influxdb: enabled: description: Enables the grid metrics collection storage system. Security Onion grid health monitoring requires this process to remain enabled. WARNING - Disabling the process is unsupported, and will cause unexpected results. forcedType: bool helpLink: influxdb config: assets-path: description: Path to the InfluxDB user interface assets located inside the so-influxdb container. global: True advanced: True helpLink: influxdb bolt-path: description: Path to the bolt DB file located inside the so-influxdb container. global: True advanced: True helpLink: influxdb engine-path: description: Path to the engine directory located inside the so-influxdb container. This directory stores the time series data. global: True advanced: True helpLink: influxdb feature-flags: description: List of key=value flags to enable. global: True advanced: True helpLink: influxdb flux-log-enabled: description: Controls whether detailed flux query logging is enabled. forcedType: bool global: True advanced: True helpLink: influxdb hardening-enabled: description: If true, enforces outbound connections from the InfluxDB process must never attempt to reach an internal, private network address. forcedType: bool global: True advanced: True helpLink: influxdb http-bind-address: description: The URL and port on which InfluxDB will listen for new connections. global: True advanced: True helpLink: influxdb http-idle-timeout: description: Keep-alive timeout while a connection waits for new requests. A value of 0 is the same as no timeout enforced. global: True advanced: True helpLink: influxdb http-read-header-timeout: description: The duration to wait for a request header before closing the connection. A value of 0 is the same as no timeout enforced. global: True advanced: True helpLink: influxdb http-read-timeout: description: The duration to wait for the request to be fully read before closing the connection. A value of 0 is the same as no timeout enforced. global: True advanced: True helpLink: influxdb http-write-timeout: description: The duration to wait for the response to be fully written before closing the connection. A value of 0 is the same as no timeout enforced. global: True advanced: True helpLink: influxdb influxql-max-select-buckets: description: Maximum number of group-by clauses in a SELECT statement. A value of 0 is the same as unlimited. global: True advanced: True helpLink: influxdb influxql-max-select-point: description: Maximum number of points that can be queried in a SELECT statement. A value of 0 is the same as unlimited. global: True advanced: True helpLink: influxdb influxql-max-select-series: description: Maximum number of series that can be returned in a SELECT statement. A value of 0 is the same as unlimited. global: True advanced: True helpLink: influxdb instance-id: description: Unique instance ID for this server, to avoid collisions in a replicated cluster. global: True advanced: True helpLink: influxdb log-level: description: The log level to use for outputting log statements. Allowed values are debug, info, or error. global: True advanced: false options: - info - debug - error helpLink: influxdb metrics-disabled: description: If true, the HTTP endpoint that exposes internal InfluxDB metrics will be inaccessible. forcedType: bool global: True advanced: True helpLink: influxdb no-tasks: description: If true, the task system will not process any queued tasks. Useful for troubleshooting startup problems. forcedType: bool global: True advanced: True helpLink: influxdb pprof-disabled: description: If true, the profiling data HTTP endpoint will be inaccessible. forcedType: bool global: True advanced: True helpLink: influxdb query-concurrency: description: Maximum number of queries to execute concurrently. A value of 0 is the same as unlimited. global: True advanced: True helpLink: influxdb query-initial-memory-bytes: description: The initial number of bytes of memory to allocate for a new query. global: True advanced: True helpLink: influxdb query-max-memory-bytes: description: The number of bytes of memory to allocate to all running queries. Should typically be the query bytes times the max concurrent queries. global: True advanced: True helpLink: influxdb query-memory-bytes: description: Maximum number of bytes of memory to allocate to a query. global: True advanced: True helpLink: influxdb query-queue-size: description: Maximum number of queries that can be queued at one time. If this value is reached, new queries will not be queued. A value of 0 is the same as unlimited. global: True advanced: True helpLink: influxdb reporting-disabled: description: If true, prevents InfluxDB from sending telemetry updates to InfluxData's servers. forcedType: bool global: True advanced: True helpLink: influxdb secret-store: description: Determines the type of storage used for secrets. Allowed values are bolt or vault. global: True advanced: True options: - bolt - vault helpLink: influxdb session-length: description: Number of minutes that a user login session can remain authenticated. global: True advanced: True helpLink: influxdb session-renew-disabled: description: If true, user login sessions will renew after each request. forcedType: bool global: True advanced: True helpLink: influxdb sqlite-path: description: Path to the Sqlite3 database inside the container. This database stored user data and other information about the database. global: True advanced: True helpLink: influxdb storage-cache-max-memory-size: description: Maximum number of bytes to allocate to cache data per shard. If exceeded, new data writes will be rejected. global: True advanced: True helpLink: influxdb storage-cache-snapshot-memory-size: description: Number of bytes to allocate to cache snapshot data. When the cache reaches this size, it will be written to disk to increase available memory. global: True advanced: True helpLink: influxdb storage-cache-snapshot-write-cold-duration: description: Duration between snapshot writes to disk when the shard data hasn't been modified. global: True advanced: True helpLink: influxdb storage-compact-full-write-cold-duration: description: Duration between shard compactions when the shard data hasn't been modified. global: True advanced: True helpLink: influxdb storage-compact-throughput-burst: description: Maximum throughput (number of bytes per second) that compactions be written to disk. global: True advanced: True helpLink: influxdb storage-max-concurrent-compactions: description: Maximum number of concurrent compactions. A value of 0 is the same as half the available CPU processors (procs). global: True advanced: True helpLink: influxdb storage-max-index-log-file-size: description: Maximum number of bytes of a write-ahead log (WAL) file before it will be compacted into an index on disk. global: True advanced: True helpLink: influxdb storage-no-validate-field-size: description: If true, incoming requests will skip the field size validation. forcedType: bool global: True advanced: True helpLink: influxdb storage-retention-check-interval: description: Interval between reviewing each bucket's retention policy and the age of the associated data. global: True advanced: True helpLink: influxdb storage-series-file-max-concurrent-snapshot-compactions: description: Maximum number of concurrent snapshot compactions across all database partitions. global: True advanced: True helpLink: influxdb storage-series-id-set-cache-size: description: Maximum size of the series cache results. Higher values may increase performance for repeated data lookups. global: True advanced: True helpLink: influxdb storage-shard-precreator-advance-period: description: The duration before a successor shard group is created after the end-time has been reached. global: True advanced: True helpLink: influxdb storage-shard-precreator-check-interval: description: Interval between checking if new shards should be created. global: True advanced: True helpLink: influxdb storage-tsm-use-madv-willneed: description: If true, InfluxDB will manage TSM memory paging. forcedType: bool global: True advanced: True helpLink: influxdb storage-validate-keys: description: If true, validates incoming requests for supported characters. forcedType: bool global: True advanced: True helpLink: influxdb storage-wal-fsync-delay: description: Duration to wait before calling fsync. Useful for handling conflicts on slower disks. global: True advanced: True helpLink: influxdb storage-wal-max-concurrent-writes: description: Maximum number of concurrent write-ahead log (WAL) writes to disk. The value of 0 is the same as CPU processors (procs) x 2. global: True advanced: True helpLink: influxdb storage-wal-max-write-delay: description: Maximum duration to wait before writing the write-ahead log (WAL) to disk, when the concurrency limit has been exceeded. A value of 0 is the same as no timeout. global: True advanced: True helpLink: influxdb storage-write-timeout: description: Maximum time to wait for a write-ahead log (WAL) to write to disk before aborting. global: True advanced: True helpLink: influxdb store: description: The type of data store to use for HTTP resources. Allowed values are disk or memory. Memory should not be used for production Security Onion installations. global: True advanced: True options: - disk - memory helpLink: influxdb tls-cert: description: The container path to the certificate to use for TLS encryption of the HTTP requests and responses. global: True advanced: True helpLink: influxdb tls-key: description: The container path to the certificate key to use for TLS encryption of the HTTP requests and responses. global: True advanced: True helpLink: influxdb tls-min-version: description: The minimum supported version of TLS to be enforced on all incoming HTTP requests. global: True advanced: True helpLink: influxdb tls-strict-ciphers: description: If true, the allowed ciphers used with TLS connections are ECDHE_RSA_WITH_AES_256_GCM_SHA384, ECDHE_RSA_WITH_AES_256_CBC_SHA, RSA_WITH_AES_256_GCM_SHA384, or RSA_WITH_AES_256_CBC_SHA. forcedType: bool global: True advanced: True helpLink: influxdb tracing-type: description: The tracing format for debugging purposes. Allowed values are log or jaeger, or leave blank to disable tracing. global: True advanced: True helpLink: influxdb ui-disabled: description: If true, the InfluxDB HTTP user interface will be disabled. This will prevent use of the included InfluxDB dashboard visualizations. forcedType: bool global: True advanced: True helpLink: influxdb vault-addr: description: Vault server address. global: True advanced: True helpLink: influxdb vault-cacert: description: Path to the Vault's single certificate authority certificate file within the container. global: True advanced: True helpLink: influxdb vault-capath: description: Path to the Vault's certificate authority directory within the container. global: True advanced: True helpLink: influxdb vault-client-cert: description: Vault client certificate path within the container. global: True advanced: True helpLink: influxdb vault-client-key: description: Vault client certificate key path within the container. global: True advanced: True helpLink: influxdb vault-client-timeout: description: Duration to wait for a response from the Vault server before aborting. global: True advanced: True helpLink: influxdb vault-max-retries: description: Maximum number of retries when attempting to contact the Vault server. A value of 0 is the same as disabling retries. global: True advanced: True helpLink: influxdb vault-skip-verify: description: Skip certification validation of the Vault server. forcedType: bool global: True advanced: True helpLink: influxdb vault-tls-server-name: description: SNI host to specify when using TLS to connect to the Vault server. global: True advanced: True helpLink: influxdb vault-token: description: Vault token used for authentication. global: True advanced: True helpLink: influxdb buckets: so_short_term: duration: description: Amount of time (in seconds) to keep short term data. global: True helpLink: influxdb shard_duration: description: Amount of the time (in seconds) range covered by the shard group. global: True helpLink: influxdb so_long_term: duration: description: Amount of time (in seconds) to keep long term downsampled data. global: True helpLink: influxdb shard_duration: description: Amount of the time (in seconds) range covered by the shard group. global: True helpLink: influxdb downsample: so_long_term: resolution: description: Amount of time to turn into a single data point. global: True helpLink: influxdb