search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.55k stars 1.71k forks source link

[question about documentation] cuckoo notifications/callback #2778

Open CrimsonGlory opened 5 years ago

CrimsonGlory commented 5 years ago

https://cuckoo.readthedocs.io/en/latest/installation/host/configuration/?highlight=notification I have a question about the documentation above,

"# Notification module to inform external systems that analysis is finished.
# You should consider keeping this as very last reporting module."

It is not clear if the notification/callback is executed after the sample stop being sandboxed (while the report is in process) or after the report is finished and ready to be downloaded.

Also I'm not sure what the documentation means with "You should consider keeping this as very last reporting module."

I have just an enabled=no (or yes)

doomedraven commented 5 years ago

that is pretty simple

it will notify external system what analysis is done, so that external system will go and fetch data using API for example. and is why it should be executed last, but that is inside of the module already