Jump to: navigation, search

Configuration Options

Knowledge Center Cluster Application Options

Knowledge Center Cluster Application Configuration Options
Name Description Value
Section: cms.cluster
cmsPathStorage Path for store repository. Default: ./knowledge/store

Valid Values: valid path to folder to store persistent repository file
Effective: After restart
Use this option for single-node CMS in case of using persistent repository file instead of DB.

dbDataColumnType Database type for DATA_COLUMN. Default: BINARY

Valid Values: valid type for DATA_COLUMN, BLOB for My SQL, BYTEA for PostgreSQL etc (http://infinispan.org/docs/7.1.x/user_guide/user_guide.html#_jdbc_based_cache_loaders)
Effective: After restart

dbIdColumnType Database type for ID_COLUMN. Default: VARCHAR(255)

Valid Values: valid type for ID_COLUMN (http://infinispan.org/docs/7.1.x/user_guide/user_guide.html#_jdbc_based_cache_loaders)
Effective: After restart

dbJndiName Name of JNDI class in Jetty. Default: java:comp/env/jdbc/knowledge

Valid Values: String "java:comp/env/jdbc/knowledge" or "comp/env/jdbc/knowledge" for running under Jetty8
Effective: After restart

dbSharedEnable Enables cms instances to store data in shared database. Default: false

Valid Values: true, false
Effective: After restart
To enable CMS cluster set this option to true.

dbTimestampColumnType Database type for TIMESTAMP_COLUMN. Default: BIGINT

Valid Values: valid type for TIMESTAMP_COLUMN (http://infinispan.org/docs/7.1.x/user_guide/user_guide.html#_jdbc_based_cache_loaders)
Effective: After restart

jgroupsConfiguration Determine the interaction between a server. Default: TCP

Valid Values: JGROUPS_UPD,JGROUPS_TCP,JGROUPS_EC2,TCP,TCP_NIO,TCP_GOSSIP,TUNNEL,UDP_LARGECLUSTER
Effective: After restart

repositoryName JNDI database name. Default: Genesys Knowledge Repository

Valid Values: Any string (should not be changed after database creation)
Effective: After restart

Section: cms.general
externalURL Connection to CMS load balancer. Default: none

Valid Values: Valid URL

Section: general
session-ttl Specify time that server will store session information while no activities are taking place. Default: 8h

Valid Values: number + unit, e.g. 1d or 3m. Supported units: d (days), m (minutes), h (hours), or w(weeks)
Changes Take Effect: After restart.

Section: multicast
enabled Specify whether enabled node should use multicast or unicast to discover other servers within the same cluster. Default: true

Valid Values: true, false
 Changes Take Effect: After restart.

Important
Genesys Knowledge Center Servers are configured to use multicast discovery out of the box. Multicast works by sending UDP pings across your local network to discover nodes. Other Knowledge Center Servers will receive these pings and respond. A cluster is formed shortly after. This ease of use is the reason you should disable it in production otherwise other servers could accidentally join your production cluster simply because they received an errant multicast ping or are misconfigured having the same cluster name.
Section: general
esReadOnly Specifies whether a server should use multicast or unicast to discover other servers within the same cluster. Default: true

Valid Values: true, false

sessionTtl Specify time that server will store session information while no activities are taking place. Default: 8h

Valid Values: number + unit, e.g. 1d or 3m. Supported units: d (days), m (minutes), h (hours), or w(weeks)
Changes Take Effect: After restart.

Section: multicast
enabled Specify whether enabled node should use multicast or unicast to discover other servers within the same cluster. Default: true

Valid Values: true, false
 Changes Take Effect: After restart.

Important
Genesys Knowledge Center Servers are configured to use multicast discovery out of the box. Multicast works by sending UDP pings across your local network to discover nodes. Other Knowledge Center Servers will receive these pings and respond. A cluster is formed shortly after. This ease of use is the reason you should disable it in production otherwise other servers could accidentally join your production cluster simply because they received an errant multicast ping or are misconfigured having the same cluster name.
Section: reporting
geo Determine the precision of the IP geo-location algorithm. Default: CITY

Valid Values: OFF - Disabled, IP - Customer's IP Address, COUNTRY - Customer's country, CITY - Customer's city

ttl Specify time that records will be stored in the history. Default: 14d

Valid Values:number + unit, e.g. 1d or 3m. Supported units: d (days), m (minutes), h (hours), or w(weeks)
Changes Take Effect: After restart.

Section: log
all Specifies the outputs to which an application sends all log events. The log output types must be separated by a comma when more than one output is configured. For example: all = stdout, logfile Default: stdout

Valid Values: (log output types)

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database. Setting the all log level option to the network output enables an application to send log events of the Standard, Interaction, and Trace levels to Message Server. Debug-level log events are neither sent to Message Server nor stored in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: After start or restart.

standard Specifies the outputs to which an application sends the log events of the Standard level. The log output types must be separated by a comma when more than one output is configured. For example: standard = stderr, network Default: stdout

Valid Values:

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: Immediately

trace Specifies the outputs to which an application sends the log events of the Trace level and higher (that is, log events of the Standard, Interaction, and Trace levels). The log outputs must be separated by a comma when more than one output is configured. For example: trace = stderr, network. Default: stdout

Valid Values:

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: Immediately

verbose Determines whether a log output is created. If it is, specifies the minimum level of log events generated. The log events levels, starting with the highest priority level, are Standard, Interaction, Trace, and Debug. Default: standard

Valid Values:

Name Description
all All log events (that is, log events of the Standard, Trace, Interaction, and Debug levels) are generated.
debug The same as all.
trace Log events of the Trace level and higher (that is, log events of the Standard, Interaction, and Trace levels) are generated, but log events of the Debug level are not generated.
interaction Log events of the Interaction level and higher (that is, log events of the Standard and Interaction levels) are generated, but log events of the Trace and Debug levels are not generated.
standard Log events of the Standard level are generated, but log events of the Interaction, Trace, and Debug levels are not generated.
none No output is produced.

Changes Take Effect: Immediately

segment Specifies whether there is a segmentation limit for a log file. If there is, sets the mode of measurement, along with the maximum size. If the current log segment exceeds the size set by this option, the file is closed and a new one is created. This option is ignored if log output is not configured to be sent to a log file. Default: 1000

Valid Values:

Name Description
false No segmentation is allowed.
<number> KB or <number> Sets the maximum segment size, in kilobytes. The minimum segment size is 100 KB.
<number> MB Sets the maximum segment size, in megabytes.
<number> hr Sets the number of hours for the segment to stay open. The minimum number is 1 hour.

Changes Take Effect: After restart.

expire Determines whether log files expire. If they do, sets the measurement for determining when they expire, along with the maximum number of files (segments) or days before the files are removed. This option is ignored if log output is not configured to be sent to a log file. Default: 3

Valid Values:

Name Description
false No expiration; all generated segments are stored.
<number> file or <number> Sets the maximum number of log files to store. Specify a number from 1—1000.
<number> day Sets the maximum number of days before log files are deleted. Specify a number from 1—100.

Changes Take Effect: After restart.

Important
If an option's value is not set within the range of valid values, it will automatically be reset to 10.
affectedLoggers Verbosity settings are explicitly applied for the following loggers:
  • Loggers that are not declared explicitly in the log4j2.xml configuration file.
  • Loggers that are specified explicitly in the log4j2.xml and are specified in the value for this affectedLoggers option.

For other loggers specified in log4j2.xml, but not mentioned in the value for this option, the verbosity level is not re-applied.
Here is a use case for when you might need to set this option:

  • Cassandra needs to write error messages to a log file, and at the same time, Genesys components also need to write debug messages to the log file.

To resolve this use case, you would:

  1. Specify the following logger in log4j2.xml: <logger name="org.apache.cassandra" level="error" additivity="false">
  2. Do not include org.apache.cassandra in the value for the affectedLoggers option.
  3. The default log4j2.xml file contains the following logger: <logger name="com.genesyslab.platform" level="info" additivity="false">
  4. Include com.genesyslab.platform in the value for the affectedLoggers option.
  5. Set the verbose option to debug.

In the sample above, the value of affectedLoggers should be com.genesyslab.platform. Error (but not debug or info) messages from Cassandra will be available in logs, and debug messages from com.genesyslab.platform will be available in logs.

Default: None

Valid Values: The names of loggers, separated by a semicolon (;), specified in the LOG4J2.xml. For example:
com.genesyslab.wmcbcore, com.genesyslab.qna.api.sdk, org.elasticsearch, com.genesyslab.platform, com.genesys.knowledge.api.processors, com.genesys.knowledge.server.configuration, com.genesys.elasticsearch.index.analysis.filters, com.genesys.elasticsearch.index.analysis.tokenizers, com.genesys.knowledge.security.proxy, com.genesys.knowledge.aspects.LoggingRestAspect, com.genesys.knowledge.web.filters.RequestLoggingFilter
Changes Take Effect: Immediately

time_format Specifies how to represent, in a log file, the time when an application generates log records. A log record's time field in the ISO 8601 format looks like this: 2001-07-24T04:58:10.123 Default: time

Valid Values:

Name Description
time The time string is formatted according to the HH:MM:SS.sss (hours, minutes, seconds, and milliseconds) format.
locale The time string is formatted according to the system’s locale.
ISO8601 The date in the time string is formatted according to the ISO 8601 format. Fractional seconds are given in milliseconds.

Changes Take Effect: Immediately

time_convert Specifies the system in which an application calculates the log record time when generating a log file. The time is converted from the time in seconds since 00:00:00 UTC, January 1, 1970. Default: local

Valid Values:

Name Description
local The time of log record generation is expressed as a local time, based on the time zone and any seasonal adjustments. Time zone information of the application’s host computer is used.
utc The time of log record generation is expressed as Coordinated Universal Time (UTC).

Changes Take Effect: Immediately

Section: security
auth-scheme Specifies the HTTP authentication scheme used to secure REST API requests to the Knowledge Server. With the Basic scheme, clients must be authenticated with a user ID and password. Default: none

Valid Values: none, basic
Changes Take Effect: After restart.

user-id The user identifier (login) used in authentication for the REST API. Default: n/a

Valid Values: string
Changes Take Effect: After restart.

password The user password used in authentication for the REST API. Default: n/a

Valid Values:string
Changes Take Effect: After restart.

Section: internal
Important
Knowledge Center Server uses this section to store internal initialization parameters. Do not attempt to change these options.

Knowledge Center Server Application Options

Knowledge Center Server Application Configuration Options
Name Description Value
Section: archiving
enabled Specifies whether a node will allow to execute archiving using its API. Enabling archiving on the node does not affect other nodes of the cluster. Archiving is

resource consuming functionality - use it wisely.

Default: true

Valid Values: true, false
Changes Take Effect: After restart.

type Defines format of resulted archive will be stored in. Default: tar

Valid Values: tar, zip, cpio
Changes Take Effect: After restart.

path Path to the stored archive. The archive will be stored as <path>/history_<requested_date_range>.<archive> Default: none

Valid Values: string
Changes Take Effect: After restart.

Section: security
tls Client:

1 - perform TLS handshake immediately after connecting to server. 0 – do not turn on TLS immediately but autodetect can still work.

Boolean value.

Possible values are "1"/"0", "yes"/"no", "on"/"off", "true"/"false".

Example:

  • "tls=1"
provider Explicit selection of security provider to be used. For example, MSCAPI and PKCS11 providers can contain all other parameters in their internal database. This parameter allow configuration of TLS through security provider tools. "PEM", "MSCAPI", "PKCS11"

Not case-sensitive.

Example:

  • "provider=MSCAPI"
certificate Specifies location of X.509 certificate to be used by application.

MSCAPI provider keeps certificates in internal database and can identify them by hash code; so called thumbprint.

In Java, PKCS#11 provider does not allow selection of the certificate; it must be configured using provider tools.

Note: When using autodetect (upgrade) TLS connection, this option MUST be specified in application configuration, otherwise Configuration Server would return empty TLS parameters even if other options are set.

PEM provider: path to a X.509 certificate file in PEM format. Path can use both forward and backward slash characters.

MSCAPI provider: thumbprint of a certificate – string with hexadecimal SHA-1 hash code of the certificate. Whitespace characters are allowed anywhere within the string. PKCS11 provider: this parameter is ignored.

Examples:

  • "certificate= C:\certs\client-cert-3-cert.pem"
  • "certificate=A4 7E A6 E4 7D 45 6A A6 2F 15 BE 89 FD 46 F0 EE 82 1A 58 B9"
certificate-key Specifies location of PKCS#8 private key to be used in pair with the certificate by application.

MSCAPI provider keeps private keys paired with certificates in internal database. In Java, PKCS#11 provider does not allow selection of the private key; it must be configured using provider tools.

PEM provider: path to a PKCS#8 private key file without password protection in PEM format. Path can use both forward and backward slash characters.
  • MSCAPI provider: this parameter is ignored; key is taken from the entry identified by "certificate" field.
  • PKCS11 provider: this parameter is ignored.

Examples:

  • "certificate-key= C:\certs\client-cert-3-key.pem"
trusted-ca Specifies location of a X.509 certificate to be used by application to validate remote party certificates. The certificate is designated as Trusted Certification Authority certificate and application will only trust remote party certificates signed with the CA certificate.

MSCAPI provider keeps CA certificates in internal database and can identify them by hash code; so called thumbprint. In Java, PKCS#11 provider does not allow selection of the CA certificate; it must be configured using provider tools.

PEM provider: path to a X.509 certificate file in PEM format. Path can use both forward and backward slash characters.

MSCAPI provider: thumbprint of a certificate – string with hexadecimal SHA-1 hash code of the certificate. Whitespace characters are allowed anywhere within the string. PKCS11 provider: this parameter is ignored.

Examples:

  • "trusted-ca= C:\certs\ ca.pem"
  • "trusted-ca=A4 7E A6 E4 7D 45 6A A6 2F 15 BE 89 FD 46 F0 EE 82 1A 58 B9"
tls-mutual Has meaning only for server application. Client applications ignore this value. When turned on, server will require connecting clients to present their certificates and validate the certificates the same way as client applications do. Boolean value.

Possible values are "1"/"0", "yes"/"no", "on"/"off", "true"/"false".

Example:

  • "tls-mutual=1"
tls-crl Applications will use CRL during certificate validation process to check if the (seemingly valid) certificate was revoked by CA. This option is useful to stop usage of leaked certificates by unauthorized parties. All providers: path to a Certificate Revocation List file in PEM format. Path can use both forward and backward slash characters.

Example:

  • "tls-crl= C:\certs\crl.pem"
tls-target-name-check When set to "host", enables matching of certificate’s Alternative Subject Name or Subject fields against expected host name. PSDK supports DNS names and IP addresses as expected host names. "host" or none. Not case-sensitive.

Example:

  • "tls-target-name-check=host"
cipher-list Used to calculate enabled cipher suites. Only ciphers present in both the cipher suites supported by security provider and the cipher-list parameter will be valid. String consisting of space-separated cipher suit names. Information on cipher names can be found online.

Example:

  • "cipher-list=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
fips140-enabled PSDK Java: when set to true, effectively is the same as setting "provider=PKCS11" since only PKCS11 provider can support FIPS-140. If set to true while using other provider type, PSDK will throw exception. Boolean value.

Possible values are "1"/"0", "yes"/"no", "on"/"off", "true"/"false".

Example:

  • "fips140-enabled=1"
sec-protocol Starting with PSDK release 8.5.1, an application can specify the exact protocol to send and accept secure connection requests on one or more of its connections. String value.

Possible values are "SSLv23", "SSLv3", "TLSv1", "TLSv11", "TLSv12".

Example:

  • "sec-protocol=TLSv1"
Section: log
all Specifies the outputs to which an application sends all log events. The log output types must be separated by a comma when more than one output is configured. For example: all = stdout, logfile Default: stdout

Valid Values: (log output types)

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database. Setting the all log level option to the network output enables an application to send log events of the Standard, Interaction, and Trace levels to Message Server. Debug-level log events are neither sent to Message Server nor stored in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: After start or restart.

standard Specifies the outputs to which an application sends the log events of the Standard level. The log output types must be separated by a comma when more than one output is configured. For example: standard = stderr, network Default: stdout

Valid Values:

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: Immediately

trace Specifies the outputs to which an application sends the log events of the Trace level and higher (that is, log events of the Standard, Interaction, and Trace levels). The log outputs must be separated by a comma when more than one output is configured. For example: trace = stderr, network. Default: stdout

Valid Values:

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: Immediately

verbose Determines whether a log output is created. If it is, specifies the minimum level of log events generated. The log events levels, starting with the highest priority level, are Standard, Interaction, Trace, and Debug. Default: standard

Valid Values:

Name Description
all All log events (that is, log events of the Standard, Trace, Interaction, and Debug levels) are generated.
debug The same as all.
trace Log events of the Trace level and higher (that is, log events of the Standard, Interaction, and Trace levels) are generated, but log events of the Debug level are not generated.
interaction Log events of the Interaction level and higher (that is, log events of the Standard and Interaction levels) are generated, but log events of the Trace and Debug levels are not generated.
standard Log events of the Standard level are generated, but log events of the Interaction, Trace, and Debug levels are not generated.
none No output is produced.

Changes Take Effect: Immediately

segment Specifies whether there is a segmentation limit for a log file. If there is, sets the mode of measurement, along with the maximum size. If the current log segment exceeds the size set by this option, the file is closed and a new one is created. This option is ignored if log output is not configured to be sent to a log file. Default: 1000

Valid Values:

Name Description
false No segmentation is allowed.
<number> KB or <number> Sets the maximum segment size, in kilobytes. The minimum segment size is 100 KB.
<number> MB Sets the maximum segment size, in megabytes.
<number> hr Sets the number of hours for the segment to stay open. The minimum number is 1 hour.

Changes Take Effect: After restart.

expire Determines whether log files expire. If they do, sets the measurement for determining when they expire, along with the maximum number of files (segments) or days before the files are removed. This option is ignored if log output is not configured to be sent to a log file. Default: 3

Valid Values:

Name Description
false No expiration; all generated segments are stored.
<number> file or <number> Sets the maximum number of log files to store. Specify a number from 1—1000.
<number> day Sets the maximum number of days before log files are deleted. Specify a number from 1—100.

Changes Take Effect: After restart.

Important
If an option's value is not set within the range of valid values, it will automatically be reset to 10.
affectedLoggers Verbosity settings are explicitly applied for the following loggers:
  • Loggers that are not declared explicitly in the log4j2.xml configuration file.
  • Loggers that are specified explicitly in the log4j2.xml and are specified in the value for this affectedLoggers option.

For other loggers specified in log4j2.xml, but not mentioned in the value for this option, the verbosity level is not re-applied.
Here is a use case for when you might need to set this option:

  • Cassandra needs to write error messages to a log file, and at the same time, Genesys components also need to write debug messages to the log file.

To resolve this use case, you would:

  1. Specify the following logger in log4j2.xml: <logger name="org.apache.cassandra" level="error" additivity="false">
  2. Do not include org.apache.cassandra in the value for the affectedLoggers option.
  3. The default log4j2.xml file contains the following logger: <logger name="com.genesyslab.platform" level="info" additivity="false">
  4. Include com.genesyslab.platform in the value for the affectedLoggers option.
  5. Set the verbose option to debug.

In the sample above, the value of affectedLoggers should be com.genesyslab.platform. Error (but not debug or info) messages from Cassandra will be available in logs, and debug messages from com.genesyslab.platform will be available in logs.

Default: None

Valid Values: The names of loggers, separated by a semicolon (;), specified in the LOG4J2.xml. For example:
com.genesyslab.webme.commons;PROTOCOL;org.apache.cassandra
Changes Take Effect: Immediately

time_format Specifies how to represent, in a log file, the time when an application generates log records. A log record's time field in the ISO 8601 format looks like this: 2001-07-24T04:58:10.123 Default: time

Valid Values:

Name Description
time The time string is formatted according to the HH:MM:SS.sss (hours, minutes, seconds, and milliseconds) format.
locale The time string is formatted according to the system’s locale.
ISO8601 The date in the time string is formatted according to the ISO 8601 format. Fractional seconds are given in milliseconds.

Changes Take Effect: Immediately

time_convert Specifies the system in which an application calculates the log record time when generating a log file. The time is converted from the time in seconds since 00:00:00 UTC, January 1, 1970. Default: local

Valid Values:

Name Description
local The time of log record generation is expressed as a local time, based on the time zone and any seasonal adjustments. Time zone information of the application’s host computer is used.
utc The time of log record generation is expressed as Coordinated Universal Time (UTC).

Changes Take Effect: Immediately

Knowledge Center CMS Application Options

Knowledge Center CMS Application Options
Name Description Value
Section: log
all Specifies the outputs to which an application sends all log events. The log output types must be separated by a comma when more than one output is configured. For example: all = stdout, logfile Default: stdout

Valid Values: (log output types)

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database. Setting the all log level option to the network output enables an application to send log events of the Standard, Interaction, and Trace levels to Message Server. Debug-level log events are neither sent to Message Server nor stored in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: After start or restart.

standard Specifies the outputs to which an application sends the log events of the Standard level. The log output types must be separated by a comma when more than one output is configured. For example: standard = stderr, network Default: stdout

Valid Values:

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: Immediately

trace Specifies the outputs to which an application sends the log events of the Trace level and higher (that is, log events of the Standard, Interaction, and Trace levels). The log outputs must be separated by a comma when more than one output is configured. For example: trace = stderr, network. Default: stdout

Valid Values:

Name Description
stdout Log events are sent to the Standard output (stdout).
stderr Log events are sent to the Standard error output (stderr).
network Log events are sent to Message Server, which can reside anywhere on the network. Message Server stores the log events in the Log Database.
memory Log events are sent to the memory output on the local disk. This is the safest output in terms of the application performance.
[filename] Log events are stored in a file with the specified name. If a path is not specified, the file is created in the application's working directory.

Changes Take Effect: Immediately

verbose Determines whether a log output is created. If it is, specifies the minimum level of log events generated. The log events levels, starting with the highest priority level, are Standard, Interaction, Trace, and Debug. Default: standard

Valid Values:

Name Description
all All log events (that is, log events of the Standard, Trace, Interaction, and Debug levels) are generated.
debug The same as all.
trace Log events of the Trace level and higher (that is, log events of the Standard, Interaction, and Trace levels) are generated, but log events of the Debug level are not generated.
interaction Log events of the Interaction level and higher (that is, log events of the Standard and Interaction levels) are generated, but log events of the Trace and Debug levels are not generated.
standard Log events of the Standard level are generated, but log events of the Interaction, Trace, and Debug levels are not generated.
none No output is produced.

Changes Take Effect: Immediately

segment Specifies whether there is a segmentation limit for a log file. If there is, sets the mode of measurement, along with the maximum size. If the current log segment exceeds the size set by this option, the file is closed and a new one is created. This option is ignored if log output is not configured to be sent to a log file. Default: 1000

Valid Values:

Name Description
false No segmentation is allowed.
<number> KB or <number> Sets the maximum segment size, in kilobytes. The minimum segment size is 100 KB.
<number> MB Sets the maximum segment size, in megabytes.
<number> hr Sets the number of hours for the segment to stay open. The minimum number is 1 hour.

Changes Take Effect: After restart.

expire Determines whether log files expire. If they do, sets the measurement for determining when they expire, along with the maximum number of files (segments) or days before the files are removed. This option is ignored if log output is not configured to be sent to a log file. Default: 3

Valid Values:

Name Description
false No expiration; all generated segments are stored.
<number> file or <number> Sets the maximum number of log files to store. Specify a number from 1—1000.
<number> day Sets the maximum number of days before log files are deleted. Specify a number from 1—100.

Changes Take Effect: After restart.

Important
If an option's value is not set within the range of valid values, it will automatically be reset to 10.
affectedLoggers Verbosity settings are explicitly applied for the following loggers:
  • Loggers that are not declared explicitly in the log4j2.xml configuration file.
  • Loggers that are specified explicitly in the log4j2.xml and are specified in the value for this affectedLoggers option.

For other loggers specified in log4j2.xml, but not mentioned in the value for this option, the verbosity level is not re-applied.
Here is a use case for when you might need to set this option:

  • Cassandra needs to write error messages to a log file, and at the same time, Genesys components also need to write debug messages to the log file.

To resolve this use case, you would:

  1. Specify the following logger in log4j2.xml: <logger name="org.apache.cassandra" level="error" additivity="false">
  2. Do not include org.apache.cassandra in the value for the affectedLoggers option.
  3. The default log4j2.xml file contains the following logger: <logger name="com.genesyslab.platform" level="info" additivity="false">
  4. Include com.genesyslab.platform in the value for the affectedLoggers option.
  5. Set the verbose option to debug.

In the sample above, the value of affectedLoggers should be com.genesyslab.platform. Error (but not debug or info) messages from Cassandra will be available in logs, and debug messages from com.genesyslab.platform will be available in logs.

Default: None

Valid Values: The names of loggers, separated by a semicolon (;), specified in the LOG4J2.xml. For example:
com.genesyslab.webme.commons;PROTOCOL;org.apache.cassandra
Changes Take Effect: Immediately

time_format Specifies how to represent, in a log file, the time when an application generates log records. A log record's time field in the ISO 8601 format looks like this: 2001-07-24T04:58:10.123 Default: time

Valid Values:

Name Description
time The time string is formatted according to the HH:MM:SS.sss (hours, minutes, seconds, and milliseconds) format.
locale The time string is formatted according to the system’s locale.
ISO8601 The date in the time string is formatted according to the ISO 8601 format. Fractional seconds are given in milliseconds.

Changes Take Effect: Immediately

time_convert Specifies the system in which an application calculates the log record time when generating a log file. The time is converted from the time in seconds since 00:00:00 UTC, January 1, 1970. Default: local

Valid Values:

Name Description
local The time of log record generation is expressed as a local time, based on the time zone and any seasonal adjustments. Time zone information of the application’s host computer is used.
utc The time of log record generation is expressed as Coordinated Universal Time (UTC).

Changes Take Effect: Immediately

Section: security
tls Client:

1 - perform TLS handshake immediately after connecting to server. 0 – do not turn on TLS immediately but autodetect can still work.

Boolean value.

Possible values are "1"/"0", "yes"/"no", "on"/"off", "true"/"false".

Example:

  • "tls=1"
provider Explicit selection of security provider to be used. For example, MSCAPI and PKCS11 providers can contain all other parameters in their internal database. This parameter allow configuration of TLS through security provider tools. "PEM", "MSCAPI", "PKCS11"

Not case-sensitive.

Example:

  • "provider=MSCAPI"
certificate Specifies location of X.509 certificate to be used by application.

MSCAPI provider keeps certificates in internal database and can identify them by hash code; so called thumbprint.

In Java, PKCS#11 provider does not allow selection of the certificate; it must be configured using provider tools.

Note: When using autodetect (upgrade) TLS connection, this option MUST be specified in application configuration, otherwise Configuration Server would return empty TLS parameters even if other options are set.

