search

OpenCTI-Platform / opencti

Open Cyber Threat Intelligence Platform
https://opencti.io
Other
5.23k stars 822 forks source link

OpenCTI API manual setup - once logged no default data present #1652

Closed faustus25 closed 2 years ago

faustus25 commented 2 years ago

Did a manual setup however noticed I don't have access to Grakn anymore since it renamed to typedb (not mentioned how to setup typedb in Grakn's place)

Operating System: Ubuntu 20.04.3 LTS

Updated to conf from port 4000 to port 80 making the web portal accessible but no data is present.

The docker setup has default data in comparison to the manual setup.

Is the issue the lack of Grakn software installed?

Running setup as follows: ` user@server:/opt/opencti$ sudo yarn serv yarn run v1.22.11 $ node build/index.js {"category":"APP","version":"5.0.0","level":"info","message":"[OPENCTI] Starting platform","timestamp":"2021-10-15T16:24:40.344Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[CHECK] ElasticSearch is alive","timestamp":"2021-10-15T16:24:40.381Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[CHECK] Minio is alive","timestamp":"2021-10-15T16:24:40.398Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[CHECK] RabbitMQ is alive","timestamp":"2021-10-15T16:24:40.938Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[REDIS] Redis 'Client base' client ready","timestamp":"2021-10-15T16:24:40.945Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[CHECK] Redis is alive","timestamp":"2021-10-15T16:24:40.945Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[CHECK] SMTP is alive","timestamp":"2021-10-15T16:24:40.961Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[CHECK] Python3 is available","timestamp":"2021-10-15T16:24:41.193Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[REDIS] Redis 'Client context' client ready","timestamp":"2021-10-15T16:24:41.197Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[INIT] Starting platform initialization","timestamp":"2021-10-15T16:24:41.199Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[INIT] Existing platform detected, initialization...","timestamp":"2021-10-15T16:24:41.210Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[INIT] admin user initialized","timestamp":"2021-10-15T16:24:41.400Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[MIGRATION] Read 0 migrations from the database","timestamp":"2021-10-15T16:24:41.427Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[MIGRATION] Platform already up to date, nothing to migrate","timestamp":"2021-10-15T16:24:41.427Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[MIGRATION] Migration process completed","timestamp":"2021-10-15T16:24:41.428Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[MIGRATION] Platform version updated to 5.0.0","timestamp":"2021-10-15T16:24:41.445Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[INIT] Platform initialization done","timestamp":"2021-10-15T16:24:41.445Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[OPENCTI] API ready on port 80","timestamp":"2021-10-15T16:24:42.165Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[OPENCTI] Expiration manager started","timestamp":"2021-10-15T16:24:42.166Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[OPENCTI] Task manager started","timestamp":"2021-10-15T16:24:42.166Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[STREAM] Starting stream processor for Rule manager","timestamp":"2021-10-15T16:24:42.189Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[OPENCTI] Rule engine started","timestamp":"2021-10-15T16:24:42.191Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[OPENCTI] Subscription manager started","timestamp":"2021-10-15T16:24:42.191Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[OPENCTI] Sync manager started","timestamp":"2021-10-15T16:24:42.192Z"} {"category":"APP","version":"5.0.0","level":"info","message":"[REDIS] Redis 'Rule manager' client ready","timestamp":"2021-10-15T16:24:42.194Z"}

CONFIG { "app": { "port": 80, "enabled": true, "https_cert": { "ca": [], "key": null, "crt": null, "reject_unauthorized": true, "cookie_secure": false }, "app_logs": { "logs_level": "info", "logs_files": true, "logs_console": true, "logs_max_files": 7, "logs_directory": "./logs" }, "audit_logs": { "logs_files": true, "logs_console": true, "logs_max_files": 7, "logs_directory": "./logs" }, "request_timeout": 120000, "session_timeout": 1200000, "session_manager": "shared", "rate_protection": { "time_window": 1, "max_requests": 10000 }, "concurrency": { "retry_count": 100, "retry_delay": 250, "retry_jitter": 100, "max_ttl": 60000, "extension_threshold": 5000 }, "base_path": "", "performance_logger": false, "map_tile_server_dark": "https://map.opencti.io/styles/1fdd936a-084b-46ac-a948-22ce1686aadf/{z}/{x}/{y}.png", "map_tile_server_light": "https://map.opencti.io/styles/klokantech-basic/{z}/{x}/{y}.png", "admin": { "email": "user@org.com", "password": "xxxxxxxxxxxxxxxxxx", "token": "xxxxxxxxxxxxxxxxxxxxxxxxxxx" } }, "rule_engine": { "enabled": true, "lock_key": "rule_engine_lock", "status_writing_delay": 2000 }, "task_scheduler": { "enabled": true, "lock_key": "task_manager_lock", "interval": 10000 }, "expiration_scheduler": { "enabled": true, "lock_key": "expired_manager_lock", "interval": 300000 }, "subscription_scheduler": { "enabled": true, "lock_key": "subscription_manager_lock", "interval": 10000 }, "sync_manager": { "enabled": true, "lock_key": "sync_manager_lock", "interval": 10000 }, "redis": { "namespace": "", "hostname": "localhost", "use_ssl": false, "ca": [], "port": 6379, "trimming": 0, "use_as_cache": false }, "elasticsearch": { "index_prefix": "opencti", "url": "http://localhost:9200", "index_creation_pattern": "-000001", "search_ignore_throttled": false, "max_pagination_result": 5000, "max_concurrency": 2 }, "minio": { "bucket_name": "opencti-bucket", "endpoint": "localhost", "port": 9000, "use_ssl": false, "access_key": "minio", "secret_key": "miniostorage" }, "rabbitmq": { "hostname": "localhost", "use_ssl": false, "ca": [], "port": 5672, "port_management": 15672, "management_ssl": false, "username": "guest", "password": "guest" }, "smtp": { "hostname": "localhost", "use_ssl": false, "reject_unauthorized": false, "port": 25, "username": "", "password": "", "from_email": "notifications@opencti.io" }, "providers": { "local": { "strategy": "LocalStrategy" } } }

START WORKER.PY sudo python3 worker.py & user@server:/opt/opencti$ python3 worker/worker.py & [1] 1748433 user@server:/opt/opencti$ INFO:root:Listing Threat-Actors with filters null. INFO:root:Getting connectors ...

Does the manual setup of OpenCTI come with or without default data? Do I need to have a connector setup to MISP for example to import data?

richard-julien commented 2 years ago

To answer your questions:

  1. Is the issue the lack of Grakn software installed? OpenCTI doesnt use typeDb anymore.

  2. Does the manual setup of OpenCTI come with or without default data? There is no data by default in opencti, you need to start some connectors.

  3. Do I need to have a connector setup to MISP for example to import data? Yes.

faustus25 commented 2 years ago

Good to know @richard-julien. I am populating the dashboard with the different connectors now.