Md Azam

**Describe the bug** If wrong timestamp format is specified in the start/stop qualifier for splunk translate command then it doesn't show proper error message. **To Reproduce** This splunk translate command:...

We currently use the UnmappedAttributeStripper class in stix-shifter to remove comparison statements (from the antlr parsing of the STIX pattern) before translating into a native data source query. This allows...

**Is your feature request related to a problem? Please describe.** Remove the dictionary: https://github.com/opencybersecurityalliance/stix-shifter/blob/master/stix_shifter_modules/async_dummy/stix_translation/query_constructor.py#L11 And modify the function that uses it. **Describe the solution you'd like** A clear and concise...

Move the Flask dependency and proxy host code

2

Move flask dependency and the proxy host code out of stix-shifter.py to somewhere else. We will add instructions to the developer doc to manually install Flask before running the proxy...

This is more of an idea, but we would like a way to determine how much official STIX coverage is represented in a connector's mappings. This would allow us to...

STIX Pattern: `ipv4-addr:value ISSUPERET '1.1.1.0/24' ` Expected AQL query is: `SELECT * FROM events WHERE INCIDR(sourceip, '1.1.1.0/24') OR INCIDR(destinationip, '1.1.1.0/24') OR INCIDR(identityip, '1.1.1.0/24')` But running above AQL query throws error...

**Describe the bug** Example output (for reaqta mapping): ``` ERROR: single quotes are not allowed in "key" in mapping {'key': "x-ibm-ttp-tagging.extensions.'mitre-attack-ext'.tactic_name", 'object': 'x-ibm-ttp-tagging'} ERROR: single quotes are not allowed in...

Tracking issue for: - [ ] https://github.com/opencybersecurityalliance/stix-shifter/security/code-scanning/10 - [ ] https://github.com/opencybersecurityalliance/stix-shifter/security/code-scanning/9