search

OpenCTI-Platform / opencti

Open Cyber Threat Intelligence Platform
https://opencti.io
Other
6.12k stars 907 forks source link

Unable to connect to the CVE connector #7794

Open icedance-02 opened 1 month ago

icedance-02 commented 1 month ago

Unable to connect to the CVE connector, an error occurred when running OpenCTI. When using Docker logs CVE to check, the error log is as follows:

Description

{"timestamp": "2024-07-24T05:54:28.060382Z", "level": "ERROR", "name": "pika.adapters.utils.selector_ioloop_adapter", "message": "Address resolution failed: gaierror(-2, 'Name does not resolve')"} {"timestamp": "2024-07-24T05:54:28.060607Z", "level": "ERROR", "name": "pika.adapters.utils.connection_workflow", "message": "getaddrinfo failed: gaierror(-2, 'Name does not resolve')."} {"timestamp": "2024-07-24T05:54:28.060687Z", "level": "ERROR", "name": "pika.adapters.utils.connection_workflow", "message": "AMQP connection workflow failed: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - gaierror(-2, 'Name does not resolve'); first exception - None."} {"timestamp": "2024-07-24T05:54:28.060730Z", "level": "ERROR", "name": "pika.adapters.utils.connection_workflow", "message": "AMQPConnectionWorkflow - reporting failure: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - gaierror(-2, 'Name does not resolve'); first exception - None"} {"timestamp": "2024-07-24T05:54:28.060788Z", "level": "ERROR", "name": "pika.adapters.blocking_connection", "message": "Connection workflow failed: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - gaierror(-2, 'Name does not resolve'); first exception - None"} {"timestamp": "2024-07-24T05:54:28.061079Z", "level": "ERROR", "name": "pika.adapters.blocking_connection", "message": "Error in _create_connection().", "exc_info": "Traceback (most recent call last):\n File \"/usr/local/lib/python3.11/site-packages/pika/adapters/blocking_connection.py\", line 451, in _create_connection\n raise self._reap_last_connection_workflow_error(error)\n File \"/usr/local/lib/python3.11/site-packages/pika/adapters/utils/selector_ioloop_adapter.py\", line 565, in _resolve\n result = socket.getaddrinfo(self._host, self._port, self._family,\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.11/socket.py\", line 962, in getaddrinfo\n for res in _socket.getaddrinfo(host, port, family, type, proto, flags):\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\nsocket.gaierror: [Errno -2] Name does not resolve"} {"timestamp": "2024-07-24T05:54:28.061686Z", "level": "ERROR", "name": "Common Vulnerabilities and Exposures", "message": "[CONNECTOR] Error while processing data: [Errno -2] Name does not resolve", "exc_info": "Traceback (most recent call last):\n File \"/opt/opencti-connector-cve/connector/cveConnector.py\", line 245, in process_data\n self._import_history(start_date, end_date, work_id)\n File \"/opt/opencti-connector-cve/connector/cveConnector.py\", line 156, in _import_history\n self.converter.send_bundle(cve_params, work_id)\n File \"/opt/opencti-connector-cve/services/converter/vulnerabilityToStix2.py\", line 42, in send_bundle\n self.helper.send_stix2_bundle(\n File \"/usr/local/lib/python3.11/site-packages/pycti/connector/opencti_connector_helper.py\", line 1306, in send_stix2_bundle\n pika_connection = pika.BlockingConnection(pika_parameters)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.11/site-packages/pika/adapters/blocking_connection.py\", line 360, in init\n self._impl = self._create_connection(parameters, _impl_class)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.11/site-packages/pika/adapters/blocking_connection.py\", line 451, in _create_connection\n raise self._reap_last_connection_workflow_error(error)\n File \"/usr/local/lib/python3.11/site-packages/pika/adapters/utils/selector_ioloop_adapter.py\", line 565, in _resolve\n result = socket.getaddrinfo(self._host, self._port, self._family,\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.11/socket.py\", line 962, in getaddrinfo\n for res in _socket.getaddrinfo(host, port, family, type, proto, flags):\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\nsocket.gaierror: [Errno -2] Name does not resolve"}

DNS config

[root@iZevyve9qnjsesZ ~]# docker exec -it cve_connector-cve_1 /bin/sh / # cat /etc/resolv.conf

Generated by Docker Engine.

This file can be edited; Docker Engine will not make further changes once it

has been modified.

nameserver 8.8.8.8 options timeout:2 attempts:3 rotate single-request-reopen ndots:0

Based on host file: '/etc/resolv.conf' (internal resolver)

ExtServers: [8.8.8.8]

Overrides: [nameservers]

Option ndots from: internal

so,How can I solve this problem? thanks.

romain-filigran commented 1 month ago

I have the impression that the CVE connector is not deployed in the same Docker context as OpenCTI. It's right ? The error indicate that the CVE connector container is not able to contact "RabbitMQ" service. Is it possible for you to deploy this connector with OpenCTI platform docker (same docker-compose.yml file for example). If not, you will have to:

  1. Expose rabbitmq port outside
  2. Certainly add a DNS resolution on the host to point to "rabbitmq" name
Jipegien commented 3 weeks ago

@icedance-02 Have you solved your problem with the above information?