Kedae
commented
2 days ago It seems to be the minio access_key that is failing
Open vanitasKE opened 2 days ago
Kedae
commented
2 days ago It seems to be the minio access_key that is failing
vanitasKE
commented
2 days ago @Kedae Hi, And how do i fix it?
It was run in swarm with docker stack -deploy.
When i try it with docker-compose up -d i got following:
{"category":"APP","cause":{"_error":{},"_showLocations":false,"_showPath":false,"data":{"cause":{},"genre":"TECHNICAL","http_status":500},"internalData":{},"name":"DATABASE_ERROR","time_thrown":"2024-07-01T07:10:33.919Z"},"level":"error","message":"[OPENCTI] System dependencies check failed","source":"backend","timestamp":"2024-07-01T07:10:33.919Z","version":"6.2.0"} {"category":"APP","errors":[{"attributes":{"genre":"TECHNICAL","http_status":500},"message":"RabbitMQ seems down","name":"DATABASE_ERROR","stack":"DATABASE_ERROR: RabbitMQ seems down\n at error (/opt/opencti/build/src/config/errors.js:8:10)\n at DatabaseError (/opt/opencti/build/src/config/errors.js:58:48)\n at /opt/opencti/build/src/database/rabbitmq.js:242:13\n at processTicksAndRejections (node:internal/process/task_queues:95:5)\n at checkSystemDependencies (/opt/opencti/build/src/initialization.js:37:3)\n at platformStart (/opt/opencti/build/src/boot.js:14:7)"},{"message":"Handshake terminated by server: 403 (ACCESS-REFUSED) with message \"ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.\"","name":"Error","stack":"Error: Handshake terminated by server: 403 (ACCESS-REFUSED) with message \"ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.\"\n at k (/opt/opencti/build/node_modules/amqplib/lib/connection.js:172:16)\n at cb (/opt/opencti/build/node_modules/amqplib/lib/connection.js:107:11)\n at Socket.recv (/opt/opencti/build/node_modules/amqplib/lib/connection.js:456:9)\n at Object.onceWrapper (node:events:633:28)\n at Socket.emit (node:events:519:28)\n at emitReadable_ (node:internal/streams/readable:832:12)\n at processTicksAndRejections (node:internal/process/task_queues:81:21)"}],"level":"error","message":"RabbitMQ seems down","source":"backend","timestamp":"2024-07-01T07:10:33.921Z","version":"6.2.0"}
Kedae
commented
2 days ago It comes from the configuration you provide. Either a user/password for minio or a accesKey
vanitasKE
commented
2 days ago i used this : https://docs.opencti.io/latest/deployment/installation/#using-docker
and got random uuid in
MINIO_ROOT_USER=$(cat /proc/sys/kernel/random/uuid)
MINIO_ROOT_PASSWORD=$(cat /proc/sys/kernel/random/uuid)
sudo apt install -y jq cd ~/docker (cat << EOF OPENCTI_ADMIN_EMAIL=admin@opencti.io OPENCTI_ADMIN_PASSWORD=ChangeMePlease OPENCTI_ADMIN_TOKEN=$(cat /proc/sys/kernel/random/uuid) OPENCTI_BASE_URL=http://localhost:8080 MINIO_ROOT_USER=$(cat /proc/sys/kernel/random/uuid) MINIO_ROOT_PASSWORD=$(cat /proc/sys/kernel/random/uuid) RABBITMQ_DEFAULT_USER=guest RABBITMQ_DEFAULT_PASS=guest ELASTIC_MEMORY_SIZE=4G CONNECTOR_HISTORY_ID=$(cat /proc/sys/kernel/random/uuid) CONNECTOR_EXPORT_FILE_STIX_ID=$(cat /proc/sys/kernel/random/uuid) CONNECTOR_EXPORT_FILE_CSV_ID=$(cat /proc/sys/kernel/random/uuid) CONNECTOR_IMPORT_FILE_STIX_ID=$(cat /proc/sys/kernel/random/uuid) CONNECTOR_EXPORT_FILE_TXT_ID=$(cat /proc/sys/kernel/random/uuid) CONNECTOR_IMPORT_DOCUMENT_ID=$(cat /proc/sys/kernel/random/uuid) SMTP_HOSTNAME=localhost EOF ) > .env
Kedae
commented
2 days ago You need to update the configuration in order to match your actual configuration with correct user/password
vanitasKE
commented
2 days ago sorry but i still dont understand what to do ...
