opencti icon indicating copy to clipboard operation
opencti copied to clipboard
verified publisher icon OpenCTI-Platform

Unable to connect to the CVE connector

Open icedance-02 opened this issue 1 year ago • 2 comments

Unable to connect to the CVE connector, an error occurred when running OpenCTI. When using Docker logs CVE to check, the error log is as follows:

Description

{"timestamp": "2024-07-24T05:54:28.060382Z", "level": "ERROR", "name": "pika.adapters.utils.selector_ioloop_adapter", "message": "Address resolution failed: gaierror(-2, 'Name does not resolve')"} {"timestamp": "2024-07-24T05:54:28.060607Z", "level": "ERROR", "name": "pika.adapters.utils.connection_workflow", "message": "getaddrinfo failed: gaierror(-2, 'Name does not resolve')."} {"timestamp": "2024-07-24T05:54:28.060687Z", "level": "ERROR", "name": "pika.adapters.utils.connection_workflow", "message": "AMQP connection workflow failed: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - gaierror(-2, 'Name does not resolve'); first exception - None."} {"timestamp": "2024-07-24T05:54:28.060730Z", "level": "ERROR", "name": "pika.adapters.utils.connection_workflow", "message": "AMQPConnectionWorkflow - reporting failure: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - gaierror(-2, 'Name does not resolve'); first exception - None"} {"timestamp": "2024-07-24T05:54:28.060788Z", "level": "ERROR", "name": "pika.adapters.blocking_connection", "message": "Connection workflow failed: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - gaierror(-2, 'Name does not resolve'); first exception - None"} {"timestamp": "2024-07-24T05:54:28.061079Z", "level": "ERROR", "name": "pika.adapters.blocking_connection", "message": "Error in _create_connection().", "exc_info": "Traceback (most recent call last):\n File "/usr/local/lib/python3.11/site-packages/pika/adapters/blocking_connection.py", line 451, in _create_connection\n raise self._reap_last_connection_workflow_error(error)\n File "/usr/local/lib/python3.11/site-packages/pika/adapters/utils/selector_ioloop_adapter.py", line 565, in _resolve\n result = socket.getaddrinfo(self._host, self._port, self._family,\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/usr/local/lib/python3.11/socket.py", line 962, in getaddrinfo\n for res in _socket.getaddrinfo(host, port, family, type, proto, flags):\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\nsocket.gaierror: [Errno -2] Name does not resolve"} {"timestamp": "2024-07-24T05:54:28.061686Z", "level": "ERROR", "name": "Common Vulnerabilities and Exposures", "message": "[CONNECTOR] Error while processing data: [Errno -2] Name does not resolve", "exc_info": "Traceback (most recent call last):\n File "/opt/opencti-connector-cve/connector/cveConnector.py", line 245, in process_data\n self._import_history(start_date, end_date, work_id)\n File "/opt/opencti-connector-cve/connector/cveConnector.py", line 156, in _import_history\n self.converter.send_bundle(cve_params, work_id)\n File "/opt/opencti-connector-cve/services/converter/vulnerabilityToStix2.py", line 42, in send_bundle\n self.helper.send_stix2_bundle(\n File "/usr/local/lib/python3.11/site-packages/pycti/connector/opencti_connector_helper.py", line 1306, in send_stix2_bundle\n pika_connection = pika.BlockingConnection(pika_parameters)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/usr/local/lib/python3.11/site-packages/pika/adapters/blocking_connection.py", line 360, in init\n self._impl = self._create_connection(parameters, _impl_class)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/usr/local/lib/python3.11/site-packages/pika/adapters/blocking_connection.py", line 451, in _create_connection\n raise self._reap_last_connection_workflow_error(error)\n File "/usr/local/lib/python3.11/site-packages/pika/adapters/utils/selector_ioloop_adapter.py", line 565, in _resolve\n result = socket.getaddrinfo(self._host, self._port, self._family,\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File "/usr/local/lib/python3.11/socket.py", line 962, in getaddrinfo\n for res in _socket.getaddrinfo(host, port, family, type, proto, flags):\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\nsocket.gaierror: [Errno -2] Name does not resolve"}

###DNS config

[root@iZevyve9qnjsesZ ~]# docker exec -it cve_connector-cve_1 /bin/sh / # cat /etc/resolv.conf

Generated by Docker Engine.

This file can be edited; Docker Engine will not make further changes once it

has been modified.

nameserver 8.8.8.8 options timeout:2 attempts:3 rotate single-request-reopen ndots:0

Based on host file: '/etc/resolv.conf' (internal resolver)

ExtServers: [8.8.8.8]

Overrides: [nameservers]

Option ndots from: internal

so,How can I solve this problem? thanks.

icedance-02 avatar Jul 24 '24 06:07 icedance-02

I have the impression that the CVE connector is not deployed in the same Docker context as OpenCTI. It's right ? The error indicate that the CVE connector container is not able to contact "RabbitMQ" service. Is it possible for you to deploy this connector with OpenCTI platform docker (same docker-compose.yml file for example). If not, you will have to:

  1. Expose rabbitmq port outside
  2. Certainly add a DNS resolution on the host to point to "rabbitmq" name

romain-filigran avatar Jul 24 '24 10:07 romain-filigran

@icedance-02 Have you solved your problem with the above information?

Jipegien avatar Aug 21 '24 07:08 Jipegien

Closed due to inactivity

romain-filigran avatar Nov 05 '24 08:11 romain-filigran