PEM provider: path to a X.509 certificate file in PEM format. Path can use both forward and backward slash characters.

MSCAPI provider: thumbprint of a certificate – string with hexadecimal SHA-1 hash code of the certificate. Whitespace characters are allowed anywhere within the string. PKCS11 provider: this parameter is ignored.

Examples:

  • "certificate= C:\certs\client-cert-3-cert.pem"
  • "certificate=A4 7E A6 E4 7D 45 6A A6 2F 15 BE 89 FD 46 F0 EE 82 1A 58 B9"
certificate-key Specifies location of PKCS#8 private key to be used in pair with the certificate by application.

MSCAPI provider keeps private keys paired with certificates in internal database. In Java, PKCS#11 provider does not allow selection of the private key; it must be configured using provider tools.

PEM provider: path to a PKCS#8 private key file without password protection in PEM format. Path can use both forward and backward slash characters.
  • MSCAPI provider: this parameter is ignored; key is taken from the entry identified by "certificate" field.
  • PKCS11 provider: this parameter is ignored.

Examples:

  • "certificate-key= C:\certs\client-cert-3-key.pem"
trusted-ca Specifies location of a X.509 certificate to be used by application to validate remote party certificates. The certificate is designated as Trusted Certification Authority certificate and application will only trust remote party certificates signed with the CA certificate.

MSCAPI provider keeps CA certificates in internal database and can identify them by hash code; so called thumbprint. In Java, PKCS#11 provider does not allow selection of the CA certificate; it must be configured using provider tools.

PEM provider: path to a X.509 certificate file in PEM format. Path can use both forward and backward slash characters.

MSCAPI provider: thumbprint of a certificate – string with hexadecimal SHA-1 hash code of the certificate. Whitespace characters are allowed anywhere within the string. PKCS11 provider: this parameter is ignored.

Examples:

  • "trusted-ca= C:\certs\ ca.pem"
  • "trusted-ca=A4 7E A6 E4 7D 45 6A A6 2F 15 BE 89 FD 46 F0 EE 82 1A 58 B9"
tls-mutual Has meaning only for server application. Client applications ignore this value. When turned on, server will require connecting clients to present their certificates and validate the certificates the same way as client applications do. Boolean value.

Possible values are "1"/"0", "yes"/"no", "on"/"off", "true"/"false".

Example:

  • "tls-mutual=1"
tls-crl Applications will use CRL during certificate validation process to check if the (seemingly valid) certificate was revoked by CA. This option is useful to stop usage of leaked certificates by unauthorized parties. All providers: path to a Certificate Revocation List file in PEM format. Path can use both forward and backward slash characters.

Example:

  • "tls-crl= C:\certs\crl.pem"
tls-target-name-check When set to "host", enables matching of certificate’s Alternative Subject Name or Subject fields against expected host name. PSDK supports DNS names and IP addresses as expected host names. "host" or none. Not case-sensitive.

Example:

  • "tls-target-name-check=host"
cipher-list Used to calculate enabled cipher suites. Only ciphers present in both the cipher suites supported by security provider and the cipher-list parameter will be valid. String consisting of space-separated cipher suit names. Information on cipher names can be found online.

Example:

  • "cipher-list=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
fips140-enabled PSDK Java: when set to true, effectively is the same as setting "provider=PKCS11" since only PKCS11 provider can support FIPS-140. If set to true while using other provider type, PSDK will throw exception. Boolean value.

Possible values are "1"/"0", "yes"/"no", "on"/"off", "true"/"false".

Example:

  • "fips140-enabled=1"
sec-protocol Starting with PSDK release 8.5.1, an application can specify the exact protocol to send and accept secure connection requests on one or more of its connections. String value.

Possible values are "SSLv23", "SSLv3", "TLSv1", "TLSv11", "TLSv12".

Example:

  • "sec-protocol=TLSv1"
This page was last edited on February 11, 2016, at 14:58.
Comments or questions about this documentation? Contact us for support!