config_lib.DEFINE_string("AdminUI.firebase_api_key", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string("AdminUI.firebase_auth_domain", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.firebase_auth_provider", "GoogleAuthProvider",
"Firebase auth provider (see "
"https://firebase.google.com/docs/auth/web/start). Used by "
"FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.csrf_secret_key", "CHANGE_ME",
"This is a secret key that should be set in the server "
"config. It is used in CSRF protection.")
config_lib.DEFINE_bool("AdminUI.enable_ssl", False,
"Turn on SSL. This needs AdminUI.ssl_cert to be set.")
config_lib.DEFINE_string("AdminUI.ssl_cert_file", "",
"The SSL certificate to use.")
config_lib.DEFINE_string(
"AdminUI.ssl_key_file", None,
"The SSL key to use. The key may also be part of the cert file, in which "
"case this can be omitted.")
config_lib.DEFINE_string("AdminUI.url", "http://localhost:8000/",
"The direct external URL for the user interface.")
config_lib.DEFINE_bool(
"AdminUI.use_precompiled_js", False,
"If True - use Closure-compiled JS bundle. This flag "
config_lib.DEFINE_integer(
"BigQuery.retry_multiplier", 2,
"For each retry, multiply last delay by this value.")
config_lib.DEFINE_integer_list("BigQuery.retry_status_codes",
[404, 500, 502, 503, 504],
"HTTP status codes on which we should retry.")
# SplunkOutputPlugin
config_lib.DEFINE_string(
"Splunk.url", None, "Absolute URL of the Splunk installation, e.g. "
"'https://mysplunkserver.example.com:8088'")
config_lib.DEFINE_bool(
"Splunk.verify_https", True,
"Verify the certificate for HTTPS connections. Setting this to False comes "
"with big security risks. Instead, when using self-signed certificates, "
"set REQUESTS_CA_BUNDLE environment variable to the path of the cert file. "
"See https://requests.readthedocs.io/en/master/user/advanced/.")
config_lib.DEFINE_string(
"Splunk.token", None,
"Token used to authenticate with Splunk HTTP Event Collector.")
config_lib.DEFINE_string("Splunk.source", "grr",
"The source value assigned to all submitted events.")
config_lib.DEFINE_string(
"Splunk.sourcetype", "grr_flow_result",
"The sourcetype value assigned to all submitted events.")
config_lib.DEFINE_string("Splunk.index", None,
name="ClientBuilder.output_extension",
default=None,
help="The file extension for the client (OS dependent).")
config_lib.DEFINE_string(name="ClientBuilder.package_dir",
default=None,
help="OSX package name.")
config_lib.DEFINE_string(
"ClientBuilder.private_config_validator_class",
default=None,
help="Set this to a class name that sanity checks your client "
"config at repacking time.")
config_lib.DEFINE_bool(
"Client.fleetspeak_enabled", False,
"Whether the client uses Fleetspeak to communicate "
"with the server.")
config_lib.DEFINE_bool(
"ClientBuilder.fleetspeak_enabled", False,
"Whether the client will use Fleetspeak to communicate "
"with the server.")
config_lib.DEFINE_string(
"Client.fleetspeak_service_name", "FleetspeakService",
"Name of the Fleetspeak Windows service. Used to restart the Fleetspeak "
"service during GRR client installation.")
config_lib.DEFINE_string("ClientBuilder.client_path",
default="grr_response_client.client",
help="Full module path for GRR client's main file.")
config_lib.DEFINE_integer("Threadpool.size", 50,
"Number of threads in the shared thread pool.")
config_lib.DEFINE_integer(
"Worker.queue_shards", 5, "Queue notifications will be sharded across "
"this number of datastore subjects.")
config_lib.DEFINE_list("Frontend.well_known_flows", [], "Unused, Deprecated.")
# Smtp settings.
config_lib.DEFINE_string("Worker.smtp_server", "localhost",
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
# Server Cryptographic settings.
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.ca_key",
help="CA private key. Used to sign for client enrollment.")
config_lib.DEFINE_semantic_value(rdf_crypto.RSAPrivateKey,
"PrivateKeys.server_key",
from grr_response_core.lib import rdfvalue
config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024,
"Maximum blob size we may store in the datastore.")
config_lib.DEFINE_string("Datastore.implementation", "FakeDataStore",
"Storage subsystem to use.")
config_lib.DEFINE_string("Blobstore.implementation", "MemoryStreamBlobStore",
"Blob storage subsystem to use.")
config_lib.DEFINE_string("Database.implementation", "",
"Relational database system to use.")
config_lib.DEFINE_bool(
"Database.useForReads", False,
"Use relational database for reading as well as for writing.")
config_lib.DEFINE_bool("Database.useForReads.audit", False,
"Use relational database for reading audit logs.")
config_lib.DEFINE_bool(
"Database.useForReads.artifacts", False,
"Enable reading artifact data from the relational database.")
config_lib.DEFINE_bool(
"Database.useForReads.message_handlers", False,
"Enable message handlers using the relational database.")
config_lib.DEFINE_bool("Database.useForReads.cronjobs", False,
"Enable storing cronjobs in the relational database.")
help="List of temporary directories to use on the client.",
default=["/var/tmp/"])
config_lib.DEFINE_string(
name="Client.grr_tempdir",
help="Default subdirectory in the temp directory to use for GRR.",
default="%(Client.name)")
config_lib.DEFINE_list(
name="Client.vfs_virtualroots",
help=("If this is set for a VFS type, client VFS operations will always be"
" relative to the given root. Format is os:/mount/disk."),
default=[])
config_lib.DEFINE_bool(
name="Client.use_filesystem_sandboxing",
help="Whether to use the sandboxed implementation for filesystem parsing.",
default=False)
config_lib.DEFINE_bool(
name="Client.use_memory_sandboxing",
help="Whether to use the sandboxed implementation for memory scanning.",
default=False)
config_lib.DEFINE_string(name="Client.unprivileged_user",
help="Name of (UNIX) user to run sandboxed code as.",
default="")
config_lib.DEFINE_string(name="Client.unprivileged_group",
help="Name of (UNIX) group to run sandboxed code as.",
default="")
default=None,
help="The file extension for the client (OS dependent).")
config_lib.DEFINE_string(
name="ClientBuilder.package_dir",
default="%(ClientBuilder.build_root_dir)/%(Client.name)-pkg",
help="OSX package name.")
config_lib.DEFINE_string(
"ClientBuilder.private_config_validator_class",
default=None,
help="Set this to a class name that sanity checks your client "
"config at repacking time.")
config_lib.DEFINE_bool(
"Client.fleetspeak_enabled", False,
"Whether the client uses Fleetspeak to communicate "
"with the server.")
config_lib.DEFINE_bool(
"ClientBuilder.fleetspeak_bundled", False,
"Whether to bundle a Fleetspeak installation into the client package.")
config_lib.DEFINE_string(
"ClientBuilder.fleetspeak_install_dir",
"%(fleetspeak-client-bin@fleetspeak-client-bin|resource)",
"Location of the bundled Fleetspeak installation.")
config_lib.DEFINE_string(
"ClientBuilder.fleetspeak_client_config", "",
"Location of the fleetspeak client configuration generated by "
"fleetspeak-config.")
config_lib.DEFINE_string(
"AdminUI.firebase_auth_provider", "GoogleAuthProvider",
"Firebase auth provider (see "
"https://firebase.google.com/docs/auth/web/start). Used by "
"FirebaseWebAuthManager.")
# TODO(amoser): Deprecated, remove at some point.
config_lib.DEFINE_string("AdminUI.django_secret_key", "CHANGE_ME",
"This is deprecated. Used csrf_secret_key instead!.")
config_lib.DEFINE_string(
"AdminUI.csrf_secret_key", "CHANGE_ME",
"This is a secret key that should be set in the server "
"config. It is used in CSRF protection.")
config_lib.DEFINE_bool("AdminUI.enable_ssl", False,
"Turn on SSL. This needs AdminUI.ssl_cert to be set.")
config_lib.DEFINE_string("AdminUI.ssl_cert_file", "",
"The SSL certificate to use.")
config_lib.DEFINE_string(
"AdminUI.ssl_key_file", None,
"The SSL key to use. The key may also be part of the cert file, in which "
"case this can be omitted.")
config_lib.DEFINE_string("AdminUI.url", "http://localhost:8000/",
"The direct external URL for the user interface.")
config_lib.DEFINE_bool(
"AdminUI.use_precompiled_js", False,
"If True - use Closure-compiled JS bundle. This flag "
from grr_response_core.lib import config_lib
config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024,
"Maximum blob size we may store in the datastore.")
config_lib.DEFINE_string("Datastore.implementation", "", "Deprecated")
config_lib.DEFINE_string("Blobstore.implementation", "DbBlobStore",
"Blob storage subsystem to use.")
config_lib.DEFINE_string("Database.implementation", "",
"Relational database system to use.")
