Hover enrichment not working, but no problem with "Enrich event" functionality #518
Comments
|
I am also seeing empty results on my enrichments, also on 2.4.148, using CentOS 7 MISP/MISP#7836 |
|
What's the input value and type? It seems the value format is different than for the type expected. |
|
@adulau i've tested IP's, urls, hashes, etc.. Here's one example type -
Upon clicking the hover on any IP or url -
I'm not getting any errors running the service, just empty results in everything I want to enrich. Any specific logs that would be helpful in identifying the issue? |
|
FYI - I just tested on a brand new cloud instance of MISP, Ubuntu this time, enabled xforceexchange, and still get the empty results when clicking on the hover. I figured I'd rule out my instance and start fresh, but the problem seems to persist. |
|
I just pushed be5635b that should fix the issue described with the python logs. Now concerning the different other modules mentioned here, I tested with the IP addresses provided here on the screenshot:
Let me know if you still face issues |
|
Hello, requests.exceptions.ConnectionError: HTTPSConnectionPool(host='api.greynoise.io', port=443): Max retries exceeded with url: /v3/community/8.8.8.8 (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f121b0f19d0>: Failed to establish a new connection: [Errno -2] Name or service not known')) Dec 14 14:37:07 misp-modules[69667]: return request("get", url, params=params, **kwargs) |
OS : CentOS 8
Instance behind a corporate Proxy
PHP 7.4.22
MISP 2.4.148
Hi, I've had a few problems with the misp-modules, mainly that the misp-modules service initially works fine right after the install but refuses to start again after a reboot. This is what I have as a result :
Any attempt at restarting/stopping the service has failed.
This resulted is no plugins being available. I have gone around this by manually launching the modules (with help from issue #354) :
sudo -u apache /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s
The output indicates that all modules were succesfully loaded. In the UI, the plugin settings appear and I can use "Enrich event", for example to generate yara rules from hash values. This works fine. However, as soon as I try using hover enrichment on a single attribute, I only get errors :
In the python logs, I see the following :
I'm not sure what else I can do to fix this, I didn't have this problem when I tested the install on my personal computer so I don't know if this is somehow related to the proxy. I'd be grateful if anyone has any idea on this one. Mainly, how is it that I get results when I enrich the entire event with "Enrich Event" but the single hover enrichment for one attribute doesn't work ?
Thank you !
The text was updated successfully, but these errors were encountered: