Skip to content

Submission section

The submission configuration section (submission:) of the configuration file allows you to modify the parameters off how submissions are handled in the system.

Since this section is quite simple, we will list the default configuration at the same time as we describe the different values.

Submission section configuration example 
...
submission:
  # Maximum amount of extracted files for a submission
  default_max_extracted: 500

  # Maximum amount of supplementary files for a submission
  default_max_supplementary: 500

  # Default amount of days submissions live in the system
  dtl: 30

  # Maximum amount of days submissions live in the system
  max_dtl: 0

  # Maximum extraction depth service can go
  max_extraction_depth: 6

  # Maximum file size allowed in the system
  max_file_size: 104857600

  # Maximum size of each metadata entry
  max_metadata_length: 4096

  # Types of tags to be included in the submission summary in
  # the attribution, behaviour and ioc sectiona.
  tag_types:
    attribution:
    - attribution.actor
    - attribution.campaign
    - attribution.exploit
    - attribution.implant
    - attribution.family
    - attribution.network
    - av.virus_name
    - file.config
    - technique.obfuscation
    behavior:
    - file.behavior
    ioc:
    - network.email.address
    - network.static.ip
    - network.static.domain
    - network.static.uri
    - network.dynamic.ip
    - network.dynamic.domain
    - network.dynamic.uri
...

Tip

Refer to the changing the configuration file documentation for more detail on where and how to change the configuration of the system.