HXTool icon indicating copy to clipboard operation
HXTool copied to clipboard
verified publisher icon fireeye

We found HXTool cannot show record on dashboard

Open DD3-ACC opened this issue 3 years ago • 2 comments

image

[2022-12-05 13:33:37,956] {hxtool_tinydb} {MainThread} WARNING - The current HXTool database has no schema version set, a DB schema upgrade may be required. [2022-12-05 13:33:37,967] {hxtool_tinydb} {MainThread} INFO - Database schema upgraded successfully. [2022-12-05 13:33:37,990] {hxtool_scheduler} {MainThread} INFO - Task scheduler initialized. [2022-12-05 13:33:37,994] {hxtool_scheduler} {MainThread} INFO - Task scheduler started with 5 threads. [2022-12-05 13:33:38,000] {hxtool} {MainThread} INFO - Application starting [2022-12-05 13:33:38,003] {hxtool} {MainThread} INFO - Application is running. Please point your browser to https://0.0.0.0:8080/. Press Ctrl+C/Ctrl+Break to exit. [2022-12-05 13:46:15,615] {hxtool_api} {Thread-69 (process_request_thread)} INFO - New controller profile added [2022-12-05 13:46:24,190] {hx_lib} {Thread-73 (process_request_thread)} INFO - SSL/TLS certificate verification disabled. [2022-12-05 13:46:24,669] {hxtool} {Thread-73 (process_request_thread)} INFO - ACTIVITY: msg='user logged in' user='toney_tse' controller='fehx.cathaypacific.com' [2022-12-05 13:46:29,334] {app} {Thread-156 (process_request_thread)} ERROR - Exception on /api/v1/chartjs_events_timeline [GET] Traceback (most recent call last): File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 2525, in wsgi_app response = self.full_dispatch_request() File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1822, in full_dispatch_request rv = self.handle_user_exception(e) File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1820, in full_dispatch_request rv = self.dispatch_request() File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1796, in dispatch_request return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args) File "c:\Temp\hxtool\hxtool_util.py", line 52, in is_session_valid ret = f(*args, **kwargs) File "c:\Temp\hxtool\hxtool_api.py", line 3218, in chartjs_events_timeline mycount[alert['event_at'][0:10]][alert['source']] += 1 KeyError: 'TP' [2022-12-05 13:47:06,004] {app} {Thread-468 (process_request_thread)} ERROR - Exception on /api/v1/chartjs_events_timeline [GET] Traceback (most recent call last): File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 2525, in wsgi_app response = self.full_dispatch_request() File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1822, in full_dispatch_request rv = self.handle_user_exception(e) File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1820, in full_dispatch_request rv = self.dispatch_request() File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1796, in dispatch_request return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args) File "c:\Temp\hxtool\hxtool_util.py", line 52, in is_session_valid ret = f(*args, **kwargs) File "c:\Temp\hxtool\hxtool_api.py", line 3218, in chartjs_events_timeline mycount[alert['event_at'][0:10]][alert['source']] += 1 KeyError: 'TP' [2022-12-05 14:05:09,744] {app} {Thread-559 (process_request_thread)} ERROR - Exception on /api/v1/chartjs_events_timeline [GET] Traceback (most recent call last): File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 2525, in wsgi_app response = self.full_dispatch_request() File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1822, in full_dispatch_request rv = self.handle_user_exception(e) File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1820, in full_dispatch_request rv = self.dispatch_request() File "C:\Users\USERNAME\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1796, in dispatch_request return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args) File "c:\Temp\hxtool\hxtool_util.py", line 52, in is_session_valid ret = f(*args, **kwargs) File "c:\Temp\hxtool\hxtool_api.py", line 3218, in chartjs_events_timeline mycount[alert['event_at'][0:10]][alert['source']] += 1 KeyError: 'TP'

C:\Users\USERNAME>pip list Package Version

certifi 2022.6.15 charset-normalizer 2.1.1 click 8.1.3 colorama 0.4.6 Flask 2.2.2 idna 3.3 importlib-metadata 5.1.0 itsdangerous 2.1.2 jaraco.classes 3.2.3 Jinja2 3.1.2 keyring 23.11.0 MarkupSafe 2.1.1 more-itertools 9.0.0 numpy 1.23.4 pandas 1.5.1 pip 21.2.4 pycryptodome 3.16.0 python-dateutil 2.8.2 pytz 2022.6 pywin32-ctypes 0.2.0 requests 2.28.1 setuptools 58.1.0 six 1.16.0 tinydb 4.7.0 urllib3 1.26.12 Werkzeug 2.2.2 zipp 3.11.0

DD3-ACC avatar Dec 13 '22 04:12 DD3-ACC

Hi @DD3-ACC - Which version of HXTool are you running? This was resolved in 4.7.1 with this commit: https://github.com/fireeye/HXTool/commit/6a2fb1feb91959e0a033c8aa2227093a3656d72d. Alternatively, you can download alert_types.json, replace your existing one and restart HXTool.

Thanks, Elazar

B0fH avatar Dec 20 '22 15:12 B0fH

Hi support,

I am using 4.7.1. But after I update alert_types.json. The issue still exist. I found only below tab add TP and DL. image

2023-01-10 10:41:00,543] {hxtool_api} {Thread-73 (process_request_thread)} INFO - New controller profile added [2023-01-10 10:41:09,180] {hx_lib} {Thread-77 (process_request_thread)} INFO - SSL/TLS certificate verification disabled. [2023-01-10 10:41:09,607] {hxtool} {Thread-77 (process_request_thread)} INFO - ACTIVITY: msg='user logged in' user='xxxxx' controller='hxurl' [2023-01-10 10:41:12,931] {app} {Thread-154 (process_request_thread)} ERROR - Exception on /api/v1/chartjs_events_timeline [GET] Traceback (most recent call last): File "C:\Users\Administrator\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 2525, in wsgi_app response = self.full_dispatch_request() File "C:\Users\Administrator\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1822, in full_dispatch_request rv = self.handle_user_exception(e) File "C:\Users\Administrator\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1820, in full_dispatch_request rv = self.dispatch_request() File "C:\Users\Administrator\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1796, in dispatch_request return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args) File "d:\Trellix\hxtool\hxtool_util.py", line 52, in is_session_valid ret = f(*args, **kwargs) File "d:\Trellix\hxtool\hxtool_api.py", line 3218, in chartjs_events_timeline mycount[alert['event_at'][0:10]][alert['source']] += 1 KeyError: 'TP' [2023-01-10 10:42:31,635] {app} {Thread-239 (process_request_thread)} ERROR - Exception on /api/v1/chartjs_events_timeline [GET] Traceback (most recent call last): File "C:\Users\Administrator\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 2525, in wsgi_app response = self.full_dispatch_request() File "C:\Users\Administrator\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1822, in full_dispatch_request rv = self.handle_user_exception(e) File "C:\Users\Administrator\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1820, in full_dispatch_request rv = self.dispatch_request() File "C:\Users\Administrator\AppData\Roaming\Python\Python310\site-packages\flask\app.py", line 1796, in dispatch_request return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args) File "d:\Trellix\hxtool\hxtool_util.py", line 52, in is_session_valid ret = f(*args, **kwargs) File "d:\Trellix\hxtool\hxtool_api.py", line 3218, in chartjs_events_timeline mycount[alert['event_at'][0:10]][alert['source']] += 1 KeyError: 'TP' [2023-01-10 10:46:19,471] {hxtool} {MainThread} INFO - Caught SIGINT, exiting... [2023-01-10 10:47:35,253] {hxtool_scheduler} {MainThread} INFO - Task scheduler initialized. [2023-01-10 10:47:35,253] {hxtool_scheduler} {MainThread} INFO - Task scheduler started with 9 threads. [2023-01-10 10:47:35,269] {hxtool_scheduler} {MainThread} INFO - No background credential for fehx.cathaypacific.com (5b9a2171-7a0a-4681-800e-dea7f5d61bb1). [2023-01-10 10:47:35,269] {hxtool} {MainThread} INFO - Application starting [2023-01-10 10:47:35,269] {hxtool} {MainThread} INFO - Application is running. Please point your browser to https://0.0.0.0:8080. Press Ctrl+C/Ctrl+Break to exit. [2023-01-10 10:57:25,816] {hxtool} {MainThread} INFO - Caught SIGINT, exiting... [2023-01-10 11:04:24,279] {hxtool_scheduler} {MainThread} INFO - Task scheduler initialized. [2023-01-10 11:04:24,279] {hxtool_scheduler} {MainThread} INFO - Task scheduler started with 9 threads. [2023-01-10 11:04:24,279] {hxtool_scheduler} {MainThread} INFO - No background credential for fehx.cathaypacific.com (5b9a2171-7a0a-4681-800e-dea7f5d61bb1). [2023-01-10 11:04:24,295] {hxtool} {MainThread} INFO - Application starting [2023-01-10 11:04:24,295] {hxtool} {MainThread} INFO - Application is running. Please point your browser to https://0.0.0.0:8080. Press Ctrl+C/Ctrl+Break to exit.

DD3-ACC avatar Jan 10 '23 03:01 DD3-ACC