This repository was archived by the owner on Mar 8, 2024. It is now read-only.
Fresh install of hippocampe not working with Elasticsearch 5.3.x #68
Description
Fresh install of hippocampe not working with Elasticsearch 5.3.x
Request Type
Bug
Work Environment
| Question | Answer |
|---|---|
| OS version (server) | Redhat |
| OS version (client) | 7.5 |
| Hippocampe version / git hash | f4d8807 |
| Package Type | From source |
| Browser type & version | Curl |
Problem Description
Unalbe to query shadowbook or enable sources due to the following error:
curl -XGET 10.x.x.x:5000/hippocampe/api/v1.0/shadowbook
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>500 Internal Server Error</title>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.</p>
Hippocampe is being executed via app.py, it shows the following error:
[2018-10-11 23:19:12,046] ERROR in app: Exception on /hippocampe/api/v1.0/shadowbook [GET]
Traceback (most recent call last):
File "/usr/lib64/python2.7/site-packages/flask/app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "/usr/lib64/python2.7/site-packages/flask/app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/lib64/python2.7/site-packages/flask/app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/lib64/python2.7/site-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/lib64/python2.7/site-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "app.py", line 168, in shadowbookService
if 'error' in reportJob:
TypeError: argument of type 'NoneType' is not iterable
10.4.6.106 - - [11/Oct/2018 23:19:12] "GET /hippocampe/api/v1.0/shadowbook HTTP/1.1" 500 -
Added a print_exc() on shadowbook.py#100 , which shows the following backtrace:
Traceback (most recent call last):
File "/opt/Hippocampe/core/services/shadowbook.py", line 79, in initJob
indexJob.createIndexJob()
File "/opt/Hippocampe/core/services/modules/shadowbook/objects/IndexJob.py", line 71, in createIndexJob
self.create()
File "/opt/Hippocampe/core/services/modules/shadowbook/objects/Index.py", line 49, in create
indexES.put_mapping(doc_type = self.typeNameES, body = self.docMapping)
File "/usr/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 73, in _wrapped
return func(*args, params=params, **kwargs)
File "/usr/lib/python2.7/site-packages/elasticsearch/client/indices.py", line 282, in put_mapping
'_mapping', doc_type), params=params, body=body)
File "/usr/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
status, headers, data = connection.perform_request(method, url, params, body, ignore=ignore, timeout=timeout)
File "/usr/lib/python2.7/site-packages/elasticsearch/connection/http_urllib3.py", line 128, in perform_request
self._raise_error(response.status, raw_data)
File "/usr/lib/python2.7/site-packages/elasticsearch/connection/base.py", line 124, in _raise_error
raise HTTP_EXCEPTIONS.get(status_code, TransportError)(status_code, error_message, additional_info)
RequestError: TransportError(400, u'illegal_argument_exception', u'mapper [status] cannot be changed from type [text] to [keyword]')
This is likely caused by https://github.com/TheHive-Project/Hippocampe/blob/master/core/services/modules/shadowbook/objects/IndexJob.py#L51
Steps to Reproduce
- Follow the Install instructions
- run 'python core/app.py'
- Curl an api url such as 'curl -XGET 127.0.0.1:5000/hippocampe/api/v1.0/shadowbook'