TheHive Database and Index Connection Settings
TheHive uses JanusGraph for database and index connections. These parameters configure Cassandra and Elasticsearch back ends.
Database storage parameters
Core storage settings
| Parameter | Type | Description | 
| db.provider | string | Provider name for the database back end. Must be: janusgraph. | 
| db.janusgraph.storage.backend | string | Storage back end type. Must be: cql. | 
| db.janusgraph.storage.hostname | list of string | IP addresses or host names of Cassandra nodes. Must be ["127.0.0.1"]for a standalone server deployment. | 
| db.janusgraph.storage.port | integer | Port number for Cassandra connection. Default: 9042for CQL. Use a different port when SSL is enabled or when Cassandra is configured with a custom port. | 
Cassandra authentication
| Parameter | Type | Description | 
| db.janusgraph.storage.username | string | Username for Cassandra authentication. Required when authentication is enabled. | 
| db.janusgraph.storage.password | string | Password for Cassandra authentication. Required when authentication is enabled. | 
Cassandra CQL configuration
| Parameter | Type | Description | 
| db.janusgraph.storage.cql.keyspace | string | Keyspace name for TheHive data storage in Cassandra. Must be: thehive. | 
| db.janusgraph.storage.cql.replication-factor | integer | Replication factor for the keyspace. Use 1for a standalone server,3or higher for production clusters. | 
Cassandra SSL/TLS settings
| Parameter | Type | Description | 
| db.janusgraph.storage.cql.ssl.enabled | boolean | Enable SSL for Cassandra connections. Default: false. | 
| db.janusgraph.storage.cql.ssl.truststore.location | string | Path to the Java truststore file containing CA certificates. | 
| db.janusgraph.storage.cql.ssl.truststore.password | string | Password to access the truststore. | 
| db.janusgraph.storage.cql.ssl.client-authentication-enabled | boolean | Enable client certificate authentication. Default: false. | 
| db.janusgraph.storage.cql.ssl.keystore.location | string | Path to the Java keystore containing client certificate. Required when client authentication is enabled. | 
| db.janusgraph.storage.cql.ssl.keystore.storepassword | string | Password to access the keystore. | 
| db.janusgraph.storage.cql.ssl.keystore.keypassword | string | Password for the private key in the keystore. | 
For more detailed information on configuring Cassandra connection, refer to the official JanusGraph documentation..
Index search parameters
Core index settings
| Parameter | Type | Description | 
| index.search.backend | string | Index back end type. Must be: elasticsearch. | 
| index.search.hostname | list of string | IP addresses or host names of Elasticsearch nodes with optional port. Must be ["127.0.0.1"]for a standalone server deployment. | 
| index.search.index-name | string | Name of the Elasticsearch index for TheHive data. Must be: thehive. | 
Elasticsearch HTTP authentication
| Parameter | Type | Description | 
| index.search.elasticsearch.http.auth.type | string | Authentication type. Must be: basic. | 
| index.search.elasticsearch.http.auth.basic.username | string | Username for Elasticsearch authentication. Required when authentication is enabled. | 
| index.search.elasticsearch.http.auth.basic.password | string | Password for Elasticsearch authentication. Required when authentication is enabled. | 
Required Elasticsearch privileges
The Elasticsearch user must have specific privileges to work with TheHive. See the detailed configuration steps in the installation guide.
 
Elasticsearch SSL/TLS settings
| Parameter | Type | Description | 
| index.search.elasticsearch.ssl.enabled | boolean | Enable SSL for Elasticsearch connections. Default: false. | 
| index.search.elasticsearch.ssl.truststore.location | string | Path to the Java truststore file containing CA certificates. | 
| index.search.elasticsearch.ssl.truststore.password | string | Password to access the truststore. | 
| index.search.elasticsearch.ssl.keystore.location | string | Path to the Java keystore containing client certificate for mutual TLS. | 
| index.search.elasticsearch.ssl.keystore.storepassword | string | Password to access the keystore. | 
| index.search.elasticsearch.ssl.keystore.keypassword | string | Password for the private key in the keystore. | 
| index.search.elasticsearch.ssl.disable-hostname-verification | boolean | Turn off host name verification in SSL certificates. Default: false. | 
| index.search.elasticsearch.ssl.allow-self-signed-certificates | boolean | Accept self-signed certificates. Default: false. | 
For more detailed information on configuring Elasticsearch connection, refer to the official JanusGraph documentation..
Configuration example with authentication and ssl
Database and index configuration with authentication and ssl for a standalone server installation
# Content from /etc/thehive/application.conf
[..]
# Database and index configuration
db.janusgraph {
    storage {
        backend = cql
        hostname = ["127.0.0.1"]
        username = "thehive"
        password = "<thehive_role_password>"
        cql {
            keyspace = thehive
            ssl {
                enabled = true
                truststore {
                    location = /path/to/<truststore_file>
                    password = <truststore_password>
                }
            }
        }
    }
    index.search {
        backend = elasticsearch
        hostname = ["127.0.0.1"]
        index-name = thehive
        elasticsearch {
          http {
              auth {
                  type = basic
                  basic {
                      username = "thehive"
                      password = "<thehive_user_password>"
                  }
              }
          }
          ssl {
                enabled = true
                truststore {
                    location = /path/to/<truststore_file>
                    password = <truststore_password>
                }
            }
        }
    }
}
[..]
 
Next steps