"Use relational database for reading files from filestore.")
DATASTORE_PATHING = [
r"%{(?P<path>files/hash/generic/sha256/...).*}",
r"%{(?P<path>files/hash/generic/sha1/...).*}",
r"%{(?P<path>files/hash/generic/md5/...).*}",
r"%{(?P<path>files/hash/pecoff/md5/...).*}",
r"%{(?P<path>files/hash/pecoff/sha1/...).*}",
r"%{(?P<path>files/nsrl/...).*}", r"%{(?P<path>W/[^/]+).*}",
r"%{(?P<path>CA/[^/]+).*}", r"%{(?P<path>C\..\{1,16\}?)($|/.*)}",
r"%{(?P<path>hunts/[^/]+).*}", r"%{(?P<path>blobs/[^/]+).*}",
r"%{(?P<path>[^/]+).*}"
]
config_lib.DEFINE_list("Datastore.pathing", DATASTORE_PATHING,
("Path selection for subjects in the file-based data "
"stores (by priority)."))
config_lib.DEFINE_string("Datastore.location",
default="%(Config.prefix)/var/grr-datastore",
help=("Location of the data store (usually a "
"filesystem directory)"))
# SQLite data store.
# NOTE: The SQLite datastore was obsoleted, so these options do not get
# used. We can remove them once users have migrated to MySQL.
config_lib.DEFINE_integer(
"SqliteDatastore.vacuum_check",
default=10,
help=("Number of rows that need to be deleted before "
"checking if the sqlite file may need to be "
config_lib.DEFINE_integer(
"Source.version_numeric", "%(version_major)%(version_minor)"
"%(version_revision)%(version_release)",
"Version string of the client as an integer.")
# Note: Each thread adds about 8mb for stack space.
config_lib.DEFINE_integer("Threadpool.size", 50,
"Number of threads in the shared thread pool.")
config_lib.DEFINE_integer(
"Worker.queue_shards", 5, "Queue notifications will be sharded across "
"this number of datastore subjects.")
config_lib.DEFINE_list(
"Frontend.well_known_flows", ["TransferStore"],
"Allow these well known flows to run directly on the "
"frontend. Other flows are scheduled as normal.")
# Smtp settings.
config_lib.DEFINE_string("Worker.smtp_server", "localhost",
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
#!/usr/bin/env python
"""Configuration parameters for the check subsystem."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from grr_response_core.lib import config_lib
config_lib.DEFINE_list("Checks.config_dir", [
"%(grr_response_server/checks@grr-response-server|resource)",
], "A list of directories to load checks from.")
config_lib.DEFINE_list("Checks.config_files", [],
"Paths of check configurations to load at start up.")
config_lib.DEFINE_integer("Checks.max_results", 50,
"Maximum items to include as check results.")
config_lib.DEFINE_string(
"AdminUI.webauth_manager", "NullWebAuthManager",
"The web auth manager for controlling access to the UI.")
config_lib.DEFINE_string(
"AdminUI.remote_user_header", "X-Remote-User",
"Header containing authenticated user's username. "
"Used by RemoteUserWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.remote_email_header", "X-Remote-Extra-Email",
"Header containing authenticated user's e-mail address. "
"If present, the e-mail address of a newly created GRR user will be set "
"to the header's value. "
"Used by RemoteUserWebAuthManager.")
config_lib.DEFINE_list(
"AdminUI.remote_user_trusted_ips", ["127.0.0.1"],
"Only requests coming from these IPs will be processed "
"by RemoteUserWebAuthManager.")
config_lib.DEFINE_string("AdminUI.firebase_api_key", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string("AdminUI.firebase_auth_domain", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.firebase_auth_provider", "GoogleAuthProvider",
"Firebase auth provider (see "
"https://firebase.google.com/docs/auth/web/start). Used by "
"FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.csrf_secret_key", "CHANGE_ME",
"This is a secret key that should be set in the server "
from grr_response_core.lib import config_lib
from grr_response_core.lib.rdfvalues import crypto as rdf_crypto
# General Client options.
config_lib.DEFINE_string(
"Client.name", "GRR", "The name of the client. This will be used as a base "
"name to generate many other default parameters such "
"as binary names and service names. Note that on "
"Linux we lowercase the name to confirm with most "
"linux naming conventions.")
config_lib.DEFINE_string("Client.binary_name", "%(Client.name)",
"The name of the client binary.")
config_lib.DEFINE_list("Client.labels", [], "Labels for this client.")
config_lib.DEFINE_string("Client.company_name", "GRR Project",
"The name of the company which made the client.")
config_lib.DEFINE_string("Client.description", "%(name) %(platform) %(arch)",
"A description of this specific client build.")
config_lib.DEFINE_string("Client.platform", "windows",
"The platform we are running on.")
config_lib.DEFINE_string("Client.arch", "amd64",
"The architecture we are running on.")
config_lib.DEFINE_string("Client.build_time", "Unknown",
"The time the client was built.")
"%(version_revision).%(version_release)", "Version string of the client.")
config_lib.DEFINE_integer(
"Source.version_numeric", "%(version_major)%(version_minor)"
"%(version_revision)%(version_release)",
"Version string of the client as an integer.")
# Note: Each thread adds about 8mb for stack space.
config_lib.DEFINE_integer("Threadpool.size", 50,
"Number of threads in the shared thread pool.")
config_lib.DEFINE_integer(
"Worker.queue_shards", 5, "Queue notifications will be sharded across "
"this number of datastore subjects.")
config_lib.DEFINE_list("Frontend.well_known_flows", [], "Unused, Deprecated.")
# Smtp settings.
config_lib.DEFINE_string("Worker.smtp_server", "localhost",
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
from grr_response_core.lib import config_lib
from grr_response_core.lib.rdfvalues import crypto as rdf_crypto
# General Client options.
config_lib.DEFINE_string(
"Client.name", "GRR",
"The name of the client. This will be used as a base "
"name to generate many other default parameters such "
"as binary names and service names. Note that on "
"Linux we lowercase the name to confirm with most "
"linux naming conventions.")
config_lib.DEFINE_string("Client.binary_name", "%(Client.name)",
"The name of the client binary.")
config_lib.DEFINE_list("Client.labels", [], "Labels for this client.")
config_lib.DEFINE_string("Client.company_name", "GRR Project",
"The name of the company which made the client.")
config_lib.DEFINE_string("Client.description", "%(name) %(platform) %(arch)",
"A description of this specific client build.")
config_lib.DEFINE_string("Client.platform", "windows",
"The platform we are running on.")
config_lib.DEFINE_string("Client.arch", "amd64",
"The architecture we are running on.")
config_lib.DEFINE_string("Client.build_time", "Unknown",
"The time the client was built.")
config_lib.DEFINE_string(
name="ClientBuilder.config_filename",
default="%(Client.binary_name).yaml",
help=("The name of the configuration file which will be embedded in the "
"deployable binary."))
config_lib.DEFINE_string(
name="ClientBuilder.autorun_command_line",
default=("%(Client.binary_name) --install "
"--config %(ClientBuilder.config_filename)"),
help=("The command that the installer will execute after "
"unpacking the package."))
config_lib.DEFINE_list(
name="ClientBuilder.installer_plugins",
default=[],
help="Plugins that will copied to the client installation file and run "
"at install time.")
config_lib.DEFINE_list(
name="ClientBuilder.plugins",
default=[],
help="Plugins that will copied to the client installation file and run when"
"the client is running.")
config_lib.DEFINE_string(
name="ClientBuilder.client_logging_filename",
default="%(Logging.path)/%(Client.name)_log.txt",
help="Filename for logging, to be copied to Client section in the client "
"that gets built.")
#!/usr/bin/env python
"""Configuration parameters for logging and error reporting subsystems."""
from grr_response_core.lib import config_lib
from grr_response_core.lib import type_info
from grr_response_core.lib.rdfvalues import standard as rdf_standard
config_lib.DEFINE_string(
"Logging.domain", "localhost",
"The email domain belonging to this installation. "
"Leave blank to not restrict email to this domain")
config_lib.DEFINE_list(
"Logging.engines", ["stderr"], "Enabled logging engines. Valid values are "
"combinations of stderr,file,syslog,event_log.")
config_lib.DEFINE_bool("Logging.verbose",
False,
help="If true log more verbosely.")
config_lib.DEFINE_string("Logging.path",
"%(Config.prefix)/var/log/",
help="Path to log file directory.")
config_lib.DEFINE_string("Logging.syslog_path",
"/dev/log",
help="Path to syslog socket. This can be a unix "
"domain socket or in a UDP host:port notation.")
config_lib.DEFINE_string("Logging.filename",
"%(Logging.path)/GRRlog.txt",
#!/usr/bin/env python
"""Configuration parameters for the check subsystem."""
from grr_response_core.lib import config_lib
config_lib.DEFINE_list("Checks.config_dir", [
"%(grr_response_server|module_path)/"
"checks", "%(grr_response_server|module_path)/"
"checks/local"
], "A list of directories to load checks from.")
config_lib.DEFINE_list("Checks.config_files", [],
"Paths of check configurations to load at start up.")
config_lib.DEFINE_integer("Checks.max_results", 50,
"Maximum items to include as check results.")
#!/usr/bin/env python
"""Configuration parameters for the artifact subsystem."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from grr_response_core.lib import config_lib
config_lib.DEFINE_list("Artifacts.artifact_dirs", [
"%(grr_response_core/artifacts@grr-response-core|resource)",
"%(grr_response_core/artifacts/flow_templates@grr-response-core|resource)",
"%(grr_response_core/artifacts/local@grr-response-core|resource)"
], "A list directories to load artifacts from.")
config_lib.DEFINE_list(
"Artifacts.knowledge_base", [
"LinuxReleaseInfo",
"LinuxUserProfiles",
"MacOSUsers",
"WindowsCodePage",
"WindowsDomainName",
"WindowsEnvironmentVariableAllUsersAppData",
"WindowsEnvironmentVariableAllUsersProfile",
"WindowsEnvironmentVariablePath",
"WindowsEnvironmentVariableProfilesDirectory",
"WindowsEnvironmentVariableProgramFiles",
"WindowsEnvironmentVariableProgramFilesX86",
"WindowsEnvironmentVariableSystemDrive",
"WindowsEnvironmentVariableSystemRoot",
"WindowsEnvironmentVariableTemp",
config_lib.DEFINE_integer(
"Source.version_numeric", "%(version_major)%(version_minor)"
"%(version_revision)%(version_release)",
"Version string of the client as an integer.")
# Note: Each thread adds about 8mb for stack space.
config_lib.DEFINE_integer("Threadpool.size", 50,
"Number of threads in the shared thread pool.")
config_lib.DEFINE_integer(
"Worker.queue_shards", 5, "Queue notifications will be sharded across "
"this number of datastore subjects.")
config_lib.DEFINE_list(
"Frontend.well_known_flows", ["TransferStore", "Stats"],
"Allow these well known flows to run directly on the "
"frontend. Other flows are scheduled as normal.")
# Smtp settings.
config_lib.DEFINE_string("Worker.smtp_server", "localhost",
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
config_lib.DEFINE_string(
"AdminUI.webauth_manager", "NullWebAuthManager",
"The web auth manager for controlling access to the UI.")
config_lib.DEFINE_string(
"AdminUI.remote_user_header", "X-Remote-User",
"Header containing authenticated user's username. "
"Used by RemoteUserWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.remote_email_header", "X-Remote-Extra-Email",
"Header containing authenticated user's e-mail address. "
"If present, the e-mail address of a newly created GRR user will be set "
"to the header's value. "
"Used by RemoteUserWebAuthManager.")
config_lib.DEFINE_list(
"AdminUI.remote_user_trusted_ips", ["127.0.0.1"],
"Only requests coming from these IPs will be processed "
"by RemoteUserWebAuthManager.")
config_lib.DEFINE_string("AdminUI.firebase_api_key", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string("AdminUI.firebase_auth_domain", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.firebase_auth_provider", "GoogleAuthProvider",
"Firebase auth provider (see "
"https://firebase.google.com/docs/auth/web/start). Used by "
"FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.csrf_secret_key", "CHANGE_ME",
"This is a secret key that should be set in the server "
