-
Notifications
You must be signed in to change notification settings - Fork 116
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error when creating a Report on OpenCTI Docker image GraphQL API through python client #675
Comments
Hi @AcidCaos, This is really strange. Can you please double check your OpenCTI and its version. I've just checked in the code and the ReportAddInput does have both x_opencti_reliability and x_opencti_workflow_id (as you can see here https://github.com/OpenCTI-Platform/opencti/blob/b04dc34b08340933c1606bdf158e4ea105c51255/opencti-platform/opencti-graphql/config/schema/opencti.graphql#L3597) |
Sure! On my docker-compose, the following image is being used: On the UI, admin user profile page shows: pycti is also on version 6.1.10 (but that should not be the issue anyway). As you said, it's really strange. It seems a problem on the Docker image building. |
I've just tried pulling the docker image and get it started and I have no issue on my side.
|
That is working properly. Returned a successful report added: {
"data": {
"reportAdd": {
"id": "7482a7f3-f7c0-40c1-b301-f168797e18e7"
}
}
} The report can be seen in OpenCTI UI too. |
Ok, so the issue is not coming from your OCTI platform. Can you check the url, tokens, access, from your different conf ? |
Issue identified. The problem was due to a collision of DNS records between the docker-compose generated "opencti" name and the local DNS, which resulted in the wrong opencti being resolved. That OpenCTI is an old version and hence the error. Thanks for the help @Kedae! |
Description
When creating a new report with the python client
opencti_clilent.report.create(...)
method to an instance of OpenCTI Docker GraphQL API, the following error ocurrs:Field "x_opencti_reliability" is not defined by type "ReportAddInput". Did you mean "x_opencti_stix_ids"?
Same Docker image version and Python library are being used: 6.1.10 .
Environment
Reproducible Steps
Steps to create the smallest reproducible scenario:
opencti/platform:6.1.10
pycti==6.1.10
:Variable "$input" got invalid value { ... }; Field "x_opencti_reliability" is not defined by type "ReportAddInput". Did you mean "x_opencti_stix_ids"?
Additional information
The problem seems to be on the Docker image, since both Python library (version 6.1.10) and OpenCTI platform (version 6.1.10) contain this field:
Python lib: https://github.com/OpenCTI-Platform/client-python/blob/master/pycti/entities/opencti_report.py#L706
OpenCTI: https://github.com/OpenCTI-Platform/opencti/blob/master/opencti-platform/opencti-front/src/private/components/analyses/reports/ReportCreation.tsx#L74
The exact same problem occurs with field
x_opencti_workflow_id
.Removing the related lines for fields
x_opencti_reliability
andx_opencti_workflow_id
on the python libraryentities/opencti_report.py
file solves the issue, but that seems a hacky way to fix it.Full error message
The text was updated successfully, but these errors were encountered: