aacgood / Cortex-Analyzers

A collection of Cortex Analyzers and Responders for TheHive/Cortex
13 stars 7 forks source link

Error while running responder #2

Open sohail-sankanur opened 4 years ago

sohail-sankanur commented 4 years ago

Error while running Reporter responder.

While running the responder this is the error that is popping up. Tried to change multiple things in code but not able to obtain a fix. Any help?

Traceback (most recent call last): File "/opt/Cortex-Analyzers/responders/Reporter/reporter.py", line 253, in Reporter().run() File "/opt/Cortex-Analyzers/responders/Reporter/reporter.py", line 212, in run caseTaskLogEntries_sorted = sorted(caseTaskLogEntries, key=lambda k: k['createdAt']) File "/opt/Cortex-Analyzers/responders/Reporter/reporter.py", line 212, in caseTaskLogEntries_sorted = sorted(caseTaskLogEntries, key=lambda k: k['createdAt'])TypeError: string indices must be integers

aacgood commented 4 years ago

Hi @sohail-sankanur,

What version of TheHive, TheHive4Py, Cortex and Python are you using? Does the case you are running the reporter against contain any tasks?

its been a while since ive looked at that code, so ill have to see if I can reproduce it.

sohail-sankanur commented 4 years ago

Hi @aacgood,

Thanks for the reply! :)

I am using Thehive4 - Version 4.0.0-1 Python3 - Version Python 3.5.3 Cortex Version 3.0.1-1 Elasticsearch for Cortex. Elasticsearch version 6.8.0 OS - CentOS Linux release 8.2.2004 (Core)

Cortex and Elasticsearch are running on Docker containers and Thehive is working on the OS.

I have multiple cases in which some of the cases have tasks in them and others do not have any tasks. Tried on all types of cases but it threw the same error.

Let me know if you would need more info. And thanks for the help!

Looking forward to hearing from you.

Warm Regards,

viszsec commented 4 years ago

I spoke to aacgood about this and i had issues as yours. It seems it is not compatible with thehive4 currently.