# Web Log Monitor Configuration
# Copy this file to .env and fill in your values.

# LLM Configuration
LLAMA_URL=http://athena.lan:11434/v1/chat/completions
MODEL=Qwen3-8B-Q6_K

# Gotify Configuration
GOTIFY_URL=https://notify.thecozycat.net/message
GOTIFY_TOKEN=YOUR_TOKEN_HERE

# Log Source Configuration
# LOG_MODE: "local" for direct file access (Docker), "ssh" for remote access
LOG_PATH=/logs/access.log
LOG_MODE=local

# SSH settings (only used if LOG_MODE=ssh)
BARGE_HOST=barge.lan

# Abuse log for fail2ban
ABUSE_LOG=/data/abuse.log

# State file directory
STATE_DIR=/data

# Processing Settings
BATCH_SIZE=100
MAX_LINES_PER_RUN=1000

# Daemon Settings
LLM_INTERVAL=25
TAIL_POLL_INTERVAL=1

# Threat Database (SQL Server)
# Set all four values to enable historical threat tracking.
#DB_SERVER=barge.lan,1433
#DB_NAME=ThreatDB
#DB_USER=weblogmonitor
#DB_PASSWORD=your_password