{"id":167,"date":"2019-11-02T15:19:48","date_gmt":"2019-11-02T15:19:48","guid":{"rendered":"http:\/\/snehpatel.com\/?p=167"},"modified":"2019-11-02T15:19:48","modified_gmt":"2019-11-02T15:19:48","slug":"installation-of-thehive-incident-response-project","status":"publish","type":"post","link":"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/","title":{"rendered":"Installation of thehive incident response project"},"content":{"rendered":"\n\t\t\t\t\n<p>One of the important things to maintain during any kind of incident is communication. Without it, the companies get to fall apart due to miscommunication which happens with a lack of communication. As seen during any kind of incident, there is an environment of chaos in which people don&#8217;t know what to do, even if there is a disaster recovery plan in place.<\/p>\n\n\n\n<p>Now enough of the intro lets talk about thehive installation. Thehive is a very scalable open-source incident response project. <\/p>\n\n\n\n<p>Get more info here TheHive Project official site:  <br><a href=\"https:\/\/thehive-project.org\/\">https:\/\/thehive-project.org\/<\/a> <\/p>\n\n\n\n<p> For help email me: x786@protonmail.ch<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>To install TheHive you need elasticsearch 5.x. Let&#8217;s start with the installation of elasticsearch.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo rpm --import https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li> Add following line in new file at \/etc\/yum.repos.d\/elasticsearch.repo <\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>[elasticsearch-5.x]\nname=Elasticsearch repository for 5.x packages\nbaseurl=https:\/\/artifacts.elastic.co\/packages\/5.x\/yum\ngpgcheck=1\ngpgkey=https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch\nenabled=1\nautorefresh=1\ntype=rpm-md<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Now installation using yum<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo yum install elasticsearch -y<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Without doing any other modifications add the following lines at end in \/etc\/elasticsearch\/elasticsearch.yml.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>network.host: 127.0.0.1\nscript.inline: true\ncluster.name: hive\nthread_pool.index.queue_size: 100000\nthread_pool.search.queue_size: 100000\nthread_pool.bulk.queue_size: 100000<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Start the elasticsearch demon and check the status. If there are typos in adding the above lines it will fail to start.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl enable elasticsearch.service\nsudo systemctl start elasticsearch.service\nsudo systemctl status elasticsearch.service<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Now let&#8217;s start with the installation of the thehive.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>yum install https:\/\/dl.bintray.com\/thehive-project\/rpm-stable\/thehive-project-release-1.1.0-2.noarch.rpm -y\nyum install thehive -y<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Use following command to add key in \/etc\/thehive\/application.conf<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>(cat &lt;&lt; _EOF_\n# Secret key\n# ~~~~~\n# The secret key is used to secure cryptographics functions.\n# If you deploy your application to several instances be sure to use the same key!\nplay.http.secret.key=\"$(cat \/dev\/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n1)\"\n_EOF_\n) | sudo tee -a \/etc\/thehive\/application.conf<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Now let&#8217;s start thehive service and check the status.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl enable thehive.service\nsudo systemctl start thehive.service\nsudo systemctl start thehive.service<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li> Check\u00a0http:\/\/ip_address:9000\/ <\/li><li> Now\u00a0click\u00a0update\u00a0database <\/li><li> Now it will ask you to create a new user and enter a password for that user <\/li><li> Now\u00a0Login\u00a0using\u00a0the\u00a0username\u00a0and\u00a0password\u00a0created <\/li><\/ul>\n\t\t","protected":false},"excerpt":{"rendered":"<p>One of the important things to maintain during any kind of incident is communication. Without it, the companies get to fall apart due to miscommunication which happens with a lack of communication. As seen during any kind of incident, there is an environment of chaos in which people don&#8217;t know what to do, even if &#8230; <a title=\"Installation of thehive incident response project\" class=\"read-more\" href=\"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/\" aria-label=\"Read more about Installation of thehive incident response project\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2,17,9],"tags":[33,53],"class_list":["post-167","post","type-post","status-publish","format-standard","hentry","category-ir","category-linux","category-systme","tag-ir","tag-thehive"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Installation of thehive incident response project - Sneh Patel<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Installation of thehive incident response project - Sneh Patel\" \/>\n<meta property=\"og:description\" content=\"One of the important things to maintain during any kind of incident is communication. Without it, the companies get to fall apart due to miscommunication which happens with a lack of communication. As seen during any kind of incident, there is an environment of chaos in which people don&#8217;t know what to do, even if ... Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/\" \/>\n<meta property=\"og:site_name\" content=\"Sneh Patel\" \/>\n<meta property=\"article:published_time\" content=\"2019-11-02T15:19:48+00:00\" \/>\n<meta name=\"author\" content=\"Sneh Patel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sneh Patel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/snehpatel.com\\\/index.php\\\/2019\\\/11\\\/02\\\/installation-of-thehive-incident-response-project\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/snehpatel.com\\\/index.php\\\/2019\\\/11\\\/02\\\/installation-of-thehive-incident-response-project\\\/\"},\"author\":{\"name\":\"Sneh Patel\",\"@id\":\"https:\\\/\\\/snehpatel.com\\\/#\\\/schema\\\/person\\\/a39105bc63f7e11a0e07b12a4c3dda73\"},\"headline\":\"Installation of thehive incident response project\",\"datePublished\":\"2019-11-02T15:19:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/snehpatel.com\\\/index.php\\\/2019\\\/11\\\/02\\\/installation-of-thehive-incident-response-project\\\/\"},\"wordCount\":237,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/snehpatel.com\\\/#\\\/schema\\\/person\\\/a39105bc63f7e11a0e07b12a4c3dda73\"},\"keywords\":[\"IR\",\"thehive\"],\"articleSection\":[\"IR\",\"Linux\",\"System\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/snehpatel.com\\\/index.php\\\/2019\\\/11\\\/02\\\/installation-of-thehive-incident-response-project\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/snehpatel.com\\\/index.php\\\/2019\\\/11\\\/02\\\/installation-of-thehive-incident-response-project\\\/\",\"url\":\"https:\\\/\\\/snehpatel.com\\\/index.php\\\/2019\\\/11\\\/02\\\/installation-of-thehive-incident-response-project\\\/\",\"name\":\"Installation of thehive incident response project - Sneh Patel\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/snehpatel.com\\\/#website\"},\"datePublished\":\"2019-11-02T15:19:48+00:00\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/snehpatel.com\\\/index.php\\\/2019\\\/11\\\/02\\\/installation-of-thehive-incident-response-project\\\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/snehpatel.com\\\/#website\",\"url\":\"https:\\\/\\\/snehpatel.com\\\/\",\"name\":\"Sneh Patel\",\"description\":\"Cyber Security Blog\",\"publisher\":{\"@id\":\"https:\\\/\\\/snehpatel.com\\\/#\\\/schema\\\/person\\\/a39105bc63f7e11a0e07b12a4c3dda73\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/snehpatel.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/snehpatel.com\\\/#\\\/schema\\\/person\\\/a39105bc63f7e11a0e07b12a4c3dda73\",\"name\":\"Sneh Patel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/i0.wp.com\\\/snehpatel.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/cropped-Slide4-1.jpg?fit=672%2C222&ssl=1\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/snehpatel.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/cropped-Slide4-1.jpg?fit=672%2C222&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/snehpatel.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/cropped-Slide4-1.jpg?fit=672%2C222&ssl=1\",\"width\":672,\"height\":222,\"caption\":\"Sneh Patel\"},\"logo\":{\"@id\":\"https:\\\/\\\/i0.wp.com\\\/snehpatel.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/cropped-Slide4-1.jpg?fit=672%2C222&ssl=1\"},\"sameAs\":[\"http:\\\/\\\/snehpatel.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Installation of thehive incident response project - Sneh Patel","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/","og_locale":"en_US","og_type":"article","og_title":"Installation of thehive incident response project - Sneh Patel","og_description":"One of the important things to maintain during any kind of incident is communication. Without it, the companies get to fall apart due to miscommunication which happens with a lack of communication. As seen during any kind of incident, there is an environment of chaos in which people don&#8217;t know what to do, even if ... Read more","og_url":"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/","og_site_name":"Sneh Patel","article_published_time":"2019-11-02T15:19:48+00:00","author":"Sneh Patel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Sneh Patel","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/#article","isPartOf":{"@id":"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/"},"author":{"name":"Sneh Patel","@id":"https:\/\/snehpatel.com\/#\/schema\/person\/a39105bc63f7e11a0e07b12a4c3dda73"},"headline":"Installation of thehive incident response project","datePublished":"2019-11-02T15:19:48+00:00","mainEntityOfPage":{"@id":"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/"},"wordCount":237,"commentCount":0,"publisher":{"@id":"https:\/\/snehpatel.com\/#\/schema\/person\/a39105bc63f7e11a0e07b12a4c3dda73"},"keywords":["IR","thehive"],"articleSection":["IR","Linux","System"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/","url":"https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/","name":"Installation of thehive incident response project - Sneh Patel","isPartOf":{"@id":"https:\/\/snehpatel.com\/#website"},"datePublished":"2019-11-02T15:19:48+00:00","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/snehpatel.com\/index.php\/2019\/11\/02\/installation-of-thehive-incident-response-project\/"]}]},{"@type":"WebSite","@id":"https:\/\/snehpatel.com\/#website","url":"https:\/\/snehpatel.com\/","name":"Sneh Patel","description":"Cyber Security Blog","publisher":{"@id":"https:\/\/snehpatel.com\/#\/schema\/person\/a39105bc63f7e11a0e07b12a4c3dda73"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/snehpatel.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/snehpatel.com\/#\/schema\/person\/a39105bc63f7e11a0e07b12a4c3dda73","name":"Sneh Patel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/snehpatel.com\/wp-content\/uploads\/2020\/09\/cropped-Slide4-1.jpg?fit=672%2C222&ssl=1","url":"https:\/\/i0.wp.com\/snehpatel.com\/wp-content\/uploads\/2020\/09\/cropped-Slide4-1.jpg?fit=672%2C222&ssl=1","contentUrl":"https:\/\/i0.wp.com\/snehpatel.com\/wp-content\/uploads\/2020\/09\/cropped-Slide4-1.jpg?fit=672%2C222&ssl=1","width":672,"height":222,"caption":"Sneh Patel"},"logo":{"@id":"https:\/\/i0.wp.com\/snehpatel.com\/wp-content\/uploads\/2020\/09\/cropped-Slide4-1.jpg?fit=672%2C222&ssl=1"},"sameAs":["http:\/\/snehpatel.com"]}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/posts\/167","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/comments?post=167"}],"version-history":[{"count":0,"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/posts\/167\/revisions"}],"wp:attachment":[{"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/media?parent=167"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/categories?post=167"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/snehpatel.com\/index.php\/wp-json\/wp\/v2\/tags?post=167"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}