Skip to content

Analyzers and responders not showing in cortex with docker-compose #372

Closed
Closed
Analyzers and responders not showing in cortex with docker-compose#372
@FreddieOliveira

Description

@FreddieOliveira
FreddieOliveira
opened on Jun 13, 2021

Analyzers and responders not showing in cortex with docker-compose

Request Type

Bug

Work Environment

Question Answer
OS version (client) Ubuntu 21.10 Impish
Cortex version / git hash 3.1.1-1
Package Type Docker
Browser type & version Firefox 89.0 (64-bits)

Problem Description

I'm not able to make analyzers and responders to show in the cortex. All config files I'm using are here for conference. The mos relevant ones are also pasted in Complementary information section bellow.

Steps to Reproduce

  1. git clone https://github.com/FreddieOliveira/thehive && cd thehive && sudo docker-compose up
  2. Access http://localhost:9001 and create the admin user
  3. Create an organization and a user for it
  4. Log out and log in again with the newly created user and access Analyzer and Responder tabs

What should happen

The analyzers and responders from https://download.thehive-project.org/analyzers.json and https://download.thehive-project.org/responders.json should be displayed.

What is actually happening

A screen with No analyzers found and No responders found is showed instead, as depicted bellow

Captura de tela de 2021-06-13 19-04-42
Captura de tela de 2021-06-13 19-05-01

Complementary information

docker-compose.ymlcontents:

version: "3"
services:
  elasticsearch:
    image: elasticsearch:7.9.1
    environment:
      - http.host=0.0.0.0
      - discovery.type=single-node
    ulimits:
      nofile:
        soft: 65536
        hard: 65536
    ports:
      - "0.0.0.0:9200:9200"

  cortex:
    image: thehiveproject/cortex:latest
    depends_on:
      - elasticsearch
    command:
      --job-directory ${JOB_DIRECTORY}
    environment:
      - 'JOB_DIRECTORY=${JOB_DIRECTORY}'
    volumes:
      - './vol/cortex/application.conf:/etc/cortex/application.conf'
      - '${JOB_DIRECTORY}:${JOB_DIRECTORY}'
      - /var/run/docker.sock:/var/run/docker.sock
    ports:
      - "0.0.0.0:9001:9001"

  thehive:
    image: thehiveproject/thehive4:latest
    depends_on:
      - elasticsearch
      - cortex
    ports:
      - "0.0.0.0:9000:9000"
    volumes:
      - ./vol/thehive/application.conf:/etc/thehive/application.conf
      - ./vol/thehive/db:/opt/thp/thehive/db
      - ./vol/thehive/data:/opt/thp/thehive/data
      - ./vol/thehive/index:/opt/thp/thehive/index
    command: --cortex-port 9001

cortex/application.conf contents:

## ANALYZERS
analyzer {
  urls = [
    "https://download.thehive-project.org/analyzers.json"
  ]
}

# RESPONDERS
responder {
  urls = [
    "https://download.thehive-project.org/responders.json"
  ]
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions