deadbits/session_demo.txt

## session_demo.txt
# This is a preview of an ArcReactor interactive console session. I used the 'launch' utility to start an interactive
# session, configured some settings to setup some manual collections, launch some modules and then later on i check on the
# status of those tasks.
# Any thoughts or comments? Remember this is just a quick preview of a small aspect.


adam [/opt/arcreactor] » ./launch --interactive --debug
[*] core - checking for background sessions
[~] core - initializing new session
[~] core - loading configuration files
[~] core - loading contents of /opt/arcreactor/conf/keywords.cfg
[~] core - loading contents of /opt/arcreactor/conf/sources.cfg
[~] core - loading contents of /opt/arcreactor/conf/reactor.cfg
[~] core - checking environment settings
[*] core - preliminary checks passed!
[*] core - starting console now


  ______                       _______                                   __
 /      \                     /       \                                 /  |
/$$$$$$  |  ______    _______ $$$$$$$  |  ______    ______    _______  _$$ |_     ______    ______
$$ |__$$ | /      \  /       |$$ |__$$ | /      \  /      \  /       |/ $$   |   /      \  /      \
$$    $$ |/$$$$$$  |/$$$$$$$/ $$    $$< /$$$$$$  | $$$$$$  |/$$$$$$$/ $$$$$$/   /$$$$$$  |/$$$$$$  |
$$$$$$$$ |$$ |  $$/ $$ |      $$$$$$$  |$$    $$ | /    $$ |$$ |        $$ | __ $$ |  $$ |$$ |  $$/
$$ |  $$ |$$ |      $$ \_____ $$ |  $$ |$$$$$$$$/ /$$$$$$$ |$$ \_____   $$ |/  |$$ \__$$ |$$ |
$$ |  $$ |$$ |      $$       |$$ |  $$ |$$       |$$    $$ |$$       |  $$  $$/ $$    $$/ $$ |
$$/   $$/ $$/        $$$$$$$/ $$/   $$/  $$$$$$$/  $$$$$$$/  $$$$$$$/    $$$$/   $$$$$$/  $$/

                                    ArcReactor [version 1.0]
                                        ohdae [ams] - 2012
                                https://github.com/ohdae/arcreactor

Welcome to the ArcReactor console!
type 'help' to get started

reactor >> help

  help           disply this menu
  quit           exit the console
  exec           execute os command
  about          display basic information
  clear          clears the screen
  cfg sources    manage external sources
  cfg keywords   manage your keywords
  cfg syslog     manage your syslog settings
  cfg reactor    manage scheduling, workers and more
  modules        list all collection modules
  keywords       show current watchlist keywords
  start all      start all available modules
  stop all       stop all running tasks
  start <name>   launch the selected module
  stop <name>    stop the selected module
  info tasks     view stats on tasks and events
  info reactor   view general ArcReactor stats
  data <module>  view data collected by module
  dashboard      launch the web dashboard [experimental]

**** later on in the session ****

reactor >> start pastebin bg
[~] launching module pastebin as background job
    start time: 8:47 PM 12/15/2012

reactor >> start otx bg
[~] module otx is all ready running.
    restart? [no] >> no

reactor >> info tasks

    Task Information
pastebin =>
    status:   running
     start:   8:47 PM - 12/15/2012
  run time:   1 minutes 4 seconds
   message:   [~] pastebin: searching post id G1YDmSJi
    events:   0
   workers:   1

otx =>
    status:   running
     start:   8:45 PM - 12/15/2012
  run time:   2 minutes 14 seconds
   message:   [~] otx: sending syslog event for 211.49.162.37 - Malware Domain
    events:   270871
   workers:   3

reactor >> info reactor

    ArcReactor Information
reactor =>
      user:   adam
   session:   interactive
      mode:   manual
   running:   pastebin
              otx
              syslog
              dispatch
    queued:   0
    errors:   1
    events:   270874
    format:   json
   workers:   5
  run time:   32 minutes 19 seconds
 siem name:   splunk-local
 siem host:   127.0.0.1
 siem port:   7771

reactor >>
	# This is a preview of an ArcReactor interactive console session. I used the 'launch' utility to start an interactive
	# session, configured some settings to setup some manual collections, launch some modules and then later on i check on the
	# status of those tasks.
	# Any thoughts or comments? Remember this is just a quick preview of a small aspect.


