Property

Access

Attribute

access.administrator.groups

Description

The role that is mapped to the administrator group.

Default Value

admin

Property

Access

Attribute

access.default.roles

Description

The default roles applied to all users of the server.

For example, if access.default.roles=DESIGNER,ADMINISTRATOR and a user with a VIEWER role logs on to the server, then the user will simultaneously have a VIEWER, DESIGNER, and ADMINISTRATOR roles.

However, if no default roles are wanted, then leave the property blank.

NOTE: The roles that can be assigned in this property can only be ADMINISTRATOR, VIEWER, ANONYMOUS, and/or DESIGNER. This property is case sensitive.

Default Value

VIEWER

Property

Access

Attribute

access.designer.groups

Description

The role that is mapped to the designer group.

Default Value

designer

Property

Access

Attribute

access.list.delimiter

Description

The value delimiter to use when parsing access groups.

Examples:

access.list.delimiter=,

access.administrator.groups=group1,group2

The groups are mapped to {'group1', 'group2'}

access.list.delimiter=,

access.administrator.groups=group1;group2,group3

The groups are mapped to {'group1;group2', 'group3'}

access.list.delimiter=;

access.administrator.groups=group1;group2,group3

The groups are mapped to {'group1', 'group2,group3'}

Default Value

',' (comma)

Property

Access

Attribute

access.viewer.groups

Description

The role that is assigned to the viewer group.

Default Value

Property

Alert

Attribute

alert.creation.only.by.administrators

Description

Enable or disable whether only the Administrators can create alerts.

Default Value

false

Property

Alert

Attribute

alert.detailed.logging

Description

Enables or disables extra alert logging.

Default Value

false

Property

Service authentication level

Attribute

authentication.domain

Description

The default domain information for user authentication.

Default Value

Property

Authentication: Filter Token

Attribute

authentication.filter.authenticate.token

Description

Applies only if authentication.type is set to FILTER or is blank. If this property is set to true, the server will validate the token on incoming requests. If set to false, it ignores the token and authenticates based on the rest of the request instead.

Default Value

false

Property

Authentication: Header

Attribute

authentication.header.role.delimiter

Description

The delimiter used to separate the roles. Example: role1,role2,role3

Default Value

, (Comma)

Property

Authentication: Header

Attribute

authentication.header.roles

Description

The name of the header that contains all the roles.

Default Value

Property

Authentication: Header

Attribute

authentication.header.rolesdynamic

Description

Supports the ability to create dynamic roles using free form patterns or string replacement.

To create dynamic roles, use '{header value to be used}'.

Example: authentication.header.rolesdynamic={HEADER_ROLES},financials,role_for_company_{HEADER_COMPANY}

Given this table:

Then the roles to create the authentication token will be the following:

·         designer

·         watcher

·         financials

·         role_for_company_industrials

·         role_for_company_consumers

Default Value

Property

Authentication: Header

Attribute

authentication.header.username

Description

The name of the header that contains the username

Default Value

Property

Authentication: Header

Attribute

authentication.header.validate.token

Description

If set to true, the authentication will validate the token. If set to false, the authentication of every request will be based on headers.

Default Value

Property

Authentication: Logout

Attribute

authentication.logout.redirect.url

Description

Takes a URL as a parameter. Clicking the logout button redirects the user to the specified URL.

If this property is not set, user will be returned to the start page of Panopticon.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.client.id

Description

The ID of the OAuth 2.0 client.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.client.secret

Description

The secret used by the OAuth 2.0 client.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.identity.attribute.roles

Description

The attribute that will be extracted from the identity response and used as the role.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.identity.attribute.roles.pattern

Description

Takes regex used to extract the roles from the OAuth 2.0 server identity response.

For example, the returned string:

cn=admin,ou=groups,dc=openam,dc=openidentityplatform,dc=org,cn=designer,ou=groups,dc=openam,dc=openidentityplatform,dc=org

contains two roles, admin and designer

The regex to extract the roles is cn=([^,]+).

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.identity.attribute.username

Description

The attribute that will be extracted from the identity response and used as the username.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.identity.url

Description

The URL to the REST service that provides details about the authenticated user.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.login.callback.url

Description

The callback URL. The URL should be the same as one of the specified callback URLs used by the client. The URL should refer to Panopticon Real Time.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.login.redirect.url

Description

Redirects the user to the specified URL after successfully logging in. This property can be left blank, in which case the user is redirected to the URL they requested to access.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.login.response.type

Description

The response type. The only response type that is currently supported is code.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.login.scope

Description

The requested scope.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.login.state

Description

The requested state.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.login.url

Description

The URL to the OAuth 2.0 login resource.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.logout.redirect.url

Description

Logging out revokes the token from the authentication server if the property authentication.oauth2.logout.url is set to the revocation URL. If this property is not set, the server will only remove its own token.

If none of these properties are set, the server will attempt to redirect to the start page of the Panopticon when logging out.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.logout.url

Description

The URL to the OAuth 2.0 logout resource.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.token.method

Description

The method on how the token should be retrieved. Supported values are QUERY, BODY, and HEADER.

Default Value

Property

Authentication: OAuth 2.0

Attribute

authentication.oauth2.token.url

Description

The URL to the OAuth 2.0 token resource.

Default Value

Property

Service authentication level

Attribute

authentication.required

Description

The property that will make the authentication required. It will force the user to login in order to use any of the services provided by the server.

Default Value

true

Property

Service authentication level

Attribute

authentication.role

Description

The authentication role.

Default Value

Property

Authentication: SAML

Attribute

authentication.saml.assertion.roles

Description

User attribute for roles configured in the IdP.

Default Value

Example

authentication.saml.assertion.roles=roles

Property

Authentication: SAML

Attribute

authentication.saml.assertion.username

Description

User attribute for username configured in the IdP.

Default Value

Example

authentication.saml.assertion.username=name

Property

Authentication: SAML

Attribute

authentication.saml.assertionconsumerservice.url

Description

The URL to the Panopticon assertion consumer service.
URL: [Protocol]://[Host]:[Port]/[Context]/server/rest/auth/login

Example: http://localhost:8080/panopticon/server/rest/auth/login

Default Value

Example

authentication.saml.assertionconsumerservice.url=http://localhost:8080/panopticon/server/rest/auth/login

Property

Authentication: SAML

Attribute

authentication.saml.certificate.name

Description

The name of the certificate used to validate signature and/or sign outgoing SAML messages

Default Value

Example

authentication.saml.certificate.name=saml-cert

Property

Authentication: SAML

Attribute

authentication.saml.certificate.password

Description

The password of the certificate used to validate signature and/or sign outgoing SAML messages.

Default Value

Property

Authentication: SAML

Attribute

authentication.saml.challenge.required

Description

This property determines whether the IdP-first authentication with SAML is enabled or not. To enable, set this property to false.

Default Value

true

Property

Authentication: SAML

Attribute

authentication.saml.identityprovider.certificate.file

Description

Takes a file path to a certificate file that contains the IdP’s public key.

Default Value

Property

Authentication: SAML

Attribute

authentication.saml.identityprovider.logout.url

Description

The URL to the IdP logout service.

Default Value

Property

Authentication: SAML

Attribute

authentication.saml.identityprovider.signature.validation.required

Description

Specifies whether to require a valid IdP signature to be present on the SAML response. Default value is false.

Default Value

false

Property

Authentication: SAML

Attribute

authentication.saml.identityprovider.url

Description

The URL to the IdP login service.

Default Value

Example

authentication.saml.identityprovider.url=https://192.168.99.100:443/simplesaml/saml2/idp/SSOService.php

Property

Authentication: SAML

Attribute

authentication.saml.keystore.file

Description

The location of the Keystore file that contains the certificate.

Default Value

Example

authentication.saml.keystore.file=D:/SAML/mykeystore.jks

Property

Authentication: SAML

Attribute

authentication.saml.keystore.password

Description

The password to the Keystore file.

