2014-08-06 11:43:40 +02:00
|
|
|
[Directories]
|
2014-08-20 16:00:56 +02:00
|
|
|
bloomfilters = Blooms
|
2016-08-09 14:23:36 +02:00
|
|
|
dicofilters = Dicos
|
2014-08-19 19:07:07 +02:00
|
|
|
pastes = PASTES
|
2018-07-19 16:50:42 +02:00
|
|
|
hash = HASHS
|
2018-08-09 17:42:21 +02:00
|
|
|
crawled = crawled
|
2021-01-08 17:37:18 +01:00
|
|
|
har = CRAWLED_SCREENSHOT
|
|
|
|
screenshot = CRAWLED_SCREENSHOT/screenshot
|
2016-07-15 09:08:38 +02:00
|
|
|
|
2014-08-20 16:00:56 +02:00
|
|
|
wordtrending_csv = var/www/static/csv/wordstrendingdata
|
|
|
|
wordsfile = files/wordfile
|
2014-08-06 11:43:40 +02:00
|
|
|
|
2016-07-15 09:08:38 +02:00
|
|
|
protocolstrending_csv = var/www/static/csv/protocolstrendingdata
|
|
|
|
protocolsfile = files/protocolsfile
|
|
|
|
|
|
|
|
tldstrending_csv = var/www/static/csv/tldstrendingdata
|
2016-07-22 09:32:13 +02:00
|
|
|
tldsfile = faup/src/data/mozilla.tlds
|
2016-07-15 09:08:38 +02:00
|
|
|
|
|
|
|
domainstrending_csv = var/www/static/csv/domainstrendingdata
|
|
|
|
|
2017-01-11 11:00:36 +01:00
|
|
|
sentiment_lexicon_file = sentiment/vader_lexicon.zip/vader_lexicon/vader_lexicon.txt
|
|
|
|
|
2023-04-14 14:43:07 +02:00
|
|
|
[Pystemon]
|
|
|
|
dir = /home/pystemon/pystemon/
|
|
|
|
redis_host = localhost
|
|
|
|
redis_port = 6379
|
|
|
|
redis_db = 10
|
|
|
|
|
2022-09-02 14:26:18 +02:00
|
|
|
##### Logs ######
|
|
|
|
[Logs]
|
2022-09-08 13:40:02 +02:00
|
|
|
# activate syslog
|
2022-09-02 14:26:18 +02:00
|
|
|
ail_logs_syslog = False
|
|
|
|
ail_logs_syslog_server =
|
2022-09-08 13:40:02 +02:00
|
|
|
# default=514
|
2022-09-02 14:26:18 +02:00
|
|
|
ail_logs_syslog_port =
|
2022-09-08 13:40:02 +02:00
|
|
|
# ['auth', 'authpriv', 'cron', 'daemon', 'ftp', 'kern', 'lpr', 'mail', 'news', 'syslog', 'user', 'uucp', 'local0', 'local1', 'local2', 'local3', 'local4', 'local5', 'local6', 'local7']
|
|
|
|
ail_logs_syslog_facility =
|
|
|
|
# ['DEBUG', 'INFO', 'NOTICE', 'WARNING', 'ERROR', 'CRITICAL']
|
|
|
|
ail_logs_syslog_level =
|
2022-09-02 14:26:18 +02:00
|
|
|
|
2018-02-27 15:12:02 +01:00
|
|
|
##### Notifications ######
|
|
|
|
[Notifications]
|
2019-08-07 12:08:24 +02:00
|
|
|
ail_domain = https://localhost:7000
|
2018-02-27 15:12:02 +01:00
|
|
|
sender = sender@example.com
|
|
|
|
sender_host = smtp.example.com
|
|
|
|
sender_port = 1337
|
2018-11-05 14:20:12 +01:00
|
|
|
sender_pw = None
|
2020-02-06 09:18:54 +01:00
|
|
|
# Only needed when the credentials for email server needs a username instead of an email address
|
|
|
|
#sender_user = sender
|
|
|
|
sender_user =
|
2018-03-30 11:35:37 +02:00
|
|
|
|
|
|
|
# optional for using with authenticated SMTP over SSL
|
|
|
|
# sender_pw = securepassword
|
2018-02-27 15:12:02 +01:00
|
|
|
|
2016-07-15 09:10:44 +02:00
|
|
|
##### Flask #####
|
|
|
|
[Flask]
|
2018-09-20 10:38:19 +02:00
|
|
|
#Proxying requests to the app
|
|
|
|
baseUrl = /
|
2020-07-06 17:09:42 +02:00
|
|
|
#Host to bind to
|
2020-09-04 09:42:34 +02:00
|
|
|
host = 127.0.0.1
|
2020-01-21 11:39:08 +01:00
|
|
|
#Flask server port
|
|
|
|
port = 7000
|
2018-08-07 13:07:08 +02:00
|
|
|
#Number of logs to display in the dashboard
|
|
|
|
max_dashboard_logs = 15
|
2016-07-15 09:08:38 +02:00
|
|
|
#Maximum number of character to display in the toolip
|
2018-02-27 16:16:57 +01:00
|
|
|
max_preview_char = 250
|
2016-07-15 09:08:38 +02:00
|
|
|
#Maximum number of character to display in the modal
|
2018-02-27 16:16:57 +01:00
|
|
|
max_preview_modal = 800
|
2016-07-15 09:08:38 +02:00
|
|
|
#Default number of header to display in trending graphs
|
|
|
|
default_display = 10
|
2016-08-09 14:23:36 +02:00
|
|
|
#Number of minutes displayed for the number of processed pastes.
|
|
|
|
minute_processed_paste = 10
|
2018-02-27 16:16:57 +01:00
|
|
|
#Maximum line length authorized to make a diff between duplicates
|
|
|
|
DiffMaxLineLength = 10000
|
|
|
|
|
2022-05-10 11:14:29 +02:00
|
|
|
[AIL_2_AIL]
|
|
|
|
server_host = 0.0.0.0
|
|
|
|
server_port = 4443
|
2022-05-10 13:24:32 +02:00
|
|
|
local_addr =
|
2022-05-10 11:14:29 +02:00
|
|
|
|
2018-02-27 16:16:57 +01:00
|
|
|
#### Modules ####
|
2018-07-26 15:31:58 +02:00
|
|
|
[BankAccount]
|
|
|
|
max_execution_time = 60
|
|
|
|
|
2018-02-27 16:16:57 +01:00
|
|
|
[Categ]
|
|
|
|
#Minimum number of match between the paste and the category file
|
|
|
|
matchingThreshold=1
|
|
|
|
|
|
|
|
[Credential]
|
|
|
|
#Minimum length that a credential must have to be considered as such
|
|
|
|
minimumLengthThreshold=3
|
|
|
|
#Will be pushed as alert if the number of credentials is greater to that number
|
|
|
|
criticalNumberToAlert=8
|
|
|
|
#Will be considered as false positive if less that X matches from the top password list
|
|
|
|
minTopPassList=5
|
2017-12-11 17:28:34 +01:00
|
|
|
|
2023-04-04 14:12:23 +02:00
|
|
|
[Decoder]
|
|
|
|
max_execution_time_base64 = 60
|
|
|
|
max_execution_time_binary = 60
|
|
|
|
max_execution_time_hexadecimal = 60
|
|
|
|
|
2019-01-29 09:46:03 +01:00
|
|
|
[Onion]
|
2021-05-14 14:42:16 +02:00
|
|
|
save_i2p = False
|
2019-01-29 09:46:03 +01:00
|
|
|
max_execution_time = 180
|
|
|
|
|
2019-05-14 17:49:31 +02:00
|
|
|
[PgpDump]
|
|
|
|
max_execution_time = 60
|
|
|
|
|
2016-07-18 15:50:41 +02:00
|
|
|
[Modules_Duplicates]
|
|
|
|
#Number of month to look back
|
|
|
|
maximum_month_range = 3
|
2016-08-09 14:23:36 +02:00
|
|
|
#The value where two pastes are considerate duplicate for ssdeep.
|
|
|
|
threshold_duplicate_ssdeep = 50
|
|
|
|
#The value where two pastes are considerate duplicate for tlsh.
|
2018-05-09 13:03:46 +02:00
|
|
|
threshold_duplicate_tlsh = 52
|
2016-07-18 15:52:53 +02:00
|
|
|
#Minimum size of the paste considered
|
|
|
|
min_paste_size = 0.3
|
2016-07-18 15:50:41 +02:00
|
|
|
|
2016-12-22 10:06:35 +01:00
|
|
|
[Module_ModuleInformation]
|
|
|
|
#Threshold to deduce if a module is stuck or not, in seconds.
