No Analyzers Found

[hackdefendr]

No Analyzers Found

Request Type

Issue

Work Environment

Question	Answer
OS version (server)	Ubuntu 16.04
OS version (client)	Ubuntu 16.04
Cortex version / git hash	2.0.3
Package Type	Binary
Browser type & version	Chrome

Problem Description

When I click on the Analyzers link, there is nothing showing up. The log shows that all of the analyzers loaded, but for some reason nothing is showing up in the Web interface.

Steps to Reproduce

1. Install and Configure Cortex
2. Pull the Cortex-Analyzers repository
3. Configure Cortex to read from the folder where the analyzers are located.
4. Launch a browser and log into Cortex
5. Click on Analyzers

Possible Solutions

I have looked in the logs, but nothing is showing me what the problem is.

Complementary information

Here is my config from application.conf:

## ANALYZERS
#
analyzer {
  # Absolute path where you have pulled the Cortex-Analyzers repository.
  path = ["/usr/share/Cortex-Analyzers/analyzers/"]

  # Sane defaults. Do not change unless you know what you are doing.
  fork-join-executor {

    # Min number of threads available for analysis.
    parallelism-min = 2

    # Parallelism (threads) ... ceil(available processors * factor).
    parallelism-factor = 2.0

    # Max number of threads available for analysis.
    parallelism-max = 4
  }
}

[nadouani]

Well, as stated on the Quick guide, you need to login to Cortex as a OrgAdmin, and configure/enable the analyzers you want.

By default, all analyzers are disabled.

[nadouani]

Did you take a look to Cortex 2 official announcement blog post ?

https://blog.thehive-project.org/2018/03/29/unveiling-cortex-2/

[hackdefendr]

I am logged in a OrgAdmin and I see no Analyzers to enable or configure. Nothing is listed at all.

What on that blog page am I supposed to key in on? Skimming through it all I see is the explanation of the new roles added in Cortex 2. Nothing about HOW to enable analyzers.

[hackdefendr]

Never mind.

[nadouani]

If you see no analyzers to enable or configurethat means that you cortex is not finding any analyzer definition in the analyzer.path location that you set on your application.conf file.

So, again, Cortex on startup, searched for analyzer definition using the analyzer.path config, and then lists them on the UI, and allo OrgAdmins to enable the ones he wants.

[nadouani]

OK, never mind

[hudsonmanieri]

I got the same problem on CENTOS 7.
I just changed the directory permissions such as:

chown -R cortex:root Cortex-Analyzers
chmod -R 770 Cortex-Analyzers

Worked like a charm

[liamcs98]

For you future people
/opt/cortex-2.0.4/conf/application.conf
(or where ever you have you conf file)

Long story but the path might or might not need quotes.

analyzer {
  # Directory that holds analyzers
  path = [
	/opt/Cortex-Analyzers/analyzers/
  ]

  fork-join-executor {
    # Min number of threads available for analyze
    parallelism-min = 2
    # Parallelism (threads) ... ceil(available processors * factor)
    parallelism-factor = 2.0
    # Max number of threads available for analyze
    parallelism-max = 4
  }
}