Examples: Simple Content Creation for CybOX v1.0

The following code demonstrates how to create a simple CybOX document with a single Observable, representing an IP Watchlist.

#Import the CybOX Core and Address Object Bindings
import cybox_core_1_0 as cybox
import address_object_1_2 as address_object

#Create the root Observables element
observables = cybox.ObservablesType(cybox_minor_version='0', cybox_major_version='1')
#Create the 'IP Watchlist' Observable and its corresponding Stateful Measure
watchlist_observable = cybox.ObservableType()
watchlist_stateful_measure = cybox.StatefulMeasureType()
#Create the Object that is to be the Stateful Measure
watchlist_object = cybox.ObjectType()
#Create the actual Address Object that captures the IP Address
watchlist_address = address_object.AddressObjectType(category='ipv4-addr')
#Set the value of Address Object to the theoretical IP
watchlist_address.set_Address_Value(cybox.cybox_common_types_1_0.StringObjectAttributeType(datatype='String', valueOf_='33.51.122.44'))
#Set the xsi:type of the Address Object to correspond with the CybOX namespaces & namespace prefixes
watchlist_address.set_anyAttributes_({'xsi:type':'AddressObj:AddressObjectType'})
#Set the Address Object as the Object's Defined Object
watchlist_object.set_Defined_Object(watchlist_address)
#Set the Object as the Stateful Measure
watchlist_stateful_measure.set_Object(watchlist_object)
#Set the Stateful Measure in the Observable to the one we created
watchlist_observable.set_Stateful_Measure(watchlist_stateful_measure)
#Add our Observable to the root Observables
observables.add_Observable(watchlist_observable)
#Export the Observables to an example XML file
out_file = open('watchlist_example.xml','w')
observables.export(out_file,0)