3ac-420b-9288-09988aa99408",\n",
+       "    "created": "2018-04-05T19:50:43.343Z",\n",
+       "    "modified": "2018-04-05T19:50:43.343Z",\n",
        "    "description": "Crusades stage 2 implant variant",\n",
        "    "pattern": "[file:hashes.'SHA-256' = '31a45e777e4d58b97f4c43e38006f8cd6580ddabc4037905b2fad734712b582c']",\n",
-       "    "valid_from": "2017-11-17T17:01:31.799228Z",\n",
+       "    "valid_from": "2018-04-05T19:50:43.343298Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
        "    ]\n",
@@ -386,9 +386,9 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "malware",\n",
-       "    "id": "malware--e8170e70-522f-4ec3-aa22-afb55bfad0b0",\n",
-       "    "created": "2017-11-17T17:01:31.806Z",\n",
-       "    "modified": "2017-11-17T17:01:31.806Z",\n",
+       "    "id": "malware--9e9b87ce-2b2b-455a-8d5b-26384ccc8d52",\n",
+       "    "created": "2018-04-05T19:50:43.346Z",\n",
+       "    "modified": "2018-04-05T19:50:43.346Z",\n",
        "    "name": "Alexios",\n",
        "    "labels": [\n",
        "        "rootkit"\n",
@@ -412,120 +412,6 @@
     "print(mal)"
    ]
   },
-  {
-   "cell_type": "code",
-   "execution_count": 6,
-   "metadata": {},
-   "outputs": [
-    {
-     "data": {
-      "text/html": [
-       "
{\n",
-       "    "type": "report",\n",
-       "    "id": "report--2add14d6-bbf3-4308-bb8e-226d314a08e4",\n",
-       "    "created": "2017-05-08T18:34:08.042Z",\n",
-       "    "modified": "2017-05-08T18:34:08.042Z",\n",
-       "    "name": "The Crusades: Looking into the relentless infiltration of Israels digital infrastructure.",\n",
-       "    "published": "2017-05-08T10:24:11.011Z",\n",
-       "    "object_refs": [\n",
-       "        "malware--2daa14d6-cbf3-4308-bb8e-226d324a08e4"\n",
-       "    ],\n",
-       "    "labels": [\n",
-       "        "threat-report"\n",
-       "    ]\n",
-       "}\n",
-       "
\n"
-      ],
-      "text/plain": [
-       ""
-      ]
-     },
-     "execution_count": 6,
-     "metadata": {},
-     "output_type": "execute_result"
-    }
-   ],
-   "source": [
-    "from stix2 import Filter\n",
-    "\n",
-    "# add json formatted string to MemoryStore\n",
-    "# Again, would NOT manually create json-formatted string\n",
-    "# but taken as an output form from another source\n",
-    "report = '{\"type\": \"report\",\"id\": \"report--2add14d6-bbf3-4308-bb8e-226d314a08e4\",\"labels\": [\"threat-report\"], \"name\": \"The Crusades: Looking into the relentless infiltration of Israels digital infrastructure.\", \"published\": \"2017-05-08T10:24:11.011Z\", \"object_refs\":[\"malware--2daa14d6-cbf3-4308-bb8e-226d324a08e4\"], \"created\": \"2017-05-08T18:34:08.042Z\", \"modified\": \"2017-05-08T18:34:08.042Z\"}'\n",
-    "\n",
-    "mem.add(report)\n",
-    "\n",
-    "print(mem.get(\"report--2add14d6-bbf3-4308-bb8e-226d314a08e4\"))"
-   ]
-  },
   {
    "cell_type": "markdown",
    "metadata": {},
@@ -610,17 +496,13 @@
        ".highlight .vi { color: #19177C } /* Name.Variable.Instance */\n",
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
-       "    "type": "report",\n",
-       "    "id": "report--2add14d6-bbf3-4308-bb8e-226d314a08e4",\n",
-       "    "created": "2017-05-08T18:34:08.042Z",\n",
-       "    "modified": "2017-05-08T18:34:08.042Z",\n",
-       "    "name": "The Crusades: Looking into the relentless infiltration of Israels digital infrastructure.",\n",
-       "    "published": "2017-05-08T10:24:11.011Z",\n",
-       "    "object_refs": [\n",
-       "        "malware--2daa14d6-cbf3-4308-bb8e-226d324a08e4"\n",
-       "    ],\n",
+       "    "type": "malware",\n",
+       "    "id": "malware--9e9b87ce-2b2b-455a-8d5b-26384ccc8d52",\n",
+       "    "created": "2018-04-05T19:50:43.346Z",\n",
+       "    "modified": "2018-04-05T19:50:43.346Z",\n",
+       "    "name": "Alexios",\n",
        "    "labels": [\n",
-       "        "threat-report"\n",
