Closed fboissel closed 2 months ago
@fboissel can you try to upgrade your openCTI version to the latest? I can't seem to reproduce your issue in our environment.
Hi @nino-filigran Sorry for the late answer, the process to get our platform upgraded took a while. I confirm that an upgrade of OpenCTI to the v6.2.5 with the compatible export connectors solved the problem. I think this issue can be close as resolved. Thanks a lot! Fred
Description
The export-file-stix connector v6.1.10 generate an error 'standard_id' when trying to export a report which contains nested relationships (e.g. Sample relationship between a Malware SDO and a File SCO). The connector doesn't seem to be able to retrieve a standard_id for these entities. I am not sure that STIX2.1 is attributing an id to these nested relationships: "_The samplerefs property specifies a list of identifiers of the SCO file or artifact objects associated with this malware instance(s) or family."(https://docs.oasis-open.org/cti/stix/v2.1/csprd01/stix-v2.1-csprd01.html#_Toc16070645)
Environment
Reproducible Steps
Steps to create the smallest reproductible scenario:
Expected Output
We are expecting to generate a json file in STIX of the report that we can download.
Actual Output
Connector error: "KeyError: 'standard_id"
Additional information
Screenshots (optional)