New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Run Cortex analyzer through api #40

Closed
alexgoedeke opened this Issue Sep 20, 2017 · 5 comments

Comments

Projects
None yet
2 participants
@alexgoedeke
Contributor

alexgoedeke commented Sep 20, 2017

Request Type

Question/Feature Request

Problem Description

Is it possible to run an Cortex analyzer with an given observableID from a python script?

@nadouani

This comment has been minimized.

Show comment
Hide comment
@nadouani

nadouani Sep 20, 2017

Contributor

Hello @alexgoedeke

What's the idea? do you want just to run analyzers on a given observable and just get it's report or, you want to have the report on TheHive?

Cortex has it own python library which is Cortex4Py but this will not add any data to TheHive.

That said, we can add the capability to run a job on a given observable, from TheHive.

Contributor

nadouani commented Sep 20, 2017

Hello @alexgoedeke

What's the idea? do you want just to run analyzers on a given observable and just get it's report or, you want to have the report on TheHive?

Cortex has it own python library which is Cortex4Py but this will not add any data to TheHive.

That said, we can add the capability to run a job on a given observable, from TheHive.

@alexgoedeke

This comment has been minimized.

Show comment
Hide comment
@alexgoedeke

alexgoedeke Sep 20, 2017

Contributor

@nadouani Yes I need the results in TheHive

Contributor

alexgoedeke commented Sep 20, 2017

@nadouani Yes I need the results in TheHive

@nadouani nadouani added this to the 1.4.0 milestone Sep 20, 2017

@nadouani

This comment has been minimized.

Show comment
Hide comment
@nadouani

nadouani Sep 20, 2017

Contributor

Se we have to add some methods to make that possible. Good feature request.

Contributor

nadouani commented Sep 20, 2017

Se we have to add some methods to make that possible. Good feature request.

@nadouani nadouani self-assigned this Sep 20, 2017

@nadouani

This comment has been minimized.

Show comment
Hide comment
@nadouani

nadouani Sep 22, 2017

Contributor

Here is doc for how TheHive launches Cortex analyzers: https://github.com/CERT-BDF/TheHiveDocs/tree/master/api/connectors/cortex

Thanks to @srilumpa

Contributor

nadouani commented Sep 22, 2017

Here is doc for how TheHive launches Cortex analyzers: https://github.com/CERT-BDF/TheHiveDocs/tree/master/api/connectors/cortex

Thanks to @srilumpa

@alexgoedeke

This comment has been minimized.

Show comment
Hide comment
@alexgoedeke

alexgoedeke Sep 22, 2017

Contributor

@nadouani I have added the functionality to the API

Contributor

alexgoedeke commented Sep 22, 2017

@nadouani I have added the functionality to the API

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment