TAVM Core Settings
The TAVM core application handles the configuration and setup of input and transformer adapters as well as the routing of all CTI data through the different processing pipeline stages.
To configure the TAVM core application, the general.yaml file in the config directory needs to be edited.
General Configuration Properties
| YAML Field Name | Description | Default Value | Property Type |
|---|---|---|---|
bus-size |
Size of the message bus used to route CTI information. | 1000 | Integer |
gin-debug |
Flag to enable Gin HTTP debug logs | false | Boolean |
Stats Repository Configuration Properties
The stats repository is used to store statistics about the gathered CTI data and the processing pipeline.
| YAML Field Name | Description | Default Value | Property Type |
|---|---|---|---|
stats.repo |
The database configuration for the stats repository. | - | |
stats.repo.dsn |
The stats repository database DSN. | mongodb://root:toor@host.docker.internal:27017/ | A DSN String that is supported by Gorm |
stats.repo.database |
The stats repository database/schema name. | stats | String |
stats.repo.timeout |
The database configuration for the stats repository. | 45s | Duration String |
stats.api-listen-port |
The HTTP port where the stats API and web UI is reachable | 11220 | Integer |
Input Stage Configuration Properties
The core application searches for source adapter configurations in a specific location. For each found configuration, an adapter binary is expected in the plugin-path directory. For detailed information about the source adapter configuration, see Source Configuration.
| YAML Field Name | Description | Default Value | Property Type |
|---|---|---|---|
sources.config-path |
Path to the sources configuration directory. Relative to the working directory or an absolute path. | config/sources | String |
sources.plugin-path |
Path to the sources binary directory. Relative to the working directory or an absolute path. | plugins/sources | String |
sources.api-listen-port" |
Port on which the source API listens. | 11223 | Integer |
sources.api-external-url |
External URL for the transformer API. | http://localhost:11223 | String |
sources.api-base-path |
Base path for the sources API | /api/source | String |
sources.repo |
The database configuration for the input state repository. | - | |
sources.repo.dsn |
The input state repository database DSN. | mongodb://root:toor@host.docker.internal:27017/ | A DSN String that is supported by Gorm |
sources.repo.database |
The input state repository database/schema name. | source | String |
sources.repo.timeout |
The database configuration for the input state repository. | 45s | Duration String |
sources.datastore |
The database configuration for the raw-data repository. | - | |
sources.datastore.dsn |
The raw-data repository database DSN. | mongodb://root:toor@host.docker.internal:27017/ | A DSN String that is supported by Gorm |
sources.datastore.database |
The raw-data repository database/schema name. | sourceData | String |
sources.datastore.timeout |
The database configuration for the raw-data repository. | 45s | Duration String |
Transformation Stage Configuration Properties
The core application searches for transformation adapter configurations in a specific location. For each found configuration, an adapter binary is expected in the plugin-path directory. For detailed information about the transformation adapter configuration, see Transformer Configuration.
| YAML Field Name | Description | Default Value | Property Type |
|---|---|---|---|
transformation.config-path |
Path to the transformers configuration directory. Relative to the working directory or an absolute path. | config/transformers | String |
transformation.plugin-path |
Path to the transformers binary directory. Relative to the working directory or an absolute path. | plugins/transformers | String |
transformation.start-port |
Starting port for the transformer API. | 17000 | Integer |
transformation.api-listen-port |
Port on which the transformer API listens. | 11224 | Integer |
transformation.api-external-url |
External URL for the transformer API. | http://localhost:11224 | String |
transformation.api-external-transformer-url |
External URL for the transformer service. | http://localhost | String |
transformation.api-base-path |
Base path for the transformer API | /api/transformer | String |
Output Stage Configuration Properties
The output stage currently implements two output adapters:
- TAXII Publisher: an adapter that publishes STIX 2.1 bundles to a TAXII server
- Vulnerable Git Repository Exporter: an adapter that stores Git repositories which contain vulnerable software components in a MongoDB database
| YAML Field Name | Description | Default Value | Property Type |
|---|---|---|---|
output.collection-url" |
The TAXII collection URL where transformed CTI data should be published. | http://host.docker.internal:5000/trustgroup1/collections/365fed99-08fa-fdcd-a1b3-fb247eb41d01/objects/ | String |
output.username |
The username to authenticate against the TAXII server. | admin | String |
output.password |
The password to authenticate against the TAXII server. | Password0 | String |
output.repo-miner |
The database configuration for the repo-mining repository. | - | |
output.repo-miner.dsn |
The repo-mining repository database DSN. | mongodb://root:toor@host.docker.internal:27017/ | A DSN String that is supported by Gorm |
output.repo-miner.database |
The repo-mining repository database/schema name. | repominer | String |
output.repo-miner.timeout |
The database configuration for the repo-mining repository. | 45s | Duration String |