You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
The STIX bundle in data/cybox/e2eStixBundle01.json is invalid. It should not be used for testing. I'm not certain what this file is intended for.
Expected behavior
Negative or invalid test data should be marked as such (e.g. in the filename or the directory it's in).
Screenshots
$ stix2_validator --version 2.0 data/cybox/e2eStixBundle01.json
================================================================================
[-] Results for: data/cybox/e2eStixBundle01.json
[X] STIX JSON: Invalid
[!] Warning: identity--33fa3e56-6511-40de-bc69-c5ffeb3838f9: {213} identity_class contains a value not in the identity-class-ov vocabulary.
[!] Warning: observed-data--ed82dd61-cc41-485b-b608-d278469e6259: {101} Custom Observable Object type 'file:name' should start with 'x-' followed by a source unique identifier (like a domain name with dots replaced by hyphens), a hyphen and then the name.
[!] Warning: observed-data--ed82dd61-cc41-485b-b608-d278469e6259: {101} Custom Observable Object type 'file:hashes.'SHA-256'' should start with 'x-' followed by a source unique identifier (like a domain name with dots replaced by hyphens), a hyphen and then the name.
[!] Warning: observed-data--ed82dd61-cc41-485b-b608-d278469e6259: {101} Cyber Observable Object custom property 'value' should start with 'x_' followed by a source unique identifier (like a domain name with dots replaced by hyphens), a hyphen and then the name.
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: objects.2: {'type': 'url', 'value': 'onedrivefiles.digital'} is not valid under any of the given schemas:
{'type': 'object', 'oneOf': [{'allOf': [{'$ref': '../common/cyber-observable-core.json'}, {'not': {'properties': {'type': {'type': 'string', 'pattern': '^artifact|directory|file|mutex|process|software|user-account|windows-registry-key|x509-certificate|autonomous-system|domain-name|email-addr|email-message|ipv4-addr|ipv6-addr|mac-addr|network-traffic|url$', 'description': 'Indicates that this object is a custom Observable Object.'}}}}]}, {'$ref': '../observables/artifact.json'}, {'$ref': '../observables/autonomous-system.json'}, {'$ref': '../observables/directory.json'}, {'$ref': '../observables/domain-name.json'}, {'$ref': '../observables/email-addr.json'}, {'$ref': '../observables/email-message.json'}, {'$ref': '../observables/file.json'}, {'$ref': '../observables/ipv4-addr.json'}, {'$ref': '../observables/ipv6-addr.json'}, {'$ref': '../observables/mac-addr.json'}, {'$ref': '../observables/mutex.json'}, {'$ref': '../observables/network-traffic.json'}, {'$ref': '../observables/process.json'}, {'$ref': '../observables/software.json'}, {'$ref': '../observables/url.json'}, {'$ref': '../observables/user-account.json'}, {'$ref': '../observables/windows-registry-key.json'}, {'$ref': '../observables/x509-certificate.json'}]}
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: objects.5: {'type': 'user-account', 'value': 'e2e user'} is not valid under any of the given schemas:
{'type': 'object', 'oneOf': [{'allOf': [{'$ref': '../common/cyber-observable-core.json'}, {'not': {'properties': {'type': {'type': 'string', 'pattern': '^artifact|directory|file|mutex|process|software|user-account|windows-registry-key|x509-certificate|autonomous-system|domain-name|email-addr|email-message|ipv4-addr|ipv6-addr|mac-addr|network-traffic|url$', 'description': 'Indicates that this object is a custom Observable Object.'}}}}]}, {'$ref': '../observables/artifact.json'}, {'$ref': '../observables/autonomous-system.json'}, {'$ref': '../observables/directory.json'}, {'$ref': '../observables/domain-name.json'}, {'$ref': '../observables/email-addr.json'}, {'$ref': '../observables/email-message.json'}, {'$ref': '../observables/file.json'}, {'$ref': '../observables/ipv4-addr.json'}, {'$ref': '../observables/ipv6-addr.json'}, {'$ref': '../observables/mac-addr.json'}, {'$ref': '../observables/mutex.json'}, {'$ref': '../observables/network-traffic.json'}, {'$ref': '../observables/process.json'}, {'$ref': '../observables/software.json'}, {'$ref': '../observables/url.json'}, {'$ref': '../observables/user-account.json'}, {'$ref': '../observables/windows-registry-key.json'}, {'$ref': '../observables/x509-certificate.json'}]}
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: objects.6: {'type': 'file:name', 'value': 'uat_file.exe'} is not valid under any of the given schemas:
{'type': 'object', 'oneOf': [{'allOf': [{'$ref': '../common/cyber-observable-core.json'}, {'not': {'properties': {'type': {'type': 'string', 'pattern': '^artifact|directory|file|mutex|process|software|user-account|windows-registry-key|x509-certificate|autonomous-system|domain-name|email-addr|email-message|ipv4-addr|ipv6-addr|mac-addr|network-traffic|url$', 'description': 'Indicates that this object is a custom Observable Object.'}}}}]}, {'$ref': '../observables/artifact.json'}, {'$ref': '../observables/autonomous-system.json'}, {'$ref': '../observables/directory.json'}, {'$ref': '../observables/domain-name.json'}, {'$ref': '../observables/email-addr.json'}, {'$ref': '../observables/email-message.json'}, {'$ref': '../observables/file.json'}, {'$ref': '../observables/ipv4-addr.json'}, {'$ref': '../observables/ipv6-addr.json'}, {'$ref': '../observables/mac-addr.json'}, {'$ref': '../observables/mutex.json'}, {'$ref': '../observables/network-traffic.json'}, {'$ref': '../observables/process.json'}, {'$ref': '../observables/software.json'}, {'$ref': '../observables/url.json'}, {'$ref': '../observables/user-account.json'}, {'$ref': '../observables/windows-registry-key.json'}, {'$ref': '../observables/x509-certificate.json'}]}
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: objects.7: {'type': "file:hashes.'SHA-256'", 'value': 'b0ab7076b0fe4b758d8e6622605d94204cc1b55baf718129cafe750d835ffb21'} is not valid under any of the given schemas:
{'type': 'object', 'oneOf': [{'allOf': [{'$ref': '../common/cyber-observable-core.json'}, {'not': {'properties': {'type': {'type': 'string', 'pattern': '^artifact|directory|file|mutex|process|software|user-account|windows-registry-key|x509-certificate|autonomous-system|domain-name|email-addr|email-message|ipv4-addr|ipv6-addr|mac-addr|network-traffic|url$', 'description': 'Indicates that this object is a custom Observable Object.'}}}}]}, {'$ref': '../observables/artifact.json'}, {'$ref': '../observables/autonomous-system.json'}, {'$ref': '../observables/directory.json'}, {'$ref': '../observables/domain-name.json'}, {'$ref': '../observables/email-addr.json'}, {'$ref': '../observables/email-message.json'}, {'$ref': '../observables/file.json'}, {'$ref': '../observables/ipv4-addr.json'}, {'$ref': '../observables/ipv6-addr.json'}, {'$ref': '../observables/mac-addr.json'}, {'$ref': '../observables/mutex.json'}, {'$ref': '../observables/network-traffic.json'}, {'$ref': '../observables/process.json'}, {'$ref': '../observables/software.json'}, {'$ref': '../observables/url.json'}, {'$ref': '../observables/user-account.json'}, {'$ref': '../observables/windows-registry-key.json'}, {'$ref': '../observables/x509-certificate.json'}]}
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: object '2': value: 'onedrivefiles.digital' does not match the format of a URL
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: object '5': 'user_id' is a required property
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: object '6': type: 'file:name' does not match '^\\-?[a-z0-9]+(-[a-z0-9]+)*\\-?$'
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: object '7': type: "file:hashes.'SHA-256'" does not match '^\\-?[a-z0-9]+(-[a-z0-9]+)*\\-?$'
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: 'parent_directory_ref' in observable object '10' must refer to an object of type 'directory'.
Desktop (please complete the following information):
N/A
Smartphone (please complete the following information):
N/A
Additional context
The text was updated successfully, but these errors were encountered:
To be honest, I'm not actually sure either. I was asked to add this for some testing by another group. @NeetaNaik can you clarify on what this is used for.
Describe the bug
The STIX bundle in data/cybox/e2eStixBundle01.json is invalid. It should not be used for testing. I'm not certain what this file is intended for.
Expected behavior
Negative or invalid test data should be marked as such (e.g. in the filename or the directory it's in).
Screenshots
Desktop (please complete the following information):
N/A
Smartphone (please complete the following information):
N/A
Additional context
The text was updated successfully, but these errors were encountered: