Cortex 3.0.1: The ‘Better Logging’ Edition

Announcement, Cortex

Lo and behold, we aren’t dead & TheHive Project ain’t toast! So, foremost, Happy New Year folks (we are still in January, right?)! We have some nice gifts coming up for you, gifts that have required very heavy-duty work. Of course, you might complain that we haven’t been responsive as of late but hey, there’s only so much we can do, right?

Happy New Year Folks! (Photo by Saâd Kadhi)

We’ll talk about those gifts in the upcoming weeks. In the meantime, there’s a new Cortex version in town and we urge you to upgrade to it, particularly if you consider deploying several Cortex nodes as a cluster. Indeed, Cortex 3.0.1 fixes a missing dependency that is required to set up such an architecture. Additionally (and this is the part where you should be paying attention), this version fixes the display of error messages pertaining to analyzer and responder operations, and also ensure that old responders and analyzers no longer show up once you clicked on that Refresh button.

Fixes and Enhancements

  • #244 Prevent the Play secret key from being displayed in the logs at startup. Nonetheless, you can still display it (for troubleshooting purposes or to make things easier for attackers that might have access to the logs and be interested in such a world-changing secret) by using the --show-secret option when starting Cortex
  • #243 fixes the display of error messages when analyzers & responders fail
  • #242 Remove references to Google Fonts
  • #238 The Docker image had 4 critical CVEs and 69 high CVEs (*cough*). Contributed by Micheal Hart
  • #239 Missing dependency for cluster bug
  • #234 fixes a bug where old, non-existent analysers were still showing in Cortex after an upgrade. Contributed by daskydasky
  • #241 Analyzer reports no output when it fails
  • #240 An encoding issue causes an invalid format in the catalog file
  • #230 Elastic4play has dropped the ES cluster configuration option. Contributed by Adeel Ahmad
  • #164 Handle second/minute-rates limits on Flavors and Analyzers

Running Into Trouble?

Shall you encounter any difficulty during the upgrade process, please ask on our user forum, get in touch with the community on Gitter, or send us an email at support@thehive-project.org.

Published by Jérôme Leonard

Published