+       "        "rootkit"\n",
        "    ]\n",
        "}\n",
        "
\n"
@@ -643,30 +525,30 @@
     "# load(add) STIX content from json file into MemoryStore\n",
     "mem_2.load_from_file(\"path_to_target_file.json\")\n",
     "\n",
-    "report = mem_2.get(\"report--2add14d6-bbf3-4308-bb8e-226d314a08e4\")\n",
+    "report = mem_2.get(\"malware--9e9b87ce-2b2b-455a-8d5b-26384ccc8d52\")\n",
     "\n",
-    "# for visualpurposes\n",
+    "# for visual purposes\n",
     "print(report)"
    ]
   }
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "cti-python-stix2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "cti-python-stix2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/parsing.ipynb b/docs/guide/parsing.ipynb
index b3460b3..284125e 100644
--- a/docs/guide/parsing.ipynb
+++ b/docs/guide/parsing.ipynb
@@ -4,7 +4,6 @@
    "cell_type": "code",
    "execution_count": 1,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -25,7 +24,6 @@
    "cell_type": "code",
    "execution_count": 2,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,23 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -70,15 +70,90 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 10,
+   "execution_count": 3,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "\n"
-     ]
+     "data": {
+      "text/html": [
+       "
<class 'stix2.v20.sdo.ObservedData'>\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 3,
+     "metadata": {},
+     "output_type": "execute_result"
     },
     {
      "data": {
@@ -174,7 +249,7 @@
        ""
       ]
      },
-     "execution_count": 10,
+     "execution_count": 3,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -214,15 +289,90 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 7,
+   "execution_count": 4,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "\n"
-     ]
+     "data": {
+      "text/html": [
+       "
<class 'stix2.v20.sdo.Identity'>\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 4,
+     "metadata": {},
+     "output_type": "execute_result"
     },
     {
      "data": {
@@ -309,7 +459,7 @@
        ""
       ]
      },
-     "execution_count": 7,
+     "execution_count": 4,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -338,15 +488,90 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 8,
+   "execution_count": 5,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "\n"
-     ]
+     "data": {
+      "text/html": [
+       "
<class 'stix2.v20.sdo.CourseOfAction'>\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 5,
+     "metadata": {},
+     "output_type": "execute_result"
     },
     {
      "data": {
@@ -434,13 +659,13 @@
        ""
       ]
      },
-     "execution_count": 8,
+     "execution_count": 5,
      "metadata": {},
      "output_type": "execute_result"
     }
    ],
    "source": [
-    "file_handle = open(\"/home/michael/cti-python-stix2/stix2/test/stix2_data/course-of-action/course-of-action--d9727aee-48b8-4fdb-89e2-4c49746ba4dd.json\")\n",
+    "file_handle = open(\"/tmp/stix2_store/course-of-action/course-of-action--d9727aee-48b8-4fdb-89e2-4c49746ba4dd.json\")\n",
     "\n",
     "obj = parse(file_handle)\n",
     "print(type(obj))\n",
@@ -486,27 +711,27 @@
     "\n",
     "# create TAXIICollectionSource\n",
     "colxn = Collection('http://taxii_url')\n",
-    "ts = TAXIICollectionSource(colxn, allow_custom=True)\n"
+    "ts = TAXIICollectionSource(colxn, allow_custom=True)"
    ]
   }
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/serializing.ipynb b/docs/guide/serializing.ipynb
index 1046d9f..e58302e 100644
--- a/docs/guide/serializing.ipynb
+++ b/docs/guide/serializing.ipynb
@@ -31,23 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -142,12 +144,12 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--85773ceb-c768-45f6-bb04-b4d813809e48",\n",
-       "    "created": "2018-03-13T19:49:53.392Z",\n",
-       "    "modified": "2018-03-13T19:49:53.392Z",\n",
