Open generic2715 opened 1 year ago
The TAXII client isn't responsible for filtering. It just passes your query parameters on to the server. The TAXII server is responsible for finding objects which match your criteria, and returning them. Which TAXII server are you using?
I am using ibm servers, free tier account. One year data fetch with added_after parameter is also getting timed out with this client, is the server responsible for this as well? Can you please suggest efficient way to fetch data for an year? Previous taxii1 server has start and end time specification which can be used for fetching chunks of data, any similar implementation with this client? Also can you please suggest any working free taxii2 servers which can be used for my development? Thank you for your response, much appreciated.
Hi @generic2715 it might be better to open a support ticket with XForce Exchange on this issue.
Hi Team,
I am using get_objects on taxii2 server feeds with type as taxii filter. I am not getting expected output
Like bundle = collection.get_objects(added_after=dt, type="indicator")
/usr/lib/python3.6/site-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning) /usr/lib/python3.6/site-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning) {'type': 'identity', 'id': 'identity--9bdc509a-cfff-42e8-a133-71bb5dc6d3a8', 'created': '2020-08-11T14:30:00.000Z', 'modified': '2020-08-24T20:03:00.000Z', 'name': 'IBM X-Force', 'identity_class': 'organization'} {'type': 'report', 'id': 'report--6593c0c2-012d-4c77-2c22-50b5bdc7b8e0', 'name': 'verified phishing urls', 'created': '2020-10-13T12:59:12.607Z', 'modified': '2023-03-06T20:29:57.635Z', 'published': '2023-03-06T20:29:57.635Z', 'object_refs': ['x-xfe-collection--6593c0c2-012d-4c77-2c22-50b5bdc7b8e0', 'identity--9bdc509a-cfff-42e8-a133-71bb5dc6d3a8'], 'labels': ['phishing', 'threat-report'], 'description': '# Phishing\n\nVarious phishing urls\n\n# Overview\n\nGive a succinct overview of the threat involved\n\n# Protection\n\nDo not click, do not browse urls reported here'}
Here I am getting both identity and report even when filtered on indicator. Can you please help here.