Customizing TruffleHog

Configuration file reference

13min
configuration options this document describes the configuration options provided by the user in yaml format trufflehogaddress type string description the scanner api address of the trufflehog server to connect to this is given to you in the configuration file that you downloaded from your dashboard do not change it yaml example trufflehogaddress "your namespace api c1 prod trufflehog org 8443" trufflehogscannertoken type string description the authentication token to use when connecting to the trufflehog scanner this is given to you in the configuration file that you downloaded from your dashboard do not change it yaml example trufflehogscannertoken "thog agent xxxxxxxxxxxxxxxx" trufflehogscannergroup type string description specifies the scanner group to use within trufflehog this is given to you in the configuration file that you downloaded from your dashboard do not change it the token and group go together and cannot be changed yaml example trufflehogscannergroup "your scanner group name" loglevel type string description sets the logging level common values are info , debug , and trace which have increasing levels of verbosity yaml example loglevel "info" logjson type bool description if set to true , logs will be output in json format yaml example logjson true concurrency type uint64 description the number of concurrent scans to perform it also drives concurrency in the source being scanned if the source supports it if ommitted the value defaults to the number of cpus detected on the machine trufflehog is running on yaml example concurrency 10 runonce type bool description if set to true , the trufflehog will run once and exit after the scans are completed if set to false, trufflehog will run as a daemon yaml example runonce false sources type list of source objects description a list of source configurations see scan data for secrets docid 91jgobvg nkxphml0ko7k to learn how to add source integrations for your providers yaml example sources \ connection '@type' type googleapis com/sources github endpoint https //github ourbusiness com token xxxxxxxxxxxxxxxxxxxxxxxxxx name github scanperiod 12h type source type github verify true \ connection '@type' type googleapis com/sources s3 cloudenvironment {} name s3 scanperiod 12h type source type s3 verify true notifiers type list of notifier objects description a list of notifier configurations to handle notifications see notify results docid 3x2gi1gjncqbcagjfqssw to learn how to add notifier integrations for your providers yaml example notifiers \ connection '@type' type googleapis com/notifiers slack url https //hooks slack com/services/t00000000/b00000000/xxxxxxxxxxxxxxxxxxxxxxxx name slack secrets notifications type notifier type slack \ connection '@type' type googleapis com/notifiers webhook token secret token url https //example trufflesec com 8081/webhook name slack secrets notifications \# sourcestonotify can also be set to all to receive \# all notifications sourcestonotify sources in this config type notifier type webhook detectors type list of customregex objects description custom regex detectors to identify secrets see customizing detection docid\ ziyimdre3 bdtwe2tobqs for more infromation yaml example detectors \ name "custom detector 1" keywords \ "keyword1" \ "keyword2" regex pattern1 "regex pattern 1" pattern2 "regex pattern 2" verify \ endpoint "https //verify example com/api" unsafe false headers \ "authorization bearer token" successranges \ "200 299" description "description of the custom detector" \ name "custom detector 2" \# other configuration customverifiers type list of customverifier objects description custom verifiers for secret verification see on premise verification docid\ lsrmbejl1m bxrcztnpj for more infromation yaml example customverifiers \ name "verifier1" endpoints \ "https //verifier1 example com/verify" include default endpoints true \ name "verifier2" endpoints \ "https //verifier2 example com/verify" include default endpoints false secretreverificationinterval type string description the interval at which secrets are re verified, specified as a duration (e g , "24h" for 24 hours) yaml example secretreverificationinterval "24h"