Skip to content

Recipes

A recipe is a collection of configuration that sets a Quine instance up for a specific purpose. A recipe is defined in a yaml file and contains configuration for: ingest streams, standing queries, UI configuration, and some metadata about the recipe. They are also a great way to learn about Quine features like ingest streams that build the streaming graph, standing queries that find results you are looking for and take actions, and customizing the exploration UI.

In order to launch Quine with a recipe, use -r, followed by either the short name of a sample recipe or a local YAML filename. Some recipes can expect input parameters. The parameter values are passed by using command line arguments with -x or --recipe-value.

For example, to run the wikipedia recipe1.

java -jar quine-1.7.3.jar -r wikipedia

Quine Recipes

  • APT Detection

    Endpoint logs and network traffic data merge to auto-detect exfiltration and alert for an IoB that matches a typical malicious data exfiltration pattern.

    rrwright Shared by: Ryan Wright

  • CDN Cache Efficiency

    Continuous and real-time computation of CDN cache node efficiency from Fastly CDN logs, materialized by ASN, Geo, Asset and PoP.

    7evenbridges Shared by: Allan Konar

  • Password Spraying

    Detect password spraying attacks in real time. Ingests JSON-formatted IAM-style password authentication log file, creates graph, uses standing queries to sent alerts.

    7evenbridges Shared by: Allan Konar

  • Temporal Locality

    Relate email messages sent or received by a specific user within a 4-6 minute window.

    maglietti Shared by: Michael Aglietti

  • Monitor an MMO

    Build a live event-driven model of what's currently happening in the "PlanetSide 2" MMOFPS video game. A great example of ingesting from Websockets.

    emanb29 Shared by: Ethan Bell

  • IMDB Movie Data

    Explore a familiar graph data set using Quine to combine data from separate files, unwind nested data into unique nodes, populate node parameters, then generate a new stream from the combined data.

    maglietti Shared by: Michael Aglietti

  • Wikipedia Page Creation Feed

    Wikipedia page creation events are instantiated in the graph with relationships to a refied time model Additionally, page creation event comments are echoed to standard output.

    landon9720 Shared by: Landon Kuhn

  • Ethereum Tag Propagation

    Ingestion a live stream of events from the Ethereum Blockchain and demonstrate real-time "dirty money" tag propagation.

    emanb29 Shared by: Ethan Bell

  • Basic File Ingest

    Ingest each line from a file passed as $in_file into a disconnected graph then fill each node with a property containing the line.

    landon9720 Shared by: Landon Kuhn

  • Harry Potter

    Small graph of connected nodes that explore the familial relationships of Harry Potter characters.

    harpocrates Shared by: Alec Theriault

  • Apache Log Analytics

    Example use of Quine's unique Standing Query function to parse incoming text for each line of an Apache web server access log into a graph.

    joshcody Shared by: Josh Cody

  • Certstream Firehose

    Reproduces the behavior of the certstream website by connecting to the certstream firehose via SSL-encrypted websocket and printing to standard out each time a new certificate is detected.

    emanb29 Shared by: Ethan Bell

  • Quine Logs Recipe

    Ingest Quine log lines into Quine!

    maglietti Shared by: Michael Aglietti

  • Approximating Pi

    Incrementally approximates pi using Leibniz' formula in Quine.

    emanb29 Shared by: Ethan Bell

  1. When a recipe is launched that does not contain a file extension, Quine will fetch and launch the recipe by name from the recipes repository on GitHub. For example, java -jar quine-1.7.3.jar -r wikipedia will download the wikipedia.yaml file from from GitHub and launch that version of the recipe, even if you have a copy of wikipedia.yaml your local directory. This method only works for example recipes that are distributed with Quine.