Skip to content

oasis-open/cti-taxii-client

Repository files navigation

Build_Status Coverage Version

cti-taxii-client

NOTE: This is an OASIS TC Open Repository. See the Governance section for more information.

cti-taxii-client is a minimal client implementation for the TAXII 2.X server. It supports the following TAXII 2.X API services:

  • Server Discovery
  • Get API Root Information
  • Get Status
  • Get Collections
  • Get a Collection
  • Get Objects
  • Add Objects
  • Get an Object
  • Delete an Object (2.1 only)
  • Get Object Manifests
  • Get Object Versions (2.1 only)

Installation

The easiest way to install the TAXII client is with pip

$ pip install taxii2-client

Usage

The TAXII client is intended to be used as a Python library. There are no command line clients at this time.

taxii2-client provides four classes:

  • Server
  • ApiRoot
  • Collection
  • Status

Each can be instantiated by passing a url, and (optional) user and password arguments. The authorization information is stored in the instance, so it need not be supplied explicitly when requesting services. By default, the latest version of the supported spec will be imported. If you need a specific version you can perform the following:

from taxii2client.v21 import Server
server = Server('https://example.com/taxii2/', user='user_id', password='user_password')

Once you have instantiated a Server object, you can get all metadata about its contents via its properties:

print(server.title)

This will lazily load and cache the server's information in the instance:

  • api_roots
  • title
  • description
  • default (i.e. the default API root)
  • contact

You can follow references to ApiRoot objects, Collection objects, and (STIX) objects in those collections.

api_root = server.api_roots[0]
collection = api_root.collections[0]
collection.add_objects(stix_bundle)

Each ApiRoot has attributes corresponding to its meta data

  • title
  • description
  • max_content_length
  • collections

Each Collection has attributes corresponding to its meta data:

  • id
  • title
  • description
  • alias (2.1 only)
  • can_write
  • can_read
  • media_types

A Collection can also be instantiated directly:

# Performing TAXII 2.0 Requests
from taxii2client.v20 import Collection, as_pages

collection = Collection('https://example.com/api1/collections/91a7b528-80eb-42ed-a74d-c6fbd5a26116')
print(collection.get_object('indicator--252c7c11-daf2-42bd-843b-be65edca9f61'))

# For normal (no pagination) requests
print(collection.get_objects())
print(collection.get_manifest())

# For pagination requests.
# Use *args for other arguments to the call and **kwargs to pass filter information
for bundle in as_pages(collection.get_objects, per_request=50):
    print(bundle)

for manifest_resource in as_pages(collection.get_manifest, per_request=50):
    print(manifest_resource)

# ---------------------------------------------------------------- #
# Performing TAXII 2.1 Requests
from taxii2client.v21 import Collection, as_pages

collection = Collection('https://example.com/api1/collections/91a7b528-80eb-42ed-a74d-c6fbd5a26116')
print(collection.get_object('indicator--252c7c11-daf2-42bd-843b-be65edca9f61'))

# For normal (no pagination) requests
print(collection.get_objects())
print(collection.get_manifest())

# For pagination requests.
# Use *args for other arguments to the call and **kwargs to pass filter information
for envelope in as_pages(collection.get_objects, per_request=50):
    print(envelope)

for manifest_resource in as_pages(collection.get_manifest, per_request=50):
    print(manifest_resource)

In addition to the object-specific properties and methods, all classes have a refresh() method that reloads the URL corresponding to that resource, to ensure properties have the most up-to-date values.

Governance

This GitHub public repository ( https://github.com/oasis-open/cti-taxii-client ) was created at the request of the OASIS Cyber Threat Intelligence (CTI) TC as an OASIS TC Open Repository to support development of open source resources related to Technical Committee work.

While this TC Open Repository remains associated with the sponsor TC, its development priorities, leadership, intellectual property terms, participation rules, and other matters of governance are separate and distinct from the OASIS TC Process and related policies.

All contributions made to this TC Open Repository are subject to open source license terms expressed in the BSD-3-Clause License. That license was selected as the declared "Applicable License" when the TC Open Repository was created.

As documented in "Public Participation Invited", contributions to this OASIS TC Open Repository are invited from all parties, whether affiliated with OASIS or not. Participants must have a GitHub account, but no fees or OASIS membership obligations are required. Participation is expected to be consistent with the OASIS TC Open Repository Guidelines and Procedures, the open source LICENSE designated for this particular repository, and the requirement for an Individual Contributor License Agreement that governs intellectual property.

Maintainers

TC Open Repository Maintainers are responsible for oversight of this project's community development activities, including evaluation of GitHub pull requests and preserving open source principles of openness and fairness. Maintainers are recognized and trusted experts who serve to implement community goals and consensus design preferences.

Initially, the associated TC members have designated one or more persons to serve as Maintainer(s); subsequently, participating community members may select additional or substitute Maintainers, per consensus agreements.

Current Maintainers of this TC Open Repository

About OASIS TC Open Repositories

Feedback

Questions or comments about this TC Open Repository's activities should be composed as GitHub issues or comments. If use of an issue/comment is not possible or appropriate, questions may be directed by email to the Maintainer(s) listed above. Please send general questions about Open Repository participation to OASIS Staff at [email protected] and any specific CLA-related questions to [email protected].