3.2. Running configuration

halon-dlpd loads the reloadable configuration from /etc/halon/dlpd-app.yaml.

Below are some of the most important settings that can be configured.

Note

The example configuration in /opt/halon/share/examples/ that is usually copied to /etc/halon/ during installation contains reasonable defaults. Normally you only need to modify the secret key to use.

3.2.1. Limits directive

limits.filememory

The max bytes for in memory file scanning. The default is 1048576 bytes.

3.2.2. Rules directive

A list of named rules. Rules can also be passed to the service over the API.

rules[].name

The rule name. Needs to be uppercase A-Z,0-9. This field is required.

rules[].type

The rule type. This field is required.

  • regex

  • filename

  • mimetype

  • md5hash

  • sha1hash

  • sha2hash

rules[].data

The rule data. Supports multiple patterns seperated one per line.