# Deprecated. There is no choice anymore, relational db is always enabled.
config_lib.DEFINE_bool(
"Database.enabled", True,
"Use relational database for reading as well as for writing.")
config_lib.DEFINE_bool("Database.aff4_enabled", False, "Deprecated.")
config_lib.DEFINE_string("Datastore.location",
default="%(Config.prefix)/var/grr-datastore",
help=("Location of the data store (usually a "
"filesystem directory)"))
# SQLite data store.
# NOTE: The SQLite datastore was obsoleted, so these options do not get
# used. We can remove them once users have migrated to MySQL.
config_lib.DEFINE_integer(
"SqliteDatastore.vacuum_check",
default=10,
config_lib.DEFINE_integer(
"Worker.queue_shards", 5, "Queue notifications will be sharded across "
"this number of datastore subjects.")
config_lib.DEFINE_list(
"Frontend.well_known_flows", ["TransferStore"],
"Allow these well known flows to run directly on the "
"frontend. Other flows are scheduled as normal.")
# Smtp settings.
config_lib.DEFINE_string("Worker.smtp_server", "localhost",
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
# Server Cryptographic settings.
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.ca_key",
description="CA private key. Used to sign for client enrollment.",
)
config_lib.DEFINE_semantic_value(
from grr_response_core.lib import rdfvalue
config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024,
"Maximum blob size we may store in the datastore.")
config_lib.DEFINE_string("Datastore.implementation", "FakeDataStore",
"Storage subsystem to use.")
config_lib.DEFINE_string("Blobstore.implementation", "MemoryStreamBlobStore",
"Blob storage subsystem to use.")
config_lib.DEFINE_string("Database.implementation", "",
"Relational database system to use.")
config_lib.DEFINE_bool(
"Database.useForReads", False,
"Use relational database for reading as well as for writing.")
config_lib.DEFINE_bool("Database.aff4_enabled", True,
"Enables reading/writing to the legacy data store.")
DATASTORE_PATHING = [
r"%{(?P<path>files/hash/generic/sha256/...).*}",
r"%{(?P<path>files/hash/generic/sha1/...).*}",
r"%{(?P<path>files/hash/generic/md5/...).*}",
r"%{(?P<path>files/hash/pecoff/md5/...).*}",
r"%{(?P<path>files/hash/pecoff/sha1/...).*}",
r"%{(?P<path>files/nsrl/...).*}", r"%{(?P<path>W/[^/]+).*}",
r"%{(?P<path>CA/[^/]+).*}", r"%{(?P<path>C\..\{1,16\}?)($|/.*)}",
r"%{(?P<path>hunts/[^/]+).*}", r"%{(?P<path>blobs/[^/]+).*}",
r"%{(?P<path>[^/]+).*}"
config_lib.DEFINE_string(
"AdminUI.firebase_auth_provider", "GoogleAuthProvider",
"Firebase auth provider (see "
"https://firebase.google.com/docs/auth/web/start). Used by "
"FirebaseWebAuthManager.")
# TODO(amoser): Deprecated, remove at some point.
config_lib.DEFINE_string("AdminUI.django_secret_key", "CHANGE_ME",
"This is deprecated. Used csrf_secret_key instead!.")
config_lib.DEFINE_string(
"AdminUI.csrf_secret_key", "CHANGE_ME",
"This is a secret key that should be set in the server "
"config. It is used in CSRF protection.")
config_lib.DEFINE_bool("AdminUI.enable_ssl", False,
"Turn on SSL. This needs AdminUI.ssl_cert to be set.")
config_lib.DEFINE_string("AdminUI.ssl_cert_file", "",
"The SSL certificate to use.")
config_lib.DEFINE_string(
"AdminUI.ssl_key_file", None,
"The SSL key to use. The key may also be part of the cert file, in which "
"case this can be omitted.")
config_lib.DEFINE_string("AdminUI.url", "http://localhost:8000/",
"The direct external URL for the user interface.")
config_lib.DEFINE_bool(
"AdminUI.use_precompiled_js", False,
"If True - use Closure-compiled JS bundle. This flag "
from grr_response_core.lib import rdfvalue
config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024,
"Maximum blob size we may store in the datastore.")
config_lib.DEFINE_string("Datastore.implementation", "FakeDataStore",
"Storage subsystem to use.")
config_lib.DEFINE_string("Blobstore.implementation", "MemoryStreamBlobStore",
"Blob storage subsystem to use.")
