Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The playbooks are not always triggered #4833

Closed
Lhorus6 opened this issue Nov 2, 2023 · 0 comments
Closed

The playbooks are not always triggered #4833

Lhorus6 opened this issue Nov 2, 2023 · 0 comments
Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 5.11.13

Comments

@Lhorus6
Copy link

Lhorus6 commented Nov 2, 2023

Description

Playbooks don't seem to be triggered all the time. In my case, it appears that he doesn't react to every event.
Use case: Create Incident Response objects from Incident. Here I choose the Incidents by tagging them.

Environment

OpenCTI 5.11.12

Reproducible Steps

  1. Create several Incident
  2. Create a label "test-automation"
  3. Create a simple playbook: Listenner -> Container wrapper (Case-Incident) -> Ingestion (cf screenshot)
  4. Start the playbook
  5. Labelled several Incident with "test-automation"
  6. Some are Incident Response object are created, others not

Expected Output

Have an Incident Response object for each Incident labelled

Actual Output

Only some are created

Screenshots

Screenshot 2023-11-02 124016
@Lhorus6 Lhorus6 added the bug use for describing something not working as expected label Nov 2, 2023
@SamuelHassine SamuelHassine added this to the Release 5.11.13 milestone Nov 4, 2023
SamuelHassine added a commit that referenced this issue Nov 6, 2023
@SamuelHassine
[backend] Fix the session refresh of system users for individual crea…
94d149d 
…tion (#4833)
@SamuelHassine SamuelHassine added the solved use to identify issue that has been solved (must be linked to the solving PR) label Nov 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 5.11.13
Development

No branches or pull requests
2 participants
@SamuelHassine @Lhorus6