WARNING: Mitre Technique ID 'T1550.002' not found in database

[Stefan Sabolowitsch]

Hi there (hola)

is someone from the DEV's here,  know you are in the release stress for v4.2 since but have the following question.

If someone can take a look at the problem, we are flooded with this error message.
`WARNING: Mitre Technique ID 'T1550.002' not found in database`

https://github.com/wazuh/wazuh/issues/9633

and with the latest version of enterprise-attack.json(april update), i get this error message when creating the mitre.db:

```
cd ../tools/mitre && /var/ossec/framework/python/bin/python3 mitredb.py -d /var/ossec/var/db/mitre.db 'kill_chain_phases' Deleting /var/ossec/var/db/mitre.db 

```

thanks for any help here.
Stefan

[Nicolas Guini]

Hi Stefan!

I've answered the issue on Github (#9633). 

Mitre has introduced a bunch of changes since the release of Wazuh v4.1, like sub_techniques, d3fense and more. Also, they changed the whole internal structure resulting in a totally different DB architecture. 

The good news is that, next Wazuh version v4.2, can handle the latest version of Mitre Matrix JSON, changes on how the DB is generated and how Wazuh consumes that new DB also have been made.

For now, I should suggest to keep using the previous version of Mitre Matrix JSON, till Wazuh V4.2 release.

Let me know if further help is needed.

Bests!

Nicolas 

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/ce5d1ea5-cfd7-4913-89af-bb5d3b7ff026n%40googlegroups.com.