Skip to content

fixed elasticsearch#3228

Merged
mlodic merged 3 commits intointelowlproject:developfrom
AnshSinghal:bi2834
Jan 28, 2026
Merged

fixed elasticsearch#3228
mlodic merged 3 commits intointelowlproject:developfrom
AnshSinghal:bi2834

Conversation

@AnshSinghal
Copy link
Contributor

@AnshSinghal AnshSinghal commented Jan 22, 2026

Closes #2834

Description

Added certificate path configuration for Elasticsearch BI client when connecting to local Elasticsearch instance
Wrapped the ping check in a try-except block to handle connection errors gracefully
Enabled transport layer SSL in the Elasticsearch Docker configuration with appropriate certificates

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue).

Checklist

  • I have read and understood the rules about how to Contribute to this project
  • The pull request is for the branch develop
  • A new plugin (analyzer, connector, visualizer, playbook, pivot or ingestor) was added or changed, in which case:
    • I strictly followed the documentation "How to create a Plugin"
    • Usage file was updated. A link to the PR to the docs repo has been added as a comment here.
    • Advanced-Usage was updated (in case the plugin provides additional optional configuration). A link to the PR to the docs repo has been added as a comment here.
    • I have dumped the configuration from Django Admin using the dumpplugin command and added it in the project as a data migration. ("How to share a plugin with the community")
    • If a File analyzer was added and it supports a mimetype which is not already supported, you added a sample of that type inside the archive test_files.zip and you added the default tests for that mimetype in test_classes.py.
    • If you created a new analyzer and it is free (does not require any API key), please add it in the FREE_TO_USE_ANALYZERS playbook by following this guide.
    • Check if it could make sense to add that analyzer/connector to other freely available playbooks.
    • I have provided the resulting raw JSON of a finished analysis and a screenshot of the results.
    • If the plugin interacts with an external service, I have created an attribute called precisely url that contains this information. This is required for Health Checks (HEAD HTTP requests).
    • If a new analyzer has beed added, I have created a unittest for it in the appropriate dir. I have also mocked all the external calls, so that no real calls are being made while testing.
    • I have added that raw JSON sample to the get_mocker_response() method of the unittest class. This serves us to provide a valid sample for testing.
    • I have created the corresponding DataModel for the new analyzer following the documentation
  • I have inserted the copyright banner at the start of the file: # This file is a part of IntelOwl https://github.com/intelowlproject/IntelOwl # See the file 'LICENSE' for copying permission.
  • Please avoid adding new libraries as requirements whenever it is possible. Use new libraries only if strictly needed to solve the issue you are working for. In case of doubt, ask a maintainer permission to use a specific library.
  • If external libraries/packages with restrictive licenses were added, they were added in the Legal Notice section.
  • Linters (Black, Flake, Isort) gave 0 errors. If you have correctly installed pre-commit, it does these checks and adjustments on your behalf.
  • I have added tests for the feature/bug I solved (see tests folder). All the tests (new and old ones) gave 0 errors.
  • If the GUI has been modified:
    • I have a provided a screenshot of the result in the PR.
    • I have created new frontend tests for the new component or updated existing ones.
  • After you had submitted the PR, if DeepSource, Django Doctors or other third-party linters have triggered any alerts during the CI checks, I have solved those alerts.

Important Rules

  • If you miss to compile the Checklist properly, your PR won't be reviewed by the maintainers.
  • Everytime you make changes to the PR and you think the work is done, you should explicitly ask for a review by using GitHub's reviewing system detailed here.
image

Copilot AI review requested due to automatic review settings January 22, 2026 16:09
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR attempts to fix Elasticsearch configuration issues by adding SSL certificate configuration for the BI client and transport layer SSL settings for the Elasticsearch Docker container.

Changes:

  • Added certificate path configuration for Elasticsearch BI client when connecting to local Elasticsearch instance
  • Wrapped the ping check in a try-except block to handle connection errors gracefully
  • Enabled transport layer SSL in the Elasticsearch Docker configuration with appropriate certificates

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.

File Description
intel_owl/settings/elasticsearch.py Added certificate configuration logic and error handling for Elasticsearch BI client initialization
docker/elasticsearch.override.yml Enabled transport layer SSL with certificate configuration for inter-node communication

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@AnshSinghal
Copy link
Contributor Author

@mlodic please review

except Exception as info_error:
info = f"info unavailable: {info_error}"
logger.warning(
"ELASTICSEARCH DSL client configuration did not connect correctly: %s",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use f-strings please

)
else:
print("Elasticsearch not correctly configured")
logger.warning("Elasticsearch BI not correctly configured")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

prints were meant to be there to get the output on the console

)
except Exception as e:
logger.warning(
"ELASTICSEARCH BI client configuration did not connect correctly: %s",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

f-string

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why double try/exception ?

except Exception as info_error:
info = f"info unavailable: {info_error}"
logger.warning(
"ELASTICSEARCH BI client configuration did not connect correctly: %s",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

f-string

Copilot AI review requested due to automatic review settings January 28, 2026 16:35
@AnshSinghal AnshSinghal requested a review from mlodic January 28, 2026 16:36
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@mlodic mlodic merged commit 90a6003 into intelowlproject:develop Jan 28, 2026
14 of 15 checks passed
kami922 pushed a commit to kami922/IntelOwl that referenced this pull request Jan 28, 2026
* fixed elasticsearch

* code refactor

* improved error handling
kami922 added a commit to kami922/IntelOwl that referenced this pull request Jan 28, 2026
Applied Ruff formatting to elasticsearch.py which was modified in
upstream commit 90a6003 (fixed elasticsearch intelowlproject#3228).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants