[Bug] OpenCTI analyzers

[hackjc]

Describe the bug
Once the analyzer config is set for OpenCTI. Create a observable and launch a worker analyzer the above error is show.

ERROR:pycti.api:Cannot query field "x_opencti_reliability" on type "Identity". Did you mean to use an inline fragment on "Organization"?

Traceback (most recent call last):
  File "/worker/OpenCTI/opencti.py", line 110, in <module>
    OpenCTIAnalyzer().run()
  File "/worker/OpenCTI/opencti.py", line 80, in run
    reports = opencti["api_client"].report.list(
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/pycti/entities/opencti_report.py", line 307, in list
    result = self.opencti.query(
             ^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/pycti/api/opencti_api_client.py", line 358, in query
    raise ValueError(
ValueError: {'name': 'Cannot query field "x_opencti_reliability" on type "Identity". Did you mean to use an inline fragment on "Organization"?', 'message': 'Cannot query field "x_opencti_reliability" on type "Identity". Did you mean to use an inline fragment on "Organization"?'}

I am using the last version of both OpenCTI workers analyzer.

It seems that this only fails if the workers find a least a result. If no results the worker end without error.

To Reproduce
Steps to reproduce the behavior:

1. Configure the OpenCTI in Cortex
2. Launch a job with an observable.
3. It fails

Expected behavior
A list of potential observables.

Work environment

• Client OS: Windows
• Server OS: Docker Cortex image thehiveproject/cortex:latest
• Cortex version: thehiveproject/cortex:latest
• Cortex Analyzer name: OpenCTI_SearchExactObservable and OpenCTI_SearchObservables
• Cortex Analyzer version: 2.0

[mrowkoob]

have you tried matching "pycti" package version, which is used by analyzer (change in requirements.txt or on your host) with your OpenCTI version? it solved simillar issue for me