Getting Started

This page gives an introduction to python-stix and how to use it.


This page is being actively worked on; feedback is always welcome.


The python-stix library provides an API for creating or processing STIX content. As such, it is a developer tool that can be leveraged by those who know Python 2.6/2.7 and are familiar with object-oriented programming practices, Python package layouts, and are comfortable with the installation of Python libraries. To contribute code to the python-stix repository, users must be familiar with git and GitHub pull request methodologies. Understanding XML, XML Schema, and the STIX language is also incredibly helpful when using python-stix in an application.

Your First STIX Application

Once you have installed python-stix, you can begin writing Python applications that consume or create STIX content!


The python-stix library provides bindings and APIs, both of which can be used to parse and write STIX XML files. For in-depth description of the APIs, bindings, and the differences between the two, please refer to APIs or bindings?

Creating a STIX Package

from stix.core import STIXPackage                      # Import the STIX Package API
from import Report                         # Import the STIX Report API
from import Header                  # Import the STIX Report Header API

stix_package = STIXPackage()                           # Create an instance of STIXPackage
stix_report = Report()                                 # Create a Report instance
stix_report.header = Header()                          # Create a header for the report
stix_report.header.description = "Getting Started!"    # Set the description
stix_package.add(stix_report)                          # Add the report to our STIX Package

print(stix_package.to_xml())                           # Print the XML for this STIX Package

Parsing STIX XML

from stix.core import STIXPackage        # Import the STIX Package API

fn = 'stix_content.xml'                  # The STIX content filename
stix_package = STIXPackage.from_xml(fn)  # Parse using the from_xml() method


The python-stix GitHub repository contains several example scripts that help illustrate the capabilities of the APIs. These examples can be found here. Accompanying walkthrough slides are available. These scripts are simple command line utilities that can be executed by passing the name of the script to a Python interpreter.

$ python


You must install python-stix before running these example scripts.