OpenCTI-Platform · mariot · Jan 5, 2026 · Dec 31, 2025 · Jan 5, 2026 · Jan 5, 2026
diff --git a/stream/qradar/docker-compose.yml b/stream/qradar/docker-compose.yml
@@ -6,7 +6,7 @@ services:
       - OPENCTI_URL=http://localhost
       - OPENCTI_TOKEN=ChangeMe
       - CONNECTOR_ID=ChangeMe
-      - CONNECTOR_LIVE_STREAM_ID=live # ID of the live stream created in the OpenCTI UI
+      - CONNECTOR_LIVE_STREAM_ID=changeme # ID of the live stream created in the OpenCTI UI
       - CONNECTOR_LIVE_STREAM_LISTEN_DELETE=true
       - CONNECTOR_LIVE_STREAM_NO_DEPENDENCIES=true
       - CONNECTOR_NAME=OpenCTI QRADAR Connector

diff --git a/stream/qradar/src/config.yml.sample b/stream/qradar/src/config.yml.sample
@@ -4,7 +4,7 @@ opencti:
 
 connector:
   id: 'ChangeMe'
-  live_stream_id: 'live' # ID of the live stream created in the OpenCTI UI
+  live_stream_id: 'changeme' # ID of the live stream created in the OpenCTI UI
   live_stream_listen_delete: true
   live_stream_no_dependencies: true
   name: 'QRadar'

diff --git a/stream/qradar/src/qradar.py b/stream/qradar/src/qradar.py
@@ -68,6 +68,16 @@ def __init__(self):
             )
             sys.exit(0)
 
+    def check_stream_id(self):
+        """
+        In case of stream_id configuration is missing, raise ValueError
+        """
+        if (
+            not self.helper.connect_live_stream_id
+            or self.helper.connect_live_stream_id.lower() == "changeme"
+        ):
+            raise ValueError("Missing stream ID, please check your configurations.")
+
     def _initialize_reference_sets(self):
         """
         :return:
@@ -367,6 +377,7 @@ def _process_message(self, msg):
             return None
 
     def start(self):
+        self.check_stream_id()
         self.helper.listen_stream(self._process_message)