MISPWarninglists analyzer doesn't work [Bug]

[NailBash]

Describe the bug
MISPWarninglists analyzer doesn't work

To Reproduce
Steps to reproduce the behavior:

1. Download MISP warninglists
2. Configure analyzer
3. See error message "Traceback (most recent call last): File "/opt/Cortex-Analyzers/analyzers/MISPWarningLists/mispwarninglists.py", line 202, in MISPWarninglistsAnalyzer().run() File "/opt/Cortex-Analyzers/analyzers/MISPWarningLists/mispwarninglists.py", line 91, in run for list in self.warninglists:TypeError: 'NoneType' object is not iterable"

Expected behavior
Normal work of analyzer

Work environment
Cortex runs on Centos 7.

[dadokkio]

Hello, from the error I can suppose that you are not using a db but local files. It's that correct?
Using locals file the analyzer require that you have cloned locally the misp-warninglist repo in the path specified in the settings.
If you have done this step double check if the path has been set properly.

[NailBash]

Hello, from the error I can suppose that you are not using a db but local files. It's that correct?
Using locals file the analyzer require that you have cloned locally the misp-warninglist repo in the path specified in the settings.
If you have done this step double check if the path has been set properly.

Hello, yes I'm using local files, I'm cloned files into my local filesystem
This is my folder with warninglists

This is configuration in cortex

I think, that path is correct, I checked it (Copied code which reads the warninglists and launched it by python3. It worked well and readed files)

[dadokkio]

The path seems to be correct, so we can start to check why the loop don't add anything to warninglists.
If you run this simple code on the machine:

from glob import glob
import io

files = glob("{}/lists/*/*.json".format("/home/cortex/MISP_warninglists/misp-warninglists"))
for file in files:
	with io.open(file, "r") as fh:
		print(file)

Does it print something?

[NailBash]

The path seems to be correct, so we can start to check why the loop don't add anything to warninglists.
If you run this simple code on the machine:

from glob import glob
import io

files = glob("{}/lists/*/*.json".format("/home/cortex/MISP_warninglists/misp-warninglists"))
for file in files:
	with io.open(file, "r") as fh:
		print(file)

Does it print something?

I think that this function doesn't return that it should for some reason

[dadokkio]

Ok, then probably is my code wrongly assuming you wants to use db.
Can you check if using this code everything works?

self.warninglists = self.readwarninglists() if not conn or not USE_DB else None

[NailBash]

Ok, then probably is my code wrongly assuming you wants to use db.
Can you check if using this code everything works?

self.warninglists = self.readwarninglists() if not conn or not USE_DB else None

[dadokkio]

Ok, can now test the change I proposed?

[NailBash]

Ok, can now test the change I proposed?

This is fine I think, if indicator doesn't matches in warninglists?

[NailBash]

It's ok for local filesystem?

[dadokkio]

Yes, this is the reason why we decide to add postgres as backend.
The first import in the db takes some times but then it returns answer in millisec.

We used to run the analyzer with hundreds of observables and it ran for a lot of hours.

[garanews]

fixed in 2.9.0