【OpenCTI AlienVault Connector】docker stop running

[LivingXu]

Prerequisites

• [x] I read the Deployment and Setup section of the OpenCTI documentation as well as the Troubleshooting page and didn't find anything relevant to my problem.
• [x] I went through old GitHub issues and couldn't find anything relevant
• [x] I googled the issue and didn't find anything relevant

Description

I cloned this repo and modified docker-compose file of alienvault connector as follows:

version: '3'
services:
  connector-alienvault:
    image: opencti/connector-alienvault:5.3.8
    environment:
      - OPENCTI_URL=http://opencti:8080
      - OPENCTI_TOKEN=a32757b9-d401-49af-a322-6b9c95e7cf7c
      - CONNECTOR_ID=c3970f8a-ce4b-4497-a381-20b7256f56f1
      - CONNECTOR_TYPE=EXTERNAL_IMPORT
      - CONNECTOR_NAME=AlienVault
      - CONNECTOR_SCOPE=alienvault
      - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
      - CONNECTOR_UPDATE_EXISTING_DATA=false
      - CONNECTOR_LOG_LEVEL=info
      - ALIENVAULT_BASE_URL=https://otx.alienvault.com
      - ALIENVAULT_API_KEY=HIDE
      - ALIENVAULT_TLP=White
      - ALIENVAULT_CREATE_OBSERVABLES=true
      - ALIENVAULT_CREATE_INDICATORS=true
      - ALIENVAULT_PULSE_START_TIMESTAMP=2020-05-01T00:00:00                  # BEWARE! Could be a lot of pulses!
      - ALIENVAULT_REPORT_TYPE=threat-report
      - ALIENVAULT_REPORT_STATUS=New
      - ALIENVAULT_GUESS_MALWARE=false                                        # Use tags to guess malware.
      - ALIENVAULT_GUESS_CVE=false                                            # Use tags to guess CVE.
      - ALIENVAULT_EXCLUDED_PULSE_INDICATOR_TYPES=FileHash-MD5,FileHash-SHA1  # Excluded Pulse indicator types.
      - ALIENVAULT_ENABLE_RELATIONSHIPS=true                                  # Enable/Disable relationship creation between SDOs.
      - ALIENVAULT_ENABLE_ATTACK_PATTERNS_INDICATES=true                      # Enable/Disable "indicates" relationships between indicators and attack patterns
      - ALIENVAULT_INTERVAL_SEC=7200
    networks:
      opencti_default:
        ipv4_address: 172.18.0.21
networks:
  opencti_default:
    external: true

Then I use docker-compose up -d to start the docker, but it stopped instantly. The logs are as follows.

INFO:root:Listing Threat-Actors with filters null.
ERROR:root:Cannot query field "vhost" on type "RabbitMQConnection". Did you mean "host" or "port"?
Traceback (most recent call last):
  File "/opt/opencti-connector-alienvault/main.py", line 7, in <module>
    connector = AlienVault()
  File "/opt/opencti-connector-alienvault/alienvault/core.py", line 161, in __init__
    self.helper = OpenCTIConnectorHelper(config)
  File "/usr/local/lib/python3.10/site-packages/pycti/connector/opencti_connector_helper.py", line 620, in __init__
    connector_configuration = self.api.connector.register(self.connector)
  File "/usr/local/lib/python3.10/site-packages/pycti/api/opencti_api_connector.py", line 103, in register
    result = self.api.query(query, connector.to_input())
  File "/usr/local/lib/python3.10/site-packages/pycti/api/opencti_api_client.py", line 322, in query
    raise ValueError(
ValueError: {'name': 'Cannot query field "vhost" on type "RabbitMQConnection". Did you mean "host" or "port"?', 'message': 'Cannot query field "vhost" on type "RabbitMQConnection". Did you mean "host" or "port"?'}
Killed

Environment

1. OS (where OpenCTI server runs): Official Virtual machine template
2. OpenCTI version: OpenCTI Version 5.3.7
3. OpenCTI client: none
4. Other environment details:

Docker Network

root@opencti:~/connector/connectors/external-import/alienvault# docker network inspect opencti_default
[
    {
        "Name": "opencti_default",
        "Id": "64af51eed7719fc9ffce54da068dd5e8640735893ccb8ca7b47bd40795cd2c11",
        "Created": "2022-06-20T20:37:24.730706316Z",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": null,
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": true,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {
            "0b303159c1f4608b908115c8ec7d95a38748e0709d1d990d46d5df406932b806": {
                "Name": "opencti_minio_1",
                "EndpointID": "cdd3654d5367db1b4a5ecce50ad3cfc48e36c8bf1f66fb9f986d6df874dcd97f",
                "MacAddress": "02:42:ac:12:00:05",
                "IPv4Address": "172.18.0.5/16",
                "IPv6Address": ""
            },
            "3c9521d3544e0d09f95f27b6e5e2ca47a4f172aef7d5b060de554dc58c311101": {
                "Name": "opencti_worker_2",
                "EndpointID": "1027addfba66606c36336086ec04372496735f8dd96fcaf0dc05f43949f512d1",
                "MacAddress": "02:42:ac:12:00:0e",
                "IPv4Address": "172.18.0.14/16",
                "IPv6Address": ""
            },
            "51b878ea490b71266cd1c093bdb5be9af57c5e4a36a0cfee8e4d34673a42bf4f": {
                "Name": "opencti_rabbitmq_1",
                "EndpointID": "8902a8044942b035c7b42ad9284a51d8008b8510e0b049feee5f52a20415bc06",
                "MacAddress": "02:42:ac:12:00:06",
                "IPv4Address": "172.18.0.6/16",
                "IPv6Address": ""
            },
            "5483d14091719da45729e809adbffef3fb28e8b9011f3aa6b44f78d043070191": {
                "Name": "opencti_connector-import-file-stix_1",
                "EndpointID": "d6e9fe646de914d39d1d0ce976d5a7dc05c17b1b2cd7a5a10815b1b9d508a9dc",
                "MacAddress": "02:42:ac:12:00:0a",
                "IPv4Address": "172.18.0.10/16",
                "IPv6Address": ""
            },
            "5560cee7f4c774e01a8d56dd8f6c70404cd22d69234895ddfdf862106830c478": {
                "Name": "opencti_worker_1",
                "EndpointID": "755f14ee906fdc5ff56846b34eb6d10879b5743079fb23b8eaf1d99b10a225ca",
                "MacAddress": "02:42:ac:12:00:0c",
                "IPv4Address": "172.18.0.12/16",
                "IPv6Address": ""
            },
            "55c74740191bf39c34398c7c790b9ca4b1e525550fb8645a49fc1e514282f228": {
                "Name": "opencti_connector-import-document_1",
                "EndpointID": "34de4c938342a82824773e29eedc5b141c89ba01461d4f2ffc035f8160039fbc",
                "MacAddress": "02:42:ac:12:00:0b",
                "IPv4Address": "172.18.0.11/16",
                "IPv6Address": ""
            },
            "574b5e128fa1d72e6c90f0ccf1cf8715cd88b90996b93e7f579fd12c04dfe0c5": {
                "Name": "opencti_connector-export-file-csv_1",
                "EndpointID": "6683a669dfb7f93376e0a2cae72105cafa2e9d479515f6453876ab8a900a60c0",
                "MacAddress": "02:42:ac:12:00:02",
                "IPv4Address": "172.18.0.2/16",
                "IPv6Address": ""
            },
            "63940b8efb9db8efec41dd5b8b02e4ea1a7ddde2a853aa27cf0a339cb7f22001": {
                "Name": "opencti_elasticsearch_1",
                "EndpointID": "ec88ddd037641f10e6c86366a13ba6701d36f832c5f2ed19f10e27e46889272d",
                "MacAddress": "02:42:ac:12:00:03",
                "IPv4Address": "172.18.0.3/16",
                "IPv6Address": ""
            },
            "7ed42f829af3e707086ee193f3aafcb63af50e977700c97dfdf56af32a56a732": {
                "Name": "opencti_opencti_1",
                "EndpointID": "284e51ae9d27c77a22fd5ed513f986adb13fda0fc21181c7f68fffaa33ce55f7",
                "MacAddress": "02:42:ac:12:00:07",
                "IPv4Address": "172.18.0.7/16",
                "IPv6Address": ""
            },
            "9a88d80f9ddcd12040c4bd2c8f57c82f3e6a45c50342d18a7ad059b94daa5320": {
                "Name": "opencti_connector-export-file-stix_1",
                "EndpointID": "a789ef442cedbc76352a75f71793cf602f00d170627ca30ee9af98a436ef7e08",
                "MacAddress": "02:42:ac:12:00:09",
                "IPv4Address": "172.18.0.9/16",
                "IPv6Address": ""
            },
            "9eddb0d4c45c50f10a4fd34e78361452663174bbcaf8383295ae1d28b04ff4a9": {
                "Name": "opencti_worker_3",
                "EndpointID": "fcba8d1276481fa5d79a69a86fe1ce0ab7854b418976fa5c380e59b50cdf8168",
                "MacAddress": "02:42:ac:12:00:0d",
                "IPv4Address": "172.18.0.13/16",
                "IPv6Address": ""
            },
            "c02fe3952e5089f2176ba1d8df55e589d88815240610618d7a7f02ad6fca9562": {
                "Name": "opencti_connector-export-file-txt_1",
                "EndpointID": "c676ed82c0e32a495d3bfa4937889b5217c57f8a3cc94a6f94e3e73c08e8454c",
                "MacAddress": "02:42:ac:12:00:04",
                "IPv4Address": "172.18.0.4/16",
                "IPv6Address": ""
            },
            "ec2276fdc5c9eb6a9366b9566f00552028c222328e5eb7740f9ef8882ff065f3": {
                "Name": "opencti_redis_1",
                "EndpointID": "1f764aff4cfc342350a8ebcf1c12efb87a14e9bf4c33c10fade45a90b2007c97",
                "MacAddress": "02:42:ac:12:00:08",
                "IPv4Address": "172.18.0.8/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {
            "com.docker.compose.network": "default",
            "com.docker.compose.project": "opencti",
            "com.docker.compose.version": "1.27.4"
        }
    }
]

[SamuelHassine]

Hello @LivingXu,

It seems you are using a 5.3.8 connector on an older platform. vhost is present in the API of the latest version.

Kind regards, Samuel

[LivingXu]

Thank you. It does make sense. How can I update the platform in a Official Virtual machine template? Or I have to deploy the platform the other way.