If you're running in production, you should set these securely.
However, if you just want to experiment, set the following values
INPUT_TOKEN_LIMIT:15000- (REQUIRED IF USING AI MODES) Ensure the input/output token count meets requirements and is supported by the model selected. Will not allow files with more than tokens specified to be processed
TEMPERATURE:0.0- The temperature value ranges from 0 to 2, with lower values indicating greater determinism and higher values indicating more randomness in responses.
A small note on selecting a provider
Below are the models you can use. We highly recommend using OpenRouter (OPENROUTER_API_KEY) which gives you access to a wide range of models / providers. There is no benefit in function to using one provider over another (the txt2detection logic is the same for all). We provide the option to use provider supplied API keys (e.g. OPENAI_API_KEY) for those who cannot / do not want to use OpenRouter.
OPENROUTER_API_KEY=- (REQUIRED IF USING MODELS PROVIDED BY OPENROUTER IN AI MODES) get it from: https://openrouter.ai/settings/keys
DEEPSEEK_API_KEY=- (REQUIRED IF USING DEEPSEEK MODELS DIRECTLY IN AI MODES) get it from: https://platform.deepseek.com/api-key
OPENAI_API_KEY: YOUR_API_KEY- (REQUIRED IF USING OPENAI MODELS DIRECTLY IN AI MODES) get it from: https://platform.openai.com/api-keys
ANTHROPIC_API_KEY: YOUR_API_KEY- (REQUIRED IF USING ANTHROPIC MODELS DIRECTLY IN AI MODES) get it from" https://console.anthropic.com/settings/keys
GOOGLE_API_KEY:- (REQUIRED IF USING GOOGLE GEMINI MODELS DIRECTLY IN AI MODES) get it from the Google Cloud Platform (making sure the Gemini API is enabled for the project)
txt2detection requires ctibutler to lookup ATT&CK
CTIBUTLER_BASE_URL:'http://api.ctibutler.com'(recommended)- If you are running CTI Butler locally, be sure to set
'http://host.docker.internal:8006/api/'in the.envfile otherwise you will run into networking errors.
- If you are running CTI Butler locally, be sure to set
CTIBUTLER_BASE_URL:- If using
'http://api.ctibutler.com', get your API key here. Can be left blank if running locally.
- If using
txt2detection requires vulmatch to lookup CVE IDs
VULMATCH_BASE_URL:'http://api.vulmatch.com'(recommended)- If you are running CTI Butler locally, be sure to set
'http://host.docker.internal:8005/api/'in the.envfile otherwise you will run into networking errors.
- If you are running CTI Butler locally, be sure to set
VULMATCH_BASE_URL:- If using
'http://api.vulmatch.com', get your API key here. Can be left blank if running locally.
- If using