2014-08-06 09:43:40 +00:00
|
|
|
[Directories]
|
2014-08-20 14:00:56 +00:00
|
|
|
bloomfilters = Blooms
|
2016-08-09 12:23:36 +00:00
|
|
|
dicofilters = Dicos
|
2014-08-19 17:07:07 +00:00
|
|
|
pastes = PASTES
|
2018-07-19 14:50:42 +00:00
|
|
|
hash = HASHS
|
2018-08-09 15:42:21 +00:00
|
|
|
crawled = crawled
|
2021-01-08 16:37:18 +00:00
|
|
|
har = CRAWLED_SCREENSHOT
|
|
|
|
screenshot = CRAWLED_SCREENSHOT/screenshot
|
2023-11-15 13:12:50 +00:00
|
|
|
images = IMAGES
|
2016-07-15 07:08:38 +00:00
|
|
|
|
2014-08-20 14:00:56 +00:00
|
|
|
wordtrending_csv = var/www/static/csv/wordstrendingdata
|
|
|
|
wordsfile = files/wordfile
|
2014-08-06 09:43:40 +00:00
|
|
|
|
2016-07-15 07:08:38 +00:00
|
|
|
protocolstrending_csv = var/www/static/csv/protocolstrendingdata
|
|
|
|
protocolsfile = files/protocolsfile
|
|
|
|
|
|
|
|
tldstrending_csv = var/www/static/csv/tldstrendingdata
|
2016-07-22 07:32:13 +00:00
|
|
|
tldsfile = faup/src/data/mozilla.tlds
|
2016-07-15 07:08:38 +00:00
|
|
|
|
|
|
|
domainstrending_csv = var/www/static/csv/domainstrendingdata
|
|
|
|
|
2017-01-11 10:00:36 +00:00
|
|
|
sentiment_lexicon_file = sentiment/vader_lexicon.zip/vader_lexicon/vader_lexicon.txt
|
|
|
|
|
2023-04-14 12:43:07 +00:00
|
|
|
[Pystemon]
|
|
|
|
dir = /home/pystemon/pystemon/
|
|
|
|
redis_host = localhost
|
|
|
|
redis_port = 6379
|
|
|
|
redis_db = 10
|
|
|
|
|
2022-09-02 12:26:18 +00:00
|
|
|
##### Logs ######
|
|
|
|
[Logs]
|
2022-09-08 11:40:02 +00:00
|
|
|
# activate syslog
|
2022-09-02 12:26:18 +00:00
|
|
|
ail_logs_syslog = False
|
|
|
|
ail_logs_syslog_server =
|
2022-09-08 11:40:02 +00:00
|
|
|
# default=514
|
2022-09-02 12:26:18 +00:00
|
|
|
ail_logs_syslog_port =
|
2022-09-08 11:40:02 +00:00
|
|
|
# ['auth', 'authpriv', 'cron', 'daemon', 'ftp', 'kern', 'lpr', 'mail', 'news', 'syslog', 'user', 'uucp', 'local0', 'local1', 'local2', 'local3', 'local4', 'local5', 'local6', 'local7']
|
|
|
|
ail_logs_syslog_facility =
|
|
|
|
# ['DEBUG', 'INFO', 'NOTICE', 'WARNING', 'ERROR', 'CRITICAL']
|
|
|
|
ail_logs_syslog_level =
|
2022-09-02 12:26:18 +00:00
|
|
|
|
2018-02-27 14:12:02 +00:00
|
|
|
##### Notifications ######
|
|
|
|
[Notifications]
|
2024-02-07 14:14:12 +00:00
|
|
|
ail_domain = http://localhost:7000
|
2018-02-27 14:12:02 +00:00
|
|
|
sender = sender@example.com
|
|
|
|
sender_host = smtp.example.com
|
|
|
|
sender_port = 1337
|
2018-11-05 13:20:12 +00:00
|
|
|
sender_pw = None
|
2023-07-31 14:00:31 +00:00
|
|
|
# Only needed for SMTP over SSL if the mail server don't support TLS (used by default). use this option to validate the server certificate.
|
2023-07-28 09:10:21 +00:00
|
|
|
cert_required = False
|
2023-07-31 14:00:31 +00:00
|
|
|
# Only needed for SMTP over SSL if you want to validate your self signed certificate for SSL
|
2023-07-28 09:10:21 +00:00
|
|
|
ca_file =
|
2020-02-06 08:18:54 +00:00
|
|
|
# Only needed when the credentials for email server needs a username instead of an email address
|
|
|
|
#sender_user = sender
|
|
|
|
sender_user =
|
2018-03-30 09:35:37 +00:00
|
|
|
|
|
|
|
# optional for using with authenticated SMTP over SSL
|
|
|
|
# sender_pw = securepassword
|
2018-02-27 14:12:02 +00:00
|
|
|
|
2016-07-15 07:10:44 +00:00
|
|
|
##### Flask #####
|
|
|
|
[Flask]
|
2018-09-20 08:38:19 +00:00
|
|
|
#Proxying requests to the app
|
|
|
|
baseUrl = /
|
2020-07-06 15:09:42 +00:00
|
|
|
#Host to bind to
|
2024-02-07 14:14:12 +00:00
|
|
|
host = 0.0.0.0
|
2020-01-21 10:39:08 +00:00
|
|
|
#Flask server port
|
|
|
|
port = 7000
|
2018-08-07 11:07:08 +00:00
|
|
|
#Number of logs to display in the dashboard
|
|
|
|
max_dashboard_logs = 15
|
2016-07-15 07:08:38 +00:00
|
|
|
#Maximum number of character to display in the toolip
|
2018-02-27 15:16:57 +00:00
|
|
|
max_preview_char = 250
|
2016-07-15 07:08:38 +00:00
|
|
|
#Maximum number of character to display in the modal
|
2018-02-27 15:16:57 +00:00
|
|
|
max_preview_modal = 800
|
2016-07-15 07:08:38 +00:00
|
|
|
#Default number of header to display in trending graphs
|
|
|
|
default_display = 10
|
2016-08-09 12:23:36 +00:00
|
|
|
#Number of minutes displayed for the number of processed pastes.
|
|
|
|
minute_processed_paste = 10
|
2018-02-27 15:16:57 +00:00
|
|
|
#Maximum line length authorized to make a diff between duplicates
|
|
|
|
DiffMaxLineLength = 10000
|
|
|
|
|
2022-05-10 09:14:29 +00:00
|
|
|
[AIL_2_AIL]
|
|
|
|
server_host = 0.0.0.0
|
|
|
|
server_port = 4443
|
2022-05-10 11:24:32 +00:00
|
|
|
local_addr =
|
2022-05-10 09:14:29 +00:00
|
|
|
|
2018-02-27 15:16:57 +00:00
|
|
|
#### Modules ####
|
2018-07-26 13:31:58 +00:00
|
|
|
[BankAccount]
|
|
|
|
max_execution_time = 60
|
|
|
|
|
2018-02-27 15:16:57 +00:00
|
|
|
[Categ]
|
|
|
|
#Minimum number of match between the paste and the category file
|
|
|
|
matchingThreshold=1
|
|
|
|
|
|
|
|
[Credential]
|
|
|
|
#Minimum length that a credential must have to be considered as such
|
|
|
|
minimumLengthThreshold=3
|
|
|
|
#Will be pushed as alert if the number of credentials is greater to that number
|
|
|
|
criticalNumberToAlert=8
|
|
|
|
#Will be considered as false positive if less that X matches from the top password list
|
|
|
|
minTopPassList=5
|
2017-12-11 16:28:34 +00:00
|
|
|
|
2023-04-04 12:12:23 +00:00
|
|
|
[Decoder]
|
|
|
|
max_execution_time_base64 = 60
|
|
|
|
max_execution_time_binary = 60
|
|
|
|
max_execution_time_hexadecimal = 60
|
|
|
|
|
2019-01-29 08:46:03 +00:00
|
|
|
[Onion]
|
2021-05-14 12:42:16 +00:00
|
|
|
save_i2p = False
|
2019-01-29 08:46:03 +00:00
|
|
|
max_execution_time = 180
|
|
|
|
|
2019-05-14 15:49:31 +00:00
|
|
|
[PgpDump]
|
|
|
|
max_execution_time = 60
|
|
|
|
|
2016-07-18 13:50:41 +00:00
|
|
|
[Modules_Duplicates]
|
|
|
|
#Number of month to look back
|
|
|
|
maximum_month_range = 3
|
2016-08-09 12:23:36 +00:00
|
|
|
#The value where two pastes are considerate duplicate for ssdeep.