config_lib.DEFINE_string("Database.implementation", "",
"Relational database system to use.")
config_lib.DEFINE_bool(
"Database.useForReads", False,
"Use relational database for reading as well as for writing.")
config_lib.DEFINE_bool("Database.useForReads.audit", False,
"Use relational database for reading audit logs.")
config_lib.DEFINE_bool(
"Database.useForReads.artifacts", False,
"Enable reading artifact data from the relational database.")
config_lib.DEFINE_bool(
"Database.useForReads.message_handlers", False,
"Enable message handlers using the relational database.")
config_lib.DEFINE_bool("Database.useForReads.cronjobs", False,
"Enable storing cronjobs in the relational database.")
from grr_response_core.lib import rdfvalue
config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024,
"Maximum blob size we may store in the datastore.")
config_lib.DEFINE_string("Datastore.implementation", "FakeDataStore",
"Storage subsystem to use.")
config_lib.DEFINE_string("Blobstore.implementation", "MemoryStreamBlobStore",
"Blob storage subsystem to use.")
config_lib.DEFINE_string("Database.implementation", "",
"Relational database system to use.")
config_lib.DEFINE_bool(
"Database.useForReads", False,
"Use relational database for reading as well as for writing.")
config_lib.DEFINE_bool(
"Database.useForReads.message_handlers", False,
"Enable message handlers using the relational database.")
config_lib.DEFINE_bool("Database.useForReads.cronjobs", False,
"Enable storing cronjobs in the relational database.")
config_lib.DEFINE_bool("Database.useForReads.flows", False,
"Enable storing flows in the relational database.")
config_lib.DEFINE_bool(
"Database.useForReads.client_messages", False,
"Enable storing client messages in the relational "
from grr_response_core.lib import config_lib
from grr_response_core.lib import type_info
from grr_response_core.lib.rdfvalues import standard as rdf_standard
config_lib.DEFINE_string(
"Logging.domain", "localhost",
"The email domain belonging to this installation. "
"Leave blank to not restrict email to this domain")
config_lib.DEFINE_list(
"Logging.engines", ["stderr"], "Enabled logging engines. Valid values are "
"combinations of stderr,file,syslog,event_log.")
config_lib.DEFINE_bool("Logging.verbose",
False,
help="If true log more verbosely.")
config_lib.DEFINE_string("Logging.path",
"%(Config.prefix)/var/log/",
help="Path to log file directory.")
config_lib.DEFINE_string("Logging.syslog_path",
"/dev/log",
help="Path to syslog socket. This can be a unix "
"domain socket or in a UDP host:port notation.")
config_lib.DEFINE_string("Logging.filename",
"%(Logging.path)/GRRlog.txt",
help="Filename of the grr log file.")
config_lib.DEFINE_integer(
"Worker.queue_shards", 5, "Queue notifications will be sharded across "
"this number of datastore subjects.")
config_lib.DEFINE_list(
"Frontend.well_known_flows", ["TransferStore"],
"Allow these well known flows to run directly on the "
"frontend. Other flows are scheduled as normal.")
# Smtp settings.
config_lib.DEFINE_string("Worker.smtp_server", "localhost",
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
# Server Cryptographic settings.
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.ca_key",
help="CA private key. Used to sign for client enrollment.")
config_lib.DEFINE_semantic_value(
rdf_crypto.RSAPrivateKey,
config_lib.DEFINE_string("AdminUI.firebase_api_key", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string("AdminUI.firebase_auth_domain", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.firebase_auth_provider", "GoogleAuthProvider",
"Firebase auth provider (see "
"https://firebase.google.com/docs/auth/web/start). Used by "
"FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.csrf_secret_key", "CHANGE_ME",
"This is a secret key that should be set in the server "
"config. It is used in CSRF protection.")
config_lib.DEFINE_bool("AdminUI.enable_ssl", False,
"Turn on SSL. This needs AdminUI.ssl_cert to be set.")
config_lib.DEFINE_string("AdminUI.ssl_cert_file", "",
"The SSL certificate to use.")
config_lib.DEFINE_string(
"AdminUI.ssl_key_file", None,
"The SSL key to use. The key may also be part of the cert file, in which "
"case this can be omitted.")
config_lib.DEFINE_string("AdminUI.url", "http://localhost:8000/",
"The direct external URL for the user interface.")
config_lib.DEFINE_bool(
"AdminUI.use_precompiled_js", False,
"If True - use Closure-compiled JS bundle. This flag "
