2020-03-31 14:12:49 +02:00
{
"loglevel": "INFO",
2020-04-03 17:51:58 +02:00
"splash_loglevel": "WARNING",
2020-03-31 14:12:49 +02:00
"only_global_lookups": true,
2020-07-20 13:39:08 +02:00
"public_instance": false,
2020-12-07 20:50:46 +01:00
"public_domain": "lookyloo.myorg.local",
2020-09-21 16:41:30 +02:00
"website_listen_ip": "0.0.0.0",
"website_listen_port": 5100,
2020-03-31 14:12:49 +02:00
"splash_url": "http://127.0.0.1:8050",
2020-05-24 15:35:30 +02:00
"default_user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36",
2021-02-02 22:04:33 +01:00
"users": {},
2020-04-22 12:03:10 +02:00
"time_delta_on_index": {
2020-05-24 15:35:30 +02:00
"weeks": 1,
"days": 0,
2020-04-22 12:03:10 +02:00
"hours": 0
},
2020-06-29 18:00:53 +02:00
"max_depth": 1,
2021-04-08 19:15:53 +02:00
"async_capture_processes": 1,
2020-06-25 16:43:36 +02:00
"use_user_agents_users": false,
2020-08-13 15:56:46 +02:00
"enable_default_blur_screenshot": false,
2020-08-31 16:34:28 +02:00
"enable_context_by_users": false,
2020-10-28 18:49:15 +01:00
"enable_categorization": false,
2020-11-29 23:56:42 +01:00
"enable_bookmark": false,
2020-11-22 23:23:42 +01:00
"auto_trigger_modules": false,
2020-05-11 19:01:02 +02:00
"enable_mail_notification": false,
"email": {
2021-05-18 23:58:56 +02:00
"from": "Lookyloo <lookyloo@myorg.local>",
"to": "Investigation Team <investigation_unit@myorg.local>",
"subject": "Capture from Lookyloo to review",
"smtp_host": "localhost",
2021-05-26 21:07:47 +02:00
"smtp_port": "25",
"confirm_message": "Message the users need to confirm before they submit a notification."
2021-05-18 23:58:56 +02:00
},
"priority": {
"sources": {
"web": 10,
"api": 0
},
"users": {
"_default_auth": 5,
"_default_anon": 0,
"admin": 10
}
2020-05-11 19:01:02 +02:00
},
2021-05-19 19:18:43 +02:00
"hide_captures_with_error": false,
2020-03-31 14:12:49 +02:00
"_notes": {
2020-04-03 17:51:58 +02:00
"loglevel": "(lookyloo) Can be one of the value listed here: https://docs.python.org/3/library/logging.html#levels",
"splash_loglevel": "(Splash) INFO is *very* verbose.",
2020-09-24 18:46:43 +02:00
"only_global_lookups": "Set it to True if your instance is publicly available so users aren't able to scan your internal network",
2020-07-20 13:39:08 +02:00
"public_instance": "true means disabling features deemed unsafe on a public instance (such as indexing private captures)",
2020-12-08 15:03:59 +01:00
"public_domain": "Domain where the instance can be reached. Used for permalinks (e-mail, MISP export).",
2020-09-21 16:41:30 +02:00
"website_listen_ip": "IP Flask will listen on. Defaults to 0.0.0.0, meaning all interfaces.",
"website_listen_port": "Port Flask will listen on.",
2020-04-03 17:51:58 +02:00
"splash_url": "URL to connect to splash",
2020-09-28 13:32:19 +02:00
"default_user_agent": "Ultimate fallback if the capture form, or the asynchronous submission, doesn't provide a user agent.",
2021-02-03 11:20:51 +01:00
"users": "It is some kind of an admin accounts. Format: {username: password}",
2020-05-11 19:01:02 +02:00
"time_delta_on_index": "Time interval of the capture displayed on the index",
2020-06-29 18:00:53 +02:00
"max_depth": "Maximum depth for scraping. Anything > 1 will be exponentially bigger.",
2021-04-08 19:15:53 +02:00
"async_capture_processes": "Number of async_capture processes to start. This should not be higher than the number of splash instances you have running. A very high number will use *a lot* of ram.",
2020-06-25 16:43:36 +02:00
"use_user_agents_users": "Only usable for medium/high use instances: use the user agents of the users of the platform",
2020-08-13 15:56:46 +02:00
"enable_default_blur_screenshot": "If true, blur the screenshot by default (useful on public instances)",
2020-08-31 16:34:28 +02:00
"enable_context_by_users": "Allow the users to add context to a response body",
2020-10-28 18:53:24 +01:00
"enable_categorization": "Allow the users to add contextualization to a capture",
2020-11-29 23:56:42 +01:00
"enable_bookmark": "Allow to bookmark nodes on tree",
2021-05-21 01:32:33 +02:00
"auto_trigger_modules": "Automatically trigger the modules when the tree is loaded and when the capture is cached",
"enable_mail_notification": "Allow users to notify a pre-configured email address about a specific capture",
2021-05-18 23:58:56 +02:00
"email": "Configuration for sending email notifications.",
2021-05-19 19:18:43 +02:00
"priority": "Define the priority of a new capture. A capture from the web interface has priority over a capture from the API, same for authenticated user vs. anonymous.",
"hide_captures_with_error": "Capturing an URL may result in an error (domain non-existent, HTTP error, ...). They may be useful to see, but if you have a public instance, they will clutter the index."
2020-03-31 14:12:49 +02:00
}
}