diff --git a/roles/thehive/files/SOCTOOLS-CA.crt b/roles/thehive/files/SOCTOOLS-CA.crt
new file mode 100644
index 0000000000000000000000000000000000000000..04b1f203d036d2219c23c4ea3630115d68510eb8
--- /dev/null
+++ b/roles/thehive/files/SOCTOOLS-CA.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV
+BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow
+FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B
+UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX
+Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM
+M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ
+c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv
+tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG
+ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL
+8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud
+EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j
+JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd
+z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy
+XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g
+CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX
+nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh
+GPiQTFGknE1U
+-----END CERTIFICATE-----
diff --git a/roles/thehive/files/cacerts.jks b/roles/thehive/files/cacerts.jks
new file mode 100644
index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c
Binary files /dev/null and b/roles/thehive/files/cacerts.jks differ
diff --git a/roles/thehive/files/dsoclab-thehive.crt b/roles/thehive/files/dsoclab-thehive.crt
new file mode 100644
index 0000000000000000000000000000000000000000..0d474c2a1277de93ba6357ca841a7eac3b1cce44
--- /dev/null
+++ b/roles/thehive/files/dsoclab-thehive.crt
@@ -0,0 +1,88 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 61:09:5c:2c:8d:35:ee:29:1c:99:ce:ab:d4:2b:3c:a4
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: CN=SOCTOOLS-CA
+ Validity
+ Not Before: Oct 30 10:47:29 2020 GMT
+ Not After : Oct 15 10:47:29 2023 GMT
+ Subject: CN=dsoclab-thehive
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:ba:c5:4d:20:a4:60:b7:61:21:ed:16:a1:6f:72:
+ c4:de:a1:00:c0:ef:fc:5d:a1:89:34:07:15:d2:b4:
+ 3a:14:b8:95:75:8e:81:71:49:46:1d:c8:81:cb:f1:
+ ec:c7:5a:12:f6:89:60:e4:c8:98:1a:61:c8:2d:12:
+ 8f:73:ee:f8:9d:88:b5:7f:30:70:97:29:b4:ab:43:
+ 2d:dc:db:a7:10:47:c7:b5:26:9b:11:85:fb:d3:27:
+ 8f:3a:55:bc:ea:78:17:b8:89:10:a3:a4:10:60:39:
+ c3:7f:42:25:a9:fe:84:7f:38:5e:f4:3d:c3:98:3d:
+ 56:b9:ba:81:06:55:8d:65:12:f0:4e:23:88:1d:98:
+ 0c:2f:6e:4f:67:fd:4e:67:39:91:b9:01:52:12:aa:
+ 9e:bb:7a:c8:ea:8f:4a:2d:18:f8:69:9a:3a:a0:c8:
+ 6e:e3:de:c6:db:be:4c:59:e0:cf:bc:34:4f:2c:b0:
+ ef:3e:82:5a:df:68:be:b8:fb:cc:5f:6a:f2:3e:66:
+ d4:c6:c5:f6:0b:67:e9:64:85:15:87:60:6f:dc:b4:
+ 5b:13:6f:b0:9b:f8:f3:da:c1:91:9e:81:5f:16:ca:
+ 9e:14:01:c1:1c:ce:2a:d3:c8:3c:0f:be:b1:37:aa:
+ c9:08:68:2b:de:f9:44:6c:1e:90:a4:12:bc:f5:3c:
+ 46:bd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 5B:08:8E:F2:1B:8F:12:03:BA:31:02:9C:CE:CC:BC:9F:FC:19:D1:E1
+ X509v3 Authority Key Identifier:
+ keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF
+ DirName:/CN=SOCTOOLS-CA
+ serial:8A:74:93:26:80:5B:42:B7
+
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication, TLS Web Client Authentication
+ X509v3 Key Usage:
+ Digital Signature, Key Encipherment
+ X509v3 Subject Alternative Name:
+ DNS:dsoclab-thehive, DNS:dsoclab.gn4-3-wp8-soc.sunet.se
+ Signature Algorithm: sha256WithRSAEncryption
+ 7f:b2:fa:33:d6:e3:6c:57:8a:4a:9a:ef:8b:81:2b:df:f3:d6:
+ fb:8c:bc:02:cf:71:54:a0:f2:0d:ae:3b:30:cf:5c:69:d7:d0:
+ aa:cc:16:80:4d:9d:c8:1f:a7:98:9d:26:dc:ae:8e:24:2b:bc:
+ c1:11:a6:8d:4f:ca:13:1f:7f:8f:4c:ef:dd:46:df:d6:97:0a:
+ 88:51:4e:f7:46:aa:3d:e3:70:e9:19:e8:9f:7e:22:fa:b6:38:
+ 30:00:0a:94:38:09:bf:b8:64:6c:c1:b7:05:6d:4f:f3:27:0c:
+ df:04:ef:a1:4e:e8:2d:4c:06:d0:c0:4f:4f:da:d0:6d:b8:f2:
+ b3:79:18:63:bd:62:83:53:55:38:94:d9:64:ca:e7:4d:71:ce:
+ d1:05:6d:b1:6c:fb:1a:4c:b6:ef:70:2b:3d:9b:1d:66:d8:d9:
+ 9f:f0:e5:48:29:50:e8:1b:1a:fb:b4:d2:5e:38:ec:05:45:c2:
+ e7:de:9a:9d:aa:34:67:c5:66:18:e3:86:8b:0c:1a:c4:21:20:
+ 7e:b7:ad:e2:0b:d0:0d:d4:76:e6:53:ca:77:bc:ce:d0:9b:7b:
+ 7c:fd:42:94:da:63:d8:a7:52:d2:45:f2:d5:55:ef:37:f1:a5:
+ 0e:ba:29:c9:b4:ce:99:45:04:21:2b:86:27:bb:c1:f2:86:9a:
+ 7c:51:5c:3b
+-----BEGIN CERTIFICATE-----
+MIIDmDCCAoCgAwIBAgIQYQlcLI017ikcmc6r1Cs8pDANBgkqhkiG9w0BAQsFADAW
+MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjlaFw0yMzEwMTUx
+MDQ3MjlaMBoxGDAWBgNVBAMMD2Rzb2NsYWItdGhlaGl2ZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALrFTSCkYLdhIe0WoW9yxN6hAMDv/F2hiTQHFdK0
+OhS4lXWOgXFJRh3Igcvx7MdaEvaJYOTImBphyC0Sj3Pu+J2ItX8wcJcptKtDLdzb
+pxBHx7UmmxGF+9MnjzpVvOp4F7iJEKOkEGA5w39CJan+hH84XvQ9w5g9Vrm6gQZV
+jWUS8E4jiB2YDC9uT2f9Tmc5kbkBUhKqnrt6yOqPSi0Y+GmaOqDIbuPextu+TFng
+z7w0Tyyw7z6CWt9ovrj7zF9q8j5m1MbF9gtn6WSFFYdgb9y0WxNvsJv489rBkZ6B
+XxbKnhQBwRzOKtPIPA++sTeqyQhoK975RGwekKQSvPU8Rr0CAwEAAaOB3TCB2jAJ
+BgNVHRMEAjAAMB0GA1UdDgQWBBRbCI7yG48SA7oxApzOzLyf/BnR4TBGBgNVHSME
+PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P
+TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+CwYDVR0PBAQDAgWgMDoGA1UdEQQzMDGCD2Rzb2NsYWItdGhlaGl2ZYIeZHNvY2xh
+Yi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQB/svoz
+1uNsV4pKmu+LgSvf89b7jLwCz3FUoPINrjswz1xp19CqzBaATZ3IH6eYnSbcro4k
+K7zBEaaNT8oTH3+PTO/dRt/WlwqIUU73Rqo943DpGeiffiL6tjgwAAqUOAm/uGRs
+wbcFbU/zJwzfBO+hTugtTAbQwE9P2tBtuPKzeRhjvWKDU1U4lNlkyudNcc7RBW2x
+bPsaTLbvcCs9mx1m2Nmf8OVIKVDoGxr7tNJeOOwFRcLn3pqdqjRnxWYY44aLDBrE
+ISB+t63iC9AN1HbmU8p3vM7Qm3t8/UKU2mPYp1LSRfLVVe838aUOuinJtM6ZRQQh
+K4Ynu8Hyhpp8UVw7
+-----END CERTIFICATE-----
diff --git a/roles/thehive/files/dsoclab-thehive.key b/roles/thehive/files/dsoclab-thehive.key
new file mode 100644
index 0000000000000000000000000000000000000000..6d4d8bb01b413adbe679481a68241bfe71a1c9dc
--- /dev/null
+++ b/roles/thehive/files/dsoclab-thehive.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6xU0gpGC3YSHt
+FqFvcsTeoQDA7/xdoYk0BxXStDoUuJV1joFxSUYdyIHL8ezHWhL2iWDkyJgaYcgt
+Eo9z7vidiLV/MHCXKbSrQy3c26cQR8e1JpsRhfvTJ486VbzqeBe4iRCjpBBgOcN/
+QiWp/oR/OF70PcOYPVa5uoEGVY1lEvBOI4gdmAwvbk9n/U5nOZG5AVISqp67esjq
+j0otGPhpmjqgyG7j3sbbvkxZ4M+8NE8ssO8+glrfaL64+8xfavI+ZtTGxfYLZ+lk
+hRWHYG/ctFsTb7Cb+PPawZGegV8Wyp4UAcEczirTyDwPvrE3qskIaCve+URsHpCk
+Erz1PEa9AgMBAAECggEARJH9cBeJfqoFp6LgYCd1yfq4aR1yvPl6gwR66aHLlSHz
+lXZdZbcuK+8aYEMQ2FvkjGkBjt1qonz13j5rNngtBMFVST4CiC0CrMH8S5LFMj/4
+PTTQR822F971QciKlFbE9rYzyrCIZpuuf8FMTK4p/P84NVmbvv/+IDAuAKJWSB3b
+TXVeYzqET/cENXrNZNsTMHVoPAudtsHXXa5w3yXJXhTlRQrjMtMHgV+H1O2iOvi5
+IAJUm2HVmGON9aqQKZlzYvx9txSBRczEwQK+fLPoXGEG/KhskiBPMU0y9a60SV5F
+Oi94zzBCOSf/k+C4+EhkvfSq727ZFs60zGcoEW7rzQKBgQD08umyOtqJEB6dk5hg
+RA1mc3qx332Li0Ep9ciPD0oOyt9H/pQBMYHlV4Vf26dmjxg7XMPqB38topjbnVcY
+r1QigQ8tnHXktcO1tUpx6MhTkN4sBH9dvZE4TdBiarlcThgnuCfZUhjyfyr715tR
+BIC8TA9bd/6oUaf/zd0S4aGcEwKBgQDDMnKe7PoDlHtjxaiDs8VLRRgNKocT/jaD
+SZ5j5a1e+fvIK+lqpW7pXT/AlBVvxC6ke2Zb1csgndgF0p45ZO9WsB5fV3x8AREM
+zIvrqpH4hdRBEF7o1syVDMXmTQLsPOLzj6B2UC5mpqoo2GkI9yyXpJhNR0kqzkDy
+Pclu3xZL7wKBgQCZsFAxI/w6Q4LyG8lfnVNLFOnG8RM0mwsn6K8OE+nDnka6RWFX
+3lhCLcfhfVBraR0rIelKzaleWMbQBMjBFEEV5SRA2gqele1V9YngLs6CoELGG4xO
+pMKZMTmuhogHAnjlcwaNtJUykdfGbGFnVAvyGUcJfSCrO5DNT72GO0vLQQKBgQCF
+WyPf2/r7Eygxg8qbH+h8ghnqdNGQIS9RBqzFhxapOpR/rzBrAdcCbAiwIvt6Pke3
+a+8Ecs2x3OTHJZufjovNZ8l4TaboeToSynQVb5UGezgFs4+D96wRcIaLzrVefEJ5
+L/jqm+D3lInQGfm4fFXkzDiZI0ijjAHm/btumc771QKBgBTu4KvY6rzgmHbymux1
++tr+xl3/Nb29XQJHpZV+hgFGg1+aWaR9c0WXz9mKovBanEUHJb5khqFQDFZuWMNG
+tNQ1JbwTXwxmAfVJbLYbSHnuePkh+qtpmTVa3H5NdRBI/062/Km6Rxcf5JljB8/J
+k+SqVxdKSTfaWxGqyyAZgVis
+-----END PRIVATE KEY-----
diff --git a/roles/thehive/files/logback.xml b/roles/thehive/files/logback.xml
new file mode 100644
index 0000000000000000000000000000000000000000..d7f5263595b7f2b0e8b007dec1877d41d6de1c73
--- /dev/null
+++ b/roles/thehive/files/logback.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration debug="true">
+
+ <conversionRule conversionWord="coloredLevel"
+ converterClass="play.api.libs.logback.ColoredLevel"/>
+
+ <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>/var/log/thehive/application.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>/var/log/logs/application.%i.log.zip</fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>10</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>10MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>%date [%level] from %logger in %thread [%X{request}|%X{tx}] %message%n%xException</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>%coloredLevel %logger{15} [%X{request}|%X{tx}] %message%n%xException{10}
