Skip to content
This repository has been archived by the owner on Aug 1, 2024. It is now read-only.
/ map-my-shifter Public archive

A UI for creating and editing stix shifter modules to support the ecosystem of STIX

License

Apache-2.0 license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

IBM/map-my-shifter

BranchesTags

Repository files navigation

logo

map-my-shifter

The map-my-shifter (MMS) project provides a visual editor for building mappings for STIX-Shifter modules. A typical (module) connector requires two types of field mappings:

  • From STIX pattern mapping - When building the data source query from a STIX query, the STIX fields, for example file:name, is mapped to the target data source's field. Read more...
  • To STIX object mapping - When a results object is back from the data source, this object gets translated in the final result as a STIX object. For example {"filename": "xxxxx"} should be translated to a STIX object of type file. Read more...

Use-cases

  • If you just want to use the editor - you can use the online version to:
    • Create a new mapping file from scratch, for a new stix shifter module.
    • Load an existing mapping file, edit the file and save it to a new file.
  • Planned:
    • Add support for embedding this editor as a react component in your own react carbon app
    • Add support for consumption as a client application (perhaps as an electron app)

Demo

https://ibm.github.io/map-my-shifter/

Development

MMS is a static client side app, there is no backend involved, except from serving the static content. It is built with the ReactJS library, and designed using Carbon Design System components.

Local Installation (TBD)

  • run npm install map-my-shifter
  • import modules: import {FromStix, ToStix} from 'map-my-shifter';

Usage as a stand alone component (TBD)

  1. map-my-shifter component: a react component that displays the STIX mappings
    • <FromStix.Mapping/>
    • <ToStix.Mapping/>
    • you can add a property StixVersion with the value V_2_0 or V_2_1, defult is V_2_0.
    • for example: <FromStix.Mapping StixVersion='V_2_1'/>

  1. map-my-shifter import function: gets a javaScript object and adds the content to the mapping
    • FromStix.Import(JSON.parse({"ipv4-addr": {"fields": {"value": ["sourceip"]}}}))
    • ToStix.Import(JSON.parse({"ipv4-addr": {"fields": {"value": ["sourceip"]}}}))

  1. map-my-shifter export function: gets a string and opens a window to save the mapping to a file.
    • FromStix.Export('fileName')
    • ToStix.Export('fileName')

Authors

Licensing

map-my-shifter is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.

Built with ❤️ from IBM Cyber Security Center of Excellence (CCoE)

About

A UI for creating and editing stix shifter modules to support the ecosystem of STIX

Topics

configuration-management stix stix-shifter

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

3 stars

Watchers

6 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages