Global Configuration Variables in base_conf.php
| Variable | Default | Description | Status |
|---|---|---|---|
$BASE_VERSION |
'1.4.5 (lilias)' | Config Setting - UI Display. - BASE Version / Release Name BASE internal that should not be in the config file. | DEPRECATED Issue #66 |
$BASE_Language |
'english' | Config Setting Server - UI Language - Set to the language you would like people to use while viewing your install of BASE. | Issue #11 |
$BASE_display_sig_links |
1 | Feature Flag - UI Display. - Signature Links. - Set to 0 to remove the links from the display of alerts. | |
$BASE_installID |
'' | Feature Value - UI Display. - Unique BASE ID. The below variable, if set, will append its value to the title bar of the browser. This is for people who manage multiple installs of BASE and want a simple way to differentiate them on the task bar. | |
$base_custom_footer |
'' | Feature Value - UI Display. - Name of custom footer file. If set, BASE will try to include the specified file as a custom footer to the main page. The custom footer file must: Be located in the /custom directory. End with an .html or .htm extension. Not be owned by root. Be readable. A sample custom footer file is in the contrib directory. |
| Variable | Default | Description | Status |
|---|---|---|---|
$Use_Auth_System |
0 | Feature Flag - Authentication / Authorization System - Set the $Use_Auth_System variable to 1 if you would like to force users to authenticate to use the system. Only turn this off if the system is not accessible to the public or the network at large. i.e. a home user testing it out! |
Partially Implemented |
$BASE_urlpath |
'' | Config Setting. - Set the base_urlpath to the url location that is the root of your BASE install. This must be set for BASE to function! Do not include a trailing slash! Also put the preceding slash. e.g. Your URL is http://127.0.0.1/base. $BASE_urlpath = http://127.0.0.1/base WRONG $BASE_urlpath = /base/ WRONG $BASE_urlpath = /base OK
|
|
$sessionName = str_replace(' ', '_', $BASE_installID . session_name()); |
N/A | BASE execution logic that should not be in the config file. | DEPRECATED Issue #66 |
$DBlib_path |
'' | Config Setting. - Path to the DB abstraction library. - DO NOT include a trailing backslash after the directory. e.g. $DBlib_path = '/tmp' OK $DBlib_path = '/tmp/' OK $DBlib_path = 'c:\tmp' OK $DBlib_path = 'c:\tmp\' WRONG
|
|
$DBtype |
'mysql' | Config Setting. - The type of underlying alert database. - MySQL : 'mysql' PostgresSQL : 'postgres' MS SQL Server : 'mssql' Oracle : 'oci8'
|
|
$alert_dbname |
'snort_log' | Config Setting. - Alert DB connection parameter. - DB name of Snort alert DB. | |
$alert_host |
'localhost' | Config Setting. - Alert DB connection parameter. - Host on which the DB is stored. | |
$alert_port |
'' | Config Setting. - Alert DB connection parameter. - Port on which to access the DB. | |
$alert_user |
'snort' | Config Setting. - Alert DB connection parameter. - Login to the database with this user. | |
$alert_password |
'mypassword' | Config Setting. - Alert DB connection parameter. - Password of the DB user. | |
$archive_exists |
0 | Feature Flag - Archive DB. - Set this to 1 if you have an archive DB. | |
$archive_dbname |
'snort_archive' | Config Setting. - Archive DB connection parameter. - DB name of Snort alert DB. | |
$archive_host |
'localhost' | Config Setting. - Archive DB connection parameter. - Host on which the DB is stored. | |
$archive_port |
'' | Config Setting. - Archive DB connection parameter. - Port on which to access the DB. | |
$archive_user |
'snort' | Config Setting. - Archive DB connection parameter. - Login to the database with this user. | |
$archive_password |
'mypassword' | Config Setting. - Archive DB connection parameter. - Password of the DB user. | |
$db_connect_method |
1 | Feature Flag - Type of DB connection to use. - 1 : use a persistent connection (pconnect). 2 : use a normal connection (connect). |
