search

TheHive-Project / TheHive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform
https://thehive-project.org
GNU Affero General Public License v3.0
3.42k stars 623 forks source link

not able to get all the alerts from misp #2242

Open Shraddha10rathor opened 2 years ago

Shraddha10rathor commented 2 years ago

Request Type

Bug

Work Environment

Question Answer
OS version (server) Ubuntu,
OS version (client) Ubuntu,
Virtualized Env. True / False
Dedicated RAM 9 GB
vCPU 4
TheHive version / git hash 4.1.11
Package Type Docker
Database Cassandra
Index type Elasticsearch

Problem Description

After Integrating TheHive with MISP, not getting all the events as alerts.

Steps to Reproduce

  1. In MISP, there are 230 events.
  2. Integrated TheHive with MISP.
  3. Restarted TheHive wait for some time.

On TheHive UI, I am able to see only 30 alerts, where as in the MISP I have 230 events,

Mikiped00 commented 2 years ago

I have the same problem as you, I could get an error about that. Hope it is useful:

[error] o.t.t.c.m.s.QueueIterator [|] Stream fails
java.util.concurrent.TimeoutException: Request timeout to 192.168.0.80/192.168.0.80:443 after 120000 ms
    at play.shaded.ahc.org.asynchttpclient.netty.timeout.TimeoutTimerTask.expire(TimeoutTimerTask.java:43)
    at play.shaded.ahc.org.asynchttpclient.netty.timeout.RequestTimeoutTimerTask.run(RequestTimeoutTimerTask.java:50)
    at play.shaded.ahc.io.netty.util.HashedWheelTimer$HashedWheelTimeout.expire(HashedWheelTimer.java:680)
    at play.shaded.ahc.io.netty.util.HashedWheelTimer$HashedWheelBucket.expireTimeouts(HashedWheelTimer.java:755)
    at play.shaded.ahc.io.netty.util.HashedWheelTimer$Worker.run(HashedWheelTimer.java:483)
    at play.shaded.ahc.io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
    at java.lang.Thread.run(Thread.java:748)
MU-03 commented 7 months ago

I am facing the same issue with TheHive 4 , how can I resolve this?

Pindinga1 commented 3 months ago

mismo problema.