Logging

Section [Log]

Log.Enable: bool = true

Maps to logger.LoggingConfig.log_enabled

Enables writing logs to a file. The logfile name is automatically generated using the format log_%Y-%m-%d-%H-%M-%S.log and cannot be customized. This setting does not affect terminal output.

Log.LogDir: RelativePath | RelativeWorkspacePath | AbsolutePath = "logs"

Maps to logger.LoggingConfig.log_dir

Specifies the subdirectory (relative to Dementor.Workspace or absolute) where log files will be stored. Absolute paths are currently not supported.

Log.DebugLoggers: list[str]

Maps to logger.LoggingConfig.log_debug_loggers

Defines a list of additional loggers to enable when the --debug flag is used on the command line. These loggers produce more verbose output useful for troubleshooting.

Section [Log.Stream]

A special way to save a live copy of received data can be enabled using custom loggins streams. Each of them provides a unique functionality:

Hosts Logging

Log.Stream.Hosts.Path: RelativePath | RelativeWorkspacePath | AbsolutePath

Enables writing all identified hosts (direct connections or multicast queries) to a separate log file. Can be an absolute path (“/” prefixed), a relative path to the current working directory (“./” prefixed) or a path relative to the workspace directory.

Log.Stream.Hosts.IPv4: bool = true

Enables logging IPv4 addresses (default value is true).

Log.Stream.Hosts.IPv6: bool = true

Enables logging IPv6 addresses (default value is true).

DNS Logging

Log.Stream.DNS.Path: RelativePath | RelativeWorkspacePath | AbsolutePath

Enables writing all captured multicast/broadcast name queries to a separate log file. Can be an absolute path (“/” prefixed), a relative path to the current working directory (“./” prefixed) or a path relative to the workspace directory.

Hash Logging

Log.Stream.Hashes.Path: RelativePath | RelativeWorkspacePath | AbsolutePath

Enables writing all captured hashes to a separate log file or directory.

Can be an absolute path (“/” prefixed), a relative path to the current working directory (“./” prefixed) or a path relative to the workspace directory. Additionally, may represent a target non-existing target directory.

Log.Stream.Hashes.Split: bool = false

Creates a separate log file for each hash type using the naming scheme defined by FilePrefix and FileSuffix. The default file naming scheme is as follows:

FileName := {{hash_type}}_{{start_time}}.txt

Log.Stream.Hashes.FilePrefix: str

File prefix to use for each hash type. Make sure this value returns a unique string for each hash type to avoid overwriting existing files.

Note

This config variable is a formatted string, which uses hash_type and time as globals, e.g.

[Log.Stream.Hashes]
FilePrefix = "{{ hash_type }}-capture"

Log.Stream.Hashes.FileSuffix: str = ".txt"

File suffix to use for each hash type.