Default Value

Property

Authentication: SAML

Attribute

authentication.saml.keystore.type

Description

The key store type. Possible values are JKS, JCEKS, PKCS12.

Default Value

JKS

Property

Authentication: SAML

Attribute

authentication.saml.login.redirect.url

Description

Redirects the user to the specified URL after successfully logging in. This property can be left blank, in which case the user is redirected to the URL they requested to access.

Default Value

Property

Authentication: SAML

Attribute

authentication.saml.logout.redirect.url

Description

Redirects the user back to the specified URL after logging out. This is mainly used with a proxy. In which case, Panopticon Real Time does not know the endpoint which the user is going towards to, and therefore cannot redirect the user back to the Overview page. If you are using OpenAM this is required, otherwise this property can be left blank.

Default Value

Property

Authentication: SAML

Attribute

authentication.saml.openam.meta.alias

Description

The meta alias for the IdP if you are using OpenAM.

Default Value

Property

Authentication: SAML

Attribute

authentication.saml.protocolbinding

Description

Protocol binding for the use of SAML authentication. Possible values are HTTP-Redirect, HTTP-POST, HTTP-Artifact, HTTP-POST-SimpleSign, or SOAP.

Default Value

HTTP-Redirect

Property

Authentication: SAML

Attribute

authentication.saml.provider

Description

The IdP provider. Possible values are OPENSAML, OPENAM.

Default Value

OPENSAML

Property

Authentication: SAML

Attribute

authentication.saml.serviceprovider.id

Description

The ID of the service provider configured in the IdP.

Default Value

Example

authentication.saml.serviceprovider.id=DwchFrontLocal8080

Property

Service authentication login request

Attribute

authentication.timeout.callback

Description

The timeout (in milliseconds) for the user between initiated login and callback. The default value is five minutes.

Default Value

300000

Property

Authentication: Token

Attribute

authentication.token.cookie

Description

The name of the cookie used to store the authentication cookie. Must be unique for each server instance on the host.

Default Value

ptoken

Property

Authentication: Token

Attribute

authentication.token.cookie.httponly

Description

This property determines how the browser will treat the cookie. If set to true, the cookie will be stored in the browser as a HttpOnly cookie and will not be available to the JavaScript. If set to false (default), the cookie will be stored in the browser as https and will be accessible to the JavaScript.

Default Value

false

Property

Authentication: Token

Attribute

authentication.token.cookie.samesite

Description

Used by browsers to control the behavior of same or cross origin requests. There are three possible values. Lax, Strict, and None. Please refer to browser specific documentation for its usage.

Default Value

Lax

Property

Authentication: Token

Attribute

authentication.token.cookie.secure

Description

The property determines how the browser will treat the cookie depending on the security of the connection. If set to true, when the browser receives a secure cookie (HttpOnly cookie), you will not be able to transmit it unless the connection is secure.

Default Value

false

Property

Authentication: Token

Attribute

authentication.token.domain

Description

Specifies the token cookie domain.

Default Value

Property

Authentication: Token

Attribute

authentication.token.in.login.response.body

Description

This property determines if the REST login response body should contain a token info.

NOTE: Does not affect the SOAP login response body.

Default Value

false

Property

Authentication: Token

Attribute

authentication.token.persistence

Description

This property is used to determine if the token should persist if the browser is closed or if it should only last while the browser is open. There are two possible values: PERSISTENT and SESSION. PERSISTENT will persist the token in the browser even if the browser has been closed and reopened. SESSION will remove the token from the browser if it is shutdown.

IMPORTANT:

After modifying the property value to SESSION, ensure to clear the AppData/Token folder before starting the server.

Default Value

PERSISTENT

Property

Authentication: Token

Attribute

authentication.token.refreshable

Description

This property determines if the token can refresh itself. The Web client can identify if the token is about to expire and then request a new token with the existing token. A token is refreshable if the property is set to true. The token will expire and invalidate the user session if the property is set to false.

Default Value

true

Property

Authentication: Token

Attribute

authentication.token.secret

Description

The secret is used to sign the token. The secret will be auto-generated when the server starts for the first time.

NOTE: This value should be kept a secret.

