Server Options (global.cfg)

The global.cfg file is the configuration file for server wide configurations.

The global.cfg configuration file is created during installation and can be edited through the admin home page’s system > edit system configuration menu.

Location

The file is in $SEARCH_HOME/conf/global.cfg, the defaults are in $SEARCH_CONF/conf/global.cfg.default. The global.cfg.default file should not be modified.

Format

The format of the file is a simple name=value pair per line, with the values $SEARCH_HOME and $COLLECTION_NAME automatically expanded to the funnelback installation path and the name of the current search package or data source automatically.

Configuration options

The following tables contain descriptions of the options that are used in the configuration file.

Option Description

access_restriction.system_ip_ranges

Configures any ranges which should be considered 'internal' and hence ignored in X-Forwarded-For processing.

admin-api.reset-password-from-email

Override the sender email address used for the password reset email.

admin.read-only-mode

Set the server into read only mode preventing updates and configuration changes.

analytics.heap.id

App ID to enable tracking via Heap

auth.admin.saml.default-login-redirect-url

Specify the default URL to navigate to after an IdP initiated SSO login. (Admin interface)

auth.admin.saml.enabled

Enable SAML authentication (Admin interface).

auth.admin.saml.entity-id-prefix

Specify the prefix for the SAML entity ID (Admin interface).

auth.admin.saml.groovy-permission-mapper

Specify the location of the Groovy class which maps SAML users to their permissions.

auth.admin.saml.identity-provider-metadata-url

Specify the SAML identity provider’s metadata URL (Admin interface).

auth.admin.saml.key-alias

Specify the alias of private key to use in SAML keystore (Admin interface).

auth.admin.saml.key-password

Specify the password for private key in SAML keystore (Admin interface).

auth.admin.saml.keystore-password

Specify the password for SAML keystore (Admin interface).

auth.admin.saml.keystore-path

Specify the location of the SAML keystore (Admin interface).

auth.admin.saml.logout-url

Specify the URL to log users out of the IdP (Admin interface).

auth.publicui.saml.default-login-redirect-url

Specify the default URL to navigate to after an IdP initiated SSO login. (Public search)

auth.publicui.saml.enabled

Enable SAML authentication (Public search).

auth.publicui.saml.entity-id-prefix

Specify the prefix for the SAML entity ID (Public search).

auth.publicui.saml.identity-provider-metadata-url

Specify the SAML identity provider’s metadata URL (file:// or http://) (Public search).

auth.publicui.saml.key-alias

Specify the alias of private key to use in SAML keystore (Public search).

auth.publicui.saml.key-password

Specify the password for private key in SAML keystore (Public search).

auth.publicui.saml.keystore-password

Specify the password for SAML keystore (Public search).

auth.publicui.saml.keystore-path

Specify the location of the SAML keystore (Public search).

auth.publicui.saml.logout-url

Specify the URL to log users out of the IdP (Public search)

auth.saml.algorithm

Specify the SAML signature/digest algorithm name to use with OpenSAML.

auth.user.allowed-failures-per-period

Specifies the maximum number of failed login attempts per period.

auth.user.allowed-failures-period-length-seconds

Specifies the period over which failed login attempts are tracked.

auth.user.delay-length-seconds

Specifies the delay applied to authentication attempts after too many failures.

auth.user.login-token-lifetime-seconds

Specifies how long a user’s login session lasts (if no refreshing occurs).

auth.user.login-token-refresh-after-percentage

Specifies how much of the user’s login session duration should expire before the user’s next request causes it to be refreshed.

auth.user.prevent-concurrent-user-login-sessions

Specifies whether users of Funnelback should be prevented from logging in simultaneously from multiple web browser sessions.

daemon.max_heap_size

Specify the heap memory size the Funnelback daemon service should be generated with.

encryption.keyset-handle-provider-class

Specify the name of the class that will be used to provide the encryption/decryption KeysetHandle.

environment-name

Specifies the configuration environment the server is in.

funnelback_umask

Specify the umask value for Funnelback

intercom.id

Enable Intercom usage within the administration dashboard.

jetty.admin_port

Specify the port Jetty will bind to for admin traffic.

jetty.http_multipart_form_data_compliance

Specify the compliance level for multipart/form-data handling

jetty.http_output_buffer_size

Specify the size of the buffer of HTTP response (in bytes).

jetty.http_request_header_size

Specify the maximum size of the request header (in bytes)

jetty.http_response_header_size

Specify the maximum size of the response header (in bytes)

jetty.max_heap_size

Specify the heap memory size the Jetty web server service should be generated with.

jetty.max_metaspace_size

Specify the metaspace memory size the Jetty web server service should be generated with.

jetty.search_port

Specify the port jetty will bind to for insecure HTTP search traffic.

jetty.search_port_https

Specify the port jetty will bind to for HTTPS search traffic.

knowledge-graph.neo4j.location

Specifies the location of the neo4j server.

knowledge-graph.neo4j.password

Specifies the password to use when connecting to the neo4j server.

knowledge-graph.neo4j.username

Specifies the user name to use when connecting to the neo4j server.

knowledge-graph.server.label

Specifies a label which is unique to the server.

mail.smtp.auth

Specify if the mail server requires authentication.

mail.smtp.host

Specify the hostname of the mail server to use.

mail.smtp.password

Specify a password when authenticating with the mail server.

mail.smtp.port

Specify the port of the mail server.

mail.smtp.user

Specify a username when authenticating with the mail server.

neo4j.max_heap_size

Specify the heap memory size the Funnelback graph service should be generated with.

norconex.crawler_callback_token_id

The Funnelback callback secret ID in AWS secret manager to get access to the admin-api callback function.

norconex.crawler_env

The norconex environment value.

