Setup
ACE is mainly comprised of three parts: a messaging system for handling result data, a database for storing ACE information, and a web interface to manage and task the platform. These three parts have been made available as Docker Containers in the ACE-Docker repository. For specific instructions on provisioning the ACE containers please see below.
RabbitMQ is a messaging system that serves as the enrichment and output backend for ACE. When scans are run, results are sent to the Web Service and which forwards each result to RabbitMQ for enrichment (Virus Total Hash Lookups) and/or Output (Flat Log File or a SIEM).
Luckily, RabbitMQ provides a preconfigured docker container that can be built with minimal configuration.
To start the RabbitMQ docker container, run the command shown below (NOTE: a custom username and password can be specified):
docker run -d --hostname ace-rabbitmq --name ace-rabbit -e RABBITMQ_DEFAULT_USER=[username] -e RABBITMQ_DEFAULT_PASS=[password] -p 5672:5672 -p 15672:15672 rabbitmq:3-management
The web component requires the data about the RabbitMQ server, specifically, the server's IP/Hostname, the username, and the password.
ACE relies on a backend MS SQL Server to store application data.
