This repository has been archived by the owner on Oct 6, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 65
TRAM Configuration
Sarah Yoder edited this page Apr 20, 2020
·
2 revisions
TRAM’s configuration file is located in the conf/ directory.
The YAML configuration file contains all the configuration TRAM requires to boot up. An example configuration file is below:
host: 0.0.0.0
port: 9999
taxi-local: taxii-server
build: True
json_file: enterprise-attack.json
A few key things to note:
- Host: the IP address TRAM is available at
- Port: the port you serve TRAM on
- Taxii-local:
- (default) Taxii-server: sets the config to build the database from TAXII
- Json-local: will use a
- Build: whether (True) or not (False) the database will be built
- Json_file: the name of the json to locally build from
On the first run of TRAM, it will need to build the database.
By default, TRAM will reach out to the ATT&CK TAXII server to get the latest ATT&CK data from there. If you try running TRAM behind a proxy, get an SSL error, or do not want to reach out to TAXII, you can build the database from a local JSON file.
- (to do this ensure there is no tram.db file in the tram/database directory)
- Download the JSON from here: https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json
- Save the JSON in the tram/models directory
- Edit the tram/conf/config.yaml to
- taxii-local: local-json
- build: True
- run the program python tram.py
- the database will then be built using the JSON