|
|
|
|
threshold_duplicate_ssdeep = 50
|
|
|
|
#The value where two pastes are considerate duplicate for tlsh.
|
2018-05-09 11:03:46 +00:00
|
|
|
threshold_duplicate_tlsh = 52
|
2016-07-18 13:52:53 +00:00
|
|
|
#Minimum size of the paste considered
|
|
|
|
min_paste_size = 0.3
|
2016-07-18 13:50:41 +00:00
|
|
|
|
2016-12-22 09:06:35 +00:00
|
|
|
[Module_ModuleInformation]
|
|
|
|
#Threshold to deduce if a module is stuck or not, in seconds.
|
|
|
|
threshold_stucked_module=600
|
2016-07-21 12:59:52 +00:00
|
|
|
|
2016-12-23 09:31:26 +00:00
|
|
|
[Module_Mixer]
|
2018-02-27 15:16:57 +00:00
|
|
|
#Define the configuration of the mixer, possible value: 1, 2 or 3
|
|
|
|
operation_mode = 3
|
2016-12-23 09:31:26 +00:00
|
|
|
#Define the time that a paste will be considerate duplicate. in seconds (1day = 86400)
|
|
|
|
ttl_duplicate = 86400
|
2018-11-09 14:26:26 +00:00
|
|
|
default_unnamed_feed_name = unnamed_feeder
|
2016-12-23 09:31:26 +00:00
|
|
|
|
2021-06-02 14:04:52 +00:00
|
|
|
[Tracker_Term]
|
2019-08-09 12:20:13 +00:00
|
|
|
max_execution_time = 120
|
|
|
|
|
2021-06-02 14:53:17 +00:00
|
|
|
[Tracker_Regex]
|
2018-10-09 07:32:32 +00:00
|
|
|
max_execution_time = 60
|
|
|
|
|
2014-08-06 09:43:40 +00:00
|
|
|
##### Redis #####
|
|
|
|
[Redis_Cache]
|
|
|
|
host = localhost
|
|
|
|
port = 6379
|
|
|
|
db = 0
|
|
|
|
|
2014-12-22 15:50:25 +00:00
|
|
|
[Redis_Log]
|
|
|
|
host = localhost
|
|
|
|
port = 6380
|
|
|
|
db = 0
|
|
|
|
|
2018-06-05 14:58:04 +00:00
|
|
|
[Redis_Log_submit]
|
|
|
|
host = localhost
|
|
|
|
port = 6380
|
|
|
|
db = 1
|
|
|
|
|
2014-08-06 09:43:40 +00:00
|
|
|
[Redis_Queues]
|
|
|
|
host = localhost
|
|
|
|
port = 6381
|
2014-09-05 08:41:00 +00:00
|
|
|
db = 0
|
2014-08-06 09:43:40 +00:00
|
|
|
|
2023-09-07 08:38:03 +00:00
|
|
|
[Redis_Process]
|
|
|
|
host = localhost
|
|
|
|
port = 6381
|
|
|
|
db = 2
|
|
|
|
|
2017-01-09 13:12:26 +00:00
|
|
|
[Redis_Mixer_Cache]
|
2016-12-23 09:31:26 +00:00
|
|
|
host = localhost
|
|
|
|
port = 6381
|
|
|
|
db = 1
|
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
##### KVROCKS #####
|
2016-07-15 07:08:38 +00:00
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
[Kvrocks_DB]
|
2019-09-12 11:25:29 +00:00
|
|
|
host = localhost
|
2023-04-04 09:50:48 +00:00
|
|
|
port = 6383
|
|
|
|
password = ail
|
2019-09-12 11:25:29 +00:00
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
[Kvrocks_Duplicates]
|
2014-08-06 09:43:40 +00:00
|
|
|
host = localhost
|
2023-04-04 09:50:48 +00:00
|
|
|
port = 6383
|
|
|
|
password = ail_dups
|
2014-08-06 09:43:40 +00:00
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
[Kvrocks_Correlations]
|
2018-05-09 11:03:46 +00:00
|
|
|
host = localhost
|
2023-04-04 09:50:48 +00:00
|
|
|
port = 6383
|
|
|
|
password = ail_correls
|
2018-05-09 11:03:46 +00:00
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
[Kvrocks_Crawler]
|
2018-05-15 21:28:47 +00:00
|
|
|
host = localhost
|
2023-04-04 09:50:48 +00:00
|
|
|
port = 6383
|
|
|
|
password = ail_crawlers
|
2018-05-15 21:28:47 +00:00
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
[Kvrocks_Objects]
|
2018-06-19 13:09:26 +00:00
|
|
|
host = localhost
|
2023-04-04 09:50:48 +00:00
|
|
|
port = 6383
|
|
|
|
password = ail_objs
|
2018-06-19 13:09:26 +00:00
|
|
|
|
2024-01-26 14:42:46 +00:00
|
|
|
[Kvrocks_Relationships]
|
|
|
|
host = localhost
|
|
|
|
port = 6383
|
|
|
|
password = ail_rels
|
|
|
|
|
2023-08-18 09:05:21 +00:00
|
|
|
[Kvrocks_Timeline]
|
|
|
|
host = localhost
|
|
|
|
port = 6383
|
|
|
|
password = ail_tls
|
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
[Kvrocks_Stats]
|
2018-08-09 15:42:21 +00:00
|
|
|
host = localhost
|
2023-04-04 09:50:48 +00:00
|
|
|
port = 6383
|
|
|
|
password = ail_stats
|
2018-08-09 15:42:21 +00:00
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
[Kvrocks_Tags]
|
2020-02-18 16:02:00 +00:00
|
|
|
host = localhost
|
2023-04-04 09:50:48 +00:00
|
|
|
port = 6383
|
|
|
|
password = ail_tags
|
2020-02-18 16:02:00 +00:00
|
|
|
|
2023-04-04 09:50:48 +00:00
|
|
|
[Kvrocks_Trackers]
|
2021-01-08 16:37:18 +00:00
|
|
|
host = localhost
|
|
|
|
port = 6383
|
2023-04-04 09:50:48 +00:00
|
|
|
password = ail_trackers
|
|
|
|
|
|
|
|
##### - #####
|
2021-01-08 16:37:18 +00:00
|
|
|
|
2014-12-22 15:29:05 +00:00
|
|
|
[Url]
|
|
|
|
cc_critical = DE
|
2014-08-11 09:04:09 +00:00
|
|
|
|
2014-09-17 15:19:03 +00:00
|
|
|
[DomClassifier]
|
2024-01-09 10:38:54 +00:00
|
|
|
#cc = DE
|
|
|
|
#cc_tld = r'\.de$'
|
|
|
|
cc =
|
|
|
|
cc_tld =
|
2018-05-02 15:07:10 +00:00
|
|
|
dns = 8.8.8.8
|
|
|
|
|
2024-01-09 10:38:54 +00:00
|
|
|
|
2018-05-02 15:07:10 +00:00
|
|
|
[Mail]
|
|
|
|
dns = 8.8.8.8
|
2014-09-17 15:19:03 +00:00
