I'm going through an error I'm trying to debug.
Indeed, when I got an alert, nothing is inserted into TheHive.
So I added the debugging.
Unfortunately nothing is written
2020-04-08 10:05:03,983 DEBUG API TheHive - status code: 403
2020-04-08 10:05:03,983 DEBUG API TheHive - raw error output: b''
Maybe replace the code with:
logging.debug('API TheHive - raw error output: {}'.format(vars(response))) can help
Indeed, this time I get the full log and then the problem:
API TheHive - raw error output: {'_content': b'{"type":"AuthorizationError","message":"Insufficient rights to perform this action"}', '_content_consumed': True, '_next': None, 'status_code': 403, 'headers': {'Date': 'Wed, 08 Apr 2020 11:38:36 GMT', 'Content-Type': 'application/json', 'Content-Length': '84'}, 'raw': <urllib3.response.HTTPResponse object at 0x7f86a3c48780>, 'url': 'http://192.168.0.2:9000/api/alert', 'encoding': None, 'history': [], 'reason': 'Forbidden', 'cookies': <RequestsCookieJar[]>, 'elapsed': datetime.timedelta(0, 0, 6055), 'request': <PreparedRequest [POST]>, 'connection': <requests.adapters.HTTPAdapter object at 0x7f86a3cc22e8>}
I'm going through an error I'm trying to debug. Indeed, when I got an alert, nothing is inserted into TheHive. So I added the debugging. Unfortunately nothing is written
The relative code is here: https://github.com/TheHive-Project/Zerofox2TH/blob/master/zf2th.py#L222-L224
Maybe replace the code with:
logging.debug('API TheHive - raw error output: {}'.format(vars(response)))
can help Indeed, this time I get the full log and then the problem:API TheHive - raw error output: {'_content': b'{"type":"AuthorizationError","message":"Insufficient rights to perform this action"}', '_content_consumed': True, '_next': None, 'status_code': 403, 'headers': {'Date': 'Wed, 08 Apr 2020 11:38:36 GMT', 'Content-Type': 'application/json', 'Content-Length': '84'}, 'raw': <urllib3.response.HTTPResponse object at 0x7f86a3c48780>, 'url': 'http://192.168.0.2:9000/api/alert', 'encoding': None, 'history': [], 'reason': 'Forbidden', 'cookies': <RequestsCookieJar[]>, 'elapsed': datetime.timedelta(0, 0, 6055), 'request': <PreparedRequest [POST]>, 'connection': <requests.adapters.HTTPAdapter object at 0x7f86a3cc22e8>}