You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Here is what I'm trying: curl -k -u user:password -H 'Content-Type: application/json' -XPOST https://xxx/api/connector/cortex/action -d '{"cortexId": "Cortex", "objectId": "~1188056", "objectType": "case_artifact", "responderId": "MSDefender-IsolateMachine_1_0"}'
And this is the response: {"responderId":"MSDefender-IsolateMachine_1_0","responderName":"-","responderDefinition":"-","cortexId":"Cortex","cortexJobId":"-","objectType":"Observable","objectId":"~1188056","status":"Waiting","startDate":1695041124055,"endDate":1695041124055,"operations":"[]","report":"{}"}
Within Cortex I don't see anything in the Jobs History and if I check out the observable within TheHive I can find this Responder Report: play.api.libs.json.JsResultException: JsResultException(errors:List((,List(JsonValidationError(List('id' is undefined on json object, available keys are type, message),List())))))
Do I have to use something different as the responderId and how can I find that ID?
The text was updated successfully, but these errors were encountered:
Request Type
Question
Work Environment
Question
I would like to run a responder via the TheHive API but I can't get it working.
When I run it via the GUI on an observable it works just fine.
I've check out the API documentation: https://docs.strangebee.com/thehive/api-docs/#operation/Create%20an%20action
Here is what I'm trying:
curl -k -u user:password -H 'Content-Type: application/json' -XPOST https://xxx/api/connector/cortex/action -d '{"cortexId": "Cortex", "objectId": "~1188056", "objectType": "case_artifact", "responderId": "MSDefender-IsolateMachine_1_0"}'And this is the response:
{"responderId":"MSDefender-IsolateMachine_1_0","responderName":"-","responderDefinition":"-","cortexId":"Cortex","cortexJobId":"-","objectType":"Observable","objectId":"~1188056","status":"Waiting","startDate":1695041124055,"endDate":1695041124055,"operations":"[]","report":"{}"}Within Cortex I don't see anything in the Jobs History and if I check out the observable within TheHive I can find this Responder Report:
play.api.libs.json.JsResultException: JsResultException(errors:List((,List(JsonValidationError(List('id' is undefined on json object, available keys are type, message),List())))))Do I have to use something different as the responderId and how can I find that ID?
The text was updated successfully, but these errors were encountered: