New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CortexJobID #2
Comments
Hello, I have never encountered this error. However, it may be due either to the version of Cortex that you are using (the tool has been tested with the versions listed in the guide related to docker) or to the fact that one of the analyzers that you have enabled is not working properly, so the JSON representation of the job does not contain the keys needed for ThePhish to work. Try enabling only the analyzers that have been tested, as explained in the guide. |
Thank you very much for the information! And looking at the documentation, I think the ID of the cortex is wrong and I don't know where to get it from. |
Dear, problem solved! indeed, the problem was in that part of the configuration. I knew where to get that info and it worked! Again, grateful for such excellent work. |
I'm also hitting this error. I have tried using the login id of the cortex user. Is that the 'id'? I don't see anything else that looks like it could be an id associated with the account that I created the api key for. Another ticket, a user said they got this from the About page but I see nothing like an ID on that page, even logged in as that user. If this ID is not the string which is the Cortex user's login, what ID do I put in the conf file with this API key? |
As I said before, it is in the part related to Cortex in the "application.conf" file used by TheHive. Alternatively, it can be found in the "About" window of TheHive. Here an image taken from the internet is attached showing that ID: The ID to use for Cortex here is literally the string "CORTEX-SERVER". Similarly, for MISP you have to use the ID that is literally "MISP-SERVER". |
Hi!!
First of all, thank you with all my heart for the development you launched, because I was doing something similar, but you already had everything practically done.
Second, I would like to see if you can help me with an error, since I do not know if I am misconfiguring the system.
When I send the email to be analyzed, it creates the case in thehive and sends me a notification email. M error lies when calling parsers ... it throws me the following error:
How could I solve this error?
Regards from Chile.
The text was updated successfully, but these errors were encountered: