forked from scVENUS/PeekabooAV
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathanalyzers.conf.sample
55 lines (45 loc) · 2.11 KB
/
analyzers.conf.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# Cuckoo analyzer settings
[cuckoo]
# where to reach the Cuckoo REST API
#url: http://127.0.0.1:8090
# how long to wait inbetween checks of job status
#poll_interval: 5
# Submit samples with their original filenames if available. Enhances
# authenticity of analysis environment but also leaks original filenames into
# Cuckoo's database.
#submit_original_filename : yes
# Specify how long to track running Cuckoo jobs before giving up on them. This
# does not actively cancel jobs. It's rather meant to handle cases where jobs
# have for some reason been dropped by or got stuck within Cuckoo. This value
# is unrelated to how long our client is willing to wait for a result because
# even if it gives up on us we would normally want to learn and cache the job
# result because the analysis was expensive and the sample might be presented
# to us again.
#maximum_job_age : 900
# From version 2.0.7 cuckoo API has authentication support.
# New installations create a bearer token by default and require it but upgraded
# installations don't automatically get one.
#api_token : <empty>
# Cortex analyzer settings
[cortex]
# where to reach the Cortex REST API
#url: http://127.0.0.1:9001
# Classification according to Traffic Light Protocol
# white, green, amber, red
#tlp: amber
# Token to authenticate to the Cortex REST API with.
#api_token : <empty>
# how long to wait inbetween checks of job status
#poll_interval: 5
# Submit samples with their original filenames if available. Enhances
# authenticity of analysis environment but also leaks original filenames into
# Cortex's database.
#submit_original_filename : yes
# Specify how long to track running Cortex jobs before giving up on them. This
# does not actively cancel jobs. It's rather meant to handle cases where jobs
# have for some reason been dropped by or got stuck within Cortex. This value
# is unrelated to how long our client is willing to wait for a result because
# even if it gives up on us we would normally want to learn and cache the job
# result because the analysis was expensive and the sample might be presented
# to us again.
#maximum_job_age : 900