botherder
commented
8 years ago I agree, it would be a good thing to have. I'm not sure how that could be implemented tho. @rep thoughts?
Open cjmateos opened 8 years ago
botherder
commented
8 years ago I agree, it would be a good thing to have. I'm not sure how that could be implemented tho. @rep thoughts?
jbremer
commented
8 years ago In order to handle such issues with longterm analysis using Cuckoo (https://github.com/jbremer/longcuckoo) I added a basic configuration/settings table to the database which is updated when starting up Cuckoo and can be updated on-the-fly by modifying the database. It is definitely possible that some functionality is still missing as it is accidentally cached instead of queried when needed, but adding machines was definitely already a thing. Also proper integration with the Web interface will have to be added. (Note that the web interface doesn't require to have full access to all configuration values, but some wrappers around, e.g., machines should be available). Note that restarting Cuckoo will, in this implementation, also reset all of the changes to the configuration and overwrite them with the configuration found in the configuration files - perhaps a mode should be added to not do that.
The following commits show most if not all of the related functionality. https://github.com/jbremer/longcuckoo/commit/baad3bd319c24a9c4f9724c16ed60858f0b1d4d9 https://github.com/jbremer/longcuckoo/commit/e8c8aa4aa17429ac47830b3b21a158690ca4b711 https://github.com/jbremer/longcuckoo/commit/5c5ddfd4e4c63f6012be5c3aab48eca6b928f852
skilgall
commented
7 years ago Has this feature ever been merged back into cuckoo?
I am hoping to run multiple hosts and clients in a kind of distributed manner and was hoping I could use the database design as a starting point. I was planning on using a DynamoDB as the database and having hosts connect to see what instances are available (and not being currently used by other hosts). Any thoughts on how best to accomplish this?
Even the idea of having cuckoo recognize changes on the fly would be helpful.
Hi team,
I'd like to know if it's possible to reload Cuckoo after a configuration change without have to restart it.
I have many virtual machines running and receiving files constantly, and cuckoo is running as a service. In this scenario it's a problem to stop cuckoo when I make a configuration change (for example adding or removing a virtual machine in the conf) because the current analysis must not be interrupted or the virtual machines can be running at this moment. If I restart cuckoo the current analysis will fail and it's possible that the current running machine doesn't be shutdown correctly.
Is there any way to avoid stop cuckoo analysis and take the new configuration?
Thanks in advance