New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Long Report isn't shown #527

Closed
chrissommer opened this Issue Apr 4, 2018 · 7 comments

Comments

Projects
None yet
3 participants
@chrissommer

chrissommer commented Apr 4, 2018

Request Type

Bug

Work Environment

Question Answer
OS version (server) Ubuntu 16.04
TheHive version / git hash 3.0.7
Package Type DEB

Problem Description

Long Report isn't shown (but ran correctly), when clicking on Short Report Outputs on Observables

Steps to Reproduce

  1. Run Anaylsers on any Observable

  2. Click on any Short Report to get the Long Report

  3. Long Report is Empty and only showing what seems to be an ID of the Cortex Process (Report of #d383fd10147897b2fd9923e4e8b3cf6d analysis - instead of Report for VirusTotal_GetReport_3_0 analysis)
    grafik

  4. If you go into the observable and click on view Report everything is working fine.
    grafik

Complementary information

This worked fine in 3.0.5

@crackytsi

This comment has been minimized.

crackytsi commented Apr 4, 2018

Also not with 3.0.8... :-(

@nadouani

This comment has been minimized.

Contributor

nadouani commented Apr 11, 2018

This is in fact an issue that occurred between 3.0.7 and 3.0.8, can you please run a new job and confirm if it has been fixed or not? Thanks

@chrissommer

This comment has been minimized.

chrissommer commented Apr 11, 2018

No this isn't working in 3.0.8 (Cortex 2.0.3) for me. I ran a new job, and still can't click on the Short Report and get the Long Report.
Right now, i don't get any Popup at all - I just see the little Circle next to the Searchbar indicating 1 running Task, and disappearing without showing anything.

Can I support you with any logs?

BR
Chris

@nadouani nadouani self-assigned this Apr 12, 2018

@nadouani nadouani added this to the 3.0.9 milestone Apr 12, 2018

@nadouani nadouani added the bug label Apr 12, 2018

@nadouani

This comment has been minimized.

Contributor

nadouani commented Apr 12, 2018

Guys, this is in fact a valid bug, I'll fix it

@nadouani

This comment has been minimized.

Contributor

nadouani commented Apr 12, 2018

Guys, could you provide the result of the following curl query?

curl 'http://localhost:9200/the_hive_13/case_artifact_job/_mapping'

This asks for Elasticsearch mapping of the Job document type.
We need to confirm something related to that mapping

Thanks

@chrissommer

This comment has been minimized.

chrissommer commented Apr 12, 2018

Here you go :)

curl 'http://localhost:9200/the_hive_13/case_artifact_job/_mapping' {"the_hive_13":{"mappings":{"case_artifact_job":{"_parent":{"type":"case_artifact"},"_routing":{"required":true},"date_detection":false,"numeric_detection":false,"properties":{"analyzerDefinition":{"type":"text","fields":{"keyword":{"type":"keyword","ignore_above":256}}},"analyzerId":{"type":"keyword"},"analyzerName":{"type":"text","fields":{"keyword":{"type":"keyword","ignore_above":256}}},"artifactId":{"type":"keyword"},"cortexId":{"type":"keyword"},"cortexJobId":{"type":"keyword"},"createdAt":{"type":"date","format":"epoch_millis||basic_date_time_no_millis"},"createdBy":{"type":"keyword"},"endDate":{"type":"date","format":"epoch_millis||basic_date_time_no_millis"},"report":{"type":"text","fielddata":true},"startDate":{"type":"date","format":"epoch_millis||basic_date_time_no_millis"},"status":{"type":"keyword"},"updatedAt":{"type":"date","format":"epoch_millis||basic_date_time_no_millis"},"updatedBy":{"type":"keyword"}}}}}}

@nadouani

This comment has been minimized.

Contributor

nadouani commented Apr 12, 2018

OK, thanks, We have this fixed, will be released in the next 3.0.9 version

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment