Configurations¶

As discussed in previous sections, the BroAPT system is configurable in various ways. You can configure the outer system from the entry CLI of BroAPT-Daemon server, and the main framework through Docker Compose environment variables.

BroAPT-Daemon Server¶

Command Line Interface¶

usage: broaptd [-h] [-v] [-e ENV] [-s SIGNAL] [-t HOST] [-p PORT]
               [-f DOCKER_COMPOSE] [-d DUMP_PATH] [-l LOGS_PATH] [-r API_ROOT]
               [-a API_LOGS] [-i INTERVAL] [-m MAX_RETRY]

BroAPT Daemon

optional arguments:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit

environment arguments:
  -e ENV, --env ENV     path to dotenv file
  -s SIGNAL, --signal SIGNAL
                        daemon kill signal

server arguments:
  -t HOST, --host HOST  the hostname to listen on
  -p PORT, --port PORT  the port of the webserver

compose arguments:
  -f DOCKER_COMPOSE, --docker-compose DOCKER_COMPOSE
                        path to BroAPT's compose file
  -d DUMP_PATH, --dump-path DUMP_PATH
                        path to extracted files
  -l LOGS_PATH, --logs-path LOGS_PATH
                        path to log files

API arguments:
  -r API_ROOT, --api-root API_ROOT
                        path to detection APIs
  -a API_LOGS, --api-logs API_LOGS
                        path to API runtime logs

runtime arguments:
  -i INTERVAL, --interval INTERVAL
                        sleep interval
  -m MAX_RETRY, --max-retry MAX_RETRY
                        command retry

Environment Variables¶

As suggests in the --env option, you may provice a dotenv (.env) file for the BroAPT-Daemon server to configure itself.

Acceptable environment variables are as following:

BROAPT_KILL_SIGNAL¶

Type: int
Default: 15 (SIGTERM)
CLI Option: -s / --signal

Daemon kill signal.

BROAPT_SERVER_HOST¶

Type: str (hostname)
Default: 0.0.0.0
CLI Option: -t / --host

The hostname to listen on.

BROAPT_SERVER_PORT¶

Type: int (port number)
Default: 5000
CLI Option: -p / --port

The port of the webserver.

BROAPT_DOCKER_COMPOSE¶

Type: str (path)
Default: docker-compose.yml
CLI Option: -f / --docker-compose

Path to BroAPT’s compose file.

BROAPT_DUMP_PATH¶

Type: str (path)
Default: None
CLI Option: -d / --dump-path

Path to extracted files.

BROAPT_LOGS_PATH¶

Type: str (path)
Default: None
CLI Option: -l / --logs-path

Path to log files.

BROAPT_API_ROOT¶

Type: str (path)
Default: None
CLI Option: -r / --api-root

Path to detection APIs.

BROAPT_API_LOGS¶

Type: str (path)
Default: None
CLI Option: -a / --api-logs

Path to API runtime logs.

BROAPT_INTERVAL¶

Type: float
Default: 10
CLI Option: -i / --interval

Sleep interval.

BROAPT_MAX_RETRY¶

Type: int
Default: 3
CLI Option: -m / --max-retry

Command retry.

Note

Environment variables of bool type will be translated through the following mapping table (case-insensitive):

`True`	`False`
`1`	`0`
`yes`	`no`
`true`	`false`
`on`	`off`

BroAPT-Core Framework¶

The BroAPT-Core framework only supports configuration through environment variables.

BROAPT_CPU¶

Type: int
Default: None
Availability: bundled implementation

Number of BroAPT concurrent processes for PCAP analysis. If not provided, then the number of system CPUs will be used.

BROAPT_CORE_CPU¶

Type: int
Default: None
Availability: cluster implementation

BroAPT-App Framework¶

The BroAPT-App framework only supports configuration through environment variables.

BROAPT_SCAN_CPU¶

Type: int
Default: None
Availability: bundled implementation

Number of BroAPT concurrent processes for extracted file analysis. If not provided, then the number of system CPUs will be used.

BROAPT_APP_CPU¶

Type: int
Default: None
Availability: cluster implementation

Configurations¶

BroAPT-Daemon Server¶

Command Line Interface¶

Environment Variables¶

BroAPT-Core Framework¶

BroAPT-App Framework¶

BroAPT

Navigation

Related Topics