Default Value

Auto-generated

Property

Authentication: Token

Attribute

authentication.token.validity.seconds

Description

The number of seconds that the token should be valid.

Default Value

604800

Property

Service authentication level

Attribute

authentication.type

Description

The type of the authentication mechanism that will be used on the Server.

Default Value

BASIC

Property

Bookmark Administration

Attribute

bookmark.administration.only.by.administrators

Description

Set to true if only Administrators should be able to manage bookmarks.

Default Value

false

Property

Cache

Attribute

cache.data.datasource.enabled

Description

Enable or disable the caching of the data source.

Default Value

true

Property

Cache

Attribute

cache.data.datasource.size

Description

The data source cache size.

Default Value

100

Property

Cache

Attribute

cache.data.datasource.type

Description

The data source cache type.Allowed values: MEMORY, NONE

Default Value

MEMORY

Property

Cache

Attribute

cache.data.datatable.enabled

Description

Enable or disable the caching of the data table.

Default Value

true

Property

Cache

Attribute

cache.data.datatable.size

Description

The data table cache size.

Default Value

100

Property

Cache

Attribute

cache.data.datatable.type

Description

The data table cache type.Allowed values: MEMORY, NONE

Default Value

MEMORY

Property

Cache

Attribute

cache.data.query.enabled

Description

Enable or disable the caching of data query.

Default Value

true

Property

Cache

Attribute

cache.data.query.size

Description

The data query cache size.

Default Value

100

Property

Cache

Attribute

cache.data.query.type

Description

The data query cache type.Allowed values: MEMORY, NONE

Default Value

MEMORY

Property

Cache

Attribute

cache.plugin.id

Description

The ID of the plugin that will be used to store data extracts. Possible values: BinaryTableFile-Cache.

Default Value

BinaryTableFile-Cache

Property

Cache

Attribute

cache.purge.condition

Description

Defines the condition for when the cache will be purged. Allowed values: NONE, MEMORY

Default Value

MEMORY

Property

Cache

Attribute

cache.purge.condition.memory.threshold

Description

Defines a percentual memory threshold for cache purging, when the cache.purge.condition = MEMORY.

Default Value

80

Property

Cache

Attribute

cache.purge.enabled

Description

Enables scheduled cache purging.

Default Value

true

Property

Cache

Attribute

cache.schedule.clear.enabled

Description

Enable the cache clearing schedule. This is scheduling the clear cache operation which will remove all the expired cache entries.

Default Value

true

Property

Cache

Attribute

cache.service.enabled

Description

Enables or disables the service cache.

Default Value

true

Property

Cache

Attribute

cache.service.type

Description

The service cache mechanism being used.

Default Value

IN_MEMORY

Property

Client Cache

Attribute

client.cache.control.age.max

Description

Controls the cache-control max-age header for static content.

Default Value

31536000

Property

Client Data

Attribute

client.data.load.transport

Description

Configure the transportation protocol for loading data from the Web client. Possible values: WEBSOCKET, LONG_POLLING.

NOTE: This property has been deprecated. Refer to Setting the Transportation Protocol for more information.

Default Value

WEBSOCKET

Property

Server Cluster

Attribute

cluster.bully.bind

Description

The URL of the server in bully mode. This should be the URL to the panopticon server web application on the server itself, by which is reachable from the other servers.

Default Value

Property

Server Cluster

Attribute

cluster.bully.boot

Description

Comma-separated list of server URLs in bully mode.

At least one of these servers should be running at all time for the bully mode to work correctly. The URLs should be the same as the cluster.bully.bind value on each boot server.

Default Value

Property

Server Cluster

Attribute

cluster.bully.id

Description

The unique server ID in bully mode.

Can be any string, but do not change it after the server has participated in a cluster -- the other servers will store it and expect it to identify the same server in the future. The running server with the lowest ID lexicographically will be leader.

Default Value

Property

Server Cluster

Attribute

cluster.fixed.leader

Description

The leader URL in fixed mode.

