当前位置: 首页>>代码示例>>Python>>正文

Python Event.from_stix方法代码示例

本文整理汇总了Python中crits.events.event.Event.from_stix方法的典型用法代码示例。如果您正苦于以下问题:Python Event.from_stix方法的具体用法?Python Event.from_stix怎么用?Python Event.from_stix使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在crits.events.event.Event的用法示例。


在下文中一共展示了Event.from_stix方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: parse_stix

# 需要导入模块: from crits.events.event import Event [as 别名]
# 或者: from crits.events.event.Event import from_stix [as 别名]
    def parse_stix(self, reference=None, make_event=False, source=''):
        """
        Parse the document.

        :param reference: The reference to the data.
        :type reference: str
        :param make_event: Whether or not to create an Event for this document.
        :type make_event: bool
        :param source: The source of this document.
        :type source: str
        :raises: :class:`crits.standards.parsers.STIXParserException`

        Until we have a way to map source strings in a STIX document to
        a source in CRITs, we are being safe and using the source provided
        as the true source.
        """

        f = StringIO(self.data)
        self.package = STIXPackage.from_xml(f)
        f.close()
        if not self.package:
            raise STIXParserException("STIX package failure")

        stix_header = self.package.stix_header
        if stix_header and stix_header.information_source and stix_header.information_source.identity:
            self.information_source = stix_header.information_source.identity.name
            if self.information_source:
                info_src = "STIX Source: %s" % self.information_source
                if not reference:
                    reference = ''
                else:
                    reference += ", "
                reference += info_src
        if does_source_exist(source):
            self.source.name = source
        elif does_source_exist(self.information_source):
            self.source.name = self.information_source
        else:
            raise STIXParserException("No source to attribute data to.")

        self.source_instance.reference = reference
        self.source.instances.append(self.source_instance)

        if make_event:
            event = Event.from_stix(stix_package=self.package)
            try:
                event.add_source(self.source)
                event.save(username=self.source_instance.analyst)
                self.imported.append((Event._meta['crits_type'], event))
            except Exception, e:
                self.failed.append((e.message, type(event).__name__, event.id_))
开发者ID:AInquel,项目名称:crits,代码行数:53,代码来源:parsers.py

示例2: parse_stix

# 需要导入模块: from crits.events.event import Event [as 别名]
# 或者: from crits.events.event.Event import from_stix [as 别名]
    def parse_stix(self, reference=None, make_event=False, source=''):
        """
        Parse the document.

        :param reference: The reference to the data.
        :type reference: str
        :param make_event: Whether or not to create an Event for this document.
        :type make_event: bool
        :param source: The source of this document.
        :type source: str
        :raises: :class:`crits.standards.parsers.STIXParserException`

        Until we have a way to map source strings in a STIX document to
        a source in CRITs, we are being safe and using the source provided
        as the true source.
        """

        f = StringIO(self.data)
        (self.package, self.binding) = STIXPackage.from_xml(f)
        f.close()
        if not self.package and not self.binding:
            raise STIXParserException("STIX package failure")

        stix_header = self.package.stix_header
        if stix_header and stix_header.information_source and stix_header.information_source.identity:
            self.information_source = stix_header.information_source.identity.name
            if self.information_source:
                info_src = "STIX Source: %s" % self.information_source
                if not reference:
                    reference = ''
                else:
                    reference += ", "
                reference += info_src
        if does_source_exist(source):
            self.source.name = source

        self.source_instance.reference = reference
        self.source.instances.append(self.source_instance)

        if make_event:
            event = Event.from_stix(stix_package=self.package, source=[self.source])
            event.save(username=self.source_instance.analyst)
            self.events.append(('Event', str(event.id)))

        # Walk STIX indicators and pull out CybOX observables.
        # stix.(indicators|observables) is a list of CybOX observables
        if self.package.indicators:
            for indicator in self.package.indicators:
                if not indicator:
                    continue
                for observable in indicator.observables:
                    self.__parse_observable(observable)

        # Also walk STIX observables and pull out CybOX observables.
        # At some point the standard will allow stix_package.observables to be
        # an iterable object and we can collapse this with indicators.
        if self.package.observables:
            if self.package.observables.observables:
                for observable in self.package.observables.observables:
                    if not observable:
                        continue
                    self.__parse_observable(observable)
开发者ID:maurakilleen,项目名称:crits,代码行数:64,代码来源:parsers.py


注:本文中的crits.events.event.Event.from_stix方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。