Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Undefined threat level from MISP events becomes severity "4" #300

Closed
srilumpa opened this issue Aug 31, 2017 · 0 comments
Closed

Undefined threat level from MISP events becomes severity "4" #300

srilumpa opened this issue Aug 31, 2017 · 0 comments
Assignees
@To-om
Labels
bug
Milestone
2.13.0

Comments

@srilumpa
Copy link

Request Type

Bug

Work Environment

Question Answer
OS version (server) Debian Strech
TheHive version / git hash 2.12.1 / commit 8300fcc
Package Type Docker, From source

Problem Description

When an event with an "Undefined" threat level is imported from MISP to TheHive, the created case sees its severity set to "4". This value can be seen as "4" in the "Statistics" panel and is displayed as a question mark ("?") over a blue background in the case detail view.

Steps to Reproduce

  1. Create a MISP event with an undefined threat level
  2. Import the MISP event to TheHive

Possible Solutions

  • Add an "Unknown/Undefined" severity in TheHive
  • Add the possibility to set up in the connector configuration a default severity to be used when no threat level is defined in the MISP event

Complementary information

With commit 6c4489d, the setup severity will now be "0" instead of the current "4".
@nadouani nadouani added the bug label Sep 1, 2017
@nadouani nadouani added this to the 2.13.0 milestone Sep 1, 2017
To-om added a commit that referenced this issue Sep 5, 2017
@To-om
#300 Set severity to medium if threat level is out of range
bf1c866
@To-om To-om closed this as completed Sep 5, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@To-om To-om

Labels
bug
Projects
None yet
Milestone
2.13.0
Development

No branches or pull requests
3 participants
@nadouani @srilumpa @To-om