Skip to content

Customization

Jump to bottom
Mathias Stuhlmacher edited this page Apr 10, 2021 · 9 revisions

Customization

Non-changeable items

Info

The following items are only changeable within the django admin site.

  • Analysisstatus
  • Artifactstatus
  • Systemstatus
  • Taskpriority
  • Taskstatus

So only an admin is able to create, update or delete any of these. DFIRTrack comes with a generic set of suggestions that should fit for common use cases (delivered by migrations, mainly in dfirtrack_main.migrations.0002_default_values). Otherwise an admin needs to login (via admin site) and modify these items.

Buttons

Three out of these items are visualized by buttons. For changing the visual appearance or adding new items the corresponding buttons have to be modified. This can be done in dfirtrack_main.templates.dfirtrack_main.includes.

  • Systemstatus: button_systemstatus.html
  • Taskpriority: button_taskpriority.html
  • Taskstatus: button_taskstatus.html

Adding or editing them should be self-explanatory. The servers have to be restarted afterwards. Either the development server or any other used WSGI application. Do not forget to update the static files into your web server directory ((venv) $ python3 manage.py collectstatic) in the latter case.

Large-scale data

The longer an incident lasts, the more systems can accumulate. This influences the import and export of systems as well as the use of DataTables. This is noticeable when managing several thousand systems.

The import and export takes more time. So much time that the services will run into a timeout. The following instruction describes the changes that must be made if gunicorn and nginx are used (e. g. because of Ansible). This is not necessary for the Django development server.

nginx

Change the timeout parameter within the configuration file /etc/nginx/sites-available/default from

proxy_read_timeout  90;

to

proxy_read_timeout  720;

gunicorn

Add the timeout parameter within the service file /etc/systemd/system/gunicorn.service from

ExecStart={{ venv_dir }}/bin/gunicorn --log-file={{ log_dir }}/gunicorn.log --workers 4 --bind localhost:5000 dfirtrack.wsgi

to

ExecStart={{ venv_dir }}/bin/gunicorn --log-file={{ log_dir }}/gunicorn.log --timeout 720 --workers 4 --bind localhost:5000 dfirtrack.wsgi
Clone this wiki locally