OpenCTI and TheHive

[khoabui333]

Hi, I connected OpenCTI with TheHive by TheHive connector. Then, I analyze a case in TheHive by using Cortex and it returned me a report. However, my OpenCTI can only ingest the case from TheHive and the report cannot be ingested with the case.

Is there any method that can help me to bring the report from TheHive to OpenCTI. Thanks.

[cmandich]

@khoabui333 , this is an interesting feature request. I believe the current connector only imports alerts and cases.

Just to confirm, is this the connector you are referencing? https://github.com/OpenCTI-Platform/connectors/tree/master/external-import/thehive

[khoabui333]

yes, I already used it but it didn't allow me to import report to OpenCTI

[nino-filigran]

Thanks for your request. Indeed, the Hive only imports Cases (and not reports) and there's currently no way to import directly from the hive using the connector. Is there q specific reason why you would like to import reports from the Hive?