ThreatFox feed : ``Failed: Error serializing to JSON: TypeError: 'float' object cannot be interpreted as an integer``

[mbonino]

Description

ThreatFox fails with error Failed: Error serializing to JSON: TypeError: 'float' object cannot be interpreted as an integer.

Stacktrace:

Traceback (most recent call last):
   File "/app/core/taskmanager.py", line 79, in run_task
     task.run()
   File "/app/plugins/feeds/public/threatfox.py", line 40, in run
     self.analyze(line)
   File "/app/plugins/feeds/public/threatfox.py", line 96, in analyze
     obs.add_context(self.name, context)
   File "/app/core/schemas/observable.py", line 111, in add_context
     return self.save()
   File "/app/core/database_arango.py", line 217, in save
     result = self._update(self.model_dump_json())
   File "/root/.cache/pypoetry/virtualenvs/yeti-9TtSrW0h-py3.10/lib/python3.10/site-packages/pydantic/main.py", line 352, in model_dump_json
     return self.__pydantic_serializer__.to_json(
 pydantic_core._pydantic_core.PydanticSerializationError: Error serializing to JSON: TypeError: 'float' object cannot be interpreted as an integer

Root cause seems to be empty last_seen_utc in source data.

Example data causing the module to fail:

{'source': 'ThreatFox', 
'first_seen': Timestamp('2023-12-07 09:30:04'), 
'reference': 'https://projetfox.com/en/2023/11/tracking-down-the-cybercriminal-infrastructure-of-infostealer-risepro/', 
'reporter': 'Alb310', 
'threat_type': 'botnet_cc', 
'malware_alias': 'Agentemis,BEACON,CobaltStrike,cobeacon', 
'last_seen_utc': NaT, 
'confidence_level': 100}

Environment

Question	Answer
Yeti release	2.0.3
Yeti-frontend release	2.0.3
OS version	Ubuntu 22.04 LTS
Browser	Chrome

Steps to Reproduce

Activate feed ThreatFox and run it

Expected behavior

No errors

Actual behavior

Feed fails

[mbonino]

Basically, the same issue as https://github.com/yeti-platform/yeti/issues/933

[tomchop]

Fixed in https://github.com/yeti-platform/yeti/pull/941