@@ -8,14 +8,37 @@ Please install the latest pycti version available from PyPI::
88
99 $ pip3 install pycti
1010
11- Initialization
12- **************
11+ Using the helper functions
12+ **************************
1313
14- The main class contains all what you need to interact with the platform,
15- you just have to initialize it::
14+ The main class :class: `OpenCTIApiClient ` contains all what you need to interact
15+ with the platform, you just have to initialize it. The following example shows
16+ how you create an indicator in OpenCTI using the python library with TLP marking
17+ and OpenCTI compatible date format.
1618
17- # coding: utf-8
19+ .. code-block :: python
20+
21+ from dateutil.parser import parse
1822 from pycti import OpenCTIApiClient
23+ from stix2 import TLP_GREEN
24+
25+ # OpenCTI API client initialization
26+ opencti_api_client = OpenCTIApiClient(" https://myopencti.server" " mysupersecrettoken"
27+
28+ # Define an OpenCTI compatible date
29+ date = parse(" 2019-12-01" " %Y-%m-%d T%H:%M:%SZ"
30+
31+ # Get the OpenCTI marking for stix2 TLP_GREEN
32+ TLP_GREEN_CTI = opencti_api_client.marking_definition.read(id = TLP_GREEN [" id"
1933
20- # OpenCTI initialization
21- opencti_api_client = OpenCTIApiClient(api_url, api_token, log_level, ssl_verify)
34+ # Use the client to create an indicator in OpenCTI
35+ indicator = opencti_api_client.indicator.create(
36+ name = " C2 server of the new campaign"
37+ description = " This is the C2 server of the campaign"
38+ pattern_type = " stix"
39+ indicator_pattern = " [domain-name:value = 'www.5z8.info']"
40+ main_observable_type = " IPv4-Addr"
41+ valid_from = date,
42+ update = True ,
43+ markingDefinitions = [TLP_GREEN_CTI [" id"
44+ )
0 commit comments