- file-store:
# enabled: no # set to yes to enable
enabled: yes # set to yes to enable
log-dir: files # directory to store the files
# force-magic: no # force logging magic on all stored files
force-magic: yes # force logging magic on all stored files
# force-md5: no # force logging of md5 checksums
force-md5: yes # force logging of md5 checksums
#waldo: file.waldo # waldo file to store the file_id across runs
# output module to log files tracked in a easily parsable json format
- file-log:
# enabled: no
enabled: yes
filename: files-json.log
append: yes
#filetype: regular # 'regular', 'unix_stream' or 'unix_dgram'
force-magic: no # force logging magic on all logged files
force-md5: no # force logging of md5 checksums
---------------------------------
libhtp:
default-config:
personality: IDS
# Can be specified in kb, mb, gb. Just a number indicates
# it's in bytes.
# request-body-limit: 3072
request-body-limit: 0
# response-body-limit: 3072
response-body-limit: 0
# inspection limits
---------------------------
stream:
memcap: 32mb
checksum-validation: yes # reject wrong csums
inline: auto # auto will use inline mode in IPS mode, yes or no set it statically
reassembly:
memcap: 128mb
# depth: 1mb
depth: 0 # reassemble 1mb into a stream
toserver-chunk-size: 2560
toclient-chunk-size: 2560