[AlienVault] Connector state is null

Marlicious commented 2 years ago

Prerequisites

[ /] I read the Deployment and Setup section of the OpenCTI documentation as well as the Troubleshooting page and didn't find anything relevant to my problem.
[ /] I went through old GitHub issues and couldn't find anything relevant
[ /] I googled the issue and didn't find anything relevant

Description

AlientVault Connector return null

Config.yml

version: '3' services: connector-alienvault: image: opencti/connector-alienvault:5.3.8 environment:

OPENCTI_URL=http://172.26.5.128:8080

OPENCTI_TOKEN=8632a9f6-29cf-11ed-a261-0242ac120002

CONNECTOR_ID=2d0d8a4c-9398-42e1-a574-ce47cbfffe86

CONNECTOR_TYPE=EXTERNAL_IMPORT

CONNECTOR_NAME=AlienVault

CONNECTOR_SCOPE=alienvault

CONNECTOR_CONFIDENCE_LEVEL=80 # From 0 (Unknown) to 100 (Fully trusted)

CONNECTOR_UPDATE_EXISTING_DATA=false

CONNECTOR_LOG_LEVEL=info

ALIENVAULT_BASE_URL=https://otx.alienvault.com

ALIENVAULT_API_KEY=505e71ef072a03b3224a63aa1afab4c94199c65ef8a00454ae4506eceea7770a

ALIENVAULT_TLP=White

ALIENVAULT_CREATE_OBSERVABLES=true

ALIENVAULT_CREATE_INDICATORS=true

ALIENVAULT_PULSE_START_TIMESTAMP=2022-08-01T00:00:00 # BEWARE! Could be a lot of pulses!

ALIENVAULT_REPORT_TYPE=threat-report

ALIENVAULT_REPORT_STATUS=New

ALIENVAULT_GUESS_MALWARE=true # Use tags to guess malware.

ALIENVAULT_GUESS_CVE=true # Use tags to guess CVE.

ALIENVAULT_EXCLUDED_PULSE_INDICATOR_TYPES=FileHash-MD5,FileHash-SHA1 # Excluded Pulse indicator types.

ALIENVAULT_ENABLE_RELATIONSHIPS=true # Enable/Disable relationship creation between SDOs.

ALIENVAULT_ENABLE_ATTACK_PATTERNS_INDICATES=true # Enable/Disable "indicates" relationships between indicators and attack patterns

ALIENVAULT_INTERVAL_SEC=7200 restart: always