-
Notifications
You must be signed in to change notification settings - Fork 623
FAQ
You need to log in as an administrator to add a template.
When you add a new template and hit the +NEW button, you don't see it because unlike other events that you can see in the Flow, it is not broadcasted to all the user sessions. So you need to refresh the page before clicking the +NEW button.
You don't need to log out then log in again.
If you'd like to develop or ask for an analyzer that will help you get the most out of TheHive, please open a feature request first. This will give us a chance to validate the use cases and avoid having multiple persons working on the same analyzer.
Once validated, you can either develop your analyzer or wait for THeHive Project or a contributor to undertake the task and if everything is alright, we will schedule its addition to a future release.
TheHive includes the GeoLite2 free City and Country databases.
TheHive does not refresh those databases. It is up to you to create a cron job to refresh them at the frequency you want. The files to update are:
analyzers/MaxMind/GeoLite2-City.mmdbanalyzers/MaxMind/GeoLite2-Country.mmdb
You can fetch up-to-date versions from https://dev.maxmind.com/geoip/geoip2/geolite2/.
No configuration is required. If it looks like the analyzer is not working, please clear the cache of your browser and retry. If it still doesn't work, please join TheHive User Discussion Forum or open an issue on GitHub.
The current version of TheHive does not offer that possibility. The next major release, slated for the end of 2016, will make that possible.
Add the following lines to /etc/thehive/application.conf
https.port: 9443
play.server.https.keystore {
path: "/path/to/keystore.jks"
type: "JKS"
password: "password_of_keystore"
}
You can find details in the Administrator's guide