This should be the URL to the panopticon server web application on the preset leader server, by which it is reachable from the follower servers. Leave blank on the leader server itself.

Default Value

Property

Server Cluster

Attribute

cluster.kubernetes.container_name

Description

Optionally name of the container that runs the Panopticon server, if the pod also runs other containers. If left blank, the first container will be used.

Default Value

Property

Server Cluster

Attribute

cluster.kubernetes.id

Description

Set to the name of the pod that runs the container.

Default Value

(blank)

Property

Server Cluster

Attribute

cluster.kubernetes.label_selector

Description

Standard Kubernetes label selector that should only match the pods that are running the server.

Default Value

Property

Server Cluster

Attribute

cluster.kubernetes.peer_path

Description

Path to the web application on each server. For example, "panopticon/", or "/" if you have deployed to Tomcat's root.

Default Value

Property

Server Cluster

Attribute

cluster.mode

Description

NONE (default), FIXED, BULLY, or KUBERNETES

Default Value

Property

Server Cluster

Attribute

cluster.shared.secret

Description

Any alphanumeric string.

Secret used to encrypt a challenge in peer-to-peer communication handshake. Needs to be the same, and non-empty, on all connected servers.

Default Value

Property

Server Cluster

Attribute

cluster.shared.store.shared_directory.path

Description

Shared store location in SHARED_DIRECTORY mode.

This path must be reachable by all connected servers, and must point to the same physical directory on all of them.

Default Value

Property

Server Cluster

Attribute

cluster.shared.store.type

Description

PRIVATE_DIRECTORY (default) or SHARED_DIRECTORY

The shared store is used to store information that should be synchronized between servers but is not content, for example authentication tokens. If you have a tightly-coupled cluster, e.g., behind a load balancer, it is recommended that you configure this as a shared directory.

Default Value

Property

Host Lookup

Attribute

connector.kdb.host.lookup.script

Description

Full path of the shell script file that is accessible on the server. When set, before making a new kdb+ connection, this script is executed to get the host info. This property helps in overriding connection details entered inside the kdb+ connector UI centrally, and may help when different authentications are set at kdb+ like Kerberos/Custom etc. The output of this script is expected to be a JSON object like below.

{ "host": "localhost", "port": 5001, "username": "", "password": "" }

NOTE: Starting with the 21.2 release, the the kdb+ connection pool feature of Panopticon (kdb.connection.pool.xx) can be used together wth the host lookup. So any new connection request from the pool, will first execute the script set here, to get the host info before the pool is looked up for available connections.

Examples:

·         For Windows

connector.kdb.host.lookup.script=E://Data/host.bat

·         For Linux

connector.kdb.host.lookup.script= /etc/panopticon/appdata/host.sh

Default Value

Property

Host Lookup

Attribute

connector.kdb.host.lookup.script.arguments

Description

Delimited set of arguments to be passed to the script when it is executed. ’{host},{port},{userid},{password}’ is the default value, and these parameters are mapped to respective settings in the connector UI i.e., the value entered against these settings in the connector UI are passed as arguments to the script.

This property can be extended or updated if you want to pass other datatable parameters as arguments. System parameter like {_user_id} or {_workbook_folder}, if added to the data table, can also be used. If the value of some parameter is null or empty at the time of execution of the script, two single quotes are passed (‘’) against that parameter, this is to make sure that arguments count matches the arguments set at this property.

Default Value

{host},{port},{userid},{password}

Property

Host Lookup

Attribute

connector.kdb.host.lookup.script.arguments.delimiter

Description

Used to split the arguments set at above property.

Default Value

,

Property

Host Lookup

Attribute

connector.kdb.host.lookup.script.timeout

Description

The timeout (in milliseconds) to wait for the host lookup script to run and return the host info.

Default Value

5000

Property

Amazon Kinesis – Data Streams connector

Attribute

connector.kinesis.datastreams.accesskeyid

Description

The Access Key ID from the AWS account.

Default Value

Property

Amazon Kinesis – Data Streams connector

Attribute

connector.kinesis.datastreams.secretaccesskey

Description

The Secret Access Key ID from the AWS account.

