Systemd
Installation Required
This guide requires that you have installed Threat Bus on Linux.
Please use the official systemd unit files from our Threat Bus repository.
We provide systemd service units to run
Threat Bus and
pyvast-threatbus as
system services. The services are sandboxed and run with limited privileges.
Prepare the Host System
The systemd units declare a private user. Hence, all logs go to
/var/log/private by default. The following section explains how to configure
file-logging for Threat Bus and pyvast-threatbus. Skip the following
instructions if you configure your applications to use console-logging.
Find the logging config section at the top of your Threat Bus or
pyvast-threatbus configuration file and change it to use the private log
directory:
/var/log/private/threatbus/threatbus.log(Threat Bus)/var/log/private/pyvast-threatbus/pyvast-threatbus.log(pyvast-threatbus)
See the following YAML snippet for a configuration example.
Usage
Before you begin, find the line beginning with ExecStart= at the very bottom
of the [Service] section in the unit file. Depending on your installation path
you might need to change the location of the threatbus and pyvast-threatbus
executable packages and configuration files. Similarly, you need to change the
environmentvariables THREATBUSDIR and PYVAST_THREATBUSDIR according to your
installation paths.
Threat Bus
pyvast-threabus
Then copy (or symlink) the unit file to /etc/systemd/system.
To have the services start up automatically with system boot, you can enable
them via systemd. Otherwise, just start it to run it immediately.