+       "    "id": "indicator--4336ace8-d985-413a-8e32-f749ba268dc3",\n",
+       "    "created": "2018-04-05T20:01:20.012Z",\n",
+       "    "modified": "2018-04-05T20:01:20.012Z",\n",
        "    "name": "File hash for malware variant",\n",
        "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2018-03-13T19:49:53.392627Z",\n",
+       "    "valid_from": "2018-04-05T20:01:20.012209Z",\n",
        "    "labels": [\n",
        "        "malicious-activity"\n",
        "    ]\n",
@@ -256,7 +258,7 @@
        ".highlight .vg { color: #19177C } /* Name.Variable.Global */\n",
        ".highlight .vi { color: #19177C } /* Name.Variable.Instance */\n",
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
-       ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{"name": "File hash for malware variant", "labels": ["malicious-activity"], "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']", "type": "indicator", "id": "indicator--85773ceb-c768-45f6-bb04-b4d813809e48", "created": "2018-03-13T19:49:53.392Z", "modified": "2018-03-13T19:49:53.392Z", "valid_from": "2018-03-13T19:49:53.392627Z"}\n",
+       ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{"name": "File hash for malware variant", "labels": ["malicious-activity"], "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']", "type": "indicator", "id": "indicator--4336ace8-d985-413a-8e32-f749ba268dc3", "created": "2018-04-05T20:01:20.012Z", "modified": "2018-04-05T20:01:20.012Z", "valid_from": "2018-04-05T20:01:20.012209Z"}\n",
        "
\n"
       ],
       "text/plain": [
@@ -362,10 +364,10 @@
        "    ],\n",
        "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--85773ceb-c768-45f6-bb04-b4d813809e48",\n",
-       "    "created": "2018-03-13T19:49:53.392Z",\n",
-       "    "modified": "2018-03-13T19:49:53.392Z",\n",
-       "    "valid_from": "2018-03-13T19:49:53.392627Z"\n",
+       "    "id": "indicator--4336ace8-d985-413a-8e32-f749ba268dc3",\n",
+       "    "created": "2018-04-05T20:01:20.012Z",\n",
+       "    "modified": "2018-04-05T20:01:20.012Z",\n",
+       "    "valid_from": "2018-04-05T20:01:20.012209Z"\n",
        "}\n",
        "
\n"
       ],
diff --git a/docs/guide/taxii.ipynb b/docs/guide/taxii.ipynb
index 4045a98..4e81388 100644
--- a/docs/guide/taxii.ipynb
+++ b/docs/guide/taxii.ipynb
@@ -33,23 +33,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
diff --git a/docs/guide/ts_support.ipynb b/docs/guide/ts_support.ipynb
index 6ceef99..2264eb5 100644
--- a/docs/guide/ts_support.ipynb
+++ b/docs/guide/ts_support.ipynb
@@ -23,9 +23,8 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 2,
+   "execution_count": 1,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,23 +32,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -236,7 +237,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 3,
+   "execution_count": 2,
    "metadata": {},
    "outputs": [
     {
@@ -328,7 +329,7 @@
        ""
       ]
      },
-     "execution_count": 3,
+     "execution_count": 2,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -396,21 +397,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/versioning.ipynb b/docs/guide/versioning.ipynb
index fb3b866..6074d00 100644
--- a/docs/guide/versioning.ipynb
+++ b/docs/guide/versioning.ipynb
@@ -2,9 +2,8 @@
  "cells": [
   {
    "cell_type": "code",
-   "execution_count": 1,
+   "execution_count": 2,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -23,9 +22,8 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 2,
+   "execution_count": 3,
    "metadata": {
-    "collapsed": true,
     "nbsphinx": "hidden"
    },
    "outputs": [],
@@ -33,23 +31,25 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from IPython.display import HTML\n",
+    "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
     "\n",
-    "original_print = print\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        return HTML('{}'.format(\n",
-    "                    formatter.get_style_defs('.highlight'),\n",
-    "                    highlight(string, JsonLexer(), formatter)))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        original_print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
-    "print = json_print"
+    "globals()['print'] = json_print"
    ]
   },
   {
@@ -68,7 +68,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 3,
+   "execution_count": 4,
    "metadata": {},
    "outputs": [
     {
@@ -144,15 +144,15 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--92bb1ae4-db9c-4d6e-8ded-ef7280b4439a",\n",
+       "    "id": "indicator--dd052ff6-e404-444b-beb9-eae96d1e79ea",\n",
        "    "created": "2016-01-01T08:00:00.000Z",\n",
-       "    "modified": "2017-09-26T23:39:07.149Z",\n",
-       "    "labels": [\n",
-       "        "malicious-activity"\n",
-       "    ],\n",
+       "    "modified": "2018-04-05T20:02:51.161Z",\n",
        "    "name": "File hash for Foobar malware",\n",
        "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-09-26T23:39:07.132129Z"\n",
+       "    "valid_from": "2018-04-05T20:02:51.138312Z",\n",
+       "    "labels": [\n",
+       "        "malicious-activity"\n",
+       "    ]\n",
        "}\n",
        "
\n"
       ],
@@ -160,7 +160,7 @@
        ""
       ]
      },
-     "execution_count": 3,
+     "execution_count": 4,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -187,7 +187,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 4,
+   "execution_count": 5,
    "metadata": {
     "scrolled": true
    },
@@ -216,7 +216,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 5,
+   "execution_count": 6,
    "metadata": {},
    "outputs": [
     {
@@ -292,16 +292,16 @@
        ".highlight .vm { color: #19177C } /* Name.Variable.Magic */\n",
        ".highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
{\n",
        "    "type": "indicator",\n",
-       "    "id": "indicator--92bb1ae4-db9c-4d6e-8ded-ef7280b4439a",\n",
+       "    "id": "indicator--dd052ff6-e404-444b-beb9-eae96d1e79ea",\n",
        "    "created": "2016-01-01T08:00:00.000Z",\n",
-       "    "modified": "2017-09-26T23:39:09.463Z",\n",
-       "    "labels": [\n",
-       "        "malicious-activity"\n",
-       "    ],\n",
+       "    "modified": "2018-04-05T20:02:54.704Z",\n",
        "    "name": "File hash for Foobar malware",\n",
        "    "pattern": "[file:hashes.md5 = 'd41d8cd98f00b204e9800998ecf8427e']",\n",
-       "    "valid_from": "2017-09-26T23:39:07.132129Z",\n",
-       "    "revoked": true\n",
+       "    "valid_from": "2018-04-05T20:02:51.138312Z",\n",
+       "    "revoked": true,\n",
+       "    "labels": [\n",
+       "        "malicious-activity"\n",
+       "    ]\n",
        "}\n",
        "
\n"
       ],
@@ -309,7 +309,7 @@
        ""
       ]
      },
-     "execution_count": 5,
+     "execution_count": 6,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -322,21 +322,21 @@
  ],
  "metadata": {
   "kernelspec": {
-   "display_name": "Python 2",
+   "display_name": "Python 3",
    "language": "python",
-   "name": "python2"
+   "name": "python3"
   },
   "language_info": {
    "codemirror_mode": {
     "name": "ipython",
-    "version": 2
+    "version": 3
    },
    "file_extension": ".py",
    "mimetype": "text/x-python",
    "name": "python",
    "nbconvert_exporter": "python",
-   "pygments_lexer": "ipython2",
-   "version": "2.7.12"
+   "pygments_lexer": "ipython3",
+   "version": "3.6.3"
   }
  },
  "nbformat": 4,
diff --git a/docs/guide/workbench.ipynb b/docs/guide/workbench.ipynb
index 9cb099a..6594841 100644
--- a/docs/guide/workbench.ipynb
+++ b/docs/guide/workbench.ipynb
@@ -22,7 +22,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 16,
+   "execution_count": 2,
    "metadata": {
     "nbsphinx": "hidden"
    },
@@ -31,20 +31,23 @@
     "# JSON output syntax highlighting\n",
