Config Files

Configuring Kismet

Kismet is primarily configured through a set of configuration text files. By default these are installed into /usr/local/etc/ when compiling from source, and /etc/kismet/ when installing from the Kismet packages. The config files are broken into several smaller files for readability:

  • kismet.conf The master config file which loads all other configuration files, and contains most of the system-wide options

  • kismet_alerts.conf Alert / WIDS configuration, which includes rules for alert matching, rate limits on alerts, and other IDS/problem detection options

  • kismet_httpd.conf Webserver configuration

  • kismet_memory.conf Memory consumption and system tuning options. Typically unneeded, but if you have a massive number of devices or an extremely resource-limited system, how Kismet uses memory can be tuned here.

  • kismet_storage.conf Kismet persistent storage configuration

  • kismet_logging.conf Log file configuration

  • kismet_filter.conf Packet and device filter configuration

  • kismet_uav.conf Parsing rules for detecting UAV / Drones or similar devices; compiled from the kismet_uav.yaml file

  • kismet_80211.conf Configuration settings for Wi-Fi (IEEE80211) specific options

  • kismet_site.conf Optional configuration override; Kismet will load any options in the kismet_site.conf file last and they will take precedence over all other configs.

Configuration Format

Configuration files are plain text.

Any lines beginning with a # are comments, and are ignored.

Typically, example or default values are provided in comments; to enable or change that option, uncomment the line and set it accordingly - or better yet, put it in your kismet_site.conf file, details below.

Configuration options all take the form of: option=value

Some configuration options support repeated definitions, such as the source option which defines a Kismet datasource: source=wlan0 source=wlan1

Kismet supports importing config files. This is used by Kismet itself to split the config files into more readable versions, but can also be used for including custom options.

  • include=/path/to/file Include a config file; this file is parsed immediately, and the file must exist or Kismet will exit with an error.
  • opt_include=/path/to/file Include an optional config file. If this file does not exist, Kismet will generate a warning, but continue working.
  • opt_override=/path/to/file Include an optional OVERRIDE config file. This is a special file which is loaded at the end of all other configuration. Any configuration options found in an override file replace all other instances of those configurations. This is a very powerful mechanism for provisioning multiple Kismet servers or making a config which survives an upgrade and update to the newest configuration files when running from git.

Configuration Override Files - kismet_site.conf

If you often upgrade from source (or nightly packages) you may find replacing changes in your config files becomes tedious. To simplify the upgrade process, or building a Kismet install for automatic placement on sensors, changes can be placed in the kismet_site.conf config file.

This file is specified as an OVERRIDE FILE. Any options placed in kismet_site.conf will REPLACE ANY OPTIONS OF THE SAME NAME. Options in this file take precedence over any other options.

By default, Kismet will look for an optional override file in the default configuration directory (/usr/local/etc for source and /etc/kismet/ for packages, by default) named kismet_site.conf.

This mechanism allows a site configuration to override any default config options, while not making changes to any configuration file installed by Kismet. This allows new installations of Kismet to replace the config files with impunity while preserving a custom configuration.

Typical uses of this file might include changing the http data directory, defining sources and memory options, forcing or disabling logging, and so on; a kismet_site.conf file might look like:

server_name=Some server
server_description=Building 2 floor 3

gps=serial:device=/dev/ttyACM0,name=laptop

remote_capture_listen=0.0.0.0
remote_capture_port=3501

source=wlan1:name=SomeServerWlan1
source=wlan2:name=SomeServerWlan2

Configuration override ‘flavors’

Sometimes you may want to maintain multiple configurations for Kismet, for example with different sources, server names, or logging options.

This can be easily accomplished with override files and the --override option to Kismet.

Passing --override {name} to Kismet will automatically load kismet_{name}.conf from the Kismet configuration directory, as an override after all other files (by default the configuration directory is /usr/local/etc when compiling from source, or /etc/kismet when installing from packages).

For example, creating /etc/kismet/kismet_rtl.conf:

server_name=Kismet RTL

source=rtl433-0

log_title=KismetRtl433

and launching Kismet with:

$ kismet --override rtl

would capture only from the first RTL-SDR device as a RTL433 capture, and name the logs KismetRtl433-foo.

Alternately, a complete path to an override file can be given:

$ kismet --override=/home/foo/some_config.conf

Files loaded with the --override option will take precedence over all other configuration options, including any changes in kismet_site.conf.

Appending in an override

In certain, relatively rare, instances, it might be required to append a value in an override instead of completely replacing it - such as adding the wiglecsv log type in the wardrive overlay. Using the += assignment, this is easy!

log_types+=wiglecsv

This will add to the log_types configuration instead of replacing it.

Updated: