Closed
Description
Request Type
Bug
Work Environment
| Question | Answer |
|---|---|
| OS version (server) | Debian 8 |
| TheHive version / git hash | 2.11.1 |
| Package Type | Debian package |
Problem Description
I installed the debian package, configured thehive and cortex.
I also installed the latest Cortex-Analyzers.
If I do an analysis from within Cortex, everything is fine.
After that I tried to submit a job to Cortex. This fails in the GUI silently (it seems as the job was never submitted), meanwhile in the log the following errors appear:
May 22 12:26:31 debian-8-user thehive[8603]: [#033[37minfo#033[0m] application - POST /api/connector/cortex/job returned 500
May 22 12:26:31 debian-8-user thehive[8603]: play.api.libs.json.JsResultException: JsResultException(errors:List((/attributes,List(ValidationError(List(error.path.missing),WrappedArray())))))
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsReadable$$anonfun$2.apply(JsReadable.scala:23)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsReadable$$anonfun$2.apply(JsReadable.scala:23)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsResult$class.fold(JsResult.scala:73)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsError.fold(JsResult.scala:13)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsReadable$class.as(JsReadable.scala:21)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsObject.as(JsValue.scala:76)
May 22 12:26:31 debian-8-user thehive[8603]: at connectors.cortex.services.CortexSrv$$anonfun$submitJob$1$$anonfun$apply$37$$anonfun$apply$38.apply(CortexSrv.scala:265)
May 22 12:26:31 debian-8-user thehive[8603]: at connectors.cortex.services.CortexSrv$$anonfun$submitJob$1$$anonfun$apply$37$$anonfun$apply$38.apply(CortexSrv.scala:264)
May 22 12:26:31 debian-8-user thehive[8603]: at scala.util.Success$$anonfun$map$1.apply(Try.scala:237)
May 22 12:26:31 debian-8-user thehive[8603]: at scala.util.Try$.apply(Try.scala:192)
May 22 12:26:31 debian-8-user cortex[8493]: [#033[37minfo#033[0m] s.ExternalAnalyzerSrv - Execute sh -c "./otxquery.py" in OTXQuery
May 22 12:26:31 debian-8-user cortex[8493]: [#033[37minfo#033[0m] s.ExternalAnalyzerSrv - Execute sh -c "./geo.py" in MaxMind
May 22 12:26:31 debian-8-user thehive[8603]: [#033[37minfo#033[0m] application - POST /api/connector/cortex/job returned 500
May 22 12:26:31 debian-8-user thehive[8603]: play.api.libs.json.JsResultException: JsResultException(errors:List((/attributes,List(ValidationError(List(error.path.missing),WrappedArray())))))
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsReadable$$anonfun$2.apply(JsReadable.scala:23)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsReadable$$anonfun$2.apply(JsReadable.scala:23)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsResult$class.fold(JsResult.scala:73)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsError.fold(JsResult.scala:13)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsReadable$class.as(JsReadable.scala:21)
May 22 12:26:31 debian-8-user thehive[8603]: at play.api.libs.json.JsObject.as(JsValue.scala:76)
May 22 12:26:31 debian-8-user thehive[8603]: at connectors.cortex.services.CortexSrv$$anonfun$submitJob$1$$anonfun$apply$37$$anonfun$apply$38.apply(CortexSrv.scala:265)
May 22 12:26:31 debian-8-user thehive[8603]: at connectors.cortex.services.CortexSrv$$anonfun$submitJob$1$$anonfun$apply$37$$anonfun$apply$38.apply(CortexSrv.scala:264)
May 22 12:26:31 debian-8-user thehive[8603]: at scala.util.Success$$anonfun$map$1.apply(Try.scala:237)
May 22 12:26:31 debian-8-user thehive[8603]: at scala.util.Try$.apply(Try.scala:192)
My config in Thehive looks like this (noe the port in the URL):
## Enable the Cortex module
play.modules.enabled += connectors.cortex.CortexConnector
cortex {
"1" {
# URL of the Cortex server
url = "http://192.168.1.2:9001"
}
}