Uploads samples and static configs to malwaredb
Author: CERT.pl
Maintainers: psrok1, nazywam
Consumes:
{
"type": "sample",
"stage": "recognized" || "analyzed" || "unrecognized"
},
{
"type": "config"
},
{
"type": "blob"
}
Produces:
(nothing)
First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton
Modify your karton.ini config to include information about your mwdb-core instance and reporter credentials:
[mwdb]
api_url = http://mwdb.my-awesome-org/api/
api_key = eyJhYWF....Instead of providing api_key you can also use username/password but password-authenticated sessions are short-lived and service will need to re-auth from time to time.
Then install karton-mwdb-reporter from PyPi:
$ pip install karton-mwdb-reporter
$ karton-mwdb-reporterUsing the --report-unrecognized flag you specify whether the reporter should upload files unrecognized by the classifier. You can also configure this using the built-in configuration backend by either adjusting it in the karton.ini
[mwdb-reporter]
report_unrecognized=trueor setting the environmental variable like so KARTON_MWDB-REPORTER_REPORT_UNRECOGNIZED=true.
To learn more about configuring your karton services, take a look at karton configuration docs
