Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Quick Start

This guide covers the basic steps to install and run DARWIS TAXII.

Prerequisites

  • PostgreSQL 9.4+ (minimal version to ensure compatibility with existing OpenTAXII instances)
  • Docker (optional, for containerized deployment)

Pull and run directly from Docker Hub:

# Pull the latest image
docker pull cysecurity/darwis-taxii:latest

# Create a working directory
mkdir -p darwis-taxii/config && cd darwis-taxii

# Download example configuration files
curl -o config/taxii.toml https://raw.githubusercontent.com/CSPF-Founder/darwis-taxii/main/taxii.example.toml
curl -o config/data-config.yaml https://raw.githubusercontent.com/CSPF-Founder/darwis-taxii/main/examples/data-config/full.yaml
curl -o docker-compose.yml https://raw.githubusercontent.com/CSPF-Founder/darwis-taxii/main/examples/docker/docker-compose.yml

# Edit configuration files as needed (optional)
# - config/taxii.toml: server settings, domain, auth options
# - config/data-config.yaml: services, collections, accounts

# Start the server with PostgreSQL
docker compose up -d

# Sync data configuration
docker compose exec taxii-server ./taxii-cli sync /app/config/data-config.yaml

# Verify it's running
curl http://localhost:9000/taxii2/

Option 2: Docker from Source

# Clone the repository
git clone https://github.com/CSPF-Founder/darwis-taxii.git
cd darwis-taxii/examples/docker

# Create configuration
mkdir -p config
cp ../data-config/full.yaml config/data-config.yaml  # Or accounts.yaml for TAXII 2.x only

# Start the server
docker compose up -d

# Verify it's running
curl http://localhost:9000/taxii2/

Option 3: From Source

# Clone and build
git clone https://github.com/CSPF-Founder/darwis-taxii.git
cd darwis-taxii
cargo build --release

# Set up database
export DATABASE_URL="postgresql://user:password@localhost:5432/taxii"
./target/release/taxii-server migrate

# Create configuration
cp taxii.example.toml taxii.toml
# Edit taxii.toml with your settings

# Start the server
./target/release/taxii-server

Verify Installation

Health Check

curl http://localhost:9000/management/health

Response:

{"alive": true}

Test TAXII 2.x Discovery

curl http://localhost:9000/taxii2/

Response:

{
  "title": "DARWIS TAXII",
  "api_roots": ["http://localhost:9000/taxii2/default/"]
}

Get Authentication Token

curl -X POST http://localhost:9000/management/auth \
  -H "Content-Type: application/json" \
  -d '{"username": "admin", "password": "changeme"}'

Response:

{"token": "eyJ..."}

Next Steps

  1. Configure TAXII 1.x - TAXII 1.x Setup

    • Copy template: cp examples/data-config/full.yaml data-config.yaml
    • Sync with taxii-cli sync data-config.yaml

  2. Configure TAXII 2.x - TAXII 2.x Setup

    • Create API roots: taxii-cli api-root add --title "My Root" --default
    • Create collections: taxii-cli collection add --api-root-id <uuid> --title "Intel"

  3. Set up user accounts - Permissions

    • Define accounts in data-config.yaml
    • Assign permissions to collections

  4. Configure the server - Server Configuration

    • Edit taxii.toml for server settings
    • Use environment variables for production

Common Commands

# List accounts
taxii-cli account list

# List TAXII 2.x API roots
taxii-cli api-root list

# List collections for an API root
taxii-cli collection list --api-root-id <uuid>

# Sync configuration
taxii-cli sync data-config.yaml