-
Notifications
You must be signed in to change notification settings - Fork 368
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
External connectors not working behind a proxy - example cisa-known-exploited-vulnerabilities #2088
Comments
Hi @martinlindstrand, For proxy, you need to add it as the following in you - HTTP_PROXY=...
- HTTPS_PROXY=...
- NO_PROXY=... Could you try by setting this in uppercase and give us an update? |
That did not work. For reference when using The response for using this code: RESPONSE: When using with lowercase python main.py |
@martinlindstrand Following our discussion on Slack, I close this issue but it can be re-opened if needed :) |
Hello, opencti: and I get the same error below when I enrich a IPv4 from shodan or ipinfo : IPINFO: Could you tell me if the issues are linked to proxies? How to fix them? |
Description
We are working behind proxy. We are running from docker compose setup.
Environment
Behind a proxy, using default setup from https://docs.opencti.io/latest/deployment/installation/ except adding adding external connectors. cisa-known-exploited-vulnerabilities in the docker-compose.yml and adding support for proxy.
http_proxy=http://proxy.com < not the real proxy adress.
https_proxy=http://proxy.com
no_proxy = internalipadresses....
Steps to create the smallest reproducible scenario:
Adding the external connectors cisa-known-exploited-vulnerabilities.
Expected Output
It should import the information from cisa
Actual Output
from Cisa:
{"timestamp": "2024-04-27T04:32:51.027442Z", "level": "ERROR", "name": "CISA Known Exploited Vulnerabilities", "message": "the JSON object must be str, bytes or bytearray, not NoneType", "exc_info": "Traceback (most recent call last):\n File "/opt/opencti-connector-cisa-known-exploited-vulnerabilities/main.py", line 284, in process_data\n cisa_data = json.loads(cisa_data)\n ^^^^^^^^^^^^^^^^^^^^^\n File "/usr/local/lib/python3.11/json/init.py", line 339, in loads\n raise TypeError(f'the JSON object must be str, bytes or bytearray, '\nTypeError: the JSON object must be str, bytes or bytearray, not NoneType"}
{"timestamp": "2024-04-27T04:35:59.434021Z", "level": "ERROR", "name": "CISA Known Exploited Vulnerabilities", "message": "Error retrieving url https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json: <urlopen error [Errno 110] Operation timed out>", "exc_info": "Traceback (most recent call last):\n File "/usr/local/lib/python3.11/urllib/request.py", line 1348, in do_open\n h.request(req.get_method(), req.selector, req.data, headers,\n File "/usr/local/lib/python3.11/http/client.py", line 1303, in request\n
same issue on urlhous.
Additional information
If you adding in the main.py in cisa-known-exploited-vulnerabilities on line 80 below try:
don't forget to add import requests
It will start working. it will be using the proxy settings and fetch the information. I suggest this type of change should be check on all the external connectors to make it work with proxy.
Other external connectors like alienvault are working fine behind the proxy.
Screenshots (optional)
The text was updated successfully, but these errors were encountered: