blob: 27ad270dcbae42a37b37142380a733739f2339d7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
#
# Peekaboo configuration file
# Copyright (C) 2016-2019 science + computing ag
#
#[global]
#user : peekaboo
#group : peekaboo
#socket_file : /var/run/peekaboo/peekaboo.sock
#pid_file : /var/run/peekaboo/peekaboo.pid
#interpreter : /usr/bin/python -u
#worker_count : 3
#sample_base_dir : /tmp
#job_hash_regex : /var/lib/amavis/tmp/([^/]+)/parts.*
# 'yes' or 'no' to use Peekaboo's debug module, which allows
# additional code execution at runtime.
#use_debug_module : no
# Whether or not to cleanup temporary files under /tmp
#keep_mail_data : no
#[ruleset]
#config : /opt/peekaboo/etc/ruleset.conf
#
# Logging configuration
#
#[logging]
# log_level
# possible values: CRITICAL | ERROR | WARNING | INFO | DEBUG
#log_level : INFO
# note that any % must be escaped with another %.
#log_format : %%(asctime)s - %%(name)s - (%%(threadName)s) - %%(levelname)s - %%(message)s
# if you use systemd you don't want the timestamp
# log_format : %%(name)s - (%%(threadName)s) - %%(levelname)s - %%(message)s
#
# Database configuration
#
#[db]
# SQLite
#url : sqlite:////var/lib/peekaboo/peekaboo.db
# MySQL (recommended)
# url : mysql+mysqldb://user:password@host/database
# PostgreSQL
# url : postgresql://user:password@host:port/database
#
# Cuckoo specific settings
#
#[cuckoo]
# mode has two options:
# embed : for legacy embeded mode
# api : to access cuckoo via the REST api
#mode : api
# embed mode
#exec : /opt/cuckoo/bin/cuckoo
#submit : /opt/cuckoo/bin/cuckoo submit
#storage_path : /var/lib//peekaboo/.cuckoo/storage
# api mode
#url : http://127.0.0.1:8090
#poll_interval : 5
#[cluster]
# if multiple instances are to run in parallel and avoid concurrent analysis of
# the same sample, set instance_id to a nonzero positive unique integer value
# on each instance and use the same networked DBMS instance (MySQL or
# PostgreSQL) for all them. (SQLite is not a good choice for this.) Also, do
# make really, really sure to provide unique IDs. Two instances using the same
# ID will corrupt each others' records and there is no mechanism to detect this.
#instance_id: 0
# number of seconds after which in-flight markers of samples are to be
# removed/ignored, assuming that the instance processing them has crashed or
# been shut down.
#stale_in_flight_threshold: 3600
# Interval in which to check if other instances of a Peekaboo cluster have
# finished processing samples we have held.
#duplicate_check_interval: 60
|
