Skip to content

OASIS TC Open Repository: The repository cti-stix-slider supports development of a Python application to convert STIX 2.0 content to STIX 1.x content

License

Notifications You must be signed in to change notification settings

clenk/cti-stix-slider

 
 

Repository files navigation

Build_Status Coverage Version

cti-stix-slider

NOTE: This is an OASIS TC Open Repository. See the Governance section for more information.

The stix-slider is a software tool for 'sliding' STIX 2.0 JSON to STIX 1.x XML. Due to the differences between STIX 1.x and STIX 2.0, this conversion is best-effort only. During the conversion, stix-slider provides information on the assumptions it needs to make to produce valid STIX 1.x XML, and what information was not able to be converted.

The stix-slider is a work-in-progress. It should be used to explore how existing STIX 2.0 would potentially be represented in STIX 1.x. Using the current version of the slider will provide insight to issues that might need to be mitigated to convert your STIX 2.0 content for use in application that accept on STIX 1.x content.

It should not be used in a production environment, and should not be considered final.

Please enter any comments on how to improve it into the issue tracker.

Requirements

dependencies

Note

Make sure to use either the latest version of python-stix 1.1.1.x or 1.2.0.x, depending on whether you want to support STIX 1.1.1 or STIX 1.2.

0.3.0 - stixmarx >= 1.0.2

Installation

The stix slider is not available on pypi at this time, please access the code from github.

Install with pip:

$ pip install stix2-slider

This will install all necessary dependencies, including the latest version of python-stix.

If you need to support older STIX 1.1.1 content, install python-stix 1.1.1.x first:

$ pip install 'stix<1.2'
$ pip install stix2-slider

You can also install the stix-slider from GitHub to get the latest (unstable) version:

$ pip install git+https://github.com/oasis-open/cti-stix-
slider.git

Usage

It is recommended that you ensure that the input STIX 2.0 file is valid before submitting it to the slider. Use the stix2-validator.

As A Script

The slider comes with a bundled script which you can use to convert STIX 2.0 content to STIX 1.x content:

usage: stix2_slider [-h] [--no-squirrel-gaps] [-e ENABLE] [-d
DISABLE] [-s]
              [--message-log-directory MESSAGE_LOG_DIRECTORY]
              [--log-level {DEBUG,INFO,WARN,ERROR,CRITICAL}]
              [-p {no_policy,strict_policy}]
              file

stix2-slider v0.1.0

The stix2-slider is a work-in-progress. It should be used to
explore how
existing STIX 2.0 would potentially be represented in STIX
1.x. Using the
current version of the stix2-slider will provide insight to
issues that might need
to be mitigated so you can use an application that supports
only STIX 1.x content.

positional arguments:   The input STIX 2.0 document to be
'slid' to STIX 1.x..

optional arguments:
  -h, --help            show this help message and exit

  --no-squirrel-gaps    Do not include STIX 2.0 content that
  cannot be
                        represented directly in STIX 1.x using
                        the description
                        property.

  -e ENABLE, --enable ENABLE
                        A comma-separated list of the stix2-
                        slider messages to
                        enable. If the --disable option is not
                        used, no other
                        messages will be shown. Example:
                        stix2_slider.py
                        <file> --enable 250

  -d DISABLE, --disable DISABLE
                        A comma-separated list of the stix2-
                        slider messages to
                        disable. Example: stix2_slider.py
                        <file> --disable
                        212,220

  -s, --silent          If this flag is set. All stix2-slider
  messages will be
                        disabled.

  --message-log-directory MESSAGE_LOG_DIRECTORY
                        If this flag is set. All stix2-slider
                        messages will be
                        saved to file. The name of the file
                        will be the input
                        file with extension .log in the
                        specified directory.
                        Note, make surethe directory already
                        exists. Example:
                        stix2_slider.py <file> --message-log-
                        directory
                        "..\logs"

  --log-level {DEBUG,INFO,WARN,ERROR,CRITICAL}
                        The logging output level.

  -p {no_policy,strict_policy}, --policy
  {no_policy,strict_policy}
                        The policy to dealt with errors

Refer to slider_log_messages.rst for all stix2-slider
messages. Use the associated code number
to --enable or --disable a message. By default, the stix2-
slider displays all
messages. Note: disabling the message does not disable the
functionality.

As A Library

You can also use this library to integrate STIX 'sliding' into your own tools. You can slide a STIX 2.0 file:

from stix2slider import slide_file
from stix2slider.options import initialize_options

intialize_options()
results = slide_file("stix_file.json")
print(results)

Additionally, a similar method exists to accept a string as an argument:

from stix2slider import elevate_string
from stix2slider.options import initialize_options

intialize_options()
results = slide_string("...")
print(results)

To set options, use set_option_value, found in options.py

Governance

This GitHub public repository ( https://github.com/oasis-open/cti-stix-slider ) was was created at the request of the the OASIS Cyber Threat Intelligence (CTI) TC as an OASIS TC Open Repository to support development of open source resources related to Technical Committee work.

While this TC Open Repository remains associated with the sponsor TC, its development priorities, leadership, intellectual property terms, participation rules, and other matters of governance are separate and distinct from the OASIS TC Process and related policies.

All contributions made to this TC Open Repository are subject to open source license terms expressed in the BSD-3-Clause License. That license was selected as the declared "Applicable License" when the TC Open Repository was created.

As documented in "Public Participation Invited", contributions to this OASIS TC Open Repository are invited from all parties, whether affiliated with OASIS or not. Participants must have a GitHub account, but no fees or OASIS membership obligations are required. Participation is expected to be consistent with the OASIS TC Open Repository Guidelines and Procedures, the open source LICENSE designated for this particular repository, and the requirement for an Individual Contributor License Agreement that governs intellectual property.

Statement of Purpose

Statement of Purpose for this OASIS TC Open Repository (cti-stix- slider) as proposed and approved [bis] by the TC:

This GitHub public repository is provided to support version- controlled development of a Python "slider" application which will convert STIX 2.0 content to STIX 1.x content.

Maintainers

TC Open Repository Maintainers are responsible for oversight of this project's community development activities, including evaluation of GitHub pull requests and preserving open source principles of openness and fairness. Maintainers are recognized and trusted experts who serve to implement community goals and consensus design preferences.

Initially, the associated TC members have designated one or more persons to serve as Maintainer(s); subsequently, participating community members may select additional or substitute Maintainers, per consensus agreements.

Current Maintainers of this TC Open Repository

About OASIS TC Open Repositories

Feedback

Questions or comments about this TC Open Repository's activities should be composed as GitHub issues or comments. If use of an issue/comment is not possible or appropriate, questions may be directed by email to the Maintainer(s) listed above. Please send general questions about TC Open Repository participation to OASIS Staff at repository-admin@oasis-open.org and any specific CLA-related questions to repository-cla@oasis-open.org.

slider.svg?branch=master
target:https://travis-ci.org/oasis-open/cti-stix-slider
slider/branch/master/graph/badge.svg
target:https://codecov.io/gh/oasis-open/cti-stix-slider
slider.svg?maxAge=3600
target:https://pypi.python.org/pypi/stix2-slider/

About

OASIS TC Open Repository: The repository cti-stix-slider supports development of a Python application to convert STIX 2.0 content to STIX 1.x content

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 98.4%
  • ANTLR 1.6%