lookyloo/config/generic.json.sample

72 lines
3.7 KiB
Plaintext
Raw Normal View History

{
"loglevel": "INFO",
2020-04-03 17:51:58 +02:00
"splash_loglevel": "WARNING",
"only_global_lookups": true,
"public_instance": false,
"public_domain": "lookyloo.myorg.local",
"website_listen_ip": "0.0.0.0",
"website_listen_port": 5100,
"splash_url": "http://127.0.0.1:8050",
"default_user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36",
"users": {},
"time_delta_on_index": {
"weeks": 1,
"days": 0,
"hours": 0
},
2020-06-29 18:00:53 +02:00
"max_depth": 1,
"async_capture_processes": 1,
"use_user_agents_users": false,
"enable_default_blur_screenshot": false,
"enable_context_by_users": false,
2020-10-28 18:49:15 +01:00
"enable_categorization": false,
2020-11-29 23:56:42 +01:00
"enable_bookmark": false,
"auto_trigger_modules": false,
2020-05-11 19:01:02 +02:00
"enable_mail_notification": false,
"email": {
2021-05-18 23:58:56 +02:00
"from": "Lookyloo <lookyloo@myorg.local>",
"to": "Investigation Team <investigation_unit@myorg.local>",
"subject": "Capture from Lookyloo to review",
"smtp_host": "localhost",
2021-05-26 21:07:47 +02:00
"smtp_port": "25",
"confirm_message": "Message the users need to confirm before they submit a notification."
2021-05-18 23:58:56 +02:00
},
"priority": {
"sources": {
"web": 10,
"api": 0
},
"users": {
"_default_auth": 5,
"_default_anon": 0,
"admin": 10
}
2020-05-11 19:01:02 +02:00
},
"hide_captures_with_error": false,
"_notes": {
2020-04-03 17:51:58 +02:00
"loglevel": "(lookyloo) Can be one of the value listed here: https://docs.python.org/3/library/logging.html#levels",
"splash_loglevel": "(Splash) INFO is *very* verbose.",
2020-09-24 18:46:43 +02:00
"only_global_lookups": "Set it to True if your instance is publicly available so users aren't able to scan your internal network",
"public_instance": "true means disabling features deemed unsafe on a public instance (such as indexing private captures)",
2020-12-08 15:03:59 +01:00
"public_domain": "Domain where the instance can be reached. Used for permalinks (e-mail, MISP export).",
"website_listen_ip": "IP Flask will listen on. Defaults to 0.0.0.0, meaning all interfaces.",
"website_listen_port": "Port Flask will listen on.",
2020-04-03 17:51:58 +02:00
"splash_url": "URL to connect to splash",
2020-09-28 13:32:19 +02:00
"default_user_agent": "Ultimate fallback if the capture form, or the asynchronous submission, doesn't provide a user agent.",
2021-02-03 11:20:51 +01:00
"users": "It is some kind of an admin accounts. Format: {username: password}",
2020-05-11 19:01:02 +02:00
"time_delta_on_index": "Time interval of the capture displayed on the index",
2020-06-29 18:00:53 +02:00
"max_depth": "Maximum depth for scraping. Anything > 1 will be exponentially bigger.",
"async_capture_processes": "Number of async_capture processes to start. This should not be higher than the number of splash instances you have running. A very high number will use *a lot* of ram.",
"use_user_agents_users": "Only usable for medium/high use instances: use the user agents of the users of the platform",
"enable_default_blur_screenshot": "If true, blur the screenshot by default (useful on public instances)",
"enable_context_by_users": "Allow the users to add context to a response body",
2020-10-28 18:53:24 +01:00
"enable_categorization": "Allow the users to add contextualization to a capture",
2020-11-29 23:56:42 +01:00
"enable_bookmark": "Allow to bookmark nodes on tree",
2021-05-21 01:32:33 +02:00
"auto_trigger_modules": "Automatically trigger the modules when the tree is loaded and when the capture is cached",
"enable_mail_notification": "Allow users to notify a pre-configured email address about a specific capture",
2021-05-18 23:58:56 +02:00
"email": "Configuration for sending email notifications.",
"priority": "Define the priority of a new capture. A capture from the web interface has priority over a capture from the API, same for authenticated user vs. anonymous.",
"hide_captures_with_error": "Capturing an URL may result in an error (domain non-existent, HTTP error, ...). They may be useful to see, but if you have a public instance, they will clutter the index."
}
}