Adversary Import fails with Code 500

I can import reports and but importing adversaries fails everytime:

```
[2025-01-14 16:39:17,544] INFO    processor/main       _____ _______  _____   _____   ______ _______
[2025-01-14 16:39:17,544] INFO    processor/main         |   |  |  | |_____] |     | |_____/    |
[2025-01-14 16:39:17,544] INFO    processor/main       __|__ |  |  | |       |_____| |    \_    |
[2025-01-14 16:39:17,544] INFO    processor/main       
[2025-01-14 16:39:17,544] INFO    processor/main       
[2025-01-14 16:39:17,544] INFO    processor/main         ____  ___    __ __    ___  ____    _____  ____  ____   ____    ___  _____
[2025-01-14 16:39:17,544] INFO    processor/main        /    T|   \  |  T  |  /  _]|    \  / ___/ /    T|    \ l    j  /  _]/ ___/
[2025-01-14 16:39:17,544] INFO    processor/main       Y  o  ||    \ |  |  | /  [_ |  D  )(   \_ Y  o  ||  D  ) |  T  /  [_(   \_
[2025-01-14 16:39:17,544] INFO    processor/main       |     ||  D  Y|  |  |Y    _]|    /  \__  T|     ||    /  |  | Y    _]\__  T
[2025-01-14 16:39:17,544] INFO    processor/main       |  _  ||     |l  :  !|   [_ |    \  /  \ ||  _  ||    \  |  | |   [_ /  \ |
[2025-01-14 16:39:17,544] INFO    processor/main       |  |  ||     | \   / |     T|  .  Y \    ||  |  ||  .  Y j  l |     T\    |
[2025-01-14 16:39:17,544] INFO    processor/main       l__j__jl_____j  \_/  l_____jl__j\_j  \___jl__j__jl__j\_j|____jl_____j \___j
[2025-01-14 16:39:17,544] INFO    processor/main       
[2025-01-14 16:39:17,544] INFO    processor/main       Start Threat Actor galaxy cluster alignment
[2025-01-14 16:39:17,545] INFO    processor/main       Retrieving all adversaries.
[2025-01-14 16:39:18,057] INFO    processor/main       Got 257 adversaries from the Crowdstrike Intel API.
[2025-01-14 16:39:18,451] INFO    processor/main       Retrieving all adversaries.
Traceback (most recent call last):
  File "MISP-tools/misp_import.py", line 505, in <module>
    main()
  File "/MISP-tools/misp_import.py", line 497, in main
    import_handler.build()
  File "/MISP-tools/misp_import.py", line 401, in build
    self.import_new_events()
  File "/MISP-tools/misp_import.py", line 387, in import_new_events
    self.importer.import_from_crowdstrike(
  File "/MISP-tools/cs_misp_import/importer.py", line 342, in import_from_crowdstrike
    self.actors_importer.process_actors(actors_days_before, self.event_ids)
  File "/MISP-tools/cs_misp_import/actors.py", line 184, in process_actors
    cluster_result = self.misp.add_galaxy_cluster(get_threat_actor_galaxy_id(self.misp), cluster)
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/misp-modules/lib/python3.11/site-packages/pymisp/api.py", line 1825, in add_galaxy_cluster
    cluster_j = self._check_json_response(r)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/misp-modules/lib/python3.11/site-packages/pymisp/api.py", line 3978, in _check_json_response
    r = self._check_response(response, expect_json=True)
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/MISP-tools/cs_misp_import/misp_safe_check_response.py", line 55, in safe_check_response
    raise MISPServerError(fail_msg)
pymisp.exceptions.MISPServerError: Error code 500: SQLSTATE[01000]: Warning: 1265 Data truncated for column &#039;galaxy_id&#039; at row 1
```

In the MISP `error.log` I see:
```
2025-01-14 15:34:03 Error: [PDOException] SQLSTATE[01000]: Warning: 1265 Data truncated for column 'galaxy_id' at row 1
Request URL: /galaxy_clusters/add/698774c7-8022-42c4-917f-8d6e4f06ada3
Stack Trace:
#0 /var/www/MISP/app/Lib/cakephp/lib/Cake/Model/Datasource/DboSource.php(502): PDOStatement->execute()
#1 /var/www/MISP/app/Model/Datasource/Database/MysqlObserverExtended.php(162): DboSource->_execute()
#2 /var/www/MISP/app/Lib/cakephp/lib/Cake/Model/Datasource/DboSource.php(1132): MysqlObserverExtended->execute()
#3 /var/www/MISP/app/Lib/cakephp/lib/Cake/Model/Model.php(1943): DboSource->create()
#4 /var/www/MISP/app/Lib/cakephp/lib/Cake/Model/Model.php(1761): Model->_doSave()
#5 /var/www/MISP/app/Model/GalaxyCluster.php(342): Model->save()
#6 /var/www/MISP/app/Controller/GalaxyClustersController.php(321): GalaxyCluster->saveCluster()
#7 [internal function]: GalaxyClustersController->add()
#8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Controller/Controller.php(500): ReflectionMethod->invokeArgs()
#9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Routing/Dispatcher.php(193): Controller->invokeAction()
#10 /var/www/MISP/app/Lib/cakephp/lib/Cake/Routing/Dispatcher.php(167): Dispatcher->_invoke()
#11 /var/www/MISP/app/webroot/index.php(107): Dispatcher->dispatch()
#12 {main}
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Adversary Import fails with Code 500 #191

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Adversary Import fails with Code 500 #191

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions