search

OpenCTI-Platform / connectors

OpenCTI Connectors
https://www.opencti.io
Apache License 2.0
382 stars 414 forks source link

[group-ib] collection apt/threat error #2908

Closed pierremahot closed 1 week ago

pierremahot commented 1 week ago

Description

enabling the connector with this collection lead to and error failing the connector to publish anything

collections:
  apt/threat:
    default_date: '2024-08-01'
    description: A collection of Indicators and MITRE ATT&CK matrix. It contains HASH
      sums of malicious files that were generated by hackers, IP addresses, domains,
      CVE and the group's activities, motives, and goals to understand what tools
      and tactics they use according to the MITRE ATT&CK matrix.
    enable: true
    local_custom_tag: null
    seqUpdate: null
    ttl: 90
 extra_settings:
  ignore_non_indicator_threats: false
  ignore_non_malware_ddos: true
  intrusion_set_instead_of_threat_actor: true
  schedule_time: 00:00
  time_output_format: '%Y-%m-%d %H:%M:%S'

the error:

{
    "timestamp": "2024-11-04T13:11:09.406662Z",
    "level": "ERROR",
    "name": "Group-IB Connector",
    "message": "ThreatActor.generate_id() takes 1 positional argument but 2 were given",
    "exc_info": "Traceback (most recent call last):
        File \"/opt/connector/src/lib/external_import.py\", line 288, in run
            bundle_objects = self._collect_intelligence(
                            ^^^^^^^^^^^^^^^^^^^^^^^^^^^
        File \"/opt/connector/src/main.py\", line 181, in _collect_intelligence
            report_adapter.generate_stix_threat_actor(
        File \"/opt/connector/src/adapter.py\", line 663, in generate_stix_threat_actor
            threat_actor.generate_stix_objects()
        File \"/opt/connector/src/data_to_stix2.py\", line 251, in generate_stix_objects
            self.stix_sdo = self._generate_sdo()
                            ^^^^^^^^^^^^^^^^^^^^
        File \"/opt/connector/src/data_to_stix2.py\", line 580, in _generate_sdo
            id=pycti.ThreatActor.generate_id(self.name, \"Threat-Actor-Group\"),
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
        TypeError: ThreatActor.generate_id() takes 1 positional argument but 2 were given",
    "taskName": null
}

Environment

  1. OS (where OpenCTI server runs): { DEBIAN 12}
  2. OpenCTI version: 6.3.9
  3. OpenCTI client: 6.3.9

Reproducible Steps

Steps to create the smallest reproducible scenario:

  1. start wit the config enabled
  2. wait a little
  3. look at the log
  4. in opencti a work is created and finish without anything in it

Expected Output

no error

Actual Output

the error

pierremahot commented 1 week ago

Look to appear on other collection too don't know the reason

romain-filigran commented 1 week ago

Hello @pierremahot : The issue was identified. A new minor release is planned to solve this and others related problems.