Skip to content
This repository was archived by the owner on Mar 21, 2023. It is now read-only.

Running

Jump to bottom
kartsree edited this page Aug 12, 2020 · 3 revisions

Getting Started:

  • Make sure you have the latest release of both Specter and Specter-Data.

Configuring Specter:

Specter can be configured using either command line flags or environment variables. Flags are provided at the end of the executable and are all lowercase, specter -loglvl=info. Environment variables should be set all uppercase, ex. export LOGLVL=info.

Order of precedence:

  1. Command line options
  2. Environment variables
  3. Default values

The tables below list the flags/variables and their defaults.

Specter:

flag/var Default Description
loglvl Warn The level of logging you want - choices are (Debug, Info, Warn, Error, Fatal)
db none (Required) The location of the maxMind DB file
mbat none (Required) The MapBox Access Token

Specter-Data:

flag/var Default Description
loglvl Warn The level of logging you want - choices are (Debug, Info, Warn, Error, Fatal)
conf dummy The location of the NGINX config file, this is used to get the log format
format main The format from the NGINX config file to use
log none The location of the access.log file - reads from STDIN if no value is set
server localhost:1323 The Specter webserver's IP and Port

Starting Specter:

Specter:

  1. Deploy the Specter executable on an instance you wish to use as the webserver.
    • NOTE: Specter does not implement any form of authentication. If you need to protect your Specter deployment, you will need to use a reverse proxy or a VPN.
  2. Start Specter using the flags described above.
  3. Go to your instances IP to ensure the map loads.

Specter-data:

  1. Deploy the Specter-data executable on the instance(s) where your nginx access.log(s) reside.
  2. Start Specter-data using the above flags to pass the NGINX config, the log location, and the IP:Port of the specter instance started above.

Dropdown Feature in Specter

Specter allows filtering the traffic based on the services which are gathered from the Nginx logs. The dropdown list will be auto-populated based on the services seen in the logs. To leverage this feature when running Specter locally, modify the load.py file to add an additional parameter when generating mock traffic which gets written to the access.log file. Also ensure to update the log_format of specter to include the additional parameter for the service.

Next Steps:

  • You will want to configure both Specter and Specter-data to start automatically.

Clone this wiki locally