HomeDocumentationAPI Reference
Log In
Documentation

Option Data

The definition of the sandfly itself. This is where engines, the expr rules, all of the engine-specific options, and more live.

{
	"engines": null,
	"rules": null,
	"rule_op": "",
	"explanation": "",
	"explanation_not_found": "",
	"always_pass": false,
	"inverse_result": false,
	"response": {
		"process": {
			"kill": false,
			"suspend": false
		}
	},
	"os_exclude": {
		"rules": null,
		"rule_op": ""
	},
	"process": {
		"redact_environ": false,
		"scan_self": false,
		"masquerade_binary_check": null
	},
	"directory": {
		"follow_links": false,
		"home_dir_scan": false,
		"search_paths": null,
		"search_paths_recurse": false,
		"search_paths_patterns": null,
		"search_paths_patterns_ignore": null,
		"search_paths_individual": null
	},
	"file": {
		"follow_links": false,
		"home_dir_scan": false,
		"search_paths": null,
		"search_paths_recurse": false,
		"search_paths_patterns": null,
		"search_paths_patterns_ignore": null,
		"search_paths_individual": null,
		"search_pattern_text": null,
		"search_pattern_depth_bytes": 0,
		"match_paths": null,
		"match_paths_recurse": false,
		"match_paths_individual": null,
		"executables_only": false,
		"max_size": 0
	},
	"user": {
		"username": null,
		"username_ignore": null,
		"password_auditor": {
			"password_is_username": false,
			"password_list": null,
			"max_random_users_to_attempt": 0
		}
	},
	"cron": {
		"follow_links": false,
		"search_paths": null,
		"search_paths_patterns": null,
		"search_paths_patterns_ignore": null,
		"search_paths_individual": null
	},
	"atjob": {
		"follow_links": false,
		"search_paths": null,
		"search_paths_patterns": null,
		"search_paths_patterns_ignore": null
	},
	"kernel_module": {
		"taint_inconsistency": false
	}
}

Updated 3 months ago