You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Depending on how data is stored in ElasticSearch, some fields have size limitation (32kB). In some cases, it is not enough. For example, some responders accept TheHive alert as input, which can be huge.
Solutions
The aim of this issue is to change the ElasticSearch mapping of fields that may contain large data:
data in artifact
data, parameters and input in job
full, summary and operations in report
avatar and preferences in user
configuration in worker and workerConfig
All these fields, will be stored in a binary format, without analysis and wont be indexed. Thus, they become unsearchable.
The text was updated successfully, but these errors were encountered:
Request Type
Feature Request
Problem Description
Depending on how data is stored in ElasticSearch, some fields have size limitation (32kB). In some cases, it is not enough. For example, some responders accept TheHive alert as input, which can be huge.
Solutions
The aim of this issue is to change the ElasticSearch mapping of fields that may contain large data:
All these fields, will be stored in a binary format, without analysis and wont be indexed. Thus, they become unsearchable.
The text was updated successfully, but these errors were encountered: