Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (
Help us improve Python packaging - Donate today!

A module implementing import of STIX and CybOX XML files for the Mantis Cyber Threat Intelligence Mgmt. Framework.

Project Description

A module implementing import of STIX and CybOX XML files for the Mantis Cyber Threat Intelligence Mgmt. Framework.


The full documentation is at


Please refer to the quickstart information of MANTIS, available at

Once you are set up with MANTIS, you can use the Django to import STIX indicators into your system as follows:

$ python mantis_stix_import <xml-file>  <xml-file> ... [--settings=<path_to_your_django_settings_module]

Here is the output of --help for mantis_stix_import:

Usage: mantis_stix_import [options] xml-file xml-file ... (you can use wildcards)

Imports stix XML files of specified paths into DINGO

  -v VERBOSITY, --verbosity=VERBOSITY
                        Verbosity level; 0=minimal output, 1=normal output, 2=verbose output, 3=very verbose output
  --settings=SETTINGS   The Python path to a settings module, e.g. "myproject.settings.main".
                        If this isn't provided, the DJANGO_SETTINGS_MODULE environment variable will be used.
                        A directory to add to the Python path, e.g. "/home/djangoprojects/myproject".
  --traceback           Print traceback on exception
  -m MARKING_JSON, --marking_json=MARKING_JSON
                        File with json representation of information of marking to be associated with imports.
                        Key-value pairs used to fill in placeholders in marking as described in marking file.
  --version             show program's version number and exit
  -h, --help            show this help message and exit


The basic layout for this Django app with out-of-the-box configuration of for easy build, submission to PyPi, etc., and Sphinx documentation tree was generated with Audrey Roy’s excellent Cookiecutter and Daniel Greenfield’s cookiecutter-djangopackage template.


0.2.0 (2014-02-26)

  • Added ability to generate identifier for top-level element (usually a STIX_Package) if an identifier for that element is missing: if a default namespace has been defined, then an identifier is generated by taking the MD5-hash of the xml file.

  • Markings present in STIX_Package are read out and attached to all InfoObjects generated from the STIX_Package.

    Note: Mantis does currently not interpret the XPATH expression that specifies the scope of the marking (which is not much of an issue, since it seems that the feature to restrict the scope of a marking is not much used at the moment).

  • Timestamp present in STIX_Header/Information_Source/Time/Produced_Time is read.

  • Added a command-line argument to add a default-timestamp to the STIX import command.

  • Bug fixes:

    • Attributes other than id and idref that contained a namespace were not handled correctly. The handler function attr_with_namespace_handler fixes this.
    • In 0.1.0, the xsi:type attribute was not recorded, because in most cases, its information is used for determining the data type of elements and InfoObjects. But there are cases, e.g., in Markings, where this is not the case. For these cases, the xsi:type attribute is kept in the InfoObject.
    • Family revision info was not recorded; this has been fixed.

0.1.0 (2013-12-19)

  • Bugfixes; added documentation

0.0.9 (2013-12-18)

  • First release on PyPI.

Release History

This version
History Node


History Node


History Node


Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, Size & Hash SHA256 Hash Help File Type Python Version Upload Date
(28.9 kB) Copy SHA256 Hash SHA256
Source None Feb 28, 2014

Supported By

Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Google Google Cloud Servers