[microsoft-sentinel-incidents] Error during imports related to the datetime format on the created field. #3516
Assignees
Labels
bug
use for describing something not working as expected
filigran support
[optional] use to identify an issue related to feature developed & maintained by Filigran.
solved
use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Comments
gileri
added
bug
romain-filigran
removed
the
needs triage
romain-filigran
added
the
filigran support
4 tasks
4 tasks
SamuelHassine
added a commit
that referenced
this issue
Mar 1, 2025
…tetime format on the created field. (#3516) Co-authored-by: Samuel Hassine <[email protected]>
SamuelHassine
added
the
solved
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Error during imports related to the datetime format.
Environment
Reproducible Steps
Steps to create the smallest reproducible scenario:
Expected Output
No error.
Actual Output
{"timestamp": "2025-02-27T15:53:41.751357Z", "level": "ERROR", "name": "Microsoft Sentinel Incidents", "message": "Invalid value for Malware 'created': must be a datetime object, date object, or timestamp string in a recognizable format.", "exc_info": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.12/site-packages/stix2/utils.py\", line 249, in parse_into_datetime\n parsed = dt.datetime.strptime(value, fmt)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/_strptime.py\", line 653, in _strptime_datetime\n tt, fraction, gmtoff_fraction = _strptime(data_string, format)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/_strptime.py\", line 432, in _strptime\n raise ValueError(\"time data %r does not match format %r\" %\nValueError: time data '2025-02-01T04:14:36' does not match format '%Y-%m-%dT%H:%M:%SZ'\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File \"/usr/local/lib/python3.12/site-packages/stix2/base.py\", line 50, in _check_property\n kwargs[prop_name], has_custom = prop.clean(\n ^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/site-packages/stix2/properties.py\", line 383, in clean\n return parse_into_datetime(\n ^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/site-packages/stix2/utils.py\", line 252, in parse_into_datetime\n raise ValueError(\nValueError: must be a datetime object, date object, or timestamp string in a recognizable format.\n\nThe above exception was the direct cause of the following exception:\n\nTraceback (most recent call last):\n File \"/opt/opencti-connector-microsoft-sentinel-incidents/microsoft_sentinel_incidents_connector/converter_to_stix.py\", line 29, in decorator\n return decorated_function(self, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/opt/opencti-connector-microsoft-sentinel-incidents/microsoft_sentinel_incidents_connector/converter_to_stix.py\", line 343, in create_evidence_malware\n stix_malware = stix2.Malware(\n ^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/site-packages/stix2/base.py\", line 203, in __init__\n temp_custom = self._check_property(\n ^^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/site-packages/stix2/base.py\", line 58, in _check_property\n raise InvalidValueError(\nstix2.exceptions.InvalidValueError: Invalid value for Malware 'created': must be a datetime object, date object, or timestamp string in a recognizable format.", "taskName": null}Additional information
Screenshots (optional)
The text was updated successfully, but these errors were encountered: