TheHive wip config still not working

00-README.md

Save yourself time, to copy this gist type

git clone https://gist.github.com/desnij/e0982c73bb04dead12828201b27883c4

before running docker-compose

THEHIVE_USER=1000
CORTEX_USER=1
ELASTICSEACH_USER=1000

mkdir -p ./data/thehive/data/  ./data/cortex/data  ./data/cassandra1 ./data/elasticsearch

# if you are not UID 1000 you may need to do this
sudo chown -R ${THEHIVE_USER}       ./data/thehive/
sudo chown -R ${ELASTICSEACH_USER}  ./data/elasticsearch
#chown -R ${CASSANDRA_USER}    ./data/cassandra1

# add and upfate
cd data/cortex
git clone https://github.com/TheHive-Project/Cortex-Analyzers
sudo chown -R ${CORTEX_USER}   .
docker run  --name tmp -v "$PWD":/opt  -v $PWD/data:/data --workdir=/opt -e HOME=/data/HOME_PYTHON_INSTALLED --entrypoint=bash  thehiveproject/cortex  -c 'for I in $(find Cortex-Analyzers -name requirements.txt); do pip3 install -r $I ; done'

add configs here

./data/thehive/application.conf ./data/cortex/cortex.conf

cp  data_thehive_application.conf ./data/thehive/application.conf
cp data_cortex_cortex.conf ./data/cortex/cortex.conf

data_cortex_cortex.conf

play.http.secret.key="changeme"
search {
  index = cortex
  cluster = thehive2
  host = ["elasticsearch:9300"]
}
cache.job = 10 minutes
auth {
        provider = [local]
        ad {
        }
        ldap {
        }
}
analyzer {
  path = ["/opt/Cortex-Analyzers/analyzers"]
  fork-join-executor {
    parallelism-min = 2
    parallelism-factor = 2.0
    parallelism-max = 4
  }
}

data_thehive_application.conf

play.http.secret.key="changeme"

## For test only !
db.janusgraph {
   storage.backend: berkeleyje
   storage.directory: /data/
   berkeleyje.freeDisk: 200
}

storage {
   provider: localfs
   localfs.directory: /opt/data
}

docker-compose.yml

version: '2'
services:
    cas:
      image: cassandra:3.10
      hostname: cas
      container_name: cas
      command: bash -c 'if [ -z "$$(ls -A /var/lib/cassandra/)" ] ; then sleep 0; fi && /docker-entrypoint.sh cassandra -f'
      volumes:
          - ./data/cassandra1:/var/lib/cassandra
      environment:
          - CASSANDRA_CLUSTER_NAME=thehive
          - CASSANDRA_SEEDS=cas
      # Exposing ports for inter cluste communication
      expose:
          - 7000
          - 7001
          - 7199
          - 9042
          - 9160
      # Cassandra ulimt recommended settings
      ulimits:
          memlock: -1
          nproc: 32768
          nofile: 100000
      networks:
        thehive:
          ipv4_address: 172.16.0.100
      ports:
          - "10001:9000"

    thehive:
      container_name: thehive
      hostname: thehive
      image: thehiveproject/thehive4:latest
      command:  --no-config
      ports:
        - 9000:9000
      volumes:
        - ./data/thehive/application.conf:/etc/thehive/application.conf
        - ./data/thehive/application.conf:/opt/thehive/conf/application.conf
        - ./data/thehive:/data
# mkdir -p data/files data/db ; chown 1000 data
      networks:
        thehive:
          ipv4_address: 172.16.0.12

    cortex:
      container_name: cortex
      hostname: cortex
      #image:  cortex
      #image: thehiveproject/cortex:3.1.0-0.1RC1 <- broken
      image: thehiveproject/cortex
      environment:
        - HOME=/opt/Cortex-Analyzers/HOME_PYTHON_INSTALLED
      ports:
        - '0.0.0.0:9001:9001'
      volumes:
        - ./data/cortex/cortex.conf:/etc/cortex/application.conf
        - ./data/cortex/Cortex-Analyzers:/opt/Cortex-Analyzers
        - ./data/cortex/data:/data
      networks:
        thehive:
          ipv4_address: 172.16.0.11

    elasticsearch:
      container_name: es
      hostname: es
      #image: elasticsearch:7.8.1
      image: elasticsearch:6.8.8
      #image: docker.elastic.co/elasticsearch/elasticsearch:5.6.0
      #image: elasticsearch:5.6
      ulimits:
        nofile:
          soft: 65536
          hard: 65536
      ports:
        - 9300:9300
        - 9200:9200
      environment:
        - http.host=0.0.0.0
        - discovery.type=single-node
        - cluster.name=thehive2
        - ELASTICSEARCH_USERNAME=elastic
        - ELASTICSEARCH_PASSWORD=MagicWord
#        - script.allowed_types=inline
#        - thread_pool.search.queue_size=100000
#        - thread_pool.write.queue_size=10000
#        - network.host: 127.0.0.1
#        - thread_pool.index.queue_size: 100000
#        - thread_pool.search.queue_size: 100000
#        - thread_pool.bulk.queue_size: 100000
      networks:
        thehive:
          ipv4_address: 172.16.0.9
networks:
    thehive:
      driver: bridge
      ipam:
        config:
          - subnet: 172.16.0.0/24
            gateway: 172.16.0.2