Application package v2.0

Latest release
9 months ago

RAPEX Searcher API

This API has been created to be able to verify the different positive alerts. Once the visual part is accessed, it allows to categorize the alert between false positives or not. In case the alert is a false positive, it can be classified between 5 different types of known false positives and a sixth one, called "others", that also allows to write a comment indicating why that alert is considered a false positive.

Getting Started

The following instructions will allow you to get a completely functional RAPEX Searcher environment. This is just a guideline about how to install and deploy the solution. Adapt it to your needs.


RAPEX Searcher has some requirements that should be accomplished before starting deploying it.

  • Ubuntu 18.04.1 LTS 64-bit or later
  • Python 3.6 or later
  • pip3 9.0.1 or later

Update packages list in case you didn't do before (recommended):

sudo apt update

Python 3.7 installation

Python 3 is already installed in Ubuntu 18 distributions. However, in case you want to use Python 3.7, follow the next steps to install it.

First update packages list and install the prerequisites:

sudo apt install software-properties-common

Then add the deadsnakes PPA to your sources list:

sudo add-apt-repository ppa:deadsnakes/ppa

Last, install Python 3.7 with:

sudo apt install python3.7

You can verify if everything is alright just typing (it should print Python version number):

$ python3.7 --version
Python 3.7.3

pip3 installation

pip3 will be used as the package manager for Python in RAPEX Searcher core installation, so must be installed before starting the deployment.

After packages list update, install pip for Python 3:

sudo apt install python3-pip

You can verify the installation typing:

$ pip3 --version
pip 9.0.1 from /usr/lib/python3/dist-packages (python 3.7)

PostgreSQL client

To be able to execute queries to the DB it is necessary to install the postgresql client on the machine. To do this, the libpq-dev library must be installed:

sudo apt-get install libpq-dev

Installing and deploying

Installing Python virtual environment

RAPEX Searcher API component must be deployed inside a virtual environment, therefore it is necessary to install a virtual environment utility using “pip”.

Use the following command to install virtual environment utility:

sudo pip install virtualenv

Create a new virtual environment for the application. Name it, for example, as rapex_venv (note that will be necessary to replace <venv_location> for the path where you want to create the environment):

$ cd /<venv_location>
$ virtualenv rapex_venv
Using base prefix '/usr'
New python executable in <venv_location>/rapex_venv/bin/python3
Also creating executable in <venv_location>/rapex_venv/bin/python
Installing setuptools, pip, wheel...

Test it executing the following command. The prompt should change to the same as the virtual environment defined:

$ . rapex_venv/bin/activate
(rapex_venv) ➜ rapex_venv
(rapex_venv) deactivate

Installing RAPEX Searcher

Once the virtual environment created is tested, go to RAPEX Searcher GitHub repository and download the code or clone it. From the files obtained, go to application directory:

cd /path/to/downloaded/repo/rapex-searcher-api

Copy searcher directory to the location desired for installing Python application:

cp rapex-searcher-api /path/to/desired/location

Enter in the virtual environment and install the RAPEX Searcher API from the directory as follows:

$ . /<venv_location>/rapex_venv/bin/activate
(rapex_venv) $ pip install /path/to/rapex-searcher-api

The installation ends when the message Successfully installed is printed in the terminal and pip returns control to the user. In this moment, the application is ready to use

Finally, check the location of the solution running the show command for pip:

(rapex_venv) $ pip3 show rapex-searcher-api

Configuration Nginx

It’s necessary to configure Nginx to know where the static folder is located. To do this, the Nginx file must be modified. To open the file, run the following command

sudo nano /etc/nginx/sites-available/default

Finally, the file must be modified with the following information:

root /var/www/html;

location /rapex-searcher {
        proxy_set_header X-Forwarded-Host $host:$server_port;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_pass $scheme://;

location /static {
        root /home/ubuntu/rapex-searcher-api/src/rapex_searcher_api/api/;

Finally, it would have to restart the service to make the changes in the configuration file:

$ sudo systemctl restart nginx

Creating RAPEX API service

This software is designed to work as a service. To do so, create a new .service file using nano or any other text editor of your preference:

sudo nano /etc/systemd/system/Gunicorn-Rapex-Verify.service

Copy and paste the following block in the terminal and save it. Remember to replace <venv_location> and <rapex_location> for the values used previously in this readme.

Description=Instancia para crear Gunicorn_Rapex-Verify

ExecStart=/home/ubuntu/venv/bin/gunicorn --config /home/ubuntu/rapex-searcher-api/src/rapex_searcher_api/ wsgi:app


The “WorkingDirectory” points to the installation path of the rapex-searcher-api package. “ExexStar” should be ponting to gunicorn’s bin and “–config” points to inside


Reload systemd to make the daemon aware of the new configured service.

sudo systemctl --system daemon-reload

To run RAPEX automatically at boot (as it should in a production environment), you need to enable the service:

sudo systemctl enable Gunicorn-Rapex-Verify.service

You can start the service (start), stop it (stop), restart it (restart) and remove it from startup (disable). Check systemctl manual to know more about these and other useful commands:

man systemctl

Built With


This project is licensed under the European Union Public License 1.2 -see the LICENSE file for details.