Skip to content

Getting TAVM framework ready

The easiest way to get TAVM framework up and running is to use the provided Docker Compose stack. The stack will automatically build the TAVM framework Docker image and start the TAVM core application. It will also start a MongoDB instance and a TAXII server instance to handle persisted data.

The Docker Compose stack comes with a set of sample input and transformation adapters which are ready to use.

Starting the Docker Compose stack

Simply run the following Docker Compose command:

docker compose up -d --build

Accessing the TAVM core application

The web interface of the TAVM core application is available at http://localhost:11220. Source adapters can send data to the core application via port 11223.

MongoDB can be accessed via port 27017. You can use MongoDB Compass to connect to the database and inspect the data.

The API of the sample TAXII server is available at http://localhost:5000.

Configuration

The Docker Compose stack uses three named Docker volumes to store persistent data (database, configuration, TAXII server data):

  • tavm_mongodb_data: holds the MongoDB data (raw data, stats, etc.)
  • tavm_taxii_data: holds the TAXII server data (STIX collections)
  • tavm_config: holds the configuration files for the TAVM core application and the adapters

The configuration files are located in the /app/config directory which is mounted as tavm_config volume.

The general.yaml file contains the configuration for the TAVM core application. For more details, see Core Configuration.

Source adapters can be added via configuration files in /app/config/sources. For more details, see Source Configuration.

Transformation adapters can be added via configuration files in /app/config/transformers. For more details, see Transformer Configuration.