search

TheHive-Project / CortexDocs

Documentation of Cortex
https://docs.strangebee.com/cortex
GNU Affero General Public License v3.0
170 stars 122 forks source link

Analyzer installation - confusion?! #8

Closed HachimanSec closed 6 years ago

HachimanSec commented 6 years ago

Hi there,

I just installed cortex and try to find my way through the documentation about the following configuration of cortex and its analyzers.

The Cortex Analyzer Requirements Guide says it outlines the installation of the analyzers, but nothing is to be found. analyzers.md state that:

They are included in the Cortex binary, RPM and DEB packages

Looking at the installed package, I would assume that this is the right location:

dpgk -L cortex
...
/opt/cortex/lib
/opt/cortex/lib/org.scala-stm.scala-stm_2.11-0.7.jar
/opt/cortex/lib/com.typesafe.play.play-logback_2.11-2.5.9.jar
/opt/cortex/lib/io.netty.netty-transport-native-epoll-4.0.41.Final-linux-x86_64.jar
/opt/cortex/lib/com.typesafe.play.play-functional_2.11-2.5.9.jar

So when I configure the application.conf file, this should be the right setup:

  # Absolute path where you have pulled the Cortex-Analyzers repository.
  path = "/opt/cortex/lib/

Is this correct? Sorry, I just got a little bit confused by the various manuals.

Best regards, Tom

3c7 commented 6 years ago

Hey @TomHubGit, the Cortex-Analyzers can be found in a different Repository (https://github.com/TheHive-Project/Cortex-Analyzers) as they are developed individually and therefore have different release cycles. After you cloned the repository and installed the dependencies for the individual analyzers, you can use the path (e.g. /opt/Cortex-Analyzers/analyzers) to use the analyzers with cortex. Hope this helps. If you have further questions regarding analyzer installation, please reopen the issue.

HachimanSec commented 6 years ago

Thank you for your help @3c7 !