|
$use_referential_integrity |
0 | Feature Flag - Use referential integrity. 1 : use. 0 : ignore (not installed). BASE only supports referential integrity on PostgreSQL and MS-SQL Server. This functionality MUST be added to the default DB first by use of the associated create_acid_tbls_?_extra.sql script located in the sql directory. Referential integrity will greatly improve the speed of record deletion, but also slow record insertion. |
|
$action_email_smtp_host |
'smtp.example.com' | Config Setting. - SMTP Email Alert action. - Which SMTP server to use. | |
$action_email_smtp_localhost |
'localhost' | Config Setting. - SMTP Email Alert action. - What name to use for this server in the SMTP HELO statement. You will likely need to replace this with the name of the host running BASE when connecting to a remote mail server. |
|
$action_email_smtp_auth |
1 | Config Setting. - SMTP Email Alert action. - Whether or not to authenticate with the SMTP server. 0: We **DO NOT **authenticate to the SMTP host. 1: We DO authenticate ourselves to the SMTP host. |
|
$action_email_smtp_user |
'username' | Config Setting. - SMTP Email Alert action. - The user name to use when authenticating to the SMTP host. | |
$action_email_smtp_pw |
'password' | Config Setting. - SMTP Email Alert action. - The password to use when authenticating to the SMTP host. | |
$action_email_from |
'[email protected]' |
Config Setting. - SMTP Email Alert action. - Email address to use in the FROM field of the mail message MUST be the same email address as used for the SMTP account.
|
|
$action_email_subject |
'BASE Incident Report' | Config Setting. - SMTP Email Alert action. - Subject to use for the mail message. | |
$action_email_msg |
'' | Config Setting. - SMTP Email Alert action. - Additional text to include in the body of the mail message. | |
$action_email_mode |
0 | Config Setting. - SMTP Email Alert action. - Specifies how the alert information should be enclosed. 0 : all emailed alerts should be in the body of the message. 1 : all emailed alerts should be enclosed in an attachment. |
|
$base_style |
'base_style.css' | Feature Flag - UI Theme - Variable to start the ability to handle themes... | |
$chart_bg_color_default |
array(255,255,255) |
Feature Flag - UI Charting - RGB Color Value. - Background color of chart. BASE internal that should not be in the config file. | Issue #66 |
$chart_lgrid_color_default |
array(205,205,205) |
Feature Flag - UI Charting - RGB Color Value. - Grid line color of chart. BASE internal that should not be in the config file. | Issue #66 |
$chart_bar_color_default |
array(190, 5, 5) |
Feature Flag - UI Charting - RGB Color Value. - Bar/line color of chart. BASE internal that should not be in the config file. | Issue #66 |
$MAX_ROWS |
10 | Config Setting. -Server. - Maximum number of rows per criteria element. BASE internal that should not be in the config file. | Issue #66 |
$show_rows |
48 | Feature Flag - UI Search. - Number of rows to display for query results. | |
$last_num_alerts |
15 | Feature Flag - UI Stats. - Number of items to return during a snapshot. Last X # of alerts/unique alerts/ports/IP. | |
$last_num_ualerts |
15 | Feature Flag - UI Stats. - Number of items to return during a snapshot. Last X # of alerts/unique alerts/ports/IP. | |
$last_num_uports |
15 | Feature Flag - UI Stats. - Number of items to return during a snapshot. Last X # of alerts/unique alerts/ports/IP. | |
$last_num_uaddr |
15 | Feature Flag - UI Stats. - Number of items to return during a snapshot. Last X # of alerts/unique alerts/ports/IP. | |
$freq_num_alerts |
5 | Feature Flag - UI Stats. - Number of items to return during a snapshot. Most Frequent unique alerts/IPs/ports. | |
$freq_num_uaddr |
15 | Feature Flag - UI Stats. - Number of items to return during a snapshot. Most Frequent unique alerts/IPs/ports. | |
$freq_num_uports |
15 | Feature Flag - UI Stats. - Number of items to return during a snapshot. Most Frequent unique alerts/IPs/ports. | |
$max_scroll_buttons |
12 | Feature Flag - UI Search. - Number of scroll buttons to use when displaying query results. | |
$debug_mode |
0 | Config Setting. - Diagnostics. - How much debugging information should be shown. 0 : no extra information. 1 : debugging information. 2 : extended debugging information. |
|
$debug_time_mode |
1 | Config Setting. - Diagnostics. - Display timing information. | |
$html_no_cache |
1 | Config Setting. - Client. - HTML no cache - whether a no-cache directive should be sent to the browser (should be = 1 for IE). | |
$sql_trace_mode |
0 | Config Setting. - Diagnostics. - Log SQL statements. | |
$sql_trace_file |
'' | Config Setting. - Diagnostics. - File to log SQL traces. | |
$refresh_stat_page |
1 | Config Setting. - Client. - Should statistics pages trigger an HTTP refresh? 0: No, 1: Yes. | |
$refresh_all_pages |
0 | Config Setting. - Client. - Should all the pages trigger an HTTP refresh? 0: No, 1: Yes. | |
$stat_page_refresh_time |
180 | Config Setting. - Client. - Page refresh interval (in seconds). | |
$show_previous_alert |
0 | Feature Flag - UI Time Stamp Display. - Display First/Previous/Last timestamps for alerts or just First/Last on the Unique Alert listing. | |
$max_script_runtime |
180 | Config Setting. - Server. - Maximum execution time (in seconds) of any particular page. This overrides the PHP configuration file variable max_execution_time. The script can run for a total of $max_script_runtime + max_execution_time seconds. |
|
$ip_address_input |
2 | Feature Flag - UI IP Entry - How should the IP address criteria be entered in the Search screen? 1 : each octet is a separate field. 2 : entire address is as a single field. |
|
$use_sig_list |
0 | Feature Flag - UI Signature Display. - Should a combo box with possible signatures be displayed on the search form. (Requires Javascript). 0 : disabled. 1 : show only non pre-processor signatures (e.g., ignore portscans). 2 : show all signatures. |
|
$resolve_IP |
0 | Config Setting. - Server. - Resolve IP to FQDN (on certain queries?). 1 : yes. 0 : no. |
|
$show_expanded_query |
0 | Feature Flag - UI Search. - Automatically expand the IP Criteria and Payload Criteria sections on the Search screen?. 1 : yes. 0 : no - you need to click on them to see them. |
|
$show_summary_stats |
0 | Config Setting. - Server. - Should summary stats be calculated on every Query Results page? Enabling this option will slow page loading time. | |
$dns_cache_lifetime |
20160 | Config Setting. - Server. - DNS cache lifetime (in minutes). | |
$whois_cache_lifetime |
40320 | Config Setting. - Server. - Whois information cache lifetime (in minutes). | |
$portscan_file |
'' | Config Setting. - Server. - Snort spp_portscan log file. | |
$portscan_payload_in_signature |
'1' | Feature Flag - UI Display Portscan. - Show part of portscan payload in signature. | |
$event_cache_auto_update |
1 | Config Setting. - Server. - Event Cache. - Should the event cache be verified and updated on every page load? If set to 0, the cache will have to be explicitly updated from the 'cache and status' page. Note: enabling this option could substantially slow down the page loading time when there are many uncached alerts. However, this is only a one-time penalty. 1 : yes. 0 : no. |
|
$maintain_history |
1 | Config Setting. - Server. - Maintain history. - Maintain a history of the visited pages so that the 'Back' button can be used. Note: Enabling this option will cause the PHP-session to grow substantially after many pages have been viewed causing a slow down in page loading time. Periodically return to the main page to clear the history. 1 : yes. 0 : no. |
|
$main_page_detail |
