Missing information in documentation

[IOTech17]

Hi,

While deploying the thehive4 and cortex I found out a couple of issues :

I recommend this docker for a test deployment for the new user :

version: "2"
services:
  elasticsearch:
    image: elasticsearch:7.10.1
    environment:
      - http.host=0.0.0.0
      - discovery.type=single-node
      - script.allowed_types=inline
      - thread_pool.search.queue_size=100000
      - thread_pool.write.queue_size=10000
    ulimits:
      nofile:
        soft: 65536
        hard: 65536
  cortex:
    image: thehiveproject/cortex:3.1.1-1
    environment:
      - job_directory=/tmp/cortex-jobs
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /tmp/cortex-jobs:/tmp/cortex-jobs
    depends_on:
      - elasticsearch
    ports:
      - "0.0.0.0:10001:9001"
  thehive:
    image: thehiveproject/thehive4:4.0.5-1
    depends_on:
      - elasticsearch
      - cortex
    ports:
      - "0.0.0.0:10000:9000"
    command: --cortex-port 9001

Without the above Cortex won't be able to run the analyzers/Responders

Now regarding TheHive4 documentation.

The environment variable are not being passed or not all present :

    Available options:
    --config-file <file>                        | configuration file path
    --no-config                                 | do not try to configure TheHive (add secret and elasticsearch)
    --no-config-secret                          | do not add random secret to configuration
    --secret <secret>                           | secret to secure sessions
    --show-secret                               | show the generated secret
    --no-config-db                              | do not configure database automatically
    --cql-hostnames <host>,<host>,...           | resolve these hostnames to find cassandra instances
    --cql-username <username>                   | username of cassandra database
    --cql-password <password>                   | password of cassandra database
    --bdb-directory <path>                      | location of local database, if cassandra is not used (default: /data/db)
    --no-config-storage                         | do not configure storage automatically
    --hdfs-url <url>                            | url of hdfs name node
    --storage-directory <path>                  | location of local storage, if hdfs is not used (default: /data/files)
    --no-config-cortex                          | do not add Cortex configuration
    --cortex-proto <proto>                      | define protocol to connect to Cortex (default: http)
    --cortex-port <port>                        | define port to connect to Cortex (default: 9001)
    --cortex-hostname <host>,<host>,...         | resolve this hostname to find Cortex instances
    --cortex-keys <key>,<key>,...               | define Cortex key

If you compare to the official documentation quite a few are missing.

If in the docker file I use this :

 thehive:
    image: thehiveproject/thehive4:4.0.5-1
    environment:
    - TH_CORTEX_PORT=9001
    - TH_CORTEX_KEY=apikey
    depends_on:
      - elasticsearch
      - cortex
    ports:
      - "0.0.0.0:10000:9000"

I can see the variable are setup but nothing is working

Also in the official doccumentation you talk of --cortex-key for the api key, when it is in fact --cortex-keys

Could you check the env that can be used via the docker-compose with thehive4?

Thank you in advance.