I exported all variables in .env and run docker what should i change when it randomly created uuid?
Kedae
commented
2 days ago Ok I might have missed something. Let's start from the beginning.
The error you got in your first message is from minio (aws-sdk) because it failed to connect with your provided credentials Can you check the configuration of your minio (user, password, accessKey, ...) in order to access to opencti_bucket.
That configuration needs to match the one in your .env file.
Hope it's clearer, or have I missed something ?
vanitasKE
commented
2 days ago Here is what i did:
vim docker-compose.yml `version: '3' services: redis: image: redis:7.2.5 restart: always volumes:
redisdata:/data elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch:8.13.4 volumes:
esdata:/usr/share/elasticsearch/data environment:
discovery.type=single-node
xpack.ml.enabled=false
xpack.security.enabled=false
thread_pool.search.queue_size=5000
logger.org.elasticsearch.discovery="ERROR"
"ES_JAVA_OPTS=-Xms${ELASTIC_MEMORY_SIZE} -Xmx${ELASTIC_MEMORY_SIZE}" restart: always ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 minio: image: minio/minio:RELEASE.2024-05-28T17-19-04Z # Use "minio/minio:RELEASE.2024-05-28T17-19-04Z-cpuv1" to troubleshoot compatibility issues with CPU volumes:
s3data:/data ports:
"9000:9000" environment: MINIO_ROOT_USER: ${MINIO_ROOT_USER} MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD} command: server /data restart: always rabbitmq: image: rabbitmq:3.13-management environment:
RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER}
RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS}
RABBITMQ_NODENAME=rabbit01@localhost volumes:
amqpdata:/var/lib/rabbitmq restart: always opencti: image: opencti/platform:6.2.0 environment:
NODE_OPTIONS=--max-old-space-size=8096
APP__PORT=8080
APP__BASE_URL=${OPENCTI_BASE_URL}
APPADMINEMAIL=${OPENCTI_ADMIN_EMAIL}
APPADMINPASSWORD=${OPENCTI_ADMIN_PASSWORD}
APPADMINTOKEN=${OPENCTI_ADMIN_TOKEN}
APP__APP_LOGS__LOGS_LEVEL=error
REDIS__HOSTNAME=redis
REDIS__PORT=6379
ELASTICSEARCH__URL=http://elasticsearch:9200
MINIO__ENDPOINT=minio
MINIO__PORT=9000
MINIO__USE_SSL=false
MINIO__ACCESS_KEY=${MINIO_ROOT_USER}
MINIO__SECRET_KEY=${MINIO_ROOT_PASSWORD}
RABBITMQ__HOSTNAME=rabbitmq
RABBITMQ__PORT=5672
RABBITMQ__PORT_MANAGEMENT=15672
RABBITMQ__MANAGEMENT_SSL=false
RABBITMQ__USERNAME=${RABBITMQ_DEFAULT_USER}
RABBITMQ__PASSWORD=${RABBITMQ_DEFAULT_PASS}
SMTP__HOSTNAME=${SMTP_HOSTNAME}
SMTP__PORT=25
PROVIDERSLOCALSTRATEGY=LocalStrategy ports:
"8080:8080" depends_on:
redis
elasticsearch
minio
rabbitmq restart: always worker: image: opencti/worker:6.2.0 environment:
OPENCTI_URL=http://opencti:8080
OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
WORKER_LOG_LEVEL=info depends_on:
opencti deploy: mode: replicated replicas: 20 restart: always connector-export-file-stix: image: opencti/connector-export-file-stix:6.2.0 environment:
OPENCTI_URL=http://opencti:8080
OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_STIX_ID} # Valid UUIDv4
CONNECTOR_TYPE=INTERNAL_EXPORT_FILE
CONNECTOR_NAME=ExportFileStix2
CONNECTOR_SCOPE=application/json
CONNECTOR_LOG_LEVEL=info restart: always depends_on:
opencti connector-export-file-csv: image: opencti/connector-export-file-csv:6.2.0 environment:
OPENCTI_URL=http://opencti:8080
OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_CSV_ID} # Valid UUIDv4
CONNECTOR_TYPE=INTERNAL_EXPORT_FILE
CONNECTOR_NAME=ExportFileCsv
CONNECTOR_SCOPE=text/csv
CONNECTOR_LOG_LEVEL=info restart: always depends_on:
opencti connector-export-file-txt: image: opencti/connector-export-file-txt:6.2.0 environment:
OPENCTI_URL=http://opencti:8080
OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_TXT_ID} # Valid UUIDv4
CONNECTOR_TYPE=INTERNAL_EXPORT_FILE
CONNECTOR_NAME=ExportFileTxt
CONNECTOR_SCOPE=text/plain
CONNECTOR_LOG_LEVEL=info restart: always depends_on:
opencti connector-import-file-stix: image: opencti/connector-import-file-stix:6.2.0 environment:
OPENCTI_URL=http://opencti:8080
OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
CONNECTOR_ID=${CONNECTOR_IMPORT_FILE_STIX_ID} # Valid UUIDv4
CONNECTOR_TYPE=INTERNAL_IMPORT_FILE
CONNECTOR_NAME=ImportFileStix
CONNECTOR_VALIDATE_BEFORE_IMPORT=true # Validate any bundle before import
CONNECTOR_SCOPE=application/json,text/xml
CONNECTOR_AUTO=true # Enable/disable auto-import of file
CONNECTOR_LOG_LEVEL=info restart: always depends_on:
opencti connector-import-document: image: opencti/connector-import-document:6.2.0 environment:
OPENCTI_URL=http://opencti:8080
OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
CONNECTOR_ID=${CONNECTOR_IMPORT_DOCUMENT_ID} # Valid UUIDv4
CONNECTOR_TYPE=INTERNAL_IMPORT_FILE
CONNECTOR_NAME=ImportDocument
CONNECTOR_VALIDATE_BEFORE_IMPORT=true # Validate any bundle before import
CONNECTOR_SCOPE=application/pdf,text/plain,text/html
CONNECTOR_AUTO=true # Enable/disable auto-import of file
CONNECTOR_ONLY_CONTEXTUAL=false # Only extract data related to an entity (a report, a threat actor, etc.)
CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
CONNECTOR_LOG_LEVEL=info
IMPORT_DOCUMENT_CREATE_INDICATOR=true restart: always depends_on:
opencti connector-analysis: image: opencti/connector-import-document:6.2.0 environment:
OPENCTI_URL=http://opencti:8080
OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
CONNECTOR_ID=${CONNECTOR_ANALYSIS_ID} # Valid UUIDv4
CONNECTOR_TYPE=INTERNAL_ANALYSIS
CONNECTOR_NAME=ImportDocumentAnalysis
CONNECTOR_VALIDATE_BEFORE_IMPORT=false # Validate any bundle before import
CONNECTOR_SCOPE=application/pdf,text/plain,text/html
CONNECTOR_AUTO=true # Enable/disable auto-import of file
CONNECTOR_ONLY_CONTEXTUAL=false # Only extract data related to an entity (a report, a threat actor, etc.)
CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
CONNECTOR_LOG_LEVEL=info restart: always depends_on:
opencti connector-eset: image: opencti/connector-eset:6.0.10 environment:
OPENCTI_URL=http://opencti:8080
OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
CONNECTOR_ID=${CONNECTOR_ESET_ID}
CONNECTOR_TYPE=EXTERNAL_IMPORT
"CONNECTOR_NAME=ESET-Cyber Threat Inteligence"
CONNECTOR_SCOPE=eset-ip
CONNECTOR_CONFIDENCE_LEVEL=30 # From 0 (Unknown) to 100 (Fully trusted)
CONNECTOR_UPDATE_EXISTING_DATA=true
CONNECTOR_LOG_LEVEL=info
ESET_API_URL=eti.eset.com
ESET_USERNAME=myusername
ESET_PASSWORD=mypassword
ESET_COLLECTIONS=ei.ip,ei.domains v2
ESET_IMPORT_APT_REPORTS=false
ESET_IMPORT_START_DATE=2024-05-13
ESET_CREATE_OBSERVABLES=true
ESET_INTERVAL=10 # Required, in minutes restart: always depends_on:
opencti
volumes: esdata: s3data: redisdata: amqpdata: `
7.docker swarm init 8.sudo cat .env >> /etc/environment
TZ=:/etc/localtime OPENCTI_ADMIN_EMAIL=admin@opencti.io OPENCTI_ADMIN_PASSWORD=ChangeMePlease OPENCTI_ADMIN_TOKEN=c941f485-7904-41f5-9af3-b0d475c27ad3 OPENCTI_BASE_URL=http://localhost:8080 MINIO_ROOT_USER=5efd703f-2f0f-415f-b6f4-8ad2e9434f7e MINIO_ROOT_PASSWORD=ebe784a7-7331-4cd7-90e3-2a154ac8cdf7 RABBITMQ_DEFAULT_USER=guest RABBITMQ_DEFAULT_PASS=guest ELASTIC_MEMORY_SIZE=4G CONNECTOR_HISTORY_ID=cb03cc8e-6cf7-4cfa-b9ec-e0ca231ca025 CONNECTOR_EXPORT_FILE_STIX_ID=b80651f8-f2b8-4cb0-8e61-0a55441f2dbe CONNECTOR_EXPORT_FILE_CSV_ID=e574e65a-a81a-4aa8-8ff6-d8df71e85536 CONNECTOR_IMPORT_FILE_STIX_ID=3a05b222-607c-4917-ae18-20466a65b199 CONNECTOR_EXPORT_FILE_TXT_ID=99034ee4-30ad-48f5-bcc7-be468f4eeaef CONNECTOR_IMPORT_DOCUMENT_ID=09a42d6f-a1a5-47a4-b0cb-7abf1e9496bf SMTP_HOSTNAME=localhost CONNECTOR_ESET_ID=fa581acf-9f35-4f62-8ee6-57deb8711273
s udo docker stack deploy --compose-file docker-compose.yml opencti and this does nothing:
(prod) root@docker $ docker service ls ID NAME MODE REPLICAS IMAGE PORTS lyhpmymy5umv opencti_connector-analysis replicated 0/1 opencti/connector-import-document:6.2.0 9l9ahgiv4jiw opencti_connector-eset replicated 0/1 opencti/connector-eset:6.0.10 jwjhoqzcvhcc opencti_connector-export-file-csv replicated 0/1 opencti/connector-export-file-csv:6.2.0 i40gq1p60wcs opencti_connector-export-file-stix replicated 0/1 opencti/connector-export-file-stix:6.2.0 pgovssn8k7b6 opencti_connector-export-file-txt replicated 0/1 opencti/connector-export-file-txt:6.2.0 k6bwm9wvozj4 opencti_connector-import-document replicated 0/1 opencti/connector-import-document:6.2.0 om3dars5nfei opencti_connector-import-file-stix replicated 0/1 opencti/connector-import-file-stix:6.2.0 0x4wf91swa4t opencti_elasticsearch replicated 0/1 docker.elastic.co/elasticsearch/elasticsearch:8.13.4 iw7woj8hnef7 opencti_minio replicated 0/1 minio/minio:RELEASE.2024-05-28T17-19-04Z *:9000->9000/tcp kw7tp381ixpu opencti_opencti replicated 0/1 opencti/platform:6.2.0 *:8080->8080/tcp ricyf8uywguq opencti_rabbitmq replicated 0/1 rabbitmq:3.13-management ibj5czdgtfb4 opencti_redis replicated 0/1 redis:7.2.5 cyo6tzw83n9h opencti_worker replicated 0/20 opencti/worker:6.2.0
vanitasKE
commented