	adam [/opt/arcreactor] » ./launch --interactive --debug
	[*] core - checking for background sessions
	[~] core - initializing new session
	[~] core - loading configuration files
	[~] core - loading contents of /opt/arcreactor/conf/keywords.cfg
	[~] core - loading contents of /opt/arcreactor/conf/sources.cfg
	[~] core - loading contents of /opt/arcreactor/conf/reactor.cfg
	[~] core - checking environment settings
	[*] core - preliminary checks passed!
	[*] core - starting console now


	______ _______ __
	/ \ / \ / \|
	/$$$$$$ \| ______ _______ $$$$$$$ \| ______ ______ _______ _$$ \|_ ______ ______
	$$ \|__$$ \| / \ / \|$$ \|__$$ \| / \ / \ / \|/ $$ \| / \ / \
	$$ $$ \|/$$$$$$ \|/$$$$$$$/ $$ $$< /$$$$$$ \| $$$$$$ \|/$$$$$$$/ $$$$$$/ /$$$$$$ \|/$$$$$$ \|
	$$$$$$$$ \|$$ \| $$/ $$ \| $$$$$$$ \|$$ $$ \| / $$ \|$$ \| $$ \| __ $$ \| $$ \|$$ \| $$/
	$$ \| $$ \|$$ \| $$ \_____ $$ \| $$ \|$$$$$$$$/ /$$$$$$$ \|$$ \_____ $$ \|/ \|$$ \__$$ \|$$ \|
	$$ \| $$ \|$$ \| $$ \|$$ \| $$ \|$$ \|$$ $$ \|$$ \| $$ $$/ $$ $$/ $$ \|
	$$/ $$/ $$/ $$$$$$$/ $$/ $$/ $$$$$$$/ $$$$$$$/ $$$$$$$/ $$$$/ $$$$$$/ $$/

	ArcReactor [version 1.0]
	ohdae [ams] - 2012
	https://github.com/ohdae/arcreactor

	Welcome to the ArcReactor console!
	type 'help' to get started

	reactor >> help

	help disply this menu
	quit exit the console
	exec execute os command
	about display basic information
	clear clears the screen
	cfg sources manage external sources
	cfg keywords manage your keywords
	cfg syslog manage your syslog settings
	cfg reactor manage scheduling, workers and more
	modules list all collection modules
	keywords show current watchlist keywords
	start all start all available modules
	stop all stop all running tasks
	start <name> launch the selected module
	stop <name> stop the selected module
	info tasks view stats on tasks and events
	info reactor view general ArcReactor stats
	data <module> view data collected by module
	dashboard launch the web dashboard [experimental]

	** later on in the session **

	reactor >> start pastebin bg
	[~] launching module pastebin as background job
	start time: 8:47 PM 12/15/2012

	reactor >> start otx bg
	[~] module otx is all ready running.
	restart? [no] >> no

	reactor >> info tasks

	Task Information
	pastebin =>
	status: running
	start: 8:47 PM - 12/15/2012
	run time: 1 minutes 4 seconds
	message: [~] pastebin: searching post id G1YDmSJi
	events: 0
	workers: 1

	otx =>
	status: running
	start: 8:45 PM - 12/15/2012
	run time: 2 minutes 14 seconds
	message: [~] otx: sending syslog event for 211.49.162.37 - Malware Domain
	events: 270871
	workers: 3

	reactor >> info reactor

	ArcReactor Information
	reactor =>
	user: adam
	session: interactive
	mode: manual
	running: pastebin
	otx
	syslog
	dispatch
	queued: 0
	errors: 1
	events: 270874
	format: json
	workers: 5
	run time: 32 minutes 19 seconds
	siem name: splunk-local
	siem host: 127.0.0.1
	siem port: 7771

	reactor >>