TheHive Trigger node#

On this page, you'll find a list of events the TheHive Trigger node can respond to and links to more resources.

TheHive and TheHive 5

SMS-iT Workflow provides two nodes for TheHive. Use this node (TheHive Trigger) if you want to use TheHive's version 3 or 4 API. If you want to use version 5, use TheHive 5 Trigger.

Examples and templates

For usage examples and templates to help you get started, refer to SMS-iT Workflow's TheHive Trigger integrations page.

Events#

  • Alert
    • Created
    • Deleted
    • Updated
  • Case
    • Created
    • Deleted
    • Updated
  • Log
    • Created
    • Deleted
    • Updated
  • Observable
    • Created
    • Deleted
    • Updated
  • Task
    • Created
    • Deleted
    • Updated

SMS-iT Workflow provides an app node for TheHive. You can find the node docs here.

View example workflows and related content on SMS-iT Workflow's website.

Refer to TheHive's documentation for more information about the service:

Configure a webhook in TheHive#

To configure the webhook for your TheHive instance:

  1. Copy the testing and production webhook URLs from TheHive Trigger node.

  2. Add the following lines to the application.conf file. This is TheHive configuration file:

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
    notification.webhook.endpoints = [ { name: TESTING_WEBHOOK_NAME url: TESTING_WEBHOOK_URL version: 0 wsConfig: {} includedTheHiveOrganisations: ["ORGANIZATION_NAME"] excludedTheHiveOrganisations: [] }, { name: PRODUCTION_WEBHOOK_NAME url: PRODUCTION_WEBHOOK_URL version: 0 wsConfig: {} includedTheHiveOrganisations: ["ORGANIZATION_NAME"] excludedTheHiveOrganisations: [] }
]

  3. Replace TESTING_WEBHOOK_URL and PRODUCTION_WEBHOOK_URL with the URLs you copied in the previous step.

  4. Replace TESTING_WEBHOOK_NAME and PRODUCTION_WEBHOOK_NAME with your preferred endpoint names.
  5. Replace ORGANIZATION_NAME with your organization name.
  6. Execute the following cURL command to enable notifications: 
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
    curl -XPUT -uTHEHIVE_USERNAME:THEHIVE_PASSWORD -H 'Content-type: application/json' THEHIVE_URL/api/config/organisation/notification -d '
{
	"value": [
		{
		"delegate": false,
		"trigger": { "name": "AnyEvent"},
		"notifier": { "name": "webhook", "endpoint": "TESTING_WEBHOOK_NAME" }
		},
		{
		"delegate": false,
		"trigger": { "name": "AnyEvent"},
		"notifier": { "name": "webhook", "endpoint": "PRODUCTION_WEBHOOK_NAME" }
		}
	]
}'