cti-stix-elevator 1.0.0 released

Hi everyone-

We just published cti-stix-elevator version 1.0.0 on PyPi [1]. The source code is available at [2].

The stix2-elevator is a work-in-progress. It should be used to explore how existing STIX 1.x would potentially be represented in STIX 2.0. Using the current version of the elevator will provide insight to issues that might need to be mitigated to convert your STIX 1.x content.

It should not be used in a production environment, and should not be considered final.

The elevator can be used on STIX 1.1.1 or STIX 1.2 content. However, you will need to download the correct version of python-stix depending upon which type of content you have. It is not possible to have both versions of python-stix installed at once.

For STIX 1.1.1 content:

- pip install stix<1.2 - this will install python-stix 1.1.1.9

- pip install stix2-elevator

For STIX 1.2 content:

- pip install stix2-elevator - this will install python-stix 1.2.0.4

The most important changes in the new release are:

- support for the most current version of the STIX specification (WD02)

- data marking support (TLP, Statement (TOU, Simple), AIS)

- more complete support for:

- Email

- Sightings

- Files

- Cyber observable relationships

- Network Traffic

- more options on the command line

- output-directory (this option is available for running the elevator for multiple files)

- capture output of for each conversion in a file in this directory

- policy

- no_policy (default) – output converted content, regardless of correctness.

- strict_policy – no converted content is produced if any (not disabled) log messages are produced or the resulting content is not valid STIX

- log-level:

- DEBUG, INFO, WARN, ERROR, CRITICAL

Please enter an issue on Github for bugs and feature requests.

Contributions welcome.

Rich Piazza

Greg Back

Emmanuelle Vargas-Gonzalez

MITRE

[1] https://pypi.python.org/pypi/stix2-elevator/1.0.0

[2] https://github.com/oasis-open/cti-stix-elevator.

cti-users message