Skip to content

dd-Splunk/TheHIve-and-Cortex

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
Postman Collections
Postman Collections
 
 
assets
assets
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
compose.yml
compose.yml
 
 
setup.sh
setup.sh
 
 

Repository files navigation

The Hive and Cortex

This project was initiated to support a demonstration of Splunk SOAR integration with Cortex and TheHive.

I needed to build a minimal working stack with Cortex / TheHive to test some SOAR playbooks that will interact with the stack.

Steps

  • Launch Cortex:

     docker compose up -d elasticsearch cortex

  • Initialize the underlying DB by opening in a browser: http://localhost:9001

  • Update Database:

Cortex - Update DB

  • Create the initial superadmin user:

Cortex - Create admin

  • Login as superadmin:

Cortex - Initial Login

  • Select the "Users" tab:

Cortex - Select Users tab

  • Create the API key for the superadmin:

Cortex - Create API

  • Copy the API key to the clipboard

Cortex - Copy API to clipboard

  • Open a terminal and start the Cortex configuration:

    ./setup.sh <pasted API key>

  • Wait one minute ( theHive is starting up)

  • Login as superadmin ( admin / secret )

  • Check the Cortex integration ( should be green )

References

https://chinyati.medium.com/the-hive-cortex-through-docker-installation-e50cbadb6cb0 https://github.com/chinyati/Article-Resources

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages