Configuration File Description #
The provided configuration file is for an application titled “OCULUS SERVER”.
The configuration file is located at /etc/oculus/config++.conf and has the following structure:
application:
{
main:
{
title = “OCULUS SERVER”;
version = “0.4.2”;
date = “22 Feb 2024”;
};
settings:
{
main_key = “suricata”;
keys = ( “alert”, “flow”, “http”, “dns”, “dhcp”, “fileinfo”, “stats”, “tls”);
valid_duration = 24;
redis_connect = “redis://127.0.0.1/”;
rules_file = “/var/lib/suricata/rules/suricata.rules”;
tmp_rule_file = “/home/fil/suricata_validate_rule.rules”;
suricata_conf = “/etc/suricata/suricata.yaml”;
additional_rules = “/var/lib/suricata/rules/additional.rules”;
ioc_full_link = “https://threatfox-api.abuse.ch/export/json/full/”;
ioc_full_file_path = “/var/lib/suricata”;
ioc_full_file_name = “/var/lib/suricata/full.json”;
ioc_local_file_name = “/var/lib/suricata/ioc.json”;
ioc_domain_rules = “/var/lib/suricata/rules/ioc_domain.rules”;
ioc_url_rules = “/var/lib/suricata/rules/ioc_url.rules”;
ioc_ip_rules = “/var/lib/suricata/rules/ioc_ip.rules”;
ioc_domains_lst = “/var/lib/suricata/ioc_domains.lst”;
fast_file = “/var/log/suricata/fast.log”;
};
It is structured into two main sections:
mainandsettings. Below is a detailed description of each section and its parameters.
Main Section #
The main section contains basic metadata about the application:
title: The name of the application, set to “OCULUS SERVER”.version: The version of the application, set to “0.8.2”.date: The release date of the current version, set to “10 April 2024”.
Settings Section #
The settings section contains configuration parameters that define the behavior and operational specifics of the application:
main_key: The main key for the application, set to “suricata”.keys: A list of specific keys used by the application, which includes “alert”, “flow”, “http”, “dns”, “dhcp”, “fileinfo”, “stats”, and “tls”.valid_duration: The duration (in hours) for which some settings or data are considered valid, set to 24 hours.redis_connect: The connection string for the Redis database, set to “redis://127.0.0.1/”.rules_file: The file path to the main Suricata rules file, set to “/var/lib/suricata/rules/suricata.rules”.tmp_rule_file: The file path for temporary rule validation, set to “/home/fil/suricata_validate_rule.rules”.suricata_conf: The file path to the Suricata configuration file, set to “/etc/suricata/suricata.yaml”.additional_rules: The file path to additional Suricata rules, set to “/var/lib/suricata/rules/additional.rules”.ioc_full_link: The URL to download the full IOC (Indicators of Compromise) data, set to “https://threatfox-api.abuse.ch/export/json/full/”.ioc_full_file_path: The directory path where the full IOC file will be stored, set to “/var/lib/suricata”.ioc_full_file_name: The file path to the full IOC CSV file, set to “/var/lib/suricata/full.csv”.ioc_local_file_name: The file path to the local IOC JSON file, set to “/var/lib/suricata/ioc.json”.ioc_domain_rules: The file path to the IOC domain rules file, set to “/var/lib/suricata/rules/ioc_domain.rules”.ioc_url_rules: The file path to the IOC URL rules file, set to “/var/lib/suricata/rules/ioc_url.rules”.ioc_ip_rules: The file path to the IOC IP rules file, set to “/var/lib/suricata/rules/ioc_ip.rules”.ioc_domains_lst: The file path to the list of IOC domains, set to “/var/lib/suricata/ioc_domains.lst”.fast_file: The file path to the Suricata fast log file, set to “/var/log/suricata/fast.log”.
This configuration file is designed to provide the necessary parameters for the application to interact with Suricata, manage rules, and handle Indicators of Compromise efficiently.
Important note
In the latest versions of the web client, a new and crucial configuration file, config.js, has been added. Its content looks approximately as follows:
export const backendUrl = ‘http://backend_ip:8080’; // Any IP you need
The purpose of this file is to specify the backend URL.
