#!/usr/bin/env python
"""Configuration parameters for the check subsystem."""
from grr.core.grr_response_core.lib import config_lib
config_lib.DEFINE_list(
"Checks.config_dir",
["%(grr/checks|resource)", "%(grr/checks/local|resource)"],
"A list of directories to load checks from.")
config_lib.DEFINE_list("Checks.config_files", [],
"Paths of check configurations to load at start up.")
config_lib.DEFINE_integer("Checks.max_results", 50,
"Maximum items to include as check results.")
#!/usr/bin/env python
"""Configuration parameters for logging and error reporting subsystems."""
from grr.core.grr_response_core.lib import config_lib
from grr.core.grr_response_core.lib import type_info
from grr.core.grr_response_core.lib.rdfvalues import standard as rdf_standard
config_lib.DEFINE_string(
"Logging.domain", "localhost",
"The email domain belonging to this installation. "
"Leave blank to not restrict email to this domain")
config_lib.DEFINE_list(
"Logging.engines", ["stderr"], "Enabled logging engines. Valid values are "
"combinations of stderr,file,syslog,event_log.")
config_lib.DEFINE_bool("Logging.verbose",
False,
help="If true log more verbosely.")
config_lib.DEFINE_string("Logging.path",
"%(Config.prefix)/var/log/",
help="Path to log file directory.")
config_lib.DEFINE_string("Logging.syslog_path",
"/dev/log",
help="Path to syslog socket. This can be a unix "
"domain socket or in a UDP host:port notation.")
config_lib.DEFINE_string("Logging.filename",
"%(Logging.path)/GRRlog.txt",
#!/usr/bin/env python
"""Configuration parameters for the check subsystem."""
from grr.core.grr_response_core.lib import config_lib
config_lib.DEFINE_list("Checks.config_dir", [
"%(grr_response_server|module_path)/"
"checks", "%(grr_response_server|module_path)/"
"checks/local"
], "A list of directories to load checks from.")
config_lib.DEFINE_list("Checks.config_files", [],
"Paths of check configurations to load at start up.")
config_lib.DEFINE_integer("Checks.max_results", 50,
"Maximum items to include as check results.")
config_lib.DEFINE_string(
name="ClientBuilder.config_filename",
default="%(Client.binary_name).yaml",
help=("The name of the configuration file which will be embedded in the "
"deployable binary."))
config_lib.DEFINE_string(
name="ClientBuilder.autorun_command_line",
default=("%(Client.binary_name) --install "
"--config %(ClientBuilder.config_filename)"),
help=("The command that the installer will execute after "
"unpacking the package."))
config_lib.DEFINE_list(
name="ClientBuilder.installer_plugins",
default=[],
help="Plugins that will copied to the client installation file and run "
"at install time.")
config_lib.DEFINE_list(
name="ClientBuilder.plugins",
default=[],
help="Plugins that will copied to the client installation file and run when"
"the client is running.")
config_lib.DEFINE_string(
name="ClientBuilder.client_logging_filename",
default="%(Logging.path)/%(Client.name)_log.txt",
help="Filename for logging, to be copied to Client section in the client "
"that gets built.")
from grr.core.grr_response_core.lib import config_lib
from grr.core.grr_response_core.lib.rdfvalues import crypto as rdf_crypto
# General Client options.
config_lib.DEFINE_string(
"Client.name", "GRR",
"The name of the client. This will be used as a base "
"name to generate many other default parameters such "
"as binary names and service names. Note that on "
"Linux we lowercase the name to confirm with most "
"linux naming conventions.")
config_lib.DEFINE_string("Client.binary_name", "%(Client.name)",
"The name of the client binary.")
config_lib.DEFINE_list("Client.labels", [], "Labels for this client.")
config_lib.DEFINE_string("Client.company_name", "GRR Project",
"The name of the company which made the client.")
config_lib.DEFINE_string("Client.description", "%(name) %(platform) %(arch)",
"A description of this specific client build.")
config_lib.DEFINE_string("Client.platform", "windows",
"The platform we are running on.")
config_lib.DEFINE_string("Client.arch", "amd64",
"The architecture we are running on.")
config_lib.DEFINE_string("Client.build_time", "Unknown",
"The time the client was built.")
