TheHive icon indicating copy to clipboard operation
TheHive copied to clipboard

Published 20 hours ago verified publisher icon TheHive-Project

How to change index from Lucene to Elasticsearch

Open fonk0rn opened this issue 2 years ago • 5 comments

Request Type

Question

Work Environment

Question Answer
OS version (server) Ubuntu
OS version (client) Ubuntu
Virtualized Env. True
Dedicated RAM 48 GB
vCPU 24
TheHive version / git hash 4.1.11-1
Package Type Docker
Database Cassandra
Index type Lucene
Attachments storage Local

Question

We have TheHive with the index at Lucene, but want to upgrade to cluster, so we need index at Elasticsearch. Is there such a possibility and any manual for this?

Thanks in advance.

fonk0rn avatar Oct 28 '21 07:10 fonk0rn

Hi @fonk0rn if you find the solution please let me know as well. Thanks

mashaikx13 avatar Nov 22 '21 09:11 mashaikx13

Anybody, can help with this? A month with no answer. -((

fonk0rn avatar Nov 25 '21 12:11 fonk0rn

We also need to migrate data, but we still haven’t found a solution ((

dnbdrive avatar Feb 17 '22 00:02 dnbdrive

We also need to migrate data, but we still haven’t found a solution ((

heywiorld avatar Jul 13 '22 00:07 heywiorld

Use directive db.janusgraph.forceDropAndRebuildIndex: true variable more info about it: https://docs.strangebee.com/thehive/setup/operations/backup-restore/#basic-configuation

Once Cassandra database is restored, update the configuration of TheHive to rebuild the index. These lines should be added to the configuration file only for the first start of TheHive application, and removed later on.

this works in thehive4 too

dnbdrive avatar Dec 20 '22 04:12 dnbdrive