search

LetMeR00t / TA-thehive-cortex

Technical add-on for Splunk related to TheHive/Cortex from TheHive project
GNU Lesser General Public License v3.0
47 stars 11 forks source link

[BUG] Adaptative response **TheHive - Create a new alert** not saveable #96

Open tsnaketech opened 1 month ago

tsnaketech commented 1 month ago

Request Type

Bug

Work Environment

Question Answer
OS version (server) Redhat
TheHive version / git hash 3.4
Splunk Version 8.2.11

Problem Description

It is not possible to save the Adaptative response TheHive - Create a new alert on a correlation search. No popup appears when we press the Save button. Back to version 3.3. Others may have the same problem.

Steps to Reproduce

  1. Create a correlation search
  2. Add Adaptative response TheHive - Create a new alert
  3. Modify a Unique ID field, for example
  4. Click on Save

Possible Solutions

Logs (issued from the search.log with logging mode set to DEBUG under Settings/Configuration)

LetMeR00t commented 1 month ago

Hello Does any log appears in the splunkd.log or in the « Audit Logs » dashboard ? Did you tried the same thing with a classic savedsearch and the same custom alert action ?
Thank you

LetMeR00t commented 6 days ago

Hello, Any update? Thank you