Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Sentinel Incidents] 401 Unauthorized error + missing Directory's path #3353

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

[Sentinel Incidents] 401 Unauthorized error + missing Directory's path #3353

wants to merge 5 commits into from

Conversation

Powlinett
Copy link
Member

@Powlinett Powlinett commented Jan 30, 2025
edited
Loading

Proposed changes

  • get a fresh token on every run instead of on every launch
  • handle stix2 errors to avoid blocking imports
  • check if directory's path is valid before creating a Directory observable

Related issues

Checklist

  • I consider the submitted work as finished
  • I tested the code for its functionality using different use cases
  • I added/update the relevant documentation (either on github or on notion)
  • Where necessary I refactored code to improve the overall quality

Further comments

These are naive solutions to fix the issue as quickly as possible. But better solutions exist, such as:

  • add a refresh strategy when the current token is about to expire
  • perform data validation (pydantic models) for both Sentinel’s responses and OpenCTI’s objects

@Powlinett Powlinett added the filigran team use to identify PR from the Filigran team label Jan 30, 2025
@Powlinett Powlinett self-assigned this Jan 30, 2025
This was linked to issues Jan 30, 2025
[Sentinel-incident] Authentication problem - Error 401 after several iterations #3325
Open
[sentinel-incidents]: No values for required properties for Directory bug #3344
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Megafredo Megafredo Awaiting requested review from Megafredo

@flavienSindou flavienSindou Awaiting requested review from flavienSindou

@helene-nguyen helene-nguyen Awaiting requested review from helene-nguyen

At least 1 approving review is required to merge this pull request.

Assignees

@Powlinett Powlinett

Labels
filigran team use to identify PR from the Filigran team
Projects
None yet
Milestone
No milestone
1 participant
@Powlinett