Tools and interface to translate STIX formatted results and queries to different data source formats and to set up appropriate connection strings for invoking and triggering actions in openwhisk

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for dannyelliott90 from gravatar.com dannyelliott90 Avatar for DWR from gravatar.com DWR Avatar for mdazam1942 from gravatar.com mdazam1942 Avatar for morgan-nolan-ibm from gravatar.com morgan-nolan-ibm

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License
  • Author: ibm
  • Tags datasource , stix , translate , transform , transmit
Classifiers
Report project as malware

Project description

Join us on Slack!

Click here and fill out the form to receive an invite to the Open Cybersecurity Alliance slack instance, then join the #stix-shifter channel, to meet and discuss usage with the team.

Introduction Webinar!

Click here to view an introduction webinar on STIX Shifter and the use cases it solves for.

Introduction

STIX-shifter is an open source python library allowing software to connect to products that house data repositories by using STIX Patterning, and return results as STIX Observations.

For more information about this project, see the STIX-shifter Overview

Dependencies

This stix-shifter has the following dependencies:

Your development environment must use Python 3.6.x

Installation

The recommended method for installing the STIX-shifter is via pip.

pip install stix-shifter

Usage

As A Script

The STIX-Shifter comes with a bundled script which you can use to translate STIX Pattern to a native datasource query. It can also be used to translate a JSON data source query result to a STIX bundle of observable objects. You can also send query to a datasource by using a transmission option.

More details of the command line option can be found here

$ stix-shifter translate <MODULE NAME> query "<STIX IDENTITY OBJECT>" "<STIX PATTERN>" "<OPTIONS>"

Example:

$ stix-shifter translate qradar query {} "[ipv4-addr:value = '127.0.0.1']" {}

Note: In order to create python executable stix-shifter from source run the following command from stix-shifter parent directory in your python 3 environment: python setup.py install

As A Library

You can also use this library to integrate STIX Shifter into your own tools. You can translate a STIX Pattern:

from stix_shifter.stix_translation import stix_translation

translation = stix_translation.StixTranslation()
response = translation.translate('<MODULE NAME>', 'query', '{}', '<STIX PATTERN>', '<OPTIONS>')

print(response)

Contributing

We are thrilled you are considering contributing! We welcome all contributors.

Please read our guidelines for contributing.

Guide for creating new connectors

If you want to create a new connector for STIX-shifter, see the developer guide

Licensing

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for dannyelliott90 from gravatar.com dannyelliott90 Avatar for DWR from gravatar.com DWR Avatar for mdazam1942 from gravatar.com mdazam1942 Avatar for morgan-nolan-ibm from gravatar.com morgan-nolan-ibm

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License
  • Author: ibm
  • Tags datasource , stix , translate , transform , transmit
Classifiers

