How to Configure the Kafka Notifier

Platinum

This topic provides step-by-step instructions for configuring the Kafka notifier in TheHive.

Notifier availability

The Kafka notifier is available only when you turn off the Send notification to every user in the organization toggle and use one of the following triggers:
- AnyEvent
- FilteredEvent
- ActionFinished
- CaseClosed
- CaseCreated
- CaseFlagged
- CaseShared
- AlertClosed
- AlertCreated
- AlertImported
- JobFinished
- AlertObservableCreated
- CaseObservableCreated
- ObservableCreated
- TaskClosed
- TaskMandatory

Required permissions

Only users with the manageConfig permission can manage notifications in TheHive.

Procedure

No endpoint required

An endpoint definition isn't required to send data to a Kafka topic.

1. Go to the Organization view from the sidebar menu.

   

2. Select the Notifications tab.

   

3. Select and then Edit.

4. Select the Kafka notifier.

5. In the Kafka drawer, enter the following information:

   - Topic

   The Kafka topic where TheHive will publish messages. This must match an existing topic in your Kafka setup.

   - Bootstrap servers

   A comma-separated list of Kafka network addresses with port numbers. These servers act as the entry point for TheHive to connect to your Kafka cluster.

6. Select Confirm.

Next steps

• Turn Off a Notification
• Delete a Notification