Values in MISP_comment field is empty

remg427 / misp42splunk

A Splunk app to use MISP in background

GNU Lesser General Public License v3.0

109 stars 30 forks source link

Values in MISP_comment field is empty #191

Closed divya906 closed 2 years ago

divya906 commented 3 years ago

Hi, We are using MISP42 3.2.1 version and pulling threat feeds, while fetching the feeds value in the filed MISP_comment is empty rest all fields are having values.

Could you please help me to troubleshoot this issue.

Thanks in advance!

remg427 commented 3 years ago

hello, thanks for using misp42. Do you have comments on attributes stored on MISP (i.e. from those feeds)?

divya906 commented 3 years ago

hello, thanks for using misp42. Do you have comments on attributes stored on MISP (i.e. from those feeds)?

Yes

remg427 commented 3 years ago

Hello, Could you set logging level to DEBUG and retrieve from.logs request body then on the misp instance use REST client and that JSON payload to see if you have comments in returned results -- Sent with K-9 Mail.

remg427 commented 3 years ago

Could you upgrade to 4.0.1? -- Sent with K-9 Mail.