2 days ago Hello, This is my current setup, i tried everything from scratch:
`cat .env OPENCTI_ADMIN_EMAIL=admin@opencti.io OPENCTI_ADMIN_PASSWORD=changeme OPENCTI_ADMIN_TOKEN=fa35aeff-9b68-4cd4-8c36-b7fa39a2f9ce OPENCTI_BASE_URL=http://localhost:8080 MINIO_ROOT_USER=opencti MINIO_ROOT_PASSWORD=changeme RABBITMQ_DEFAULT_USER=opencti RABBITMQ_DEFAULT_PASS=changeme CONNECTOR_EXPORT_FILE_STIX_ID=dd817c8b-abae-460a-9ebc-97b1551e70e6 CONNECTOR_EXPORT_FILE_CSV_ID=7ba187fb-fde8-4063-92b5-c3da34060dd7 CONNECTOR_EXPORT_FILE_TXT_ID=ca715d9c-bd64-4351-91db-33a8d728a58b CONNECTOR_IMPORT_FILE_STIX_ID=72327164-0b35-482b-b5d6-a5a3f76b845f CONNECTOR_IMPORT_DOCUMENT_ID=c3970f8a-ce4b-4497-a381-20b7256f56f0 CONNECTOR_ANALYSIS_ID=4dffd77c-ec11-4abe-bca7-fd997f79fa36 SMTP_HOSTNAME=localhost ELASTIC_MEMORY_SIZE=4G CONNECTOR_ESET_ID=fa581acf-9f35-4f62-8ee6-57deb8711273
cat /etc/environment TZ=:/etc/localtime
OPENCTI_ADMIN_EMAIL=admin@opencti.io OPENCTI_ADMIN_PASSWORD=changeme OPENCTI_ADMIN_TOKEN=fa35aeff-9b68-4cd4-8c36-b7fa39a2f9ce OPENCTI_BASE_URL=http://localhost:8080 MINIO_ROOT_USER=opencti MINIO_ROOT_PASSWORD=changeme RABBITMQ_DEFAULT_USER=opencti RABBITMQ_DEFAULT_PASS=changeme CONNECTOR_EXPORT_FILE_STIX_ID=dd817c8b-abae-460a-9ebc-97b1551e70e6 CONNECTOR_EXPORT_FILE_CSV_ID=7ba187fb-fde8-4063-92b5-c3da34060dd7 CONNECTOR_EXPORT_FILE_TXT_ID=ca715d9c-bd64-4351-91db-33a8d728a58b CONNECTOR_IMPORT_FILE_STIX_ID=72327164-0b35-482b-b5d6-a5a3f76b845f CONNECTOR_IMPORT_DOCUMENT_ID=c3970f8a-ce4b-4497-a381-20b7256f56f0 CONNECTOR_ANALYSIS_ID=4dffd77c-ec11-4abe-bca7-fd997f79fa36 SMTP_HOSTNAME=localhost ELASTIC_MEMORY_SIZE=4G CONNECTOR_ESET_ID=fa581acf-9f35-4f62-8ee6-57deb8711273
cat docker-compose.yml version: '3' services: redis: image: redis:7.2.5 restart: always volumes:
volumes: esdata: s3data: redisdata: amqpdata:
docker service ls ID NAME MODE REPLICAS IMAGE PORTS qwzl74yncoq3 opencti_connector-analysis replicated 0/1 opencti/connector-import-document:6.2.0 uluvz7zfwgty opencti_connector-eset replicated 0/1 opencti/connector-eset:6.0.10 reqk78x1c7n2 opencti_connector-export-file-csv replicated 0/1 opencti/connector-export-file-csv:6.2.0 jlywo30osjzh opencti_connector-export-file-stix replicated 1/1 opencti/connector-export-file-stix:6.2.0 prtopge1wce6 opencti_connector-export-file-txt replicated 0/1 opencti/connector-export-file-txt:6.2.0 mmk7wc2lmjq2 opencti_connector-import-document replicated 0/1 opencti/connector-import-document:6.2.0 o8yvlhsi86rp opencti_connector-import-file-stix replicated 0/1 opencti/connector-import-file-stix:6.2.0 ftkvpcsk376e opencti_elasticsearch replicated 0/1 docker.elastic.co/elasticsearch/elasticsearch:8.13.4 r6ke3c8906bl opencti_minio replicated 1/1 minio/minio:RELEASE.2024-05-28T17-19-04Z :9000->9000/tcp fxckee97auxv opencti_opencti replicated 0/1 opencti/platform:6.2.0 :8080->8080/tcp phr04u66wzir opencti_rabbitmq replicated 1/1 rabbitmq:3.13-management thzesxg0z1og opencti_redis replicated 1/1 redis:7.2.5 nnkgmdasexbj opencti_worker replicated 0/20 opencti/worker:6.2.0
