#
# Peekaboo configuration file
# Copyright (C) 2016-2019 science + computing ag
#


[global]
#user             :    peekaboo
#group            :    peekaboo
#socket_file      :    /var/run/peekaboo/peekaboo.sock
#pid_file         :    /var/run/peekaboo/peekaboo.pid
#interpreter      :    /usr/bin/python -u
#worker_count     :    3
#sample_base_dir  :    /tmp
#job_hash_regex   :    /amavis/tmp/([^/]+)/parts/
# 'yes' or 'no'  to use Peekaboo's debug module, which allows
# additional code execution at runtime.
#use_debug_module :    no
# Whether or not to cleanup temporary files under /tmp
#keep_mail_data   :    no
#processing_info_dir : /var/lib/peekaboo/malware_reports

# Configure the language to use for messages in the report returned to the
# client. If unset, falls back to system configuration using environment
# variables such as LANG. Defaults to English messages if neither is
# configured or no translation is found. Standard LANG variable identifiers
# such as de, de_DE or de_DE.ISO-8859-1 can be used. Standard gettext search
# order applies.
#report_locale    :    <unset>


[ruleset]
#config           :    /opt/peekaboo/etc/ruleset.conf


#
# Logging configuration
#
[logging]
# log_level
# possible values: CRITICAL | ERROR | WARNING | INFO | DEBUG
#log_level        :    INFO
# note that any % must be escaped with another %.
#log_format       :    %%(asctime)s - %%(name)s - (%%(threadName)s) - %%(levelname)s - %%(message)s
# if you use systemd you don't want the timestamp
# log_format       :    %%(name)s - (%%(threadName)s) - %%(levelname)s - %%(message)s


#
# Database configuration
#
[db]
# SQLite
#url              :    sqlite:////var/lib/peekaboo/peekaboo.db
# MySQL (recommended)
# url             :    mysql+mysqldb://user:password@host/database
# PostgreSQL
# url             :    postgresql://user:password@host:port/database

# Enable additional logging by the SQLAlchemy database module beyond Peekaboo's
# own logging. Can be considered another set of debug logging even beyond
# Peekaboo's DEBUG log level.
#log_level        :    WARNING

#
# Cuckoo specific settings
#
[cuckoo]
# mode has two options:
#  embed   : for legacy embeded mode
#  api     : to access cuckoo via the REST api
#mode             :    api

# embed mode
#exec             :    /opt/cuckoo/bin/cuckoo
#submit           :    /opt/cuckoo/bin/cuckoo submit
#storage_path     :    /var/lib/peekaboo/.cuckoo/storage

# api mode
#url              :    http://127.0.0.1:8090
#poll_interval    :    5

[cluster]
# if multiple instances are to run in parallel and avoid concurrent analysis of
# the same sample, set instance_id to a nonzero positive unique integer value
# on each instance and use the same networked DBMS instance (MySQL or
# PostgreSQL) for all them. (SQLite is not a good choice for this.) Also, do
# make really, really sure to provide unique IDs. Two instances using the same
# ID will corrupt each others' records and there is no mechanism to detect this.
#instance_id: 0

# number of seconds after which in-flight markers of samples are to be
# removed/ignored, assuming that the instance processing them has crashed or
# been shut down.
#stale_in_flight_threshold: 3600

# Interval in which to check if other instances of a Peekaboo cluster have
# finished processing samples we have held.
#duplicate_check_interval: 60