     "from __future__ import print_function\n",
     "from pygments import highlight\n",
-    "from pygments.lexers import JsonLexer\n",
+    "from pygments.lexers import JsonLexer, TextLexer\n",
     "from pygments.formatters import HtmlFormatter\n",
-    "from six.moves import builtins\n",
     "from IPython.display import display, HTML\n",
+    "from IPython.core.interactiveshell import InteractiveShell\n",
+    "\n",
+    "InteractiveShell.ast_node_interactivity = \"all\"\n",
     "\n",
     "def json_print(inpt):\n",
     "    string = str(inpt)\n",
+    "    formatter = HtmlFormatter()\n",
     "    if string[0] == '{':\n",
-    "        formatter = HtmlFormatter()\n",
-    "        display(HTML('{}'.format(\n",
-    "                     formatter.get_style_defs('.highlight'),\n",
-    "                     highlight(string, JsonLexer(), formatter))))\n",
+    "        lexer = JsonLexer()\n",
     "    else:\n",
-    "        builtins.print(inpt)\n",
+    "        lexer = TextLexer()\n",
+    "    return HTML('{}'.format(\n",
+    "                formatter.get_style_defs('.highlight'),\n",
+    "                highlight(string, lexer, formatter)))\n",
     "\n",
     "globals()['print'] = json_print"
    ]
@@ -65,7 +68,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 11,
+   "execution_count": 3,
    "metadata": {},
    "outputs": [],
    "source": [
@@ -83,7 +86,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 12,
+   "execution_count": 4,
    "metadata": {
     "scrolled": true
    },
@@ -141,17 +144,254 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 18,
+   "execution_count": 7,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "indicator--a932fcc6-e032-176c-126f-cb970a5a1ade\n",
-      "indicates\n",
-      "malware--fdd60b30-b67c-11e3-b0b9-f01faf20d111\n"
-     ]
+     "data": {
+      "text/html": [
+       "
indicator--a932fcc6-e032-176c-126f-cb970a5a1ade\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 7,
+     "metadata": {},
+     "output_type": "execute_result"
+    },
+    {
+     "data": {
+      "text/html": [
+       "
indicates\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 7,
+     "metadata": {},
+     "output_type": "execute_result"
+    },
+    {
+     "data": {
+      "text/html": [
+       "
malware--fdd60b30-b67c-11e3-b0b9-f01faf20d111\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 7,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [
@@ -164,7 +404,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 17,
+   "execution_count": 8,
    "metadata": {},
    "outputs": [
     {
@@ -255,8 +495,9 @@
        ""
       ]
      },
+     "execution_count": 8,
      "metadata": {},
-     "output_type": "display_data"
+     "output_type": "execute_result"
     }
    ],
    "source": [
@@ -274,7 +515,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 5,
+   "execution_count": 9,
    "metadata": {},
    "outputs": [
     {
@@ -366,7 +607,7 @@
        ""
       ]
      },
-     "execution_count": 5,
+     "execution_count": 9,
      "metadata": {},
      "output_type": "execute_result"
     }
@@ -388,7 +629,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 4,
+   "execution_count": 10,
    "metadata": {},
    "outputs": [],
    "source": [
@@ -405,7 +646,7 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 5,
+   "execution_count": 11,
    "metadata": {},
    "outputs": [],
    "source": [
@@ -421,15 +662,90 @@
   },
   {
    "cell_type": "code",
-   "execution_count": 9,
+   "execution_count": 12,
    "metadata": {},
    "outputs": [
     {
-     "name": "stdout",
-     "output_type": "stream",
-     "text": [
-      "ACME Threat Intel Co.\n"
-     ]
+     "data": {
+      "text/html": [
+       "
ACME Threat Intel Co.\n",
+       "
\n"
+      ],
+      "text/plain": [
+       ""
+      ]
+     },
+     "execution_count": 12,
+     "metadata": {},
+     "output_type": "execute_result"
     }
    ],
    "source": [