-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathpeekaboo.conf.sample
94 lines (78 loc) · 3.39 KB
/
peekaboo.conf.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#
# Peekaboo configuration file
# Copyright (C) 2016-2022 science + computing ag
#
[global]
#user : peekaboo
# specific group to drop privileges to if not primary group of user
#group : <empty>
#host : 127.0.0.1
#port : 8100
# can be set to e.g. /run/peekaboo/peekaboo.pid to create a PID file in forking
# daemon mode
#pid_file : <empty>
#worker_count : 3
#processing_info_dir : /var/lib/peekaboo/malware_reports
# Configure the language to use for messages in the report returned to the
# client. If unset, falls back to system configuration using environment
# variables such as LANG. Defaults to English messages if neither is
# configured or no translation is found. Standard LANG variable identifiers
# such as de, de_DE or de_DE.ISO-8859-1 can be used. Standard gettext search
# order applies.
#report_locale : <unset>
# main configuration file may contain options in global section that configure
# drop-file read behaviour
# available format specifiers:
# - config_path: full path of the main configuration file
# - config_file: basename of the main configuration file
# - config_dir: directory containing the main configuration file
#drop_dir_template: {config_path}.d
# drop files are sorted lexicographically before being read. Therefore, a
# leading (constant length!) numbering or ordering scheme allows to govern read
# order. Making it part of the globbing pattern is not required and only
# provides some more robustness regarding stray files and typos.
#drop_file_glob: [0-9][0-9]-*.conf
[ruleset]
#config : /opt/peekaboo/etc/ruleset.conf
[analyzers]
#config: /opt/peekaboo/etc/analyzers.conf
#
# Logging configuration
#
[logging]
# log_level
# possible values: CRITICAL | ERROR | WARNING | INFO | DEBUG
#log_level : INFO
# note that any % must be escaped with another %.
#log_format : %%(asctime)s - %%(name)s - (%%(threadName)s) - %%(levelname)s - %%(message)s
# if you use systemd you don't want the timestamp
# log_format : %%(name)s - (%%(threadName)s) - %%(levelname)s - %%(message)s
#
# Database configuration
#
[db]
# SQLite
#url : sqlite:////var/lib/peekaboo/peekaboo.db
# MySQL (recommended)
# url : mysql://user:password@host/database
# PostgreSQL
# url : postgresql://user:password@host:port/database
# Enable additional logging by the SQLAlchemy database module beyond Peekaboo's
# own logging. Can be considered another set of debug logging even beyond
# Peekaboo's DEBUG log level.
#log_level : WARNING
[cluster]
# if multiple instances are to run in parallel and avoid concurrent analysis of
# the same sample, set instance_id to a nonzero positive unique integer value
# on each instance and use the same networked DBMS instance (MySQL or
# PostgreSQL) for all them. (SQLite is not a good choice for this.) Also, do
# make really, really sure to provide unique IDs. Two instances using the same
# ID will corrupt each others' records and there is no mechanism to detect this.
#instance_id: 0
# number of seconds after which in-flight markers of samples are to be
# removed/ignored, assuming that the instance processing them has crashed or
# been shut down.
#stale_in_flight_threshold: 900
# Interval in which to check if other instances of a Peekaboo cluster have
# finished processing samples we have held.
#duplicate_check_interval: 60