norconex.crawler_eventbus_token_id

The Funnelback DXP event bus secret ID in AWS secret manager to get access to the event bus APIs

norconex.crawler_hostname

Hostname used to access the norconex crawler service host.

norconex.crawler_port

Port which should be used to access the norconex crawler service endpoint.

norconex.crawler_protocol

Protocol for the Norconex crawler service host, usually HTTPS

norconex.distributor_hostname

Hostname used to access the norconex distributor service host.

norconex.distributor_port

Port which should be used to access the norconex distributor service endpoint.

norconex.distributor_protocol

Protocol for the distributor service host, usually HTTPS

norconex.eventbus_hostname

Hostname used to access the event bus host.

norconex.eventbus_path

Path used to access the event bus host.

norconex.eventbus_port

Port which should be used to access the event bus service endpoint.

norconex.eventbus_protocol

Protocol for the event-bus host, usually HTTPS

plugin.admin-api-on-write-file

Defines the id of the server plugin which will provide the functionality to scan a file.

plugin.admin-api-on-write-file.password

Plugin password for storing secret information such as a password in an encrypted format.

plugin.admin-api-on-write-file.version

Specifies the version of the server plugin which will provide the file scanning capability.

plugin.saml-user-mapper

Defines the id of the server plugin which will provide the functionality to map a SAML user.

plugin.saml-user-mapper.version

Specifies the version of the server plugin which will provide the SAML user mapping capability.

post_collection_create_script

Name of script to run after the collection has been created.

pre_collection_delete_script

Name of the pre-delete hook script

push.replication.master.hostname

Configures the hostname of the push master node for a push slave node.

push.replication.master.push-api.call.delay

Delay before requesting new data from the master node.

push.replication.master.push-api.port

Sets the push API port for the master node when running as a push slave.

push.worker-thread-count

Specify the maximum number of worker threads push should use.

redis.master.host

Specify the host the redis server is running on.

redis.master.port

Specify the port redis is listening on.

scheduler.paused

Specifies whether automatic task scheduling is active or paused for the Funnelback server.

server.cpu_count

Specify CPU count of the server.

server_secret

Specifies the secret used for protecting various internal and external endpoints.

task.default-priority.add-urls-to-live-view

Defines the default priority for ADD_URLS_TO_LIVE_VIEW tasks in the task queue API.

task.default-priority.full-update

Defines the default priority for FULL_UPDATE tasks in the task queue API.

task.default-priority.incremental-update

Defines the default priority for INCREMENTAL_UPDATE tasks in the task queue API.

task.default-priority.instant-update

Defines the default priority for INSTANT_UPDATE tasks in the task queue API.

task.default-priority.knowledge-graph

Defines the default priority for UPDATE_KNOWLEDGE_GRAPH tasks in the task queue API.

task.default-priority.meta-index

Defines the default priority for META_INDEX tasks in the task queue API.

task.default-priority.meta-update

Defines the default priority for META_UPDATE tasks in the task queue API.

task.default-priority.normal-update

Defines the default priority for NORMAL_UPDATE tasks in the task queue API.

task.default-priority.re-apply-gscopes-to-live-view

Defines the default priority for REAPPLY_GSCOPES_TO_LIVE_INDEX tasks in the task queue API.

task.default-priority.re-index-live-view

Defines the default priority for REBUILD_LIVE_INDEX tasks in the task queue API.

task.default-priority.refresh-update

Defines the default priority for REFRESH_UPDATE tasks in the task queue API.

task.default-priority.remove-urls-by-prefix-from-live-view

Defines the default priority for REMOVE_URLS_BY_PREFIX_FROM_LIVE_VIEW tasks in the task queue API.

task.default-priority.remove-urls-from-live-view

Defines the default priority for REMOVE_URLS_FROM_LIVE_VIEW tasks in the task queue API.

task.default-priority.restart-full-update-from-crawler-checkpoint

Defines the default priority for RESTART_FULL_UPDATE_FROM_CRAWLER_CHECKPOINT tasks in the task queue API.

task.default-priority.restart-gather

Defines the default priority for RESTART_GATHER tasks in the task queue API.

task.default-priority.restart-incremental-update-from-crawler-checkpoint

Defines the default priority for RESTART_INCREMENTAL_UPDATE_FROM_CRAWLER_CHECKPOINT tasks in the task queue API.

task.default-priority.restart-update-from-index-phase

Defines the default priority for RESTART_UPDATE_FROM_INDEX_PHASE tasks in the task queue API.

task.default-priority.restart-update-swap-views-forcing-swap

Defines the default priority for RESTART_UPDATE_FROM_SWAP_VIEWS_FORCING_SWAP tasks in the task queue API.

task.default-priority.tuning

Defines the default priority for TUNING tasks in the task queue API.

task.default-priority.update-analytics

Defines the default priority for UPDATE_ANALYTICS tasks in the task queue API.

task.task-picker-class

Specify the name of the class that will be used to pick tasks off the queue to be run.

task.task-picker-management-user

Specify the list of users who can modify task queue priorities

urls.admin_hostname

Hostname used to access the admin UI.

urls.admin_port

Port which should be used to access the admin UI.

urls.admin_protocol

Protocol for the Admin UI, usually HTTPS

urls.search_hostname

Hostname used to access the search endpoint.

urls.search_port

Port which should be used to access the search endpoint.

urls.search_protocol

Protocol of the preferred search end point, usually http.

webdav-service.bind_address

Address to bind the WebDAV service to

webdav-service.key.alias

Alias of the key within the keystore.file to use for the WebDAV service

webdav-service.keystore.file

File containing the keystore for the WebDAV service

webdav-service.keystore.password

Password for the keystore.file to use for the WebDAV service

webdav-service.port

Port to use for the WebDAV service