|
|
|
|
2014-08-11 09:04:09 +00:00
|
|
|
# Indexer configuration
|
|
|
|
[Indexer]
|
|
|
|
type = whoosh
|
2014-08-20 14:00:56 +00:00
|
|
|
path = indexdir
|
2017-03-15 15:36:51 +00:00
|
|
|
register = indexdir/all_index.txt
|
2017-03-15 11:14:41 +00:00
|
|
|
#size in Mb
|
|
|
|
index_max_size = 2000
|
2014-08-29 17:37:56 +00:00
|
|
|
|
2017-11-23 06:13:44 +00:00
|
|
|
[ailleakObject]
|
|
|
|
maxDuplicateToPushToMISP=10
|
|
|
|
|
2014-08-29 17:37:56 +00:00
|
|
|
###############################################################################
|
|
|
|
|
2016-12-23 09:31:26 +00:00
|
|
|
# For multiple feed, add them with "," without space
|
|
|
|
# e.g.: tcp://127.0.0.1:5556,tcp://127.0.0.1:5557
|
2014-08-29 17:37:56 +00:00
|
|
|
[ZMQ_Global]
|
2022-08-08 08:36:13 +00:00
|
|
|
# address = tcp://127.0.0.1:5556,tcp://crf.circl.lu:5556
|
|
|
|
address = tcp://127.0.0.1:5556
|
2014-08-29 17:37:56 +00:00
|
|
|
channel = 102
|
2017-01-13 13:54:43 +00:00
|
|
|
bind = tcp://127.0.0.1:5556
|
2014-08-29 17:37:56 +00:00
|
|
|
|
2014-12-22 15:29:05 +00:00
|
|
|
[RedisPubSub]
|
|
|
|
host = localhost
|
|
|
|
port = 6381
|
|
|
|
db = 0
|
2018-08-09 15:42:21 +00:00
|
|
|
|
|
|
|
[Crawler]
|
2018-10-02 12:17:58 +00:00
|
|
|
activate_crawler = False
|
2022-10-25 14:25:19 +00:00
|
|
|
default_depth_limit = 1
|
|
|
|
default_har = True
|
|
|
|
default_screenshot = True
|
|
|
|
onion_proxy = onion.foundation
|
2023-12-07 10:28:35 +00:00
|
|
|
ail_url_to_push_onion_discovery =
|
|
|
|
ail_key_to_push_onion_discovery =
|
2019-09-24 08:27:56 +00:00
|
|
|
|
2023-12-04 14:47:58 +00:00
|
|
|
[Translation]
|
|
|
|
libretranslate =
|
2019-09-24 08:27:56 +00:00
|
|
|
|
2019-09-23 16:22:25 +00:00
|
|
|
[IP]
|
2019-09-24 08:27:56 +00:00
|
|
|
# list of comma-separated CIDR that you wish to be alerted for. e.g:
|
|
|
|
#networks = 192.168.34.0/24,10.0.0.0/8,192.168.33.0/24
|
|
|
|
networks =
|
2021-04-28 13:24:33 +00:00
|
|
|
|
|
|
|
[SubmitPaste]
|
|
|
|
# 1 Mb Max text paste size for text submission
|
|
|
|
TEXT_MAX_SIZE = 1000000
|
|
|
|
# 1 Gb Max file size for file submission
|
|
|
|
FILE_MAX_SIZE = 1000000000
|
|
|
|
# Managed file extenions for file submission, comma separated
|
2021-04-28 15:44:32 +00:00
|
|
|
# TODO add zip, gz and tar.gz
|
2023-05-10 07:38:16 +00:00
|
|
|
FILE_ALLOWED_EXTENSIONS = txt,sh,pdf,html,json
|