ail-framework/configs/core.cfg.sample

291 lines
6.2 KiB
Text
Raw Normal View History

[Directories]
bloomfilters = Blooms
2016-08-09 12:23:36 +00:00
dicofilters = Dicos
2014-08-19 17:07:07 +00:00
pastes = PASTES
hash = HASHS
2018-08-09 15:42:21 +00:00
crawled = crawled
har = CRAWLED_SCREENSHOT
screenshot = CRAWLED_SCREENSHOT/screenshot
images = IMAGES
2016-07-15 07:08:38 +00:00
wordtrending_csv = var/www/static/csv/wordstrendingdata
wordsfile = files/wordfile
2016-07-15 07:08:38 +00:00
protocolstrending_csv = var/www/static/csv/protocolstrendingdata
protocolsfile = files/protocolsfile
tldstrending_csv = var/www/static/csv/tldstrendingdata
2016-07-22 07:32:13 +00:00
tldsfile = faup/src/data/mozilla.tlds
2016-07-15 07:08:38 +00:00
domainstrending_csv = var/www/static/csv/domainstrendingdata
sentiment_lexicon_file = sentiment/vader_lexicon.zip/vader_lexicon/vader_lexicon.txt
[Pystemon]
dir = /home/pystemon/pystemon/
redis_host = localhost
redis_port = 6379
redis_db = 10
2022-09-02 12:26:18 +00:00
##### Logs ######
[Logs]
# activate syslog
2022-09-02 12:26:18 +00:00
ail_logs_syslog = False
ail_logs_syslog_server =
# default=514
2022-09-02 12:26:18 +00:00
ail_logs_syslog_port =
# ['auth', 'authpriv', 'cron', 'daemon', 'ftp', 'kern', 'lpr', 'mail', 'news', 'syslog', 'user', 'uucp', 'local0', 'local1', 'local2', 'local3', 'local4', 'local5', 'local6', 'local7']
ail_logs_syslog_facility =
# ['DEBUG', 'INFO', 'NOTICE', 'WARNING', 'ERROR', 'CRITICAL']
ail_logs_syslog_level =
2022-09-02 12:26:18 +00:00
##### Notifications ######
[Notifications]
2024-02-07 14:14:12 +00:00
ail_domain = http://localhost:7000
sender = sender@example.com
sender_host = smtp.example.com
sender_port = 1337
2018-11-05 13:20:12 +00:00
sender_pw = None
2023-07-31 14:00:31 +00:00
# Only needed for SMTP over SSL if the mail server don't support TLS (used by default). use this option to validate the server certificate.
cert_required = False
2023-07-31 14:00:31 +00:00
# Only needed for SMTP over SSL if you want to validate your self signed certificate for SSL
ca_file =
# Only needed when the credentials for email server needs a username instead of an email address
#sender_user = sender
sender_user =
2018-03-30 09:35:37 +00:00
# optional for using with authenticated SMTP over SSL
# sender_pw = securepassword
2016-07-15 07:10:44 +00:00
##### Flask #####
[Flask]
#Proxying requests to the app
baseUrl = /
2020-07-06 15:09:42 +00:00
#Host to bind to
2024-02-07 14:14:12 +00:00
host = 0.0.0.0
#Flask server port
port = 7000
2018-08-07 11:07:08 +00:00
#Number of logs to display in the dashboard
max_dashboard_logs = 15
2016-07-15 07:08:38 +00:00
#Maximum number of character to display in the toolip
max_preview_char = 250
2016-07-15 07:08:38 +00:00
#Maximum number of character to display in the modal
max_preview_modal = 800
2016-07-15 07:08:38 +00:00
#Default number of header to display in trending graphs
default_display = 10
2016-08-09 12:23:36 +00:00
#Number of minutes displayed for the number of processed pastes.
minute_processed_paste = 10
#Maximum line length authorized to make a diff between duplicates
DiffMaxLineLength = 10000
[AIL_2_AIL]
server_host = 0.0.0.0
server_port = 4443
local_addr =
#### Modules ####
2018-07-26 13:31:58 +00:00
[BankAccount]
max_execution_time = 60
[Categ]
#Minimum number of match between the paste and the category file
matchingThreshold=1
[Credential]
#Minimum length that a credential must have to be considered as such
minimumLengthThreshold=3
#Will be pushed as alert if the number of credentials is greater to that number
criticalNumberToAlert=8
#Will be considered as false positive if less that X matches from the top password list
minTopPassList=5
2023-04-04 12:12:23 +00:00
[Decoder]
max_execution_time_base64 = 60
max_execution_time_binary = 60
max_execution_time_hexadecimal = 60
2019-01-29 08:46:03 +00:00
[Onion]
save_i2p = False
2019-01-29 08:46:03 +00:00
max_execution_time = 180
[PgpDump]
max_execution_time = 60
[Modules_Duplicates]
#Number of month to look back
maximum_month_range = 3
2016-08-09 12:23:36 +00:00
#The value where two pastes are considerate duplicate for ssdeep.
threshold_duplicate_ssdeep = 50
#The value where two pastes are considerate duplicate for tlsh.
2018-05-09 11:03:46 +00:00
threshold_duplicate_tlsh = 52
2016-07-18 13:52:53 +00:00
#Minimum size of the paste considered
min_paste_size = 0.3
2016-12-22 09:06:35 +00:00
[Module_ModuleInformation]
#Threshold to deduce if a module is stuck or not, in seconds.
threshold_stucked_module=600
[Module_Mixer]
#Define the configuration of the mixer, possible value: 1, 2 or 3
operation_mode = 3
#Define the time that a paste will be considerate duplicate. in seconds (1day = 86400)
ttl_duplicate = 86400
default_unnamed_feed_name = unnamed_feeder
[Tracker_Term]
max_execution_time = 120
[Tracker_Regex]
max_execution_time = 60
##### Redis #####
[Redis_Cache]
host = localhost
port = 6379
db = 0
2014-12-22 15:50:25 +00:00
[Redis_Log]
host = localhost
port = 6380
db = 0
2018-06-05 14:58:04 +00:00
[Redis_Log_submit]
host = localhost
port = 6380
db = 1
[Redis_Queues]
host = localhost
port = 6381
db = 0
2023-09-07 08:38:03 +00:00
[Redis_Process]
host = localhost
port = 6381
db = 2
[Redis_Mixer_Cache]
host = localhost
port = 6381
db = 1
##### KVROCKS #####
2016-07-15 07:08:38 +00:00
[Kvrocks_DB]
host = localhost
port = 6383
password = ail
[Kvrocks_Duplicates]
host = localhost
port = 6383
password = ail_dups
[Kvrocks_Correlations]
2018-05-09 11:03:46 +00:00
host = localhost
port = 6383
password = ail_correls
2018-05-09 11:03:46 +00:00
[Kvrocks_Crawler]
host = localhost
port = 6383
password = ail_crawlers
[Kvrocks_Objects]
2018-06-19 13:09:26 +00:00
host = localhost
port = 6383
password = ail_objs
2018-06-19 13:09:26 +00:00
[Kvrocks_Relationships]
host = localhost
port = 6383
password = ail_rels
[Kvrocks_Timeline]
host = localhost
port = 6383
password = ail_tls
[Kvrocks_Stats]
2018-08-09 15:42:21 +00:00
host = localhost
port = 6383
password = ail_stats
2018-08-09 15:42:21 +00:00
[Kvrocks_Tags]
host = localhost
port = 6383
password = ail_tags
[Kvrocks_Trackers]
host = localhost
port = 6383
password = ail_trackers
##### - #####
[Url]
cc_critical = DE
[DomClassifier]
2024-01-09 10:38:54 +00:00
#cc = DE
#cc_tld = r'\.de$'
cc =
cc_tld =
dns = 8.8.8.8
2024-01-09 10:38:54 +00:00
[Mail]
dns = 8.8.8.8
# Indexer configuration
[Indexer]
type = whoosh
path = indexdir
register = indexdir/all_index.txt
2017-03-15 11:14:41 +00:00
#size in Mb
index_max_size = 2000
[ailleakObject]
maxDuplicateToPushToMISP=10
###############################################################################
# For multiple feed, add them with "," without space
# e.g.: tcp://127.0.0.1:5556,tcp://127.0.0.1:5557
[ZMQ_Global]
# address = tcp://127.0.0.1:5556,tcp://crf.circl.lu:5556
address = tcp://127.0.0.1:5556
channel = 102
bind = tcp://127.0.0.1:5556
[RedisPubSub]
host = localhost
port = 6381
db = 0
2018-08-09 15:42:21 +00:00
[Crawler]
activate_crawler = False
default_depth_limit = 1
default_har = True
default_screenshot = True
onion_proxy = onion.foundation
ail_url_to_push_onion_discovery =
ail_key_to_push_onion_discovery =
[Translation]
libretranslate =
2019-09-23 16:22:25 +00:00
[IP]
# list of comma-separated CIDR that you wish to be alerted for. e.g:
#networks = 192.168.34.0/24,10.0.0.0/8,192.168.33.0/24
networks =
2021-04-28 13:24:33 +00:00
[SubmitPaste]
# 1 Mb Max text paste size for text submission
TEXT_MAX_SIZE = 1000000
# 1 Gb Max file size for file submission
FILE_MAX_SIZE = 1000000000
# Managed file extenions for file submission, comma separated
# TODO add zip, gz and tar.gz
2023-05-10 07:38:16 +00:00
FILE_ALLOWED_EXTENSIONS = txt,sh,pdf,html,json