New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Incorrect stats: non-IOC observables counted as IOC and IOC word displayed twice #347

Closed
saadkadhi opened this Issue Oct 19, 2017 · 1 comment

Comments

Projects
None yet
3 participants
@saadkadhi
Contributor

saadkadhi commented Oct 19, 2017

Request Type

Bug

Work Environment

Question Answer
OS version (server) Ubuntu
OS version (client) macOS
TheHive version / git hash 2.13.1
Package Type DEB
Browser type & version Chrome

Problem Description

In the Case > Observables tab, clicking on Stats will show in the Observables as IOC table:

  • number of non-IOC observables with an IOC label
  • number of IOC observables with the same label

Duh!

Steps to Reproduce

  1. Create a case
  2. Add 4 observables
  3. Flag 1 as IOC
  4. Click on Stats
  5. Look the results in the Observables as IOC table
  6. Go insane

Possible Solutions

Do the math George.

Complementary information

screen shot 2017-10-19 at 09 37 03

@saadkadhi saadkadhi added the bug label Oct 19, 2017

@saadkadhi saadkadhi added this to the 3.0.0 milestone Oct 19, 2017

@nadouani

This comment has been minimized.

Show comment
Hide comment
@nadouani

nadouani Oct 19, 2017

Contributor

This is a regression introduces by the move to ES5. In fact the result of an aggregation by a boolean field has a new structure, which breaks the behavior of the observable by IOC flag's stats panel.

Contributor

nadouani commented Oct 19, 2017

This is a regression introduces by the move to ES5. In fact the result of an aggregation by a boolean field has a new structure, which breaks the behavior of the observable by IOC flag's stats panel.

@nadouani nadouani closed this Oct 19, 2017

@To-om To-om modified the milestones: 3.0.0, 2.13.2 Oct 23, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment