This document is a step-by-step guide to build TheHive from sources.
The following software is required to download and build TheHive.
- Java Development Kit 8 (JDK)
- downloadable from http://www.oracle.com/technetwork/java/javase/downloads/index.html
- git
- Use the system package or download it from http://www.git-scm.com/downloads
- Elasticsearch 5.6
- downloadable from https://www.elastic.co/downloads/past-releases/elasticsearch-5-6-5
- NodeJs with its package manager (NPM)
- downloadable from https://nodejs.org/en/download/
- Grunt
- After NodeJs installation, run
sudo npm install -g grunt-cli
- After NodeJs installation, run
- Bower
- After NodeJs installation, run
sudo npm install -g bower
- After NodeJs installation, run
To install the requirements and build TheHive from sources, please follow the instructions below depending on your operating system.
sudo yum -y install git bzip2
sudo yum -y install java-1.8.0-openjdk-devel
Download and install the public signing key:
sudo rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch
Add the following in your /etc/yum.repos.d/ directory in a file with a .repo suffix, for example elasticsearch.repo:
cat << __EOF | sudo tee /etc/yum.repos.d/elasticsearch.repo
[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=https://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch
enabled=1
__EOF
Your repository is ready for use. You can install Elasticsearch with:
sudo yum -y install elasticsearch
Install the EPEL Repository:
You should have the "extras" repository enabled, then:
sudo yum -y install epel-release
Then, you can install NodeJs:
sudo yum -y install nodejs
sudo npm install -g bower grunt-cli
sudo apt-get install git wget
echo 'deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main' | sudo tee -a /etc/apt/sources.list.d/java.list
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-key EEA14886
sudo apt-get update
sudo apt-get install oracle-java8-installer
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-key D88E42B4
echo "deb https://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list
sudo apt-get update && sudo apt-get install elasticsearch
sudo apt-get install wget
wget -qO- https://deb.nodesource.com/setup_4.x | sudo bash -
sudo apt-get install nodejs
sudo npm install -g bower grunt-cli
git clone https://github.com/CERT-BDF/TheHive.git
cd TheHive
bin/activator clean stage
It will download all dependencies (could be long) then build the back-end.
This command cleans previous build files and creates an autonomous package in the target/universal/stage directory. This packages contains TheHive binaries with required libraries (/lib), analyzers (/analyzers), configuration files (/conf) and startup scripts (/bin).
Binaries are built and stored in TheHive/target/universal/stage/. Install them in /opt/thehive for example.
sudo cp -r TheHive/target/universal/stage /opt/thehive
Follow the configuration part of the installation guide to run TheHive.
Edit /etc/elasticsearch/elasticsearch.yml and add the following lines:
network.host: 127.0.0.1
script.inline: on
cluster.name: hive
threadpool.index.queue_size: 100000
threadpool.search.queue_size: 100000
threadpool.bulk.queue_size: 1000
Start the service:
service elasticsearch restart
Follow 4.3. First start in the Installation guide to start using TheHive.
Building the back-end also builds the front-end, so you don't need to build the front-end separately. This section is useful only for troubleshooting or in order to install front-end in a reverse proxy.
Go to front-end directory:
cd TheHive/ui
Install NodeJs libraries (required by building step) and bower libraries (javascript libraries downloaded by browser). Then build the front-end :
npm install
bower install
grunt build
This step generates static files (html, javascript and related resources) in the dist directory. These files are ready to be imported into the http server.