Skip to main content

A module implementing import of STIX and CybOX XML files for the Mantis Cyber Threat Intelligence Mgmt. Framework.

Project description

A module implementing import of STIX and CybOX XML files for the Mantis Cyber Threat Intelligence Mgmt. Framework.


The full documentation is at


Please refer to the quickstart information of MANTIS, available at

Once you are set up with MANTIS, you can use the Django to import STIX indicators into your system as follows:

$ python mantis_stix_import <xml-file>  <xml-file> ... [--settings=<path_to_your_django_settings_module]

Here is the output of --help for mantis_stix_import:

Usage: mantis_stix_import [options] xml-file xml-file ... (you can use wildcards)

Imports stix XML files of specified paths into DINGO

  -v VERBOSITY, --verbosity=VERBOSITY
                        Verbosity level; 0=minimal output, 1=normal output, 2=verbose output, 3=very verbose output
  --settings=SETTINGS   The Python path to a settings module, e.g. "myproject.settings.main".
                        If this isn't provided, the DJANGO_SETTINGS_MODULE environment variable will be used.
                        A directory to add to the Python path, e.g. "/home/djangoprojects/myproject".
  --traceback           Print traceback on exception
  -m MARKING_JSON, --marking_json=MARKING_JSON
                        File with json representation of information of marking to be associated with imports.
                        Key-value pairs used to fill in placeholders in marking as described in marking file.
  --version             show program's version number and exit
  -h, --help            show this help message and exit


The basic layout for this Django app with out-of-the-box configuration of for easy build, submission to PyPi, etc., and Sphinx documentation tree was generated with Audrey Roy’s excellent Cookiecutter and Daniel Greenfield’s cookiecutter-djangopackage template.


0.2.0 (2014-02-26)

  • Added ability to generate identifier for top-level element (usually a STIX_Package) if an identifier for that element is missing: if a default namespace has been defined, then an identifier is generated by taking the MD5-hash of the xml file.

  • Markings present in STIX_Package are read out and attached to all InfoObjects generated from the STIX_Package.

    Note: Mantis does currently not interpret the XPATH expression that specifies the scope of the marking (which is not much of an issue, since it seems that the feature to restrict the scope of a marking is not much used at the moment).

  • Timestamp present in STIX_Header/Information_Source/Time/Produced_Time is read.

  • Added a command-line argument to add a default-timestamp to the STIX import command.

  • Bug fixes:

    • Attributes other than id and idref that contained a namespace were not handled correctly. The handler function attr_with_namespace_handler fixes this.

    • In 0.1.0, the xsi:type attribute was not recorded, because in most cases, its information is used for determining the data type of elements and InfoObjects. But there are cases, e.g., in Markings, where this is not the case. For these cases, the xsi:type attribute is kept in the InfoObject.

    • Family revision info was not recorded; this has been fixed.

0.1.0 (2013-12-19)

  • Bugfixes; added documentation

0.0.9 (2013-12-18)

  • First release on PyPI.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-mantis-stix-importer-0.2.0.tar.gz (28.9 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page