|
|
|
|
threshold_stucked_module=600
|
2016-07-21 14:59:52 +02:00
|
|
|
|
2016-12-23 10:31:26 +01:00
|
|
|
[Module_Mixer]
|
2018-02-27 16:16:57 +01:00
|
|
|
#Define the configuration of the mixer, possible value: 1, 2 or 3
|
|
|
|
operation_mode = 3
|
2016-12-23 10:31:26 +01:00
|
|
|
#Define the time that a paste will be considerate duplicate. in seconds (1day = 86400)
|
|
|
|
ttl_duplicate = 86400
|
2018-11-09 15:26:26 +01:00
|
|
|
default_unnamed_feed_name = unnamed_feeder
|
2016-12-23 10:31:26 +01:00
|
|
|
|
2021-06-02 16:04:52 +02:00
|
|
|
[Tracker_Term]
|
2019-08-09 14:20:13 +02:00
|
|
|
max_execution_time = 120
|
|
|
|
|
2021-06-02 16:53:17 +02:00
|
|
|
[Tracker_Regex]
|
2018-10-09 09:32:32 +02:00
|
|
|
max_execution_time = 60
|
|
|
|
|
2014-08-06 11:43:40 +02:00
|
|
|
##### Redis #####
|
|
|
|
[Redis_Cache]
|
|
|
|
host = localhost
|
|
|
|
port = 6379
|
|
|
|
db = 0
|
|
|
|
|
2014-12-22 16:50:25 +01:00
|
|
|
[Redis_Log]
|
|
|
|
host = localhost
|
|
|
|
port = 6380
|
|
|
|
db = 0
|
|
|
|
|
2018-06-05 16:58:04 +02:00
|
|
|
[Redis_Log_submit]
|
|
|
|
host = localhost
|
|
|
|
port = 6380
|
|
|
|
db = 1
|
|
|
|
|
2014-08-06 11:43:40 +02:00
|
|
|
[Redis_Queues]
|
|
|
|
host = localhost
|
|
|
|
port = 6381
|
2014-09-05 10:41:00 +02:00
|
|
|
db = 0
|
2014-08-06 11:43:40 +02:00
|
|
|
|
2017-01-09 14:12:26 +01:00
|
|
|
[Redis_Mixer_Cache]
|
2016-12-23 10:31:26 +01:00
|
|
|
host = localhost
|
|
|
|
port = 6381
|
|
|
|
db = 1
|
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
##### KVROCKS #####
|
2016-07-15 09:08:38 +02:00
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
[Kvrocks_DB]
|
2019-09-12 13:25:29 +02:00
|
|
|
host = localhost
|
2023-04-04 11:50:48 +02:00
|
|
|
port = 6383
|
|
|
|
password = ail
|
2019-09-12 13:25:29 +02:00
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
[Kvrocks_Duplicates]
|
2014-08-06 11:43:40 +02:00
|
|
|
host = localhost
|
2023-04-04 11:50:48 +02:00
|
|
|
port = 6383
|
|
|
|
password = ail_dups
|
2014-08-06 11:43:40 +02:00
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
[Kvrocks_Correlations]
|
2018-05-09 13:03:46 +02:00
|
|
|
host = localhost
|
2023-04-04 11:50:48 +02:00
|
|
|
port = 6383
|
|
|
|
password = ail_correls
|
2018-05-09 13:03:46 +02:00
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
[Kvrocks_Crawler]
|
2018-05-15 23:28:47 +02:00
|
|
|
host = localhost
|
2023-04-04 11:50:48 +02:00
|
|
|
port = 6383
|
|
|
|
password = ail_crawlers
|
2018-05-15 23:28:47 +02:00
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
[Kvrocks_Objects]
|
2018-06-19 15:09:26 +02:00
|
|
|
host = localhost
|
2023-04-04 11:50:48 +02:00
|
|
|
port = 6383
|
|
|
|
password = ail_objs
|
2018-06-19 15:09:26 +02:00
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
[Kvrocks_Stats]
|
2018-08-09 17:42:21 +02:00
|
|
|
host = localhost
|
2023-04-04 11:50:48 +02:00
|
|
|
port = 6383
|
|
|
|
password = ail_stats
|
2018-08-09 17:42:21 +02:00
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
[Kvrocks_Tags]
|
2020-02-18 17:02:00 +01:00
|
|
|
host = localhost
|
2023-04-04 11:50:48 +02:00
|
|
|
port = 6383
|
|
|
|
password = ail_tags
|
2020-02-18 17:02:00 +01:00
|
|
|
|
2023-04-04 11:50:48 +02:00
|
|
|
[Kvrocks_Trackers]
|
2021-01-08 17:37:18 +01:00
|
|
|
host = localhost
|
|
|
|
port = 6383
|
2023-04-04 11:50:48 +02:00
|
|
|
password = ail_trackers
|
|
|
|
|
|
|
|
##### - #####
|
2021-01-08 17:37:18 +01:00
|
|
|
|
2014-12-22 16:29:05 +01:00
|
|
|
[Url]
|
|
|
|
cc_critical = DE
|
2014-08-11 11:04:09 +02:00
|
|
|
|
2014-09-17 17:19:03 +02:00
|
|
|
[DomClassifier]
|
|
|
|
cc = DE
|
|
|
|
cc_tld = r'\.de$'
|
2018-05-02 17:07:10 +02:00
|
|
|
dns = 8.8.8.8
|
|
|
|
|
|
|
|
[Mail]
|
|
|
|
dns = 8.8.8.8
|
2014-09-17 17:19:03 +02:00
|
|
|
|
2014-08-11 11:04:09 +02:00
|
|
|
# Indexer configuration
|
|
|
|
[Indexer]
|
|
|
|
type = whoosh
|
2014-08-20 16:00:56 +02:00
|
|
|
path = indexdir
|
2017-03-15 16:36:51 +01:00
|
|
|
register = indexdir/all_index.txt
|
2017-03-15 12:14:41 +01:00
|
|
|
#size in Mb
|
|
|
|
index_max_size = 2000
|
2014-08-29 19:37:56 +02:00
|
|
|
|
2017-11-23 07:13:44 +01:00
|
|
|
[ailleakObject]
|
|
|
|
maxDuplicateToPushToMISP=10
|
|
|
|
|
2014-08-29 19:37:56 +02:00
|
|
|
###############################################################################
|
|
|
|
|
2016-12-23 10:31:26 +01:00
|
|
|
# For multiple feed, add them with "," without space
|
|
|
|
# e.g.: tcp://127.0.0.1:5556,tcp://127.0.0.1:5557
|
2014-08-29 19:37:56 +02:00
|
|
|
[ZMQ_Global]
|
2022-08-08 10:36:13 +02:00
|
|
|
# address = tcp://127.0.0.1:5556,tcp://crf.circl.lu:5556
|
|
|
|
address = tcp://127.0.0.1:5556
|
2014-08-29 19:37:56 +02:00
|
|
|
channel = 102
|
2017-01-13 14:54:43 +01:00
|
|
|
bind = tcp://127.0.0.1:5556
|
2014-08-29 19:37:56 +02:00
|
|
|
|
2014-12-22 16:29:05 +01:00
|
|
|
[RedisPubSub]
|
|
|
|
host = localhost
|
|
|
|
port = 6381
|
|
|
|
db = 0
|
2018-08-09 17:42:21 +02:00
|
|
|
|
|
|
|
[Crawler]
|
2018-10-02 14:17:58 +02:00
|
|
|
activate_crawler = False
|
2022-10-25 16:25:19 +02:00
|
|
|
default_depth_limit = 1
|
|
|
|
default_har = True
|
|
|
|
default_screenshot = True
|
|
|
|
onion_proxy = onion.foundation
|
2019-09-24 10:27:56 +02:00
|
|
|
|
2019-09-23 18:22:25 +02:00
|
|
|
[IP]
|
2019-09-24 10:27:56 +02:00
|
|
|
# list of comma-separated CIDR that you wish to be alerted for. e.g:
|
|
|
|
#networks = 192.168.34.0/24,10.0.0.0/8,192.168.33.0/24
|
|
|
|
networks =
|
2021-04-28 15:24:33 +02:00
|
|
|
|
|
|
|
[SubmitPaste]
|
|
|
|
# 1 Mb Max text paste size for text submission
|
|
|
|
TEXT_MAX_SIZE = 1000000
|
|
|
|
# 1 Gb Max file size for file submission
|
|
|
|
FILE_MAX_SIZE = 1000000000
|
|
|
|
# Managed file extenions for file submission, comma separated
|
2021-04-28 17:44:32 +02:00
|
|
|
# TODO add zip, gz and tar.gz
|
2023-05-10 09:38:16 +02:00
|
|
|
FILE_ALLOWED_EXTENSIONS = txt,sh,pdf,html,json
|