Service¶

Service Configuration

Field	Type	Description	Required	Default
accepts	Keyword	Regex to accept files as identified by Assemblyline	Yes	`.*`
auto_update	Boolean	Should the service be auto-updated?	Optional	`None`
rejects	Keyword	Regex to reject files as identified by Assemblyline	Optional	`empty\|metadata/.*`
category	Keyword	Which category does this service belong to?	Yes	`Static Analysis`
classification	ClassificationString	Classification of the service	Yes	`TLP:C`
config	Mapping [String, Any]	Service Configuration	Yes	`{}`
description	Text	Description of service	Yes	`NA`
default_result_classification	ClassificationString	Default classification assigned to service results	Yes	`TLP:C`
enabled	Boolean	Is the service enabled (by default)?	Yes	`False`
is_external	Boolean	Does this service perform analysis outside of Assemblyline?	Yes	`False`
licence_count	Integer	How many licences is the service allowed to use?	Yes	`0`
min_instances	Integer	The minimum number of service instances. Overrides Scaler's min_instances configuration.	Optional	`None`
max_queue_length	Integer	If more than this many jobs are queued for this service drop those over this limit. 0 is unlimited.	Yes	`0`
uses_tags	Boolean	Does this service use tags from other services for analysis?	Yes	`False`
uses_tag_scores	Boolean	Does this service use scores of tags from other services for analysis?	Yes	`False`
uses_temp_submission_data	Boolean	Does this service use temp data from other services for analysis?	Yes	`False`
uses_metadata	Boolean	Does this service use submission metadata for analysis?	Yes	`False`
monitored_keys	List [Keyword]	This service watches these temporary keys for changes when partial results are produced.	Yes	`[]`
name	Keyword	Name of service	Yes	`None`
version	Keyword	Version of service	Yes	`None`
privileged	Boolean	Should the service be able to talk to core infrastructure or just service-server for tasking?	Yes	`False`
disable_cache	Boolean	Should the result cache be disabled for this service?	Yes	`False`
stage	Keyword	Which execution stage does this service run in?	Yes	`CORE`
submission_params	List [SubmissionParams]	Submission parameters of service	Yes	`[]`
timeout	Integer	Service task timeout, in seconds	Yes	`60`
docker_config	DockerConfig	Docker configuration for service	Yes	`None`
dependencies	Mapping [String, DependencyConfig]	Dependency configuration for service	Yes	See DependencyConfig for more details.
update_channel	Enum	What channel to watch for service updates? Supported values are: `"beta", "dev", "rc", "stable"`	Yes	`stable`
update_config	UpdateConfig	Update configuration for fetching external resources	Optional	`None`
recursion_prevention	List [Keyword]	List of service names/categories where recursion is prevented.	Yes	`[]`

DependencyConfig¶

Container's Dependency Configuration

Field	Type	Description	Required	Default
container	DockerConfig	Docker container configuration for dependency	Yes	`None`
volumes	Mapping [String, PersistentVolume]	Volume configuration for dependency	Yes	See PersistentVolume for more details.
run_as_core	Boolean	Should this dependency run as other core components?	Yes	`False`

DockerConfig¶

Docker Container Configuration

Field	Type	Description	Required	Default
allow_internet_access	Boolean	Does the container have internet-access?	Yes	`False`
command	List [Keyword]	Command to run when container starts up.	Optional	`None`
cpu_cores	Float	CPU allocation	Yes	`1.0`
environment	List [EnvironmentVariable]	Additional environemnt variables for the container	Yes	`[]`
image	Keyword	Complete name of the Docker image with tag, may include registry	Yes	`None`
registry_username	Keyword	The username to use when pulling the image	Optional	``
registry_password	Keyword	The password or token to use when pulling the image	Optional	``
registry_type	Enum	The type of container registry Supported values are: `"docker", "harbor"`	Yes	`docker`
ports	List [Keyword]	What ports of container to expose?	Yes	`[]`
ram_mb	Integer	Container RAM limit	Yes	`512`
ram_mb_min	Integer	Container RAM request	Yes	`256`
service_account	Keyword	None	Optional	`None`
labels	List [EnvironmentVariable]	Additional container labels.	Yes	`[]`

EnvironmentVariable¶

Environment Variable Model

Field	Type	Description	Required	Default
name	Keyword	Name of Environment Variable	Yes	`None`
value	Keyword	Value of Environment Variable	Yes	`None`

PersistentVolume¶

Container's Persistent Volume Configuration

Field	Type	Description	Required	Default
mount_path	Keyword	Path into the container to mount volume	Yes	`None`
capacity	Keyword	The amount of storage allocated for volume	Yes	`None`
storage_class	Keyword	Storage class used to create volume	Yes	`None`
access_mode	Enum	Access mode for volume Supported values are: `"ReadWriteMany", "ReadWriteOnce"`	Yes	`ReadWriteOnce`

