-
Notifications
You must be signed in to change notification settings - Fork 238
FAQ
Saad Kadhi edited this page Feb 17, 2017
·
8 revisions
- What version of MaxMind TheHive uses?
- How often are the MaxMind databases refreshed?
- How shall I configure the MaxMind analyzer?
- Can I use the commercial versions of the databases?
The MaxMind analyzer includes the GeoLite2 free City and Country databases.
Cortex does not refresh those databases. It is up to you to create a cron job to refresh them at the frequency you want. The files to update are:
analyzers/MaxMind/GeoLite2-City.mmdbanalyzers/MaxMind/GeoLite2-Country.mmdb
You can fetch up-to-date versions from https://dev.maxmind.com/geoip/geoip2/geolite2/.
No configuration is required. If it looks like the analyzer is not working, please clear the cache of your browser and retry. If it still doesn't work, please join TheHive User Discussion Forum or open an issue on GitHub.
The current version of Cortex does not offer that possibility. If you'd like to have it, please [request it]((https://github.com/CERT-BDF/Cortex-analyzers/issues/new).