Closed Wachizungu closed 5 years ago
Are you saying the exported xml file is not valid STIX 1.1.1? What does the STIX validator say?
Indeed,
validator gives the following:
[-] Results: misp_stix_export_1078.xml [!] XML Schema: False [!] misp_stix_export_1078.xml:52:0:ERROR:SCHEMASV:SCHEMAV_ELEMENT_CONTENT: Element '{http://stix.mitre.org/stix-1}RelatedPackages': This element is not expected. Expected is one of ( {http://stix.mitre.org/stix-1}Observables, {http://stix.mitre.org/stix-1}Indicators, {http://stix.mitre.org/stix-1}TTPs, {http://stix.mitre.org/stix-1}Exploit_Targets, {http://stix.mitre.org/stix-1}Incidents, {http://stix.mitre.org/stix-1}Courses_Of_Action, {http://stix.mitre.org/stix-1}Campaigns, {http://stix.mitre.org/stix-1}Threat_Actors, {http://stix.mitre.org/stix-1}Related_Packages ).
This issue has been fixed with 4803c32
Can you please update to the latest version and see if everything is ok ?
Indeed, solved in latest version. Sorry for the late reply.
Work environment
Expected behavior
Related packages (STIX 1.1.1) should be in stix:Related_Packages and stix:Related_Package tags: http://stix.mitre.org/language/version1.1.1/xsddocs/XMLSchema/core/1.1.1/stix_core.html
Actual behavior
Used tags are stix:RelatedPackages and stix:RelatedPackage respectively.
Steps to reproduce the behavior
Create an event, add some attributes / objects. Export the STIX of the event via /events/stix/download/.
Logs, screenshots, configuration dump, ...
Will try to add screenshot of output STIX showing the tags (seems there's issue with IE).