A data marking API for STIX 1 content.

Navigation

Project links

Homepage

Statistics

View statistics for this project via Libraries.io, or by using Google BigQuery

Meta

License: BSD License (BSD)

Author: The MITRE Corporation

Maintainers

Avatar for clenk from gravatar.com clenk Avatar for emmanvg from gravatar.com emmanvg Avatar for gback from gravatar.com gback Avatar for ikiril01 from gravatar.com ikiril01

Classifiers

Development Status
5 - Production/Stable
Intended Audience
Developers
License
OSI Approved :: BSD License
Operating System
OS Independent
Programming Language
Python :: 2
Python :: 2.6
Python :: 2.7
Python :: 3
Python :: 3.3
Python :: 3.4
Python :: 3.5
Python :: 3.6

Project description

A Python API for marking STIX data.

Source:https://github.com/mitre/stixmarx/
Documentation:http://stixmarx.readthedocs.org/
Information:https://stixproject.github.io/

Travis CI Build Status Landscape.io Code Health PyPI Package Index

Data Markings Concept

Learn more about the Data Markings concept here.

Examples

The following examples demonstrate the intended use of the stixmarx library.

Adding Markings

# stixmarx imports
import stixmarx

# python-stix imports
from stix.indicator import Indicator
from stix.data_marking import MarkingSpecification
from stix.extensions.marking.tlp import TLPMarkingStructure as TLP


# Create a new stixmarx MarkingContainer with a
# new STIXPackage object contained within it.
container = stixmarx.new()

# Get the associated STIX Package
package = container.package

# Create an Indicator object
indicator = Indicator(title='Indicator Title', description='Gonna Mark This')

# Add the Indicator object to our STIX Package
package.add(indicator)

# Build MarkingSpecification and add TLP MarkingStructure
red_marking = MarkingSpecification(marking_structures=TLP(color="RED"))
amber_marking = MarkingSpecification(marking_structures=TLP(color="AMBER"))
green_marking = MarkingSpecification(marking_structures=TLP(color="GREEN"))


# Mark the indicator with our TLP RED marking
# This is the equivalent of a component marking. Applies to all descendants
# nodes, text and attributes.
container.add_marking(indicator, red_marking, descendants=True)


# Mark the indicator with TLP GREEN. If descendants is false, the marking
# will only apply to the indicator node. Does NOT include text, attributes
# or descendants.
container.add_marking(indicator, green_marking)


# Mark the description text.
# >>> type(indicator.description.value)  <type 'str'>
indicator.description.value = container.add_marking(indicator.description.value, amber_marking)
# >>> type(indicator.description.value)  <class 'stixmarx.api.types.MarkableBytes'>


# Mark the indicator timestamp attribute.
# >>> type(indicator.timestamp)  <type 'datetime.datetime'>
indicator.timestamp = container.add_marking(indicator.timestamp, amber_marking)
# >>> type(indicator.timestamp)  <type 'stixmarx.api.types.MarkableDateTime'>

# Print the XML!
print container.to_xml()

Retrieving Markings

# stixmarx
import stixmarx

# Parse the input into a MarkingContainer
container = stixmarx.parse("stix-document.xml")

# Get container package
package = container.package

# Get the markings that apply to the entire XML document
global_markings = container.get_markings(package)

# Print the dictionary representation for our only global marking
marking = global_markings[0]
print marking.to_dict()

# Get our only indicator from the STIX Package
indicator = package.indicators[0]

# Get the markings from the Indicator.
# Note: This will include the global markings and any other markings
# applied by an ancestor!
indicator_markings = container.get_markings(indicator)

# Print the Indicator markings!
for marking in indicator_markings:
    print marking.to_dict()

Notice

This software was produced for the U. S. Government, and is subject to the Rights in Data-General Clause 52.227-14, Alt. IV (DEC 2007).

Copyright (c) 2017, The MITRE Corporation. All Rights Reserved.

Project details

Project links

Homepage

Statistics

View statistics for this project via Libraries.io, or by using Google BigQuery

Meta

License: BSD License (BSD)

Author: The MITRE Corporation

Maintainers

Avatar for clenk from gravatar.com clenk Avatar for emmanvg from gravatar.com emmanvg Avatar for gback from gravatar.com gback Avatar for ikiril01 from gravatar.com ikiril01

Classifiers

Development Status
5 - Production/Stable
Intended Audience
Developers
License
OSI Approved :: BSD License
Operating System
OS Independent
Programming Language
Python :: 2
Python :: 2.6
Python :: 2.7
Python :: 3
Python :: 3.3
Python :: 3.4
Python :: 3.5
Python :: 3.6

Release history Release notifications

This version
History Node

1.0.4

History Node

1.0.3

History Node

1.0.2

History Node

1.0.1

History Node

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
stixmarx-1.0.4-py2.py3-none-any.whl (121.5 kB) Copy SHA256 hash SHA256 Wheel py2.py3 Oct 4, 2018

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page