Configuration
Logging
Camunda Optimize provides logging facilities that are preconfigured to use
INFO logging level. Which provides minimal output of information in log files.
This level can be adjusted using environment-logback.xml configuration file.
Even though one could potentially configure logging levels for all packages, it is recommended to set logging levels for optimize system only using exact package reference as follows:
<logger name="org.camunda.optimize" level="info" />
In general, all log levels provided by logback are supported. Optimize itself supports the following log levels:
- info: shows only errors and the most important information.
- debug: in addition to info writes information about scheduling process, alerting as well as import into the log file.
- trace: as debug but in addition writes all requests sent to Engine as well as all queries towards Elasticsearch in the log file.
System configuration
All distributions of Camunda Optimize come with a predefined set of configuration options that can be overwritten by the user, based on current environment requirements. To do that, have a look into the folder named environment. There is one file called environment-config.yaml with values that override the defaults optimize properties.
Configuration file contains YAML object each field of which is containing configuration values of one specific logical part of Camunda Optimize system. You can see a sample configuration file with all possible configuration fields and their default values here.
In the following section you will find description and default values of separate fields inside of main YAML object with their respective YAML Path.
Heads Up!
For changes in the configuration to take effect, you need to restart Optimize!
Authentication And Security
These values control internal mechanisms of Optimize related to authentication of users against the system and lifetime of web session tokens.
| YAML Path | Default Value | Description |
|---|---|---|
| auth.token.lifeMin | 15 | Optimize uses token-based authentication to keep track of which users are logged in. Define the lifetime of the token in minutes. |
Container
Settings related to embedded Jetty container, which serves Optimize application.
| YAML Path | Default Value | Description |
|---|---|---|
| container.host | localhost | A host name or IP address, to identify a specific network interface on which to listen. |
| container.ports.http | 8090 | A port number that will be used by the embedded jetty server to process HTTP connections. |
| container.ports.https | 8091 | A port number that will be used by the embedded jetty server to process secure HTTPS connections. |
| container.keystore.location | keystore.jks | HTTPS requires an SSL Certificate. When you generate an SSL Certificate, you are creating a keystore file and a keystore password for use when the browser interface connects. Location of keystore file. |
| container.keystore.password | optimize | Password of keystore file. |
| container.status.connections.max | 10 | Maximum number of web socket connections accepted for status report. |
Connection to Camunda BPM platform
Configuration for engines used to import data. Please note that you have to have
at least one engine configured at all times. You can configure multiple engines
to import data from. Each engine configuration should have unique alias associated
with it and represented by ${engineAlias}.
| YAML Path | Default Value | Description |
|---|---|---|
| engines.${engineAlias}.name | default | The name of the engine that will be used to import data. |
| engines.${engineAlias}.rest | http://localhost:8080/engine-rest | A base URL that will be used for connections to the Camunda Engine REST API. |
| engines.${engineAlias}.authentication.enabled | false | Toggles basic authentication on or off. When enabling basic authentication, please be aware that you also need to adjust the values of the user and password |
| engines.${engineAlias}.authentication.user |
When basic authentication is enabled, this user is used to authenticate
against the engine.
Note: when enabled, it is required that the user has
|
|
| engines.${engineAlias}.authentication.password | When basic authentication is enabled, this password is used to authenticate against the engine. | |
| engines.${engineAlias}.webapps.endpoint | http://localhost:8080/camunda | Defines the endpoint where to find the camunda webapps. This allows Optimize to directly link to the other Camunda Web Applications, e.g. to jump from Optimize directly to a dedicated process instance in Cockpit |
| engines.${engineAlias}.webapps.enabled | true | Enables/disables linking to other Camunda Web Applications |
Engine Common Settings
Settings used by Optimize, which are common among all configured engines, such as REST API endpoint locations, timeouts, etc.
| YAML Path | Default Value | Description |
|---|---|---|
| engine-commons.connection.timeout | 0 | Maximum time in milliseconds without connection to the engine, Optimize should wait until a time out is triggered. A value of zero means to wait an infinite amount of time. |
| engine-commons.procdef.resource | /process-definition | The engine endpoint to the process definition. |
| engine-commons.procdef.xml | /xml | The engine endpoint to the process definition xml. |
| engine-commons.decision-definition.resource | /decision-definition | The engine endpoint to the decision definitions. |
| engine-commons.decision-definition.xml | /xml | The relative engine endpoint to the decision definition xmls. |
| engine-commons.read.timeout | 0 | Maximum time a request to the engine should last, before a timeout triggers. A value of zero means to wait an infinite amount of time. |
| engine-commons.user.validation.resource | /identity/verify | The engine endpoint for the user validation. |
| import.data.activity-instance.maxPageSize | 10000 | Overwrites the maximum page size for historic activity instance fetching. |
| import.data.process-definition.elasticsearchType | process-definition | Name used to identify index for storing data of process definitions already imported to optimize |
| import.data.process-definition-xml.maxPageSize | 2 | Overwrites the maximum page size for process definition xml model fetching. Should be a low value, as large models will lead to memory or timeout problems. |
| import.data.process-instance.maxPageSize | 10000 | Overwrites the maximum page size for historic process instance fetching. |
| import.data.process-instance.elasticsearchType | process-instance | Name used to identify index storing data of imported process instances |
| import.data.variable.maxPageSize | 10000 | Overwrites the maximum page size for historic variable instance fetching. |
| import.data.decision-definition-xml.maxPageSize | 2 | Overwrites the maximum page size for decision definition xml model fetching. Should be a low value, as large models will lead to memory or timeout problems. |
| import.data.decision-instance.maxPageSize | 10000 | Overwrites the maximum page size for historic decision instance fetching. |
| import.elasticsearchJobExecutorThreadCount | 2 | Number of threads being used to process the import jobs that are writing data to elasticsearch. |
| import.elasticsearchJobExecutorQueueSize | 50 | Adjust the queue size of the import jobs that store data to elasticsearch. A too large value might cause memory problems. |
| import.handler.backoff.interval | 5000 | Interval in milliseconds which is used for the backoff time calculation. |
| import.handler.backoff.max | 15 | Once all pages are consumed, the import scheduler component will start scheduling fetching tasks in increasing periods of time, controlled by "backoff" counter. |
| import.handler.backoff.isEnabled | true | Tells if the backoff is enabled of not. |
| import.indexType | import-index | The name of the import index type. |
| import.importIndexStorageIntervalInSec | 10 | States how often the import index should be stored to Elasticsearch. |
| import.currentTimeBackoffMilliseconds | 2000 | This is the time interval the import backs off from the current tip of the time during the ongoing import cycle. This ensures that potentially missed concurrent writes in the engine are reread going back by the amount of this time interval. |
| import.writer.numberOfRetries | 5 | Number of retries when there is a version conflict in Elasticsearch during the import. |
Elasticsearch
Settings related to the elasticsearch.
Connection settings
Everything that is related to build up the connection to Elasticsearch.
Please note that you can define a number of connection points
in a cluster. Therefore, everything that is under es.connection.nodes is a list of nodes optimize can connect to.
If you have built an Elasticsearch cluster with several nodes it is recommended to define several connection points
in case one node fails, Optimize is still able to talk to the cluster.
| YAML Path | Default Value | Description |
|---|---|---|
| es.connection.timeout | 10000 | Maximum time without connection to Elasticsearch, Optimize should wait until a time out triggers. |
| es.connection.clusterName | elasticsearch | The name of the Elasticsearch cluster Optimize should connect with. |
| es.connection.nodes[*].host | localhost | The address/hostname under which the Elasticsearch node is available. |
| es.connection.nodes[*].tcpPort | 9300 | A port number used by Elasticsearch to accept TCP connections. This port is used for Optimize to communicate with Elasticsearch. Exception is the communication during the upgrade. |
| es.connection.nodes[*].httpPort | 9200 | A port number used by Elasticsearch to accept HTTP connections. Currently, this port is only used in the upgrade jar. |
Index settings
| YAML Path | Default Value | Description |
|---|---|---|
| es.settings.index.number_of_replicas | 1 |
How often should the data replicated in case of node failure.
Note: this property only applies the first time Optimize is started and the schema/mapping is deployed on Elasticsearch. If you want to take this property to take effect again, you need to delete all indexes (with it all data) and restart Optimize. |
| es.settings.index.number_of_shards | 5 |
How many shards should be used in the cluster.
Note: this property only applies the first time Optimize is started and the schema/mapping is deployed on Elasticsearch. If you want to take this property to take effect again, you need to delete all indexes (with it all data) and restart Optimize. |
| es.settings.index.refresh_interval | 2s | How long Elasticsearch waits until the documents are available for search. A positive value defines the duration in seconds. A value of -1 means that a refresh needs to be done manually. |
Security settings
Define a secured connection to be able to communicate with an Elasticsearch instance secured with x-pack.
| YAML Path | Default Value | Description |
|---|---|---|
| es.security.username | elastic | The x-pack username that has the rights to start a transport connection |
| es.security.password | I-love-optimize | The password of the x-pack user |
| es.security.ssl.enabled | false | Used to enable or disable TLS/SSL for both the transport and http layer. Also defines if a secured connection is build up at all. |
| es.security.ssl.key | /path/to/client.key | The path to the PEM encoded file containing the private key. |
| es.security.ssl.certificate | /path/to/client.crt | The path to a PEM encoded file containing the certificate (or certificate chain) that will be presented to clients when they connect. |
| es.security.ssl.certificate_authorities | [] | A list of paths to PEM encoded certificate files that should be trusted, e.g. ['/path/to/ca.crt']. Note: if you are using a public CA that is already trusted by the Java runtime, you do not need to set the certificate_authorities. |
| es.security.ssl.verification_mode | certificate | Controls the verification of certificates. Valid values are none, certificate, and full. See the elasticsearch security setting xpack.security.transport.ssl.verification_mode for more information about the values. |
Setting for the email server to send email notifications, e.g. when an alert is triggered.
| YAML Path | Default Value | Description |
|---|---|---|
| email.enabled | false | A switch to control email sending process. |
| email.username | Username of your smtp server. | |
| email.password | Corresponding password to the given user of your smtp server. | |
| email.address | Email address that can be used to send notifications. | |
| email.hostname | The smtp server name. | |
| email.port | 587 | The smtp server port. This one is also used as SSL port for the security connection. |
| email.securityProtocol | None | States how the connection to the server should be secured. Possible values are 'NONE', 'STARTTLS' or 'SSL/TLS'. |
History Cleanup Settings
Settings for automatic cleanup of historic process/decision instances based on their end time.
| YAML Path | Default Value | Description |
|---|---|---|
| historyCleanup.enabled | false | Switch to activate the history cleanup. [true/false] |
| historyCleanup.cronTrigger | '0 1 * * *' |
Cron expression to schedule when the cleanup should be executed, defaults to one 1 o'clock during the night. As the cleanup can cause considerable load on the underlying ElasticSearch database it is recommended to schedule it outside of office hours. You can either use the default Cron (5 fields) or the Spring Cron (6 fields) expression format here.
For details on the format please refer to: Cron Expression Description Spring Cron Expression Documentation |
| historyCleanup.ttl | 'P2Y' |
Global time to live (ttl) period for process/decision instance data since their end date, when passed the process/decision instance will get cleaned up.
The format of the string is ISO_8601 duration. The default value is 2 years. For details on the notation refer to: https://en.wikipedia.org/wiki/ISO_8601#Durations Note: The time component of the ISO_8601 duration is not supported. Only years (Y), months (M) and days (D) are. |
| historyCleanup.processDataCleanupMode | 'all' |
Global type of the cleanup to perform for process instances, possible values: 'all' - delete everything related and including the process instance that passed the defined ttl 'variables' - only delete variables of a process instance Note: This doesn't affect the decision instance cleanup which always deletes the whole instance. |
| historyCleanup.perProcessDefinitionConfig | A List of process definition specific configuration parameters that will overwrite the global cleanup settings for the specific processDefinition identified by it's ${key}. | |
| historyCleanup.perProcessDefinitionConfig.${key}.ttl | Time to live to use for process instances of the process definition with the ${key}. | |
| historyCleanup.perProcessDefinitionConfig.${key}.processDataCleanupMode | Cleanup mode to use for process instances of the process definition with the ${key}. | |
| historyCleanup.perDecisionDefinitionConfig | A List of decision definition specific configuration parameters that will overwrite the global cleanup settings for the specific decisionDefinition identified by it's ${key}. | |
| historyCleanup.perDecisionDefinitionConfig.${key}.ttl | Time to live to use for decision instances of the decision definition with the ${key}. |
Other
Settings of plugin subsystem serialization format, variable import, camunda endpoint.
| YAML Path | Default Value | Description |
|---|---|---|
| plugin.variableImport.basePackages | Look in the given base package list for variable import adaption plugins. If empty, the import is not influenced. | |
| plugin.authenticationExtractor.basePackages | Looks in the given base package list for authentication extractor plugins. If empty, the standard Optimize authentication mechanism is used. | |
| plugin.engineRestFilter.basePackages | Look in the given base package list for engine rest filter plugins. If empty, the REST calls are not influenced. | |
| serialization.engineDateFormat | yyyy-MM-dd'T'HH:mm:ss.SSSZ | Define a custom date format that should be used (should be the same as in the engine) please not that engine prior to 7.8 use yyyy-MM-dd'T'HH:mm:ss as default date format |
| serialization.optimizeDateFormat | yyyy-MM-dd'T'HH:mm:ss.SSSZ | The date format that is used in Optimize internally |
| export.csv.limit | 1000 | Maximum number of records returned by CSV export |
| export.csv.offset | 0 | Position of first record which will be exported in CSV |
| sharing.enabled | true | Enable/disable the possibility to share reports and dashboards |