settings.json.sample

{
  "inputs": {
    "pastebin":{
      "enabled": true,
      "module": "inputs.pastebin",
      "api_scrape": "https://pastebin.com/api_scraping.php",
      "api_raw": "https://pastebin.com/api_scrape_item.php?i=",
      "paste_limit": 200,
      "store_all": false
    },
    "dumpz": {
      "enabled": true,
      "module": "inputs.dumpz",
      "api_scrape": "https://dumpz.org/api/recent",
      "api_raw": "https://dumpz.org/api/dump",
      "paste_limit": 200,
      "store_all": false
    },
    "gists": {
      "enabled": true,
      "module": "inputs.gists",
      "api_token": "",
      "api_limit": 100,
      "store_all": false,
      "user_blacklist": [],
      "file_blacklist": ["grahamcofborg-eval-package-list"]
    }
  },
  "outputs": {
    "elastic_output": {
      "enabled": true,
      "module": "outputs.elastic_output",
      "classname": "ElasticOutput",
      "elastic_index": "paste-test",
      "elastic_host": "192.168.1.22",
      "elastic_port": 9200,
      "elastic_user": "elastic",
      "elastic_pass": "changeme",
      "elastic_ssl": false,
      "weekly_index": false
    },
    "json_output": {
      "enabled": true,
      "module": "outputs.json_output",
      "classname": "JsonOutput",
      "output_path": "logs/json/",
      "store_raw": true,
      "encode_raw": true
    },
    "csv_output": {
      "enabled": false,
      "module": "outputs.csv_output",
      "classname": "CSVOutput",
      "output_path": "/logs/csv/"
    },
    "syslog_output": {
      "enabled": false,
      "module": "outputs.syslog_output",
      "classname": "SyslogOutput",
      "host": "192.168.1.1",
      "port": 514
    },
    "smtp_output": {
      "enabled": false,
      "module": "outputs.smtp_output",
      "classname": "SMTPOutput",
      "smtp_host": "smtp.server.com",
      "smtp_port": 25,
      "smtp_tls": true,
      "smtp_user": "smtpusername",
      "smtp_pass": "smtppassword",
      "recipient": "emailaddress that gets the alerts",
      "rule_list": ["custom_keywords"]
    }
  },
  "yara": {
    "rule_path": "YaraRules",
    "blacklist": true,
    "test_rules": false
  },
  "general": {
    "run_frequency": 300
  },
  "post_process": {
    "post_email": {
      "enabled": false,
      "module": "postprocess.post_email",
      "rule_list": ["email_list"]
    },
    "post_b64": {
      "enabled": false,
      "module": "postprocess.post_b64",
      "rule_list": ["b64_exe", "b64_rar", "b64_zip", "b64_gzip"],
      "cuckoo": {
        "enabled": false,
        "api_host": "127.0.0.1",
        "api_port": 8080
      },
      "viper": {
        "enabled": false,
        "api_host": "127.0.0.1",
        "api_port": 8080
      }
    }
  }
}