Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] OpenCTI analyser: missing Python module? #945

Closed
xme opened this issue Feb 24, 2021 · 4 comments
Closed

[Bug] OpenCTI analyser: missing Python module? #945

xme opened this issue Feb 24, 2021 · 4 comments

Comments

@xme
Copy link
Contributor

xme commented Feb 24, 2021

Describe the bug
Can't run opencti analyzer, missing Python module?

To Reproduce
Steps to reproduce the behavior:

  1. Just try to run the analyzer

Expected behavior

Complementary information
from six.moves.collections_abc import MappingModuleNotFoundError: No module named 'six.moves.collections_abc'

Work environment

  • Cortex version:
  • Cortex Analyzer/Responder name: opencti
  • Cortex Analyzer/Responder version: latest

Possible solutions

Additional context
I did not find a way to install this module. "six" is properly installed.
@slimpagey
Copy link

That's found in the stix2 module - but you should get that if you install pycti. It's in requirements.txt. Probably worth running the snippet from the docs - just to make sure you're not missing other requirements:
for I in $(find Cortex-Analyzers -name 'requirements.txt'); do sudo -H pip2 install -r $I; done && \ for I in $(find Cortex-Analyzers -name 'requirements.txt'); do sudo -H pip3 install -r $I || true; done

@xme
Copy link
Contributor Author

xme commented Feb 24, 2021

Hmm... It was already installed...

Requirement already satisfied: pycti in /usr/local/lib/python3.7/dist-packages (4.0.4)
Requirement already satisfied: requests==2.25.0 in /usr/local/lib/python3.7/dist-packages (from pycti) (2.25.0)
Requirement already satisfied: datefinder==0.7.1 in /usr/local/lib/python3.7/dist-packages (from pycti) (0.7.1)
Requirement already satisfied: pytz==2020.4 in /usr/local/lib/python3.7/dist-packages (from pycti) (2020.4)
Requirement already satisfied: sseclient==0.0.27 in /usr/local/lib/python3.7/dist-packages (from pycti) (0.0.27)
Requirement already satisfied: python-magic==0.4.18; sys_platform == "linux" or sys_platform == "darwin" in /usr/local/lib/python3.7/dist-packages (from pycti) (0.4.18)
Requirement already satisfied: pika==1.1.0 in /usr/local/lib/python3.7/dist-packages (from pycti) (1.1.0)
Requirement already satisfied: python-dateutil==2.8.1 in /usr/local/lib/python3.7/dist-packages (from pycti) (2.8.1)
Requirement already satisfied: PyYAML==5.3.1 in /usr/local/lib/python3.7/dist-packages (from pycti) (5.3.1)
Requirement already satisfied: stix2==2.1.0 in /usr/local/lib/python3.7/dist-packages (from pycti) (2.1.0)
Requirement already satisfied: idna<3,>=2.5 in /usr/local/lib/python3.7/dist-packages (from requests==2.25.0->pycti) (2.10)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in /usr/local/lib/python3.7/dist-packages (from requests==2.25.0->pycti) (1.26.2)
Requirement already satisfied: chardet<4,>=3.0.2 in /usr/local/lib/python3.7/dist-packages (from requests==2.25.0->pycti) (3.0.4)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.7/dist-packages (from requests==2.25.0->pycti) (2020.12.5)
Requirement already satisfied: regex>=2017.02.08 in /usr/local/lib/python3.7/dist-packages (from datefinder==0.7.1->pycti) (2020.11.13)
Requirement already satisfied: six in /usr/local/lib/python3.7/dist-packages (from sseclient==0.0.27->pycti) (1.15.0)
Requirement already satisfied: stix2-patterns>=1.2.0 in /usr/local/lib/python3.7/dist-packages (from stix2==2.1.0->pycti) (1.3.2)
Requirement already satisfied: simplejson in /usr/local/lib/python3.7/dist-packages (from stix2==2.1.0->pycti) (3.17.2)
Requirement already satisfied: antlr4-python3-runtime~=4.8.0; python_version >= "3" in /usr/local/lib/python3.7/dist-packages (from stix2-patterns>=1.2.0->stix2==2.1.0->pycti) (4.8)

@dadokkio
Copy link
Contributor

Six is already installed in cortex machine but is in a old release.. you need to update it. We added a minimal six release as requirements in develop branch

@xme
Copy link
Contributor Author

xme commented Mar 2, 2021

Ok, I fixed the problem... I also had to switch to the "develop" branch for the OpenCTI responder...

@xme xme closed this as completed Mar 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dadokkio @xme @slimpagey