#!/usr/bin/env python
"""Configuration parameters for the artifact subsystem."""
from grr.core.grr_response_core.lib import config_lib
config_lib.DEFINE_list("Artifacts.artifact_dirs", [
"%(grr/artifacts|resource)", "%(grr/artifacts/flow_templates|resource)",
"%(grr/artifacts/local|resource)"
], "A list directories to load artifacts from.")
config_lib.DEFINE_list(
"Artifacts.knowledge_base", [
"LinuxRelease",
"LinuxUserProfiles",
"MacOSUsers",
"WindowsCodePage",
"WindowsDomainName",
"WindowsEnvironmentVariableAllUsersAppData",
"WindowsEnvironmentVariableAllUsersProfile",
"WindowsEnvironmentVariablePath",
"WindowsEnvironmentVariableProfilesDirectory",
"WindowsEnvironmentVariableProgramFiles",
"WindowsEnvironmentVariableProgramFilesX86",
"WindowsEnvironmentVariableSystemDrive",
"WindowsEnvironmentVariableSystemRoot",
"WindowsEnvironmentVariableTemp",
"WindowsEnvironmentVariableWinDir",
"WindowsRegistryCurrentControlSet",
"WindowsRegistryProfiles",
"WindowsUserShellFolders",
"WindowsTimezone",
config_lib.DEFINE_string(
"AdminUI.template_root",
"%(grr/server/grr_response_server/gui/templates|resource)",
"The main path to the templates.")
config_lib.DEFINE_string(
"AdminUI.webauth_manager", "NullWebAuthManager",
"The web auth manager for controlling access to the UI.")
config_lib.DEFINE_string(
"AdminUI.remote_user_header", "X-Remote-User",
"Header containing authenticated user's username. "
"Used by RemoteUserWebAuthManager.")
config_lib.DEFINE_list(
"AdminUI.remote_user_trusted_ips", ["127.0.0.1"],
"Only requests coming from these IPs will be processed "
"by RemoteUserWebAuthManager.")
config_lib.DEFINE_string("AdminUI.firebase_api_key", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string("AdminUI.firebase_auth_domain", None,
"Firebase API key. Used by FirebaseWebAuthManager.")
config_lib.DEFINE_string(
"AdminUI.firebase_auth_provider", "GoogleAuthProvider",
"Firebase auth provider (see "
"https://firebase.google.com/docs/auth/web/start). Used by "
"FirebaseWebAuthManager.")
# TODO(amoser): Deprecated, remove at some point.
config_lib.DEFINE_string("AdminUI.django_secret_key", "CHANGE_ME",
"This is deprecated. Used csrf_secret_key instead!.")
"Use relational database for reading VFS information.")
DATASTORE_PATHING = [
r"%{(?P<path>files/hash/generic/sha256/...).*}",
r"%{(?P<path>files/hash/generic/sha1/...).*}",
r"%{(?P<path>files/hash/generic/md5/...).*}",
r"%{(?P<path>files/hash/pecoff/md5/...).*}",
r"%{(?P<path>files/hash/pecoff/sha1/...).*}",
r"%{(?P<path>files/nsrl/...).*}", r"%{(?P<path>W/[^/]+).*}",
r"%{(?P<path>CA/[^/]+).*}", r"%{(?P<path>C\..\{1,16\}?)($|/.*)}",
r"%{(?P<path>hunts/[^/]+).*}", r"%{(?P<path>blobs/[^/]+).*}",
r"%{(?P<path>[^/]+).*}"
]
config_lib.DEFINE_list("Datastore.pathing", DATASTORE_PATHING,
("Path selection for subjects in the file-based data "
"stores (by priority)."))
config_lib.DEFINE_string("Datastore.location",
default="%(Config.prefix)/var/grr-datastore",
help=("Location of the data store (usually a "
"filesystem directory)"))
# SQLite data store.
config_lib.DEFINE_integer(
"SqliteDatastore.vacuum_check",
default=10,
help=("Number of rows that need to be deleted before "
"checking if the sqlite file may need to be "
"vacuumed."))