In many cases, users will only want to use this script with some of the available dataset.
e..g they might only have MITRE ATT&CK and CAPEC data in arango
As such, the script should only validate that the collections required to run the command.
e.g. for --relationship capec-attack
should only check that MITRE ATT&CK and MITRE CAPEC collections exist. If they do, then should run.
(arango_cti_processor-venv) dgreenwood@Davids-MBP-2 arango_cti_processor % python3 arango_cti_processor.py \
--database arango_cti_processor_standard_tests_database \
--relationship capec-attack \
--stix2arango_note test01 \
--ignore_embedded_relationships false
[2024-07-24 - 15:08:31] INFO - Establishing connection...
[2024-07-24 - 15:08:31] INFO - _system database - OK
[2024-07-24 - 15:08:31] INFO - ArangoDB Connected now!
Traceback (most recent call last):
File "/Users/dgreenwood/Documents/repos/dogesec/arango_cti_processor/arango_cti_processor.py", line 3, in <module>
main()
File "/Users/dgreenwood/Documents/repos/dogesec/arango_cti_processor/arango_cti_processor/__main__.py", line 33, in main
stix_obj = ArangoProcessor(**args.__dict__)
File "/Users/dgreenwood/Documents/repos/dogesec/arango_cti_processor/arango_cti_processor/cti_processor.py", line 26, in __init__
self.validate_collections()
File "/Users/dgreenwood/Documents/repos/dogesec/arango_cti_processor/arango_cti_processor/cti_processor.py", line 38, in validate_collections
raise Exception(f"The following collections are missing. Please add them to continue. \n {missing_collections}")
Exception: The following collections are missing. Please add them to continue.
{'mitre_cwe_vertex_collection', 'sigmahq_rules_vertex_collection', 'nvd_cve_edge_collection', 'mitre_cwe_edge_collection', 'sigmahq_rules_edge_collection', 'nvd_cpe_vertex_collection', 'nvd_cpe_edge_collection', 'nvd_cve_vertex_collection'}
In many cases, users will only want to use this script with some of the available dataset.
e..g they might only have MITRE ATT&CK and CAPEC data in arango
As such, the script should only validate that the collections required to run the command.
e.g. for
--relationship capec-attack
should only check that MITRE ATT&CK and MITRE CAPEC collections exist. If they do, then should run.