Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
User groups (multi-tenancy) #103
| OS version (server) | Ubuntu
I would like to ask for the possibility to let a user (or a group of users) to access only cases with a set of given tags.
This was referenced
May 15, 2017
Hi, I do not really get the tags idea.
From my original request:
Here is my comment on #162:
Hi @3c7 I kind of got this idea. From what I see is that the project is over-complicated and over-planned. The use of Scala requires compilation, that is (in contrast to node.js/python in worse case php) limiting factor for effective collaboration in development and fast patching.
Don't get me wrong, I do appreciate the effort and willing to help.
At the moment, I suggest to have the integrity checks and make the development as dynamic as possible. Don't wait till Q4. Ask for help, if you need it, and get it done.
There is a big potential in the solution and at worst the active developers may get a good position with this experience. Make this project great and bring it to industry.
I suggest to get example from Radare2 community. They solve problems over night and their builds never break.
I am sorry to waist my time for writing this comment, I would prefer give you ready solution. This, on another hand would mean to much effort from my side with the current configuration.
Please, make a list of tasks that have to be done and try to subdivide the tasks as granular as it can be done. Try to involve as many programmers/supporters as you can and get this project going.
Is there something that I miss?
Hi @MariasStory. I am sorry to learn that you find our project over-complicated and over-planned. We are striving to make rock-solid products that may match if not surpass some commercial alternatives that cost 80K€+ a year.
We have chosen Scala for the back-end for many reasons and we do not intend to use node.js/python or PHP anytime soon.
While implementing user/group management might seem to you an easy feature, we think otherwise and we have a clear vision of where we are going with the product while listening, as we have shown many times, to our user community requests. Nonetheless, if you'd like to contribute, please feel free to do so. That being said, we'd prefer security professionals to concentrate on bringing real value to the community by contributing analyzers, which they can write in any programming language supported by Linux.
Since you've mentioned professional support (which comes at a cost), please do not hesitate to contact us on support at thehive-project dot org if you have business in mind.
If you still feel unsatisfied, and as much as we'd like to see our products used as widely as possible to help bring a dent into cybercrime, please do not hesitate to look for commercial or open source alternatives that better suit your needs.
My 2cts on implementing it using tags: this would indeed automate the tagging from alerts when they are create by hive4py but this could be prone to errors (ex: case is related to team1 but concerns a project which also appears to be team2's name).
Would it be possible to use a dedicated field like like "group" or "tenant" to handle this and be able to set this field in alerts from the API and propagate it to cases?
The feature is more complex to implement than initially thought. We will explain how is it so in a blog post pretty soon so you can understand why it was delayed to Cerana 2 (TheHive 3.2.0). Once the blog post is online, feel free to contact us if you are able to help. I will add the link as a comment to this issue.
referenced this issue
Aug 14, 2018
There's also a blog post (https://blog.thehive-project.org/2018/06/27/the-mind-boggling-implications-of-multi-tenancy/) explaining why it's complicated to implement. Howewer, it's announced for October 2018 at the moment.