+ </pattern>
+ </encoder>
+ </appender>
+
+ <appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="FILE"/>
+ </appender>
+
+ <appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="STDOUT"/>
+ </appender>
+
+ <logger name="org.thp" level="INFO"/>
+
+ <root level="DEBUG">
+ <appender-ref ref="ASYNCFILE"/>
+ <appender-ref ref="ASYNCSTDOUT"/>
+ </root>
+
+</configuration>
+
diff --git a/roles/thehive/files/thehivesecret b/roles/thehive/files/thehivesecret
new file mode 100644
index 0000000000000000000000000000000000000000..f00a8d57edd365f329d95494e2242fe9d7432dbe
--- /dev/null
+++ b/roles/thehive/files/thehivesecret
@@ -0,0 +1,3 @@
+{
+ "value" : "b832e3a9-0080-4f07-bc3d-6bbc67bce741"
+}
\ No newline at end of file
diff --git a/roles/thehive/tasks/createusers.yml b/roles/thehive/tasks/createusers.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b0fbcdd9ba24fb12fba0bed5dc16b50584f0fd4c
--- /dev/null
+++ b/roles/thehive/tasks/createusers.yml
@@ -0,0 +1,28 @@
+---
+# - name: create organisation
+# uri:
+# url: "https://{{dslproxy}}:9000/api/organisation"
+# method: POST
+# headers:
+# Authorization: "Bearer {{ THEHIVE_API_KEY }}"
+# body_format: form-urlencoded
+# body:
+# name: "{{ organisation }}"
+# description: "test"
+# status_code: 201
+# tags:
+# - create_org
+- name: generate json files for creating users
+ remote_user: root
+ template:
+ src: users.json
+ dest: /tmp/{{ item.username }}.json
+ with_items:
+ - "{{ THEHIVE_USERS }}"
+- name: create users
+ remote_user: root
+ shell: "curl -k -H 'Authorization: Bearer {{ THEHIVE_API_KEY }}' -H 'Content-Type: application/json' https://{{ dslproxy }}:9000/api/user -d @/tmp/{{ item.username}}.json"
+ args:
+ warn: false
+ with_items:
+ - "{{ THEHIVE_USERS }}"
diff --git a/roles/thehive/templates/users.json b/roles/thehive/templates/users.json
new file mode 100644
index 0000000000000000000000000000000000000000..b16eed70fd8aaf68302b82150ce4101c8acfa430
--- /dev/null
+++ b/roles/thehive/templates/users.json
@@ -0,0 +1,6 @@
+{
+ "login": "{{ item.username }}",
+ "name": "{{ item.name }} {{ item.surname }}",
+ "roles": {{ item.roles }},
+ "organisation": "{{ item.organization }}"
+}
diff --git a/roles/thehive/vars/users.yml b/roles/thehive/vars/users.yml
new file mode 100644
index 0000000000000000000000000000000000000000..07433e6a1cc8b18ac3b239d1d0dfc48715d22a6e
--- /dev/null
+++ b/roles/thehive/vars/users.yml
@@ -0,0 +1,16 @@
+---
+
+THEHIVE_API_KEY: "1gFdNhmUSxO3BRe1SBB5JYEvkW9UOo6s"
+THEHIVE_USERS:
+ - kiril:
+ username: "kiril"
+ name: "Kiril"
+ surname: "Kiroski"
+ roles: '["read", "write", "admin"]'
+ organization: "uninett.no"
+ - temur:
+ username: "temur"
+ name: "Temur"
+ surname: "Maisuradze"
+ roles: '["read", "write", "admin"]'
+ organization: "uninett.no"