search

TheHive-Project / TheHive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform
https://thehive-project.org
GNU Affero General Public License v3.0
3.28k stars 605 forks source link

Data backup and restoration on Ubuntu running TheHive 3.4.1 - User Init not found [Bug] #2427

Open iZAK328 opened 1 year ago

iZAK328 commented 1 year ago

Request Type

Bug

Work Environment

Question Answer
OS version (server) Ubuntu 18.04.5
OS version (client) Windows 10
Virtualized Env. True
Dedicated RAM 8 GB
vCPU 2
TheHive version / git hash 3.4.1
Package Type DEB
Database Elasticsearch
Index type Elasticsearch
Attachments storage Local
Browser type & version Chrome

Problem Description

I had tried performing a backup and restore of the data on the Ubuntu VM running thehive 3.4.1

I had followed the steps provided in this given documentation Moving Data from one server to another

All the above steps from registering a repo, backing up and restoring the data resulted in output as mentioned in the documentation

{"acknowledged":true}

NOTE: ALl of these above steps were performed after stopping the Hive service.

Steps to Reproduce

Steps to backup and restore

  1. Creating backup repository

        path.repo: ["/opt/thehivebackup"]

  2. Registering the snapshot repository

        curl -XPUT 'http://localhost:9200/_snapshot/thehive_backup' -H 'Content-Type: application/json' -d '   V{
        "type": "fs",
        "settings": {
            "location": "/opt/thehivebackup",
            "compress": true
        }
    }'

  3. Backing up the data

        curl -XPUT 'http://localhost:9200/_snapshot/thehive_backup/snapshot_1?wait_for_completion=true&pretty' -H 'Content-Type: application/json' -d '{
    "indices": "test_the_hive_15"
    }'
    • RESPONSE 
          {
        "snapshots": [{
            "snapshot": "snapshot_1",
            "uuid": "fFJMYRGlTz6HWSQuei91Zg",
            "version_id": 6080499,
            "version": "6.8.4",
            "indices": [
                "test_the_hive_15"
            ],
            "state": "SUCCESS",
            "start_time": "2022-10-17T15:14:35.766Z",
            "start_time_in_millis": 1666019675766,
            "end_time": "2022-10-17T15:14:36.473Z",
            "end_time_in_millis": 1666019676473,
            "duration_in_millis": 707,
            "failures": [],
            "shards": {
            "total": 5,
            "failed": 0,
            "successful": 5
            }
        }]
    }

  4. Restoring the data

        curl -XPOST "http://localhost:9200/_snapshot/thehive_backup/snapshot_1/_restore" -H 'Content-Type: application/json' -d '
    {
    "indices": "test_the_hive_15"
    }'

  5. Renaming the index

    
    curl "localhost:9200/_reindex" -H 'Content-Type: application/json' -d '
    {
        "source": {
            "index": "test_the_hive_15"
        },
        "dest": {
            "index": "the_hive_15"
        }
    }'


### Complementary information
1. I've attached the application log of the server.
[application.log](https://github.com/TheHive-Project/TheHive/files/9809029/application.log) 

2. The error shown on the UI 
![Userinit](https://user-images.githubusercontent.com/33455711/196397890-39160b29-e04a-4728-ac0f-48037befdf7e.png)