search

TheHive-Project / TheHive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform
https://thehive-project.org
GNU Affero General Public License v3.0
3.28k stars 609 forks source link

How connect Thehive to cassandra DB on Other server? #2295

Open artsec89 opened 2 years ago

artsec89 commented 2 years ago

Request Type

I want help.

Work Environment

Question Answer
OS version Thehive Ubuntu 18.4
OS version Cassandra Ubuntu 18.4
TheHive Version Version: 4.1.16-1
Database Cassandra 3.11.11
Index type Elasticsearch
Attachments storage Local
cqlsh Veriosn 5.0.1

Question

Hey Guys,

I have a problem connecting TheHive to remote Cassandra. I install the stable version of TheHive to a server with IP A as Core Node and Install Cassandra stable version on a separated server with IP B as Data Node. Now I wanna connect TheHive to Cassandra but not working. I tested the connectivity of servers with cqlsh and got this error message: ('Unable to connect to any servers', {'IP B': error(111, "Tried connecting to [('IP B', 4092)]. Last error: Connection refused")})

This architecture works if install Cassandra on the same server with TheHive but when installing on the separate server it does not work.

The configuration of TheHive for connect to Cassandra on application.conf file as below:

db.janusgraph { storage {

Cassandra configuration

# More information at https://docs.janusgraph.org/basics/configuration-reference/#storagecql
backend: cql
hostname: ["IP B"]
# Cassandra authentication (if configured)
username: "cassandra"
password: "cassandra"
cql {
  cluster-name: thp
  keyspace: thehive
}

}

I follow this link to configuring Cassandra to accept remote connection but it is not working: https://newbedev.com/how-to-configure-cassandra-for-remote-connection

Can anyone help me with this issue?

b3belov commented 2 years ago

Connection refused means that the port you are trying to connect to is not actually open.

So either you are connecting to the wrong IP address, or to the wrong port, or the server is listening on the wrong port, or is not actually running.

Сonsidering you are trying to connect to different host:

  1. Check FW between host A and host B
  2. Check local FW on Cassandra host, TCP 4092 should be open
  3. Check if Cassandra is listening on 4092 port netstat -tulpn | grep 4092