-
Notifications
You must be signed in to change notification settings - Fork 12
Examples: simple content creation for cybox v2.0
ikiril01 edited this page Apr 23, 2013
·
4 revisions
The following code demonstrates how to create a simple CybOX document with a single Observable, representing a DLL file that was found on an endpoint.
import cybox.bindings.cybox_core as cybox_binding
import cybox.bindings.cybox_common as cybox_common_binding
import cybox.bindings.file_object as file_binding
observables = cybox_binding.ObservablesType(cybox_minor_version=0,cybox_major_version=2)
observable = cybox_binding.ObservableType()
obj = cybox_binding.ObjectType()
file_obj = file_binding.FileObjectType()
file_obj.set_File_Name(cybox_common_binding.StringObjectPropertyType(datatype=None,apply_condition=None, valueOf_='foobar.dll'))
file_obj.set_Size_In_Bytes(cybox_common_binding.UnsignedLongObjectPropertyType(datatype=None,apply_condition=None, valueOf_='25562'))
file_obj.set_xsi_type('FileObj:FileObjectType')
obj.set_Properties(file_obj)
observable.set_Object(obj)
observables.add_Observable(observable)
out_file = open('test.xml', 'w')
observables.export(out_file,0)
out_file.close()