Skip to content

How to Configure the Redis Notifier#

Platinum

This topic provides step-by-step instructions for configuring the Redis notifier in TheHive.

Notifier availability

The Redis notifier is available only when you turn off the Send notification to every user in the organization toggle and use one of the following triggers:
- AnyEvent
- FilteredEvent
- ActionFinished
- CaseClosed
- CaseCreated
- CaseFlagged
- CaseShared
- AlertClosed
- AlertCreated
- AlertImported
- JobFinished
- AlertObservableCreated
- CaseObservableCreated
- ObservableCreated
- TaskClosed
- TaskMandatory

Required permissions

Only users with the manageConfig permission can manage notifications in TheHive.

Procedure

No endpoint required

An endpoint definition isn't required to send data to a Redis database.

  1. Go to the Organization view from the sidebar menu.

    Organization view

  2. Select the Notifications tab.

    Notifications tab

  3. Select and then Edit.

  4. Select the Redis notifier.

  5. In the Redis drawer, enter the following information:

    - Channel *

    The Redis channel where you want to publish the data.

    - Host *

    The Redis server address. This is where TheHive will send data.

    - Port *

    The port number Redis is listening on.

    - Username

    The username for authentication if Redis Access Control Lists (ACLs) are enabled.

    - Password

    The password for authentication if Redis requires authentication.

    - Database

    The Redis database index to use. Redis allows multiple logical databases, and this field lets you specify which one to use.

    Available variables

    You can use variables in certain fields by selecting Add variable. Refer to the Variable Usage Examples topic for detailed examples.

    Conditional helpers using Mustache syntax

    Example: 

    {{#if (eq object.severity 2) }}MEDIUM {{else}}Other {{/if}}
    Find additional supported operators in the official Handlebars documentation.

    Data formatting helpers

    The following helpers are available to format your data:

    Helper Description Usage Output
    tlpLabel Format the tlp field of the object {{ tlpLabel object.tlp }} Amber
    papLabel Format the pap field of the object {{ papLabel object.pap }} Amber
    severityLabel Format the severity field of the object {{ severityLabel object.severity }} Critical
    dateFormat Format a date field of the object using Java date time patterns {{dateFormat audit._createdAt "EEEEE dd MMMMM yyyy" "fr" }} jeudi 01 septembre 2022

    Standard string helpers can be found in the official Handlebars documentation.

  6. Turn on the Enable SSL toggle to encrypt the connection and secure data transmission between TheHive and the Redis server.

    Add a certificate authority.

    For more information about configuring SSL, refer to the Configure SSL topic.

    Use certificates only from trusted, predefined authorities for secure connections. Custom certificate authorities are not allowed.

    You can turn off the Don't check certificate authority toggle to bypass certificate validation, but this isn't recommended as it may compromise connection security.

    Turn on the Disable host name verification toggle if you want to bypass the verification of the server's host name against the certificate.

  7. Select Confirm.

Next steps