docker images REPOSITORY TAG IMAGE ID CREATED SIZE opencti/platform 6.2.0 828b35b0f98c 2 days ago 1.67GB opencti/worker 6.2.0 24446b2105bf 2 days ago 99.8MB opencti/connector-export-file-csv 6.2.0 db312443ed7f 2 days ago 108MB opencti/connector-export-file-txt 6.2.0 ee9a7e4c84a7 2 days ago 108MB opencti/connector-export-file-stix 6.2.0 979a4984affb 2 days ago 108MB opencti/connector-import-document 6.2.0 fc410b6487e9 2 days ago 1.14GB opencti/connector-import-file-stix 6.2.0 c51721787370 2 days ago 216MB minio/minio RELEASE.2024-05-28T17-19-04Z eed5706f8f3a 3 weeks ago 161MB redis 7.2.5 aceb1262c1ea 5 weeks ago 117MB docker.elastic.co/elasticsearch/elasticsearch 8.13.4 6ec1955d99e9 7 weeks ago 1.23GB opencti/connector-eset 6.0.10 4884a831b5b5 2 months ago 119MB rabbitmq 3.13-management a3ec5b263b8e 4 months ago 251MB`
vanitasKE
commented
2 days ago Current error from worker logs
nnkgmdasexbj opencti_worker replicated 8/20 opencti/worker:6.2.0 docker service logs nnkgmdasexbj
opencti_worker.19.u8rf2trmbctv@bts-opencti-eti01 | ValueError: A TOKEN must be set opencti_worker.20.69hp8hdez0zk@bts-opencti-eti01 | ValueError: A TOKEN must be set opencti_worker.5.yligxejph7hv@bts-opencti-eti01 | File "<string>", line 6, in __init__ opencti_worker.3.05dv7g1k5ozb@bts-opencti-eti01 | raise ValueError("A TOKEN must be set") opencti_worker.5.yligxejph7hv@bts-opencti-eti01 | File "/opt/opencti-worker/worker.py", line 385, in __post_init__ opencti_worker.3.05dv7g1k5ozb@bts-opencti-eti01 | ValueError: A TOKEN must be set opencti_worker.5.yligxejph7hv@bts-opencti-eti01 | self.api = OpenCTIApiClient( opencti_worker.5.yligxejph7hv@bts-opencti-eti01 | ^^^^^^^^^^^^^^^^^ opencti_worker.5.yligxejph7hv@bts-opencti-eti01 | File "/usr/local/lib/python3.12/site-packages/pycti/api/opencti_api_client.py", line 126, in __init__ opencti_worker.11.3dsx3d4ynimz@bts-opencti-eti01 | Traceback (most recent call last): opencti_worker.11.3dsx3d4ynimz@bts-opencti-eti01 | File "/opt/opencti-worker/worker.py", line 466, in <module> opencti_worker.5.yligxejph7hv@bts-opencti-eti01 | raise ValueError("A TOKEN must be set") opencti_worker.11.3dsx3d4ynimz@bts-opencti-eti01 | worker = Worker() opencti_worker.5.yligxejph7hv@bts-opencti-eti01 | ValueError: A TOKEN must be set opencti_worker.11.3dsx3d4ynimz@bts-opencti-eti01 | ^^^^^^^^
Prerequisites
Description
Hello, I have to error while starting opencti. 1 is for logs from opencti platform ;
opencti_opencti.1.mf0s78zcqev6@bts-opencti | Mon, 01 Jul 2024 06:59:50 GMT express-session deprecated req.secret; provide secret option at node:internal/modules/cjs/loader:1358:14 opencti_opencti.1.mf0s78zcqev6@bts-opencti | {"category":"APP","cause":{"$fault":"client","$metadata":{"attempts":1,"extendedRequestId":"dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8","httpStatusCode":403,"requestId":"17DE049FC8F54190","totalRetryDelay":0},"BucketName":"opencti-bucket","Code":"InvalidAccessKeyId","HostId":"dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8","RequestId":"17DE049FC8F54190","Resource":"/opencti-bucket/","message":"The Access Key Id you provided does not exist in our records.","name":"InvalidAccessKeyId"},"level":"error","message":"[OPENCTI] System dependencies check failed","source":"backend","timestamp":"2024-07-01T06:59:52.025Z","version":"6.2.0"} opencti_opencti.1.mf0s78zcqev6@bts-opencti | {"category":"APP","errors":[{"attributes":{"genre":"TECHNICAL","http_status":500},"message":"The Access Key Id you provided does not exist in our records.","name":"UNKNOWN_ERROR","stack":"UNKNOWN_ERROR: The Access Key Id you provided does not exist in our records.