search

muchdogesec / arango_cti_processor

A small script that creates relationships between common CTI knowledge-bases in STIX 2.1 format.
https://www.dogesec.com/
GNU Affero General Public License v3.0
3 stars 0 forks source link

Improve automation of test #11

Closed himynamesdave closed 1 month ago

himynamesdave commented 1 month ago

Currently data import for tests are run manually

https://github.com/muchdogesec/arango_cti_processor/blob/adding-tests/tests/README.md#test-10-validate-capec-attack-pattern---attck-attack-pattern-relationship-capec-attack

Is there a way we can take advantage of the stix2arango installed in arango_cti_processor to also include the data import in the test, so that is is 100% automatic?

If you can show me how on one test, I can retool the other tests.

fqrious commented 1 month ago

the step is as follows

  1. prepare the bundle.json
  2. import Stix2Arango from stix2arango
  3. pass in all the needed keyword arguments (e.g s2a = Stix2Arango(host_url="https://cti.blah.net:8529/", collection=...))
  4. s2a.run()
himynamesdave commented 1 month ago

@fqrious can you show an example in this test

https://github.com/muchdogesec/arango_cti_processor/blob/adding-tests/tests/test_1_1_capec_to_attack.py

using this s2a command

python3 stix2arango.py \ --file tests/files/arango_cti_processor/arango-cti-capec-attack-update-1.json \ --database arango_cti_processor_standard_tests \ --collection mitre_capec \ --stix2arango_note v3.10

fqrious commented 1 month ago 
from stix2arango.stix2arango import Stix2Arango

s2a = Stix2Arango(
        database="arango_cti_processor_standard_tests",
        collection="mitre_capec",
        stix2arango_note="v3.10",
        file="tests/files/arango_cti_processor/arango-cti-capec-attack-update-1.json"
    )

s2a.run()