Skip to content

Latest commit

 

History

History
93 lines (69 loc) · 3.34 KB

.env.markdown

File metadata and controls

93 lines (69 loc) · 3.34 KB

Environment file info

If you're running in production, you should set these securely.

However, if you just want to experiment, set the following values

Django Settings

These are all Django settings, defined in stixify/settings.py

  • DJANGO_SECRET: insecure_django_secret
  • DJANGO_DEBUG: True
  • DJANGO_ALLOWED_HOSTS: BLANK
  • DJANGO_CORS_ALLOW_ALL_ORIGINS: True
  • DJANGO_CORS_ALLOWED_ORIGINS: LEAVE EMPTY

Postgres Settings

These are all Django settings, defined in stixify/settings.py

  • POSTGRES_HOST: pgdb
  • POSTGRES_PORT: BLANK
  • POSTGRES_DB: postgres
  • POSTGRES_USER: postgres
  • POSTGRES_PASSWORD: postgres

CTI Butler API settings

These define how the API behaves.

  • MAX_PAGE_SIZE: 50
    • This is the maximum number of results the API will ever return before pagination
  • DEFAULT_PAGE_SIZE: 50
    • The default page size of result returned by the API

ArangoDB settings

Note, this code will not install an ArangoDB instance.

If you're new to ArangoDB, you can install the community edition quickly by following the instructions here.

The script will automatically create a database called ctibutle_database when the container is spun up (if it does not exist).

Depending on the data source, the STIX objects will be stored in the following collections:

  • MITRE ATT&CK Enterprise:
    • mitre_attack_enterprise_vertex_collection
    • mitre_attack_enterprise_edge_collection
  • MITRE ATT&CK Mobile:
    • mitre_attack_mobile_vertex_collection
    • mitre_attack_mobile_edge_collection
  • MITRE ATT&CK ICS:
    • mitre_attack_ics_vertex_collection
    • mitre_attack_ics_edge_collection
  • MITRE CAPEC:
    • mitre_capec_vertex_collection
    • mitre_capec_edge_collection
  • MITRE CWE:
    • mitre_cwe_vertex_collection
    • mitre_cwe_edge_collection
  • MITRE ATLAS:
    • mitre_atlas_vertex_collection
    • mitre_atlas_edge_collection
  • DISARM:
    • disarm_vertex_collection
    • disarm_edge_collection
  • Location:
    • location_vertex_collection
    • location_edge_collection

The ArangoDB settings you need to configure are:

  • ARANGODB_HOST_URL: 'http://host.docker.internal:8529'
    • If you are running ArangoDB locally, be sure to set ARANGODB_HOST_URL='http://host.docker.internal:8529' in the .env file otherwise you will run into networking errors.
  • ARANGODB_USERNAME: root
    • Change this if neeed
  • ARANGODB_PASSWORD: USE PASSWORD OF ARANGODB_USERNAME

R2 PATHS

All of the knowledgebases are stored on Cloudflare R2. The variables in this part of the config should not be changed.

  • ATLAS_BUCKET_ROOT_PATH: https://downloads.ctibutler.com/mitre-atlas-repo-data/
  • CTI_BUTLER_ROOT: https://downloads.ctibutler.com/
  • LOCATION_BUCKET_ROOT_PATH: https://downloads.ctibutler.com/location2stix-manual-output/
  • CWE_BUCKET_ROOT_PATH: https://downloads.ctibutler.com/cwe2stix-manual-output/
  • CAPEC_BUCKET_ROOT_PATH: https://downloads.ctibutler.com/mitre-capec-repo-data/
  • ATTACK_ENTERPRISE_BUCKET_ROOT_PATH: https://downloads.ctibutler.com/mitre-attack-enterprise-repo-data/
  • ATTACK_MOBILE_BUCKET_ROOT_PATH: https://downloads.ctibutler.com/mitre-attack-mobile-repo-data/
  • ATTACK_ICS_BUCKET_ROOT_PATH: https://downloads.ctibutler.com/mitre-attack-ics-repo-data/
  • DISARM_BUCKET_ROOT_PATH: https://downloads.ctibutler.com/disarm2stix-manual-output/