Configuration and Customization

The stingar.env file resides in STINGAR's root directory; it is responsible for configuring/customizing your implementation of STINGAR. It lists environment variables (many with a default setting) which you may change to modify the functionality or appearance of your STINGAR implementation. The environment variables are grouped by the following categories:

User Interface Configurations

LDAP_ENABLED

You may enable LDAP on your implementation of STINGAR. If this env var is set to true, LDAP will be enabled. This allows you use your organization's institutional identity management system to authenticate STINGAR users. If enable, you'll still need to add users to STINGAR via the User Management module to identify which people within your organization can access STINGAR. Users will then be able to access STINGAR using their standard/onrganization unique ID & password by clicking on the [LDAP Login] button that will appear on the login page. If LDAP_ENABLED=true, you'll need to define the following 3 LDAP env vars to let STINGAR know how to send requests to your organization's LDAP instance.

LDAP_HOST
LDAP_PORT
LDAP_BASE

API_KEY

The key that STINGAR's UI uses to access the API. The API stores this as the admin users' token in a sqlite database and confirms that the one provided by an API request matches the one it has for this admin user before it responds.

STINGAR_SERVICE_URL=http://stingarapi:8000/api/v2

Set to the address (IP or domain name) of the server that hosts the STINGAR API.

UI_HOSTNAME=localhost

Set to the address (IP or domain name) of the server that hosts the STINGAR UI (typically 'localhost').

DEFAULT_ROWS_PER_PAGE=1000

When displaying thousands of attack events, STINGAR presents them page by page. You may use this env variable to define the number of rows that should appear per page, as the default. (The user may change this while viewing events.

THEME_DARK_BASE_COLOR=#363636

A dark color that is used throughout the application (including header & sidebar backgrounds).

THEME_LIGHT_BASE_COLOR=white

A light color that is used throughout the application (including header & sidebar text).

INSTITUTION_NAME

The name of your organization. The value you enter hear will appear in the STINGAR header.

CIF

You may choose to contribute you event data to the common repository. If so, you'll need to enable CIF and provide information about the CIF broker so that STINGAR knows where to send the data.

CIF_ENABLED=false

CIF_HOST

CIF_TOKEN

CIF_PROVIDER

CIF_DEFAULT=yellow

CIF_CONFIDENCE=9

CIF_TAGS=honeypots

CIF_GROUP=everyone

Docker Code Repository

DOCKER_USERNAME=admin

The name of the Docker user that Langstroth will use to access the repository of 'playbooks' that tell STINGAR how to deploy each type of honeypot. The API stores information about this user in a sqlite database.

DOCKER_REPOSITORY

The address of the code repository STINGAR uses to install your implementation and keep it updated. Automatically set when STINGAR is installed and should not be modified.

DOCKER_PASSWORD

The password STINGAR uses to retrieve code from the STINGAR code repository. Automatically set when STINGAR is installed and should not be modified.

Fluentd

FLUENTD_HOST=fluentd

Automaticall set when STINGAR is installed.

FLUENTD_PORT=24224