# Object-Oriented interface
use STIX::Indicator;
use STIX::Common::Timestamp;
use STIX::Common::Bundle;
my $bundle = STIX::Common::Bundle->new;
push @{ $bundle->objects }, STIX::Indicator->new(
pattern_type => 'stix',
created => STIX::Common::Timestamp->new('2014-05-08T09:00:00'),
name => 'IP Address for known C2 channel',
description => 'Test description C2 channel.',
indicator_types => ['malicious-activity'],
pattern => "[ipv4-addr:value = '10.0.0.0']",
valid_from => STIX::Common::Timestamp->new('2014-05-08T09:00:00'),
);
# Functional interface
use STIX qw(:all);
my $bundle = bundle(
objects => [
indicator(
pattern_type => 'stix',
created => '2014-05-08T09:00:00',
name => 'IP Address for known C2 channel',
description => 'Test description C2 channel.',
indicator_types => ['malicious-activity'],
pattern => "[ipv4-addr:value = '10.0.0.0']",
valid_from => '2014-05-08T09:00:00',
)
]
);
# Validate
my @errors = $bundle->validate;
say $_ for @errors;
# Render in JSON
say $bundle;
# {
# "id" : "bundle--eb2f23f1-8084-4847-8fe6-a5bc95cb024c",
# "objects" : [
# {
# "created" : "2014-05-08T09:00:00.000Z",
# "description" : "Test description C2 channel.",
# "id" : "indicator--3b67f5b2-a1dc-4464-8617-d8bd371079ca",
# "indicator_types" : [
# "malicious-activity"
# ],
# "modified" : "2014-05-08T09:00:00.000Z",
# "name" : "IP Address for known C2 channel",
# "pattern" : "[ipv4-addr:value = '10.0.0.0']",
# "pattern_type" : "stix",
# "spec_version" : "2.1",
# "type" : "indicator",
# "valid_from" : "2014-05-08T09:00:00.000Z"
# }
# ],
# "type" : "bundle"
# }
Using Makefile.PL:
To install STIX distribution, run the following commands.
perl Makefile.PL
make
make test
make install
Using App::cpanminus:
cpanm STIX
perldoc STIX- https://metacpan.org/release/STIX
- [OASIS-Open] STIX Version 2.1 (https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html)
- Copyright 2024 © Giuseppe Di Terlizzi