Default Value

Property

OAuth Token URL

Attribute

connector.oauth.tokenurl

Description

Sets the server-wide token URL.

Default Value

http\://localhost\:5000/oauth/token

Property

Python connector

Attribute

connector.python.host

Description

The default Python Pyro instance host address.

NOTES:

For connector.python.host, connector.python.password, connector.python.port, and connector.python.serializertype properties:

·         If set in the Panopticon.properties file, these fields will be hidden in the Python connector and will be applied to the Python transform as well.

·         These default Panopticon Real Time connection properties will be applied at runtime.

These default Panopticon Real Time connection properties will override old Python connection settings.

Default Value

Property

Python connector

Attribute

connector.python.password

Description

The default HMAC Key.

Default Value

Property

Python connector

Attribute

connector.python.port

Description

The default Python Pyro host port.

Default Value

Property

Python connector

Attribute

connector.python.serializertype

Description

The default Python serialization type. Possible values are serpent or pickle.

Default Value

Property

Rserve connector

Attribute

connector.rserve.host

Description

The default Rserve host address.

NOTES:

For connector.rserve.host, connector.rserve.password, connector.rserve.port, and connector.rserve.userid properties:

·         If set in the Panopticon.properties file, these fields will be hidden in the Rserve connector and will be applied to the R transform as well.

·         These default Panopticon Real Time connection properties will be applied at runtime.

These default Panopticon Real Time connection properties will override old Rserve connection settings.

Default Value

Property

Rserve connector

Attribute

connector.rserve.password

Description

The default password that will be used to connect to the Rserve service.

Default Value

Property

Rserve connector

Attribute

connector.rserve.port

Description

The default Rserve host port.

Default Value

Property

Rserve connector

Attribute

connector.rserve.userid

Description

The default user Id that will be used to connect to the Rserve service.

Default Value

Property

REST Documentation

Attribute

documentation.enabled

Description

Enable or disable the OpenAPI Specification documentation for the REST interface.

Default Value

false

Property

Alert

Attribute

email.address

Description

The email address where the alert will be sent from.

Default Value

Property

Email

Attribute

email.host

Description

The host name used by the email server.

Default Value

Property

Alert

Attribute

email.password

Description

The email password, if available.

Default Value

Property

Email

Attribute

email.port

Description

The port number used by the email server.

Default Value

Property

Email

Attribute

email.security.mode

Description

The security mode used when sending emails. Possible values: NONE, SSL, TLS.

Default Value

NONE

Property

Email

Attribute

email.username

Description

Email account username.

Default Value

Property

Error Message

Attribute

error.default.message

Description

Defines a generic error message override.

Default Value

Property

Image export

Attribute

export.image.height

Description

The default height for an exported image.

Default Value

768

Property

Image export

Attribute

export.image.width

Description

The default width for an exported image.

Default Value

1024

Property

File Upload

Attribute

file.upload.size.max.bytes

Description

Limit for files size (in bytes) to be uploaded through the web browser (i.e., workbooks, streams applications, streams data sources).

Default Value

30000000

Property

Copy Image

Attribute

image.client.timeout

Description

Specifies a timeout (in milliseconds) when producing an image or PDF. If it takes longer than the timeout, the process will be interrupted, and the image/PDF will not be produced.

Default Value

600000

Property

kdb+ Connection Pooling

Attribute

kdb.connection.pool.max.size

Description

The maximum number of connections that will be kept open for reuse for each kdb+ server (among kdb+ servers that use the same username, password, TLS flag, and timeout), so that established connections can be reused when subsequent queries come in for the same server. A benefit of the connection pool is that it can reduce latency. Setting this property to 0 disables the connection pool.

Default Value

10

Property

kdb+ Connection Pooling

Attribute

kdb.connection.pool.ttl

Description

Time to live in milliseconds for each connection instance created.

Default Value

30000

Property

Licensing

Attribute

license.hwu.hosted

Description

Boolean stating if you wish to use Hosted or Local Altair Units licensing. Set to true if you wish to use hosted licensing.

Default Value

false