\n at error (/opt/opencti/build/src/config/errors.js:8:10)\n at UnknownError (/opt/opencti/build/src/config/errors.js:82:47)\n at Object._logWithError (/opt/opencti/build/src/config/conf.js:235:17)\n at Object.error (/opt/opencti/build/src/config/conf.js:244:48)\n at platformStart (/opt/opencti/build/src/boot.js:41:12)\n at processTicksAndRejections (node:internal/process/task_queues:95:5)"},{"message":"The Access Key Id you provided does not exist in our records.","name":"InvalidAccessKeyId","stack":"InvalidAccessKeyId: The Access Key Id you provided does not exist in our records.\n at throwDefaultError (/opt/opencti/build/node_modules/@smithy/smithy-client/dist-cjs/index.js:838:20)\n at throwDefaultError (/opt/opencti/build/node_modules/@smithy/smithy-client/dist-cjs/index.js:847:5)\n at de_CommandError (/opt/opencti/build/node_modules/@aws-sdk/client-s3/dist-cjs/index.js:4748:14)\n at processTicksAndRejections (node:internal/process/task_queues:95:5)\n at /opt/opencti/build/node_modules/@smithy/middleware-serde/dist-cjs/index.js:35:20\n at /opt/opencti/build/node_modules/@aws-sdk/middleware-signing/dist-cjs/index.js:226:18\n at /opt/opencti/build/node_modules/@smithy/middleware-retry/dist-cjs/index.js:320:38\n at /opt/opencti/build/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:98:20\n at /opt/opencti/build/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:121:14\n at /opt/opencti/build/node_modules/@aws-sdk/middleware-logger/dist-cjs/index.js:34:22\n at initializeBucket (/opt/opencti/build/src/database/file-storage.js:93:5)\n at storageInit (/opt/opencti/build/src/database/file-storage.js:110:3)\n at checkSystemDependencies (/opt/opencti/build/src/initialization.js:34:3)\n at platformStart (/opt/opencti/build/src/boot.js:14:7)"}],"level":"error","message":"**The Access Key Id you provided does not exist in our records.**","source":"backend","timestamp":"2024-07-01T06:59:52.028Z","version":"6.2.0"}and 2 is from logs for workers.File "/usr/local/lib/python3.12/site-packages/pycti/api/opencti_api_client.py", line 126, in __init__ opencti_worker.13.liuv4lj08uja@opencti | File "/usr/local/lib/python3.12/site-packages/pycti/api/opencti_api_client.py", line 126, in __init__ opencti_worker.19.j6cfldkhv88k@opencti | raise ValueError("A TOKEN must be set") opencti_worker.19.j6cfldkhv88k@opencti | ValueError: A TOKEN must be set opencti_worker.13.liuv4lj08uja@opencti | raise ValueError("A TOKEN must be set") opencti_worker.20.yx5vbypqi2ns@opencti | Traceback (most recent call last): opencti_worker.13.liuv4lj08uja@opencti | ValueError: A TOKEN must be setCan you please tell me what is this error? and how to fix it? Which toekn should i set?
Environment
Reproducible Steps
Steps to create the smallest reproducible scenario:
Additional information