Technical mappings scripts not working due to NOT acceptable URL

[getkub]

For scripts like
https://github.com/mitre-attack/attack-scripts/blob/master/scripts/technique_mappings_to_csv.py ,the collection URL is not working anymore.

    collection_map = {
        "enterprise_attack": "95ecc380-afe9-11e4-9b6c-751b66dd541e",
        "mobile_attack": "2f669986-b40b-4423-b720-4396ca6a462b"
    }
    collection_url = "https://cti-taxii.mitre.org/stix/collections/" + collection_map[collection_name] + "/"
    collection = taxii2client.Collection(collection_url)
    taxii_ds = stix2.TAXIICollectionSource(collection)

The error shows as: 406 Client Error: Not Acceptable for url:

  File "/tmp/stix_code/py3env/lib/python3.6/site-packages/stix2/datastore/taxii.py", line 166, in __init__
    " Collection object provided could not be reached. Recieved error:", e,
stix2.datastore.DataSourceError: The underlying TAXII Collection resource defined in the supplied TAXII Collection object provided could not be reached. Recieved error: "406 Client Error: Not Acceptable for url: https://cti-taxii.mitre.org/stix/collections/95ecc380-afe9-11e4-9b6c-751b66dd541e/"

[isaisabel]

Hi @getkub,

This is an issue introduced by a recent update to the taxii2client library. Essentially they changed their API such that the default TAXII requests will try to fetch STIX 2.1 content using TAXII 2.1 from the TAXII server. Because our TAXII server uses the TAXII 2.0 spec (and stores STIX 2.0 content) this results in the 406 not acceptable error you're getting.

The correct resolution is to update your import:

from taxii2client.v20 import Collection

This issue is rather tricky for us because it depends on which version of the taxii2client repo users have installed -- only users with new installs get the error, and users who perform the above fix with the older taxii2client version may get errors.

See also #19.

[getkub]

Hi @getkub,

This is an issue introduced by a recent update to the taxii2client library. Essentially they changed their API such that the default TAXII requests will try to fetch STIX 2.1 content using TAXII 2.1 from the TAXII server. Because our TAXII server uses the TAXII 2.0 spec (and stores STIX 2.0 content) this results in the 406 not acceptable error you're getting.

The correct resolution is to update your import:

from taxii2client.v20 import Collection

This issue is rather tricky for us because it depends on which version of the taxii2client repo users have installed -- only users with new installs get the error, and users who perform the above fix with the older taxii2client version may get errors.

See also #19.

Yeah, I tried that. the above logic of
from taxii2client.v20 import Collection

works ok for techniques_data_sources_vis.py, But NOT for https://github.com/mitre-attack/attack-scripts/blob/master/scripts/technique_mappings_to_csv.py.

But thanks anyway, will downgrade and see

[isaisabel]

Reopening so that we can investigate the fix for technique_mappings_to_csv.py.

[isaisabel]

Hi @getkub,

I think the way the taxii2client import is used in technique_mappings_to_csv.py is slightly different and requires more tweaking. In the case of that file, you can do one of two things:

1. • Change line 6 to from taxii2client.v20 import Collection
   • Change line 18 to collection = Collection(collection_url)

2. Change line 18 to collection = taxii2client.v20.Collection(collection_url) without updating the import.

Let me know if that works for you.

[isaisabel]

This has been resolved in the v1.5.2 release.