1 | Feature Flag - UI Display Main Page. - Level of detail to display on the main page. The presence of summary statistics will slow page loading time. 1 : show both the links and summary statistics. 0 : show only the links and a count of the number of alerts. |
|
$avoid_counts |
0 | Config Setting. - Server. - Avoid Counts. - Avoid count(*) SQL whenever possible. Note: On some databases (e.g., postgres) this can greatly increase performance if you have a large number of events. On other databases (e.g., mysql) this will have little to no effect. Enabling this option will prevent the number of events in the database from being shown on the main screen and will remove the percentages associated with the number of events on the alert screen. |
|
$show_first_last_links |
0 | Feature Flag - UI Search. - Show links to first/last/previous event on alert screen. Note: Enabling this can slow down loading of the alert screen on large databases. | |
$external_whois_link |
'http://www.dnsstuff.com/tools/whois.ch?ip=' |
Feature Flag - UI Display External Links. External Whois Recon Link. | |
$arin_ip |
"199.212.0.46" | Config Setting. - Server. - RIR IP Address. BASE internal that should not be in the config file. | Issue #66 |
$apnic_ip |
"23.239.6.76" | Config Setting. - Server. - RIR IP Address. BASE internal that should not be in the config file. | Issue #66 |
$ripe_ip |
"193.0.6.135" | Config Setting. - Server. - RIR IP Address. BASE internal that should not be in the config file. | Issue #66 |
$jnic_ip |
"192.41.192.40" | Config Setting. - Server. - RIR IP Address. BASE internal that should not be in the config file. | Issue #66 |
$afrinic_ip |
"196.216.2.21" | Config Setting. - Server. - RIR IP Address. BASE internal that should not be in the config file. | Issue #66 |
$lacnic_ip |
"200.3.14.10" | Config Setting. - Server. - RIR IP Address. BASE internal that should not be in the config file. | Issue #66 |
$external_dns_link |
'http://www.dnsstuff.com/tools/ptr.ch?ip=' |
Feature Flag - UI Display External Links. External DNS Recon Link. | |
$external_all_link |
'http://www.whois.sc/' |
Feature Flag - UI Display External Links. External General Recon Link. | |
$external_port_link |
Keyed array of external port recon links. | Feature Flag - UI Display External Links. External Port Recon Links | |
$external_sig_link |
Keyed array of external signature recon links. | Feature Flag - UI Display External Links. External Signature Recon Links | |
$use_user_session |
0 | Config Setting. - Server. - Session Handling. - Sets whether user PHP session can be used (configured with the session.save_handler variable in php.ini). 0 : no. 1 : yes (assuming that 'user_session_path' and 'user_session_function' are configured correctly). |
|
$user_session_path |
'' | Config Setting. - Server. - Session Handling. - File to include that implements the custom PHP session handler. | |
$user_session_function |
'' | Config Setting. - Server. - Session Handling. - Function to invoke in the custom session implementation that will register the session handler functions. | |
$colored_alerts |
0 | Feature Flag - UI Display. - This option is used to set if BASE will use colored results based on the priority of alerts and/or classifications. 0 : no. 1 : yes. |
|
$priority_colors |
Array of 6 Hex RGB color values representing classification priorities. | Feature Flag - UI Display. - BASE internal that should not be in the config file. | Issue #66 |
$graph_font_name |
"DejaVuSans" | Config Setting. - UI Charting - Font name for the BASE charts. | |
$Geo_IPfree_file_ascii |
"/var/www/html/ips-ascii.txt" | Config Setting. - Server. - GEOIP Mapping Method 1. If you have installed the perl module Geo::IPfree | |
$IP2CC |
"/usr/bin/ip2cc" | Config Setting. - Server. - GEOIP Mapping Method 2. If you have installed the perl module IP::Country | |
$BASE_path |
dirname(__FILE__) |
BASE execution logic that should not be in the config file. | DEPRECATED Issue #66 |