Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug in Onyphe_Threats_1 analyzer #170

Closed
l3m0ntr33 opened this issue Jan 12, 2018 · 1 comment
Closed

Bug in Onyphe_Threats_1 analyzer #170

l3m0ntr33 opened this issue Jan 12, 2018 · 1 comment
Labels
status:duplicate

Comments

@l3m0ntr33
Copy link

Request Type

Bug

Work Environment

Question Answer
Cortex Analyzer Name Onyphe
Cortex Analyzer Version 1.0
Cortex Version 1.1.4

Description

Onyphe_Threats_1_0 on ip 8.8.8.8

It seems to have a bug when building the returned JSON from Onyphe Threats.

JSON returned :
{
"artifacts": [
{
"data": "0.009", --> not a domain but time taken by analyzer
"attributes": {
"dataType": "domain"
}
},
{
"data": "x.x.x.x", --> corresponding to my public ip used to request Onyphe
"attributes": {
"dataType": "ip"
}
},
],

The result should be empty for 8.8.8.8

However the "full" report JSON object is correct.

Steps to Reproduce

  1. Start a new job via Cortex Web Interface on Onyphe_Threats_1 for ip 8.8.8.8
@3c7
Copy link
Contributor

3c7 commented Jan 12, 2018

Same reason as #169, discussing it there.

@3c7 3c7 closed this as completed Jan 12, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:duplicate
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@3c7 @l3m0ntr33