the-hive: configure connection with Cortex

Signed-off-by: Jakub Sokołowski <[email protected]>

ansible/group_vars/thehive-master.yml

@@ -47,6 +47,12 @@ the_hive_conf_path: '/data/thehive/conf'
 the_hive_data_path: '/data/thehive/data'
 the_hive_logs_path: '/data/thehive/logs'
 
+# Cortex connection
+the_hive_cortex_host: 'localhost'
+the_hive_cortex_port: '{{ cortex_port }}'
+the_hive_cortex_user: '{{ cortex_the_hive_user }}'
+the_hive_cortex_pass: '{{ cortex_the_hive_pass }}'
+
 # GitHub OAuth
 the_hive_oauth_client_id: '{{ lookup("passwordstore", "services/TheHive/OAuth/client-id") }}'
 the_hive_oauth_client_secret: '{{ lookup("passwordstore", "services/TheHive/OAuth/client-secret") }}'

ansible/roles/the-hive/README.md

@@ -20,6 +20,12 @@ the_hive_db_hosts:
   - { name: "node-01", addr: "10.1.2.1", port: 1234 }
   - { name: "node-02", addr: "10.1.2.2", port: 1234 }
   - { name: "node-03", addr: "10.1.2.3", port: 1234 }
+
+# Cortex connection
+the_hive_cortex_host: 'localhost'
+the_hive_cortex_port: 9001
+the_hive_cortex_user: 'thehive'
+the_hive_cortex_pass: 'super-secret-password'
 ```
 
 # OAuth

ansible/roles/the-hive/defaults/main.yml

@@ -42,3 +42,5 @@ the_hive_db_hosts: []
 # Cortex
 the_hive_cortex_host: ~
 the_hive_cortex_port: ~
+the_hive_cortex_user: ~
+the_hive_cortex_pass: ~

ansible/roles/the-hive/templates/application.conf.j2

@@ -27,16 +27,17 @@ db.janusgraph {
 # Enable Cortex connector
 play.modules.enabled += org.thp.thehive.connector.cortex.CortexModule
 cortex {
- servers: [
-   {
-     name: "local"
-     url: "http://{{ the_hive_cortex_host | mandatory }}:{{ the_hive_cortex_port | mandatory }}"
-     auth {
-       type: "bearer"
-       key: "***"
-     }
-   }
- ]
+  servers: [
+    {
+      name: "local"
+      url: "http://{{ the_hive_cortex_host | mandatory }}:{{ the_hive_cortex_port | mandatory }}"
+      auth {
+        type: "basic"
+        username: "{{ the_hive_cortex_user }}"
+        password: "{{ the_hive_cortex_pass }}"
+      }
+    }
+  ]
 }
 {% endif %}