opencti stix import

config.json

{ "api_url": "http://localhost:8080", "api_token": "<OPENCTI API TOKEN>"}

opencti-import-stix.py

from pycti import OpenCTIApiClient

import_dir = './import'
done_dir = './done'
delay = 10

with open('config.json') as f:
    config = json.loads(f.read())
if not os.path.isdir(import_dir):
    os.mkdir(import_dir)

if not os.path.isdir(done_dir):
    os.mkdir(done_dir)


# Variables
api_url = config["api_url"]
api_token = config["api_token"]

# OpenCTI initialization
opencti_api_client = OpenCTIApiClient(api_url, api_token)

try:
    while True:
        # File to import
        print("Checking for files to import...")
        for i in os.listdir(import_dir):
            file_to_import = os.path.join(import_dir, i)
            done_path = os.path.join(done_dir, i)
            print(f'Importing file "{file_to_import}"')
            # Import the bundle
            opencti_api_client.stix2.import_bundle_from_file(file_to_import)
            print(f'File "{file_to_import}" imported and is moved to {done_path}')
            shutil.move(file_to_import, done_path)
        time.sleep(delay)
except KeyboardInterrupt:
    print("Bye....")