Closed
Description
Alert to case merge functionality is broken in v4.0.1
Request Type
Bug
Work Environment
| Question | Answer |
|---|---|
| OS version (server) | Debian |
| OS version (client) | Windows, Linux |
| TheHive version / git hash | 4.0.1 |
| Package Type | DEB, Docker |
| Browser type & version | All browsers |
Problem Description
When an alert is merged into any case, tags and observables are stored in the case but no reference to alert that has been merged can be found.
After merging an alert to case:
- Alert Status: New
- Case Alerts: No indicator (no alerts can be seen)
- Case Description: "Merged with alert #XXXYYY New Alert"
- Case observables: Observables coming from alert
Steps to Reproduce
-
Create an empty case
-
Create an alert with observables
-
Merge alert to case created in step 1
-
Checking the alert after merge
-
Checking the case after merge
Complementary information
After merge there should be 'alerts' tab on case. Additionally the alert should have 'imported' status on it.