Skip to content

Commit

Permalink
[8.x] [DOCS] Add TheHive connector to case settings (#193802) (#194505)
Browse files Browse the repository at this point in the history 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[DOCS] Add TheHive connector to case settings
(#193802)](#193802)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Lisa
Cawley","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-01T00:33:31Z","message":"[DOCS]
Add TheHive connector to case settings
(#193802)","sha":"5ed0426ef6657af24437d1931fc99c7094dc1e35","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","docs","Feature:Cases","v8.16.0","backport:version"],"title":"[DOCS]
Add TheHive connector to case
settings","number":193802,"url":"https://github.com/elastic/kibana/pull/193802","mergeCommit":{"message":"[DOCS]
Add TheHive connector to case settings
(#193802)","sha":"5ed0426ef6657af24437d1931fc99c7094dc1e35"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193802","number":193802,"mergeCommit":{"message":"[DOCS]
Add TheHive connector to case settings
(#193802)","sha":"5ed0426ef6657af24437d1931fc99c7094dc1e35"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Lisa Cawley <[email protected]>
  • Loading branch information
@kibanamachine @lcawl
kibanamachine and lcawl authored Oct 1, 2024
1 parent 6332213 commit 6aa7c23
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 20 deletions.
4 changes: 2 additions & 2 deletions docs/management/action-types.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,9 +92,9 @@ a| <<swimlane-action-type,{swimlane}>>

| Create an incident in {swimlane}.

a| <<thehive-action-type,TheHive>>
a| <<thehive-action-type,{hive}>>

| Create cases and alerts in TheHive.
| Create cases and alerts in {hive}.

a| <<tines-action-type,Tines>>

Expand Down
3 changes: 2 additions & 1 deletion docs/management/cases/manage-cases-settings.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ management systems:
* {sn-itsm}
* {sn-sir}
* {swimlane}
* {hive}
* {webhook-cm}

NOTE: To create connectors and send cases to external systems, you must have the
Expand All @@ -45,7 +46,7 @@ Alternatively, you can create them in *{stack-manage-app} > Cases > Settings*:

. Enter your required settings. Refer to <<resilient-action-type>>,
<<jira-action-type>>, <<servicenow-action-type>>, <<servicenow-sir-action-type>>,
<<swimlane-action-type>>, or <<cases-webhook-action-type>> for connector
<<swimlane-action-type>>, <<thehive-action-type>>, or <<cases-webhook-action-type>> for connector
configuration details.

You can subsequently choose the connector when you create cases and use it in case templates.
Expand Down
34 changes: 17 additions & 17 deletions docs/management/connectors/action-types/thehive.asciidoc
View file
Original file line number Diff line number Diff line change
@@ -1,18 +1,18 @@
[[thehive-action-type]]
== TheHive connector and action
== {hive} connector and action
++++
<titleabbrev>TheHive</titleabbrev>
<titleabbrev>{hive}</titleabbrev>
++++
:frontmatter-description: Add a connector that can create cases and alerts in TheHive.
:frontmatter-description: Add a connector that can create cases and alerts in {hive}.
:frontmatter-tags-products: [kibana]
:frontmatter-tags-content-type: [how-to]
:frontmatter-tags-user-goals: [configure]

TheHive connector uses the https://docs.strangebee.com/thehive/api-docs/[TheHive (v1) REST API] to create cases and alerts. added:[8.16.0]
{hive} connector uses the https://docs.strangebee.com/thehive/api-docs/[{hive} (v1) REST API] to create cases and alerts. added:[8.16.0]

[NOTE]
====
If you use this connector with <<cases,cases>>, the status values differ in {kib} and TheHive.
If you use this connector with <<cases,cases>>, the status values differ in {kib} and {hive}.
The status values are not synchronized when you update a case.
====

Expand All @@ -24,19 +24,19 @@ You can create connectors in *{stack-manage-app} > {connectors-ui}*
or as needed when you're creating a rule. For example:

[role="screenshot"]
image::management/connectors/images/thehive-connector.png[TheHive connector]
image::management/connectors/images/thehive-connector.png[{hive} connector]
// NOTE: This is an autogenerated screenshot. Do not edit it directly.

[float]
[[thehive-connector-configuration]]
==== Connector configuration

TheHive connectors have the following configuration properties:
{hive} connectors have the following configuration properties:

Name:: The name of the connector.
Organisation:: The organisation in TheHive that will contain the cases or alerts.
URL:: The instance URL in TheHive.
API key:: The API key for authentication in TheHive.
Organisation:: The organisation in {hive} that will contain the cases or alerts.
URL:: The instance URL in {hive}.
API key:: The API key for authentication in {hive}.

[float]
[[thehive-action-configuration]]
Expand All @@ -46,16 +46,16 @@ You can test connectors for creating a case or an alert with the <<execute-conne
as you're creating or editing the connector in {kib}. For example:

[role="screenshot"]
image::management/connectors/images/thehive-params-case-test.png[TheHive case params test]
image::management/connectors/images/thehive-params-case-test.png[{hive} case params test]
// NOTE: This is an autogenerated screenshot. Do not edit it directly.

[role="screenshot"]
image::management/connectors/images/thehive-params-alert-test.png[TheHive alert params test]
image::management/connectors/images/thehive-params-alert-test.png[{hive} alert params test]
// NOTE: This is an autogenerated screenshot. Do not edit it directly.

TheHive actions have the following configuration properties.
{hive} actions have the following configuration properties.

Event action:: The action that will be performed in TheHive: create a case or an alert.
Event action:: The action that will be performed in {hive}: create a case or an alert.
Title:: The title of the incident.
Description:: The details about the incident.
Severity:: The severity of the incident: `LOW`, `MEDIUM`, `HIGH` or `CRITICAL`.
Expand All @@ -74,11 +74,11 @@ Use the <<action-settings, Action configuration settings>> to customize connecto

[float]
[[configure-thehive]]
=== Configure TheHive
=== Configure {hive}

To generate an API key in TheHive:
To generate an API key in {hive}:

1. Log in to your TheHive instance.
1. Log in to your {hive} instance.
2. Open profile tab and select the settings.
3. Go to *API Key*.
4. Click *Create* if no API key has been created previously; otherwise, you can view the API key by clicking on *Reveal*.
Expand Down

0 comments on commit 6aa7c23

Please sign in to comment.