DockerConfig¶

Docker Container Configuration

Field	Type	Description	Required	Default
allow_internet_access	Boolean	Does the container have internet-access?	Yes	`False`
command	List [Keyword]	Command to run when container starts up.	Optional	`None`
cpu_cores	Float	CPU allocation	Yes	`1.0`
environment	List [EnvironmentVariable]	Additional environemnt variables for the container	Yes	`[]`
image	Keyword	Complete name of the Docker image with tag, may include registry	Yes	`None`
registry_username	Keyword	The username to use when pulling the image	Optional	``
registry_password	Keyword	The password or token to use when pulling the image	Optional	``
registry_type	Enum	The type of container registry Supported values are: `"docker", "harbor"`	Yes	`docker`
ports	List [Keyword]	What ports of container to expose?	Yes	`[]`
ram_mb	Integer	Container RAM limit	Yes	`512`
ram_mb_min	Integer	Container RAM request	Yes	`256`
service_account	Keyword	None	Optional	`None`
labels	List [EnvironmentVariable]	Additional container labels.	Yes	`[]`

EnvironmentVariable¶

Environment Variable Model

Field	Type	Description	Required	Default
name	Keyword	Name of Environment Variable	Yes	`None`
value	Keyword	Value of Environment Variable	Yes	`None`

SubmissionParams¶

Submission Parameters for Service

Field	Type	Description	Required	Default
default	Any	Default value (must match value in `value` field)	Yes	`None`
name	Keyword	Name of parameter	Yes	`None`
type	Enum	Type of parameter Supported values are: `"bool", "int", "list", "str"`	Yes	`None`
value	Any	Default value (must match value in `default` field)	Yes	`None`
list	Any	List of values if `type: list`	Optional	`None`
hide	Boolean	Should this parameter be hidden?	Yes	`False`

UpdateConfig¶

Update Configuration for Signatures

Field	Type	Description	Required	Default
generates_signatures	Boolean	Does the updater produce signatures?	Yes	`False`
sources	List [UpdateSource]	List of external sources	Yes	`[]`
update_interval_seconds	Integer	Update check interval, in seconds	Yes	`None`
wait_for_update	Boolean	Should the service wait for updates first?	Yes	`False`
signature_delimiter	Enum	Delimiter used when given a list of signatures Supported values are: `"comma", "custom", "double_new_line", "file", "new_line", "none", "pipe", "space"`	Yes	`double_new_line`
custom_delimiter	Keyword	Custom delimiter definition	Optional	`None`
default_pattern	Text	Default pattern used for matching files	Yes	`.*`

UpdateSource¶

Update Source Configuration

Field	Type	Description	Required	Default
name	Keyword	Name of source	Yes	`None`
password	Keyword	Password used to authenticate with source	Optional	``
pattern	Keyword	Pattern used to find files of interest from source	Optional	``
private_key	Keyword	Private key used to authenticate with source	Optional	``
ca_cert	Keyword	CA cert for source	Optional	``
ssl_ignore_errors	Boolean	Ignore SSL errors when reaching out to source?	Yes	`False`
proxy	Keyword	Proxy server for source	Optional	``
uri	Keyword	URI to source	Yes	`None`
username	Keyword	Username used to authenticate with source	Optional	``
headers	List [EnvironmentVariable]	Headers	Yes	`[]`
default_classification	Classification	Default classification used in absence of one defined in files from source	Yes	`TLP:C`
use_managed_identity	Boolean	Use managed identity for authentication with Azure DevOps	Yes	`False`
git_branch	Keyword	Branch to checkout from Git repository.	Optional	``
sync	Boolean	Synchronize signatures with remote source. Allows system to auto-disable signatures no longer found in source.	Yes	`False`
fetch_method	Enum	Fetch method to be used with source Supported values are: `"GET", "GIT", "POST"`	Yes	`GET`
enabled	Boolean	Is this source active for periodic fetching?	Yes	`True`
override_classification	Boolean	Should the source's classfication override the signature's self-defined classification, if any?	Yes	`False`
configuration	Mapping [String, Any]	Processing configuration for source	Yes	`{}`
update_interval	Integer	Update check interval, in seconds, for this source	Optional	`None`
ignore_cache	Boolean	Ignore source caching and forcefully fetch from source	Yes	`False`
data	Text	Data that's sent in a POST request (`fetch_method="POST"`)	Optional	`None`

EnvironmentVariable¶

Environment Variable Model

Field	Type	Description	Required	Default
name	Keyword	Name of Environment Variable	Yes	`None`
value	Keyword	Value of Environment Variable	Yes	`None`