default=r"%(SystemRoot|env)\\System32\\%(name)\\%(Template.version_string)",
help="Where the client binaries are installed.")
config_lib.DEFINE_string(
name="Client.component_path",
default=r"%(Client.install_path)/components",
help="Where the client components are installed on the client.")
config_lib.DEFINE_string(
name="Client.component_url_stem",
default="%(Frontend.static_url_path_prefix)components/",
help="A URL path where components will be served from.")
config_lib.DEFINE_semantic(
rdfvalue.RDFURN,
"Client.component_aff4_stem",
default="%(Frontend.static_aff4_prefix)/components/",
description="A common AFF4 stem where components will be served from.")
config_lib.DEFINE_string(
name="Client.rekall_profile_cache_path",
default=r"%(Client.install_path)\\rekall_profiles",
help="Where GRR stores cached Rekall profiles needed for memory analysis")
config_lib.DEFINE_list(name="Client.server_urls",
default=[],
help="Base URL for client control.")
config_lib.DEFINE_list(
"Client.control_urls", [],
"DEPRECATED List of URLs of the controlling server. "
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
# Server Cryptographic settings.
config_lib.DEFINE_semantic(
rdf_crypto.RSAPrivateKey,
"PrivateKeys.ca_key",
description="CA private key. Used to sign for client enrollment.",
)
config_lib.DEFINE_semantic(rdf_crypto.RSAPrivateKey,
"PrivateKeys.server_key",
description="Private key for the front end server.")
config_lib.DEFINE_integer("Server.rsa_key_length", 2048,
"The length of the server rsa key in bits.")
config_lib.DEFINE_semantic(
rdf_crypto.RDFX509Cert,
"Frontend.certificate",
description="An X509 certificate for the frontend server.")
"The smtp server for sending email alerts.")
config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.")
config_lib.DEFINE_bool("Worker.smtp_starttls", False,
"Enable TLS for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_user", None,
"Username for the smtp connection.")
config_lib.DEFINE_string("Worker.smtp_password", None,
"Password for the smtp connection.")
# Server Cryptographic settings.
config_lib.DEFINE_semantic(
rdfvalue.PEMPrivateKey, "PrivateKeys.ca_key",
description="CA private key. Used to sign for client enrollment.",
)
config_lib.DEFINE_semantic(
rdfvalue.PEMPrivateKey, "PrivateKeys.server_key",
description="Private key for the front end server.")
config_lib.DEFINE_semantic(
rdfvalue.RDFX509Cert, "Frontend.certificate",
description="An X509 certificate for the frontend server.")
config_lib.DEFINE_integer("ACL.cache_age", 600, "The number of seconds "
"approval objects live in the cache.")
config_lib.DEFINE_bool("Cron.active", False,
"Set to true to run a cron thread on this binary.")
# Windows client specific options.
config_lib.DEFINE_string("Client.config_hive",
r"HKEY_LOCAL_MACHINE",
help="The registry hive where the client "
"configuration will be stored.")
config_lib.DEFINE_string("Client.config_key",
r"Software\\GRR",
help="The registry key where client configuration "
"will be stored.")
# Client Cryptographic options.
config_lib.DEFINE_semantic(
rdfvalue.PEMPrivateKey,
"Client.private_key",
description="Client private key in pem format. If not provided this "
"will be generated by the enrollment process.",
)
config_lib.DEFINE_semantic(
rdfvalue.RDFX509Cert,
"CA.certificate",
description="Trusted CA certificate in X509 pem format",
)
config_lib.DEFINE_semantic(
rdfvalue.PEMPublicKey,
"Client.executable_signing_public_key",
description="public key for verifying executable signing.")
config_lib.DEFINE_semantic(
#!/usr/bin/env python
"""API config options."""
from grr.lib import config_lib
from grr.lib import rdfvalue
config_lib.DEFINE_integer(
"API.DailyFlowRequestLimit", "10",
"Number of flows a user can run on a single client "
"per day before being blocked by throttling. Set to "
"0 to disable checking.")
config_lib.DEFINE_semantic(
rdfvalue.Duration,
"API.FlowDuplicateInterval",
default="1200s",
description="Amount of time "
"that needs to pass before the throttler will allow "
"an identical flow to run on the same client. Set "
"to 0s to disable checking.")
config_lib.DEFINE_string(
"API.RouterACLConfigFile", "", "The file containing API acls, see "
"grr/config/api_acls.yaml for an example.")
config_lib.DEFINE_string(
"API.DefaultRouter", "DisabledApiCallRouter",
"The default router used by the API if there are no "
"rules defined in API.RouterACLConfigFile or if none "
"of these rules matches.")
config_lib.DEFINE_string("CloudBigtable.instance_id",
default="grrbigtable",
help="The cloud bigtable instance ID.")
config_lib.DEFINE_string(
"CloudBigtable.test_project_id",
default=None,
help="Set this to run the cloud bigtable tests. Note that billing applies! "
"Always check your project has deleted the test instances correctly after "
"running these tests.")
config_lib.DEFINE_string("CloudBigtable.instance_name",
default="grrbigtable",
help="The cloud bigtable instance ID.")
config_lib.DEFINE_semantic(rdfvalue.Duration, "CloudBigtable.retry_interval",
"1s", "Time to wait before first retry.")
config_lib.DEFINE_integer(
"CloudBigtable.retry_max_attempts",
default=5,
help="Maximum number of retries on RPC before we give up.")
config_lib.DEFINE_integer(
"CloudBigtable.retry_multiplier", 2,
"For each retry, multiply last delay by this value.")
config_lib.DEFINE_string("CloudBigtable.table_name",
default="grrbigtable",
help="The cloud bigtable table name.")
config_lib.DEFINE_integer(
config_lib.DEFINE_string("BigQuery.project_id", None,
"The BigQuery project_id.")
config_lib.DEFINE_string("BigQuery.dataset_id", "grr",
"The BigQuery project_id.")
config_lib.DEFINE_integer(
"BigQuery.max_file_post_size", 5 * 1000 * 1000,
"Max size of file to put in each POST "
"to bigquery. Note enforcement is not exact.")
config_lib.DEFINE_integer("BigQuery.retry_max_attempts", 2,
"Total number of times to retry an upload.")
config_lib.DEFINE_integer(
"BigQuery.max_upload_failures", 100,
"Total number of times to try uploading to BigQuery"
" for a given hunt or flow.")
config_lib.DEFINE_semantic(rdfvalue.Duration, "BigQuery.retry_interval", "2s",
"Time to wait before first retry.")
config_lib.DEFINE_integer(
"BigQuery.retry_multiplier", 2,
"For each retry, multiply last delay by this value.")
config_lib.DEFINE_integer_list("BigQuery.retry_status_codes",
[404, 500, 502, 503, 504],
"HTTP status codes on which we should retry.")
