Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Jan 31 2019 21:52
    zpriddy edited #860
  • Jan 31 2019 21:52
    zpriddy opened #860
  • Jan 31 2019 20:47
  • Jan 31 2019 14:03
    adl1995 opened #165
  • Jan 31 2019 13:56
    nadouani closed #769
  • Jan 31 2019 13:55

    nadouani on develop

    #769 Add a case template select… Merge branch 'feature/template-… #769 Add case template selector (compare)

  • Jan 31 2019 13:55
    nadouani commented #769
  • Jan 31 2019 13:54
    nadouani milestoned #769
  • Jan 30 2019 18:41
    amr-cossi opened #164
  • Jan 30 2019 16:21
    nadouani edited #271
  • Jan 30 2019 16:20

    nadouani on develop

    #271 Allow merging multiple ale… (compare)

  • Jan 30 2019 16:18

    To-om on develop

    #271 Update alert status when m… (compare)

  • Jan 30 2019 15:53

    To-om on develop

    #271 Add API to merge alert in … (compare)

  • Jan 30 2019 10:44
    nadouani closed #857
  • Jan 30 2019 10:44
    nadouani labeled #857
  • Jan 30 2019 10:44
    Xumeiquer commented #857
  • Jan 30 2019 10:30
    nadouani edited #271
  • Jan 30 2019 10:30
    nadouani edited #271
  • Jan 30 2019 10:30
    nadouani edited #271
  • Jan 30 2019 10:30
    nadouani edited #271
garanews
@garanews
did you try max-age?
Nawarix
@Nawarix
yup
garanews
@garanews
this is The age of the last publish date
Nawarix
@Nawarix
sorry what i mean by not working, that i'm getting all the events
but anyway i'm suppose to get max age : 10 days from logs, right??
garanews
@garanews
if it is set I would say yes
let me see if I can do a fast try
Nawarix
@Nawarix
btw i'm using 4.0.2-1 but the same issue existed in 4.0.1
Ettatabe
@Ettatabe
Hey guys, I just installed thehive4.0.0-1 on a Debian system and the status is up and running on the backend but nothing's happening on the frontend when I go to http://YOUR_SERVER_ADDRESS:9000/. Any ideas how to see the login page on the front end?
al3xj0su3
@al3xj0su3
@garanews Thank you :)
I actually tried to open that url on my browser before (using 'release' instead of 'stable'), but the 403 error made me think I was replacing the word on the wrong resource. After replacing it on the repo it did the job, thank you again!
garanews
@garanews
@Nawarix in logs I confirm "not set" like you
but in my case seems to work
I put max-age = 1 min
and I have sync interval 10min, so I created an event, published it and it didn't return as alert in the hive
@al3xj0su3 you're welcome
jared jennings
@jaredjennings
@nawarix it looks like you wrote "max age" with a space but @garanews put max-age with a dash
lafcabra
@lafcabra
change
Nawarix
@Nawarix
@garanews let me get something, published means when the event shared or when it was sync to our instance???
@jaredjennings I wrote it max-age but the log wrote it max age without dash
garanews
@garanews
published means published
image.png
Nawarix
@Nawarix
@garanews I know, but what I noticed all the events I pulled from feeders have the same published date - the day I configured misp instance - that's why the hive imported 1300 events
I don't know if this a bug or intentional
WingerHusar
@WingerHusar
Hi everyone, I would like to connect my logstash with TheHive, is it possible ?
maximillian42
@maximillian42

Hi all,

Is it possible to create a responder to push/update event for a MISP Instance ?

garanews
@garanews
don't you like the export feature that publish case with observables from the hive to an event in misp with attributes?
maximillian42
@maximillian42
@garanews nop, I want this feature from another responder Trigger like a SIEM Elastic ?
beagnc
@beagnc
@WingerHusar me too! :)
Nic
@nicpenning
@Waltyon and @beagnc what's your use case?
Clinton Dsouza
@cvdsouza
Hi, I installed the latest stable release of theHive. Created a custom field and now trying to delete that field. however I keep getting this error
2020-11-24 21:19:12,348 [ERROR] from org.thp.scalligraph.utils.Retry in application-akka.actor.default-dispatcher-33 [000004c4|34859770] uncaught error, not retrying
org.thp.scalligraph.NotFoundError: CustomField reporting-type not found
at org.thp.scalligraph.services.VertexSrv.$anonfun$getOrFail$1(VertexSrv.scala:35)
at scala.Option.fold(Option.scala:251)
any idea what could be causing this error ? I raised an issue with full log details and a snapshot as well TheHive-Project/TheHive#1684
Nabil Adouani
@nadouani
crackytsi
@crackytsi
Hi! Is there a different data format in ElasticSearch 5 compared to a elasticsearch 6 with migrated ES 5 data (not reindexed)? Or will all ES5 continue to work?
cyberpescadito
@cyberpescadito
@crackytsi i ran a th3.4 on es5, was "working" but with some pains (bugs, crashs)
FLRNKS
@florianakos

Hi,

I was wondering if there is some example how TheHive can be started with cortex configs passed through CLI? It seems no matter what I try, I always get thrown back to CLI Usage message

Miles Florence
@milesflo
Ask in Discord 😄
Rowland-ben
@Rowland-ben
image.png
Hello guys , I was able to install Elasticsearch and Cortex on my Ubuntu 20.04 LTS VM . However, it gives the error above when I try to access the web UI. Please urgently help .
Nabil Adouani
@nadouani
Hello guys, please go to https://chat.thehive-project.org
yevgen92
@yevgen92
Hi guys, my cortex analyzers fail to run with error org.elastic4play.NotFoundError: worker (analyzer) not found. Maybe somebody met this problem before ? thanks
Greg
@LogicalEy3_twitter
Anyway to do MTTR in thehive dashboard?
israel arispe
@israel_arispe_twitter
Hi guys, I'm new in this world of thehive and I have a question, how can I move the data (cases, observables, tasks, etc) from a server that has thehive with cassandra to another one with the same cassandra, the only difference is that one the hive is the 4.0.0-RC3 version and the other is 4.0.1, is it possible to migrate the data?
Please, I've been trying to do it for a while.
brenner421
@brenner421
I'm trying to install a Splunk universal forwarder on the same machine as my hive installation and I was wondering if there's a log file or somewhere that I can pull the case information from?
stoksoz1
@stoksoz1
Hi guys, I am using thehive 3 at the point, but I want to move to thehive4
what would be the best installation steps for me?
vimtechnologies
@vimtechnologies
Good morning i am installing Synapse on UBUNTU just for testing purpose and find out if it is suitable for what i have in mind
however when i install requirements i get the following errors
Building wheels for collected packages: cffi, lxml
Building wheel for cffi (setup.py) ... error
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-f_cfimtx/cffi/setup.py'"'"'; file='"'"'/tmp/pip-install-f_cfimtx/cffi/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' bdist_wheel -d /tmp/pip-wheel-laow_bc8
cwd: /tmp/pip-install-f_cfimtx/cffi/
'''Building wheels for collected packages: cffi, lxml
Building wheel for cffi (setup.py) ... error
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -u -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-f_cfimtx/cffi/setup.py'"'"'; file='"'"'/tmp/pip-install-f_cfimtx/cffi/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' bdist_wheel -d /tmp/pip-wheel-laow_bc8
cwd: /tmp/pip-install-f_cfimtx/cffi/
Complete output (55 lines):
Package libffi was not found in the pkg-config search path.
Perhaps you should add the directory containing `libf'''
how can i fix that error