Release history Release notifications | RSS feed

8.1.0

8.0.4

8.0.3

8.0.2

8.0.1

8.0.0

7.1.6

7.1.5

7.1.4

7.1.3

7.1.2

7.1.1

7.1.0

7.0.12

7.0.11

7.0.10

7.0.9

7.0.7

7.0.6

7.0.4

7.0.2

7.0.1

7.0.0

6.3.0

6.2.2

6.2.1

6.2.1.dev134 pre-release

6.2.1.dev133 pre-release

6.2.1.dev132 pre-release

6.2.1.dev131 pre-release

6.2.1.dev130 pre-release

6.2.0

6.2.0.dev122 pre-release

6.1.1

6.1.0

6.1.0.dev103 pre-release

6.1.0.dev102 pre-release

6.0.4

6.0.4.dev100 pre-release

6.0.3

6.0.2

6.0.1

6.0.1.dev83 pre-release

6.0.0.dev80 pre-release

5.3.2

5.3.1

5.3.1.dev120 pre-release

5.3.1.dev107 pre-release

5.3.0

5.3.0.dev827 pre-release

5.3.0.dev826 pre-release

5.3.0.dev824 pre-release

5.3.0.dev95 pre-release

5.3.0.dev94 pre-release

5.3.0.dev93 pre-release

5.3.0.dev63 pre-release

5.3.0.dev62 pre-release

5.3.0.dev52 pre-release

5.2.1

5.2.1.dev816 pre-release

5.2.1.dev815 pre-release

5.2.1.dev814 pre-release

5.2.0.dev799 pre-release

5.1.1

5.1.1.dev825 pre-release

5.1.1.dev821 pre-release

5.1.1.dev807 pre-release

5.1.1.dev806 pre-release

5.1.1.dev802 pre-release

5.1.1.dev796 pre-release

5.1.0

5.1.0.dev786 pre-release

5.0.2

5.0.2.dev774 pre-release

5.0.1

5.0.0

5.0.0.dev757 pre-release

5.0.0.dev752 pre-release

5.0.0.dev751 pre-release

5.0.0.dev749 pre-release

5.0.0.dev744 pre-release

5.0.0.dev743 pre-release

5.0.0.dev734 pre-release

5.0.0.dev732 pre-release

4.6.10

4.6.9.dev67 pre-release

4.6.8

4.6.7

4.6.6

4.6.5

4.6.4

4.6.3

4.6.2

4.6.1

4.6.0

4.5.2

4.5.1

4.4.0

4.3.1

4.3.1.dev712 pre-release

4.3.1.dev710 pre-release

4.3.1.dev708 pre-release

4.3.1.dev706 pre-release

4.3.0

4.3.0.dev703 pre-release

4.2.6

4.2.5

4.2.4

4.2.3

4.2.2

4.2.2.dev730 pre-release

4.2.2.dev726 pre-release

4.2.2.dev722 pre-release

4.2.2.dev721 pre-release

4.2.2.dev720 pre-release

4.2.2.dev717 pre-release

4.2.2.dev690 pre-release

4.2.1

4.2.0

4.1.1

4.1.0

4.0.17

4.0.16

4.0.16.dev766 pre-release

4.0.16.dev765 pre-release

4.0.16.dev764 pre-release

4.0.15

4.0.14

4.0.13

4.0.12

4.0.11

4.0.10

4.0.9

4.0.8

4.0.7

4.0.6

4.0.5

4.0.4

4.0.3

4.0.2

4.0.1

4.0.1.dev659 pre-release

4.0.1.dev654 pre-release

4.0.0

3.6.11

3.6.10

3.6.9

3.6.8

3.6.6

3.6.5

3.6.4

3.6.4.dev652 pre-release

3.6.4.dev651 pre-release

3.6.4.dev650 pre-release

3.6.4.dev640 pre-release

3.6.4.dev635 pre-release

3.6.4.dev634 pre-release

3.6.3

3.6.2

3.6.1

3.6.0

3.5.6

3.5.5

3.5.4

3.5.3

3.5.2

3.5.1

3.5.0

3.5.0.dev602 pre-release

3.5.0.dev579 pre-release

3.4.8

3.4.7

3.4.6

3.4.6.dev560 pre-release

3.4.6.dev559 pre-release

3.4.6.dev558 pre-release

3.4.6.dev557 pre-release

3.4.6.dev555 pre-release

3.4.6.dev554 pre-release

3.4.6.dev553 pre-release

3.4.6.dev552 pre-release

3.4.6.dev547 pre-release

3.4.6.dev546 pre-release

3.4.6.dev545 pre-release

3.4.5

3.4.4

3.4.4.dev532 pre-release

3.4.3

3.4.2

3.4.1

3.4.1.dev522 pre-release

3.4.1.dev521 pre-release

3.4.1.dev520 pre-release

3.4.1.dev519 pre-release

3.4.1.dev517 pre-release

3.4.1.dev515 pre-release

3.4.1.dev514 pre-release

3.4.1.dev508 pre-release

3.4.1.dev507 pre-release

3.4.1.dev506 pre-release

3.4.1.dev505 pre-release

3.4.1.dev504 pre-release

3.4.1.dev503 pre-release

3.4.1.dev502 pre-release

3.4.1.dev501 pre-release

3.4.1.dev495 pre-release

3.4.1.dev493 pre-release

3.4.1.dev492 pre-release

3.4.1.dev491 pre-release

3.4.1.dev490 pre-release

3.4.1.dev489 pre-release

3.4.1.dev488 pre-release

3.4.1.dev487 pre-release

3.4.1.dev484 pre-release

3.4.1.dev483 pre-release

3.4.0

3.4.0.dev472 pre-release

3.3.13

3.3.12

3.3.11

3.3.10

3.3.9

3.3.8

3.3.7

3.3.6

3.3.6.dev469 pre-release

3.3.6.dev467 pre-release

3.3.6.dev466 pre-release

3.3.5

3.3.4

3.3.3

3.3.2

3.3.1

3.3.0

3.3.dev465 pre-release

3.2.11

3.2.10

3.2.9

3.2.8

3.2.6

3.2.5

3.2.4

3.2.3

3.2.2

3.2.1

3.2.0

3.1.8

3.1.7

3.1.6

3.1.5

3.1.4

3.1.3

3.1.2

3.1.1

3.1.0

3.0.9

3.0.8

3.0.7

3.0.6

3.0.5

3.0.4

3.0.3

3.0.1

3.0.0

2.11.1

2.10.1

2.10.0

This version

2.9.2

2.9.1

2.9.0

2.8.9

2.8.8

2.8.7

2.8.6

2.8.5

2.8.4

2.8.3

2.8.2

2.8.1

2.8.0

2.7.1

2.7.0

2.6.3

2.6.1

2.5.11

2.5.10

2.5.9

2.5.8

2.5.7

2.5.6

2.5.5

2.4.5

2.4.4

1.0.0.dev782 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

stix_shifter-2.9.2.tar.gz (246.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

stix_shifter-2.9.2-py2.py3-none-any.whl (370.2 kB view details)

Uploaded Python 2Python 3

File details

Details for the file stix_shifter-2.9.2.tar.gz.

File metadata

  • Download URL: stix_shifter-2.9.2.tar.gz
  • Upload date:
  • Size: 246.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/40.6.3 requests-toolbelt/0.9.1 tqdm/4.42.1 CPython/3.6.7

File hashes

Hashes for stix_shifter-2.9.2.tar.gz
Algorithm Hash digest
SHA256 cf85f5139fced4bb8ac704477c5e27e8bfbc4047fedce4ba5f87258a55bfe07b
MD5 09e548d752715761ad43f9d192f39597
BLAKE2b-256 c20fb2a85daeada0263e17719f7051db54d883b8982c190e75261b8d2e61f520

See more details on using hashes here.

File details

Details for the file stix_shifter-2.9.2-py2.py3-none-any.whl.

File metadata

  • Download URL: stix_shifter-2.9.2-py2.py3-none-any.whl
  • Upload date:
  • Size: 370.2 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/40.6.3 requests-toolbelt/0.9.1 tqdm/4.42.1 CPython/3.6.7

File hashes

Hashes for stix_shifter-2.9.2-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 ea2ecb464322083ad8454148b98584423babe4982327bb85b38608846873b167
MD5 0b5cf6f3509b004a3cfdf2848d8fc8fa
BLAKE2b-256 9122fe1b8de19a9ac0c8a114c837bdc90499323b78592c9f1a670364c79d72ef

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page