ReplayConfig¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| creator | Creator | Replay creator options | Yes |
See Creator for more details. |
| loader | Loader | Replay loader options | Yes |
See Loader for more details. |
Creator¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| client | Client | None | Yes |
See Client for more details. |
| alert_input | InputModule | None | Yes |
See InputModule for more details. |
| badlist_input | InputModule | None | Yes |
See InputModule for more details. |
| safelist_input | InputModule | None | Yes |
See InputModule for more details. |
| signature_input | InputModule | None | Yes |
See InputModule for more details. |
| submission_input | InputModule | None | Yes |
See InputModule for more details. |
| workflow_input | InputModule | None | Yes |
See InputModule for more details. |
| lookback_time | Keyword | None | Yes |
* |
| output_filestore | Keyword | None | Yes |
file:///tmp/replay/output |
| working_directory | Keyword | None | Yes |
/tmp/replay/work |
Client¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| type | Enum | None Supported values are: "api", "direct" |
Yes |
direct |
| options | ClientOptions | None | Optional |
See ClientOptions for more details. |
ClientOptions¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| host | Keyword | None | Yes |
https://localhost:443 |
| user | Keyword | None | Yes |
admin |
| apikey | Keyword | None | Yes |
devkey:devpass |
| verify | Boolean | None | Yes |
True |
InputModule¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| enabled | Boolean | None | Yes |
True |
| threads | Integer | None | Yes |
6 |
| filter_queries | List [Keyword] | None | Yes |
['NOT extended_scan:submitted', 'workflows_completed:true'] |
Loader¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| client | Client | None | Yes |
See Client for more details. |
| failed_directory | Keyword | None | Yes |
/tmp/replay/failed |
| input_threads | Integer | None | Yes |
6 |
| input_directory | Keyword | None | Yes |
/tmp/replay/input |
| min_classification | Keyword | None | Optional |
None |
| rescan | List [Keyword] | None | Yes |
[] |
| working_directory | Keyword | None | Yes |
/tmp/replay/work |
| sync_check_interval | Integer | How often to check on imported Replay bundles (in seconds)? | Yes |
3600 |
Client¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| type | Enum | None Supported values are: "api", "direct" |
Yes |
direct |
| options | ClientOptions | None | Optional |
See ClientOptions for more details. |
ClientOptions¶
None
| Field | Type | Description | Required | Default |
|---|---|---|---|---|
| host | Keyword | None | Yes |
https://localhost:443 |
| user | Keyword | None | Yes |
admin |
| apikey | Keyword | None | Yes |
devkey:devpass |
| verify | Boolean | None | Yes |
True |