Service¶
Service Configuration
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| accepts | Keyword | Regex to accept files as identified by Assemblyline | Yes |
.* |
| rejects | Keyword | Regex to reject files as identified by Assemblyline | Optional |
empty|metadata/.* |
| category | Keyword | Which category does this service belong to? | Yes |
Static Analysis |
| classification | ClassificationString | Classification of the service | Yes |
TLP:C |
| config | Mapping [String, Any] | Service Configuration | Yes |
{} |
| description | Text | Description of service | Yes |
NA |
| default_result_classification | ClassificationString | Default classification assigned to service results | Yes |
TLP:C |
| enabled | Boolean | Is the service enabled (by default)? | Yes |
False |
| is_external | Boolean | Does this service perform analysis outside of Assemblyline? | Yes |
False |
| licence_count | Integer | How many licences is the service allowed to use? | Yes |
0 |
| min_instances | Integer | The minimum number of service instances. Overrides Scaler's min_instances configuration. | Optional |
None |
| max_queue_length | Integer | If more than this many jobs are queued for this service drop those over this limit. 0 is unlimited. | Yes |
0 |
| uses_tags | Boolean | Does this service use tags from other services for analysis? | Yes |
False |
| uses_tag_scores | Boolean | Does this service use scores of tags from other services for analysis? | Yes |
False |
| uses_temp_submission_data | Boolean | Does this service use temp data from other services for analysis? | Yes |
False |
| uses_metadata | Boolean | Does this service use submission metadata for analysis? | Yes |
False |
| name | Keyword | Name of service | Yes |
None |
| version | Keyword | Version of service | Yes |
None |
| privileged | Boolean | Should the service be able to talk to core infrastructure or just service-server for tasking? | Yes |
False |
| disable_cache | Boolean | Should the result cache be disabled for this service? | Yes |
False |
| stage | Keyword | Which execution stage does this service run in? | Yes |
CORE |
| submission_params | List [SubmissionParams] | Submission parameters of service | Yes |
[] |
| timeout | Integer | Service task timeout, in seconds | Yes |
60 |
| docker_config | DockerConfig | Docker configuration for service | Yes |
None |
| dependencies | Mapping [String, DependencyConfig] | Dependency configuration for service | Yes |
See DependencyConfig for more details. |
| update_channel | Enum | What channel to watch for service updates? Supported values are: "beta", "dev", "rc", "stable" |
Yes |
stable |
| update_config | UpdateConfig | Update configuration for fetching external resources | Optional |
None |
| recursion_prevention | List [Keyword] | List of service names/categories where recursion is prevented. | Yes |
[] |
DependencyConfig¶
Container's Dependency Configuration
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| container | DockerConfig | Docker container configuration for dependency | Yes |
None |
| volumes | Mapping [String, PersistentVolume] | Volume configuration for dependency | Yes |
See PersistentVolume for more details. |
| run_as_core | Boolean | Should this dependency run as other core components? | Yes |
False |
DockerConfig¶
Docker Container Configuration
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| allow_internet_access | Boolean | Does the container have internet-access? | Yes |
False |
| command | List [Keyword] | Command to run when container starts up. | Optional |
None |
| cpu_cores | Float | CPU allocation | Yes |
1.0 |
| environment | List [EnvironmentVariable] | Additional environemnt variables for the container | Yes |
[] |
| image | Keyword | Complete name of the Docker image with tag, may include registry | Yes |
None |
| registry_username | Keyword | The username to use when pulling the image | Optional |
`` |
| registry_password | Keyword | The password or token to use when pulling the image | Optional |
`` |
| registry_type | Enum | The type of container registry Supported values are: "docker", "harbor" |
Yes |
docker |
| ports | List [Keyword] | What ports of container to expose? | Yes |
[] |
| ram_mb | Integer | Container RAM limit | Yes |
512 |
| ram_mb_min | Integer | Container RAM request | Yes |
256 |
| service_account | Keyword | None | Optional |
None |
| labels | List [EnvironmentVariable] | Additional container labels. | Yes |
[] |
EnvironmentVariable¶
Environment Variable Model
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| name | Keyword | Name of Environment Variable | Yes |
None |
| value | Keyword | Value of Environment Variable | Yes |
None |
PersistentVolume¶
Container's Persistent Volume Configuration
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| mount_path | Keyword | Path into the container to mount volume | Yes |
None |
| capacity | Keyword | The amount of storage allocated for volume | Yes |
None |
| storage_class | Keyword | Storage class used to create volume | Yes |
None |
| access_mode | Enum | Access mode for volume Supported values are: "ReadWriteMany", "ReadWriteOnce" |
Yes |
ReadWriteOnce |
DockerConfig¶
Docker Container Configuration
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| allow_internet_access | Boolean | Does the container have internet-access? | Yes |
False |
| command | List [Keyword] | Command to run when container starts up. | Optional |
None |
| cpu_cores | Float | CPU allocation | Yes |
1.0 |
| environment | List [EnvironmentVariable] | Additional environemnt variables for the container | Yes |
[] |
| image | Keyword | Complete name of the Docker image with tag, may include registry | Yes |
None |
| registry_username | Keyword | The username to use when pulling the image | Optional |
`` |
| registry_password | Keyword | The password or token to use when pulling the image | Optional |
`` |
| registry_type | Enum | The type of container registry Supported values are: "docker", "harbor" |
Yes |
docker |
| ports | List [Keyword] | What ports of container to expose? | Yes |
[] |
| ram_mb | Integer | Container RAM limit | Yes |
512 |
| ram_mb_min | Integer | Container RAM request | Yes |
256 |
| service_account | Keyword | None | Optional |
None |
| labels | List [EnvironmentVariable] | Additional container labels. | Yes |
[] |
EnvironmentVariable¶
Environment Variable Model
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| name | Keyword | Name of Environment Variable | Yes |
None |
| value | Keyword | Value of Environment Variable | Yes |
None |
SubmissionParams¶
Submission Parameters for Service
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| default | Any | Default value (must match value in value field) |
Yes |
None |
| name | Keyword | Name of parameter | Yes |
None |
| type | Enum | Type of parameter Supported values are: "bool", "int", "list", "str" |
Yes |
None |
| value | Any | Default value (must match value in default field) |
Yes |
None |
| list | Any | List of values if type: list |
Optional |
None |
| hide | Boolean | Should this parameter be hidden? | Yes |
False |
UpdateConfig¶
Update Configuration for Signatures
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| generates_signatures | Boolean | Does the updater produce signatures? | Yes |
False |
| sources | List [UpdateSource] | List of external sources | Yes |
[] |
| update_interval_seconds | Integer | Update check interval, in seconds | Yes |
None |
| wait_for_update | Boolean | Should the service wait for updates first? | Yes |
False |
| signature_delimiter | Enum | Delimiter used when given a list of signatures Supported values are: "comma", "custom", "double_new_line", "file", "new_line", "none", "pipe", "space" |
Yes |
double_new_line |
| custom_delimiter | Keyword | Custom delimiter definition | Optional |
None |
UpdateSource¶
Update Source Configuration
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| name | Keyword | Name of source | Yes |
None |
| password | Keyword | Password used to authenticate with source | Optional |
`` |
| pattern | Keyword | Pattern used to find files of interest from source | Optional |
`` |
| private_key | Keyword | Private key used to authenticate with source | Optional |
`` |
| ca_cert | Keyword | CA cert for source | Optional |
`` |
| ssl_ignore_errors | Boolean | Ignore SSL errors when reaching out to source? | Yes |
False |
| proxy | Keyword | Proxy server for source | Optional |
`` |
| uri | Keyword | URI to source | Yes |
None |
| username | Keyword | Username used to authenticate with source | Optional |
`` |
| headers | List [EnvironmentVariable] | Headers | Yes |
[] |
| default_classification | Classification | Default classification used in absence of one defined in files from source | Yes |
TLP:C |
| git_branch | Keyword | Branch to checkout from Git repository. | Optional |
`` |
| sync | Boolean | Synchronize signatures with remote source. Allows system to auto-disable signatures no longer found in source. | Yes |
False |
EnvironmentVariable¶
Environment Variable Model
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| name | Keyword | Name of Environment Variable | Yes |
None |
| value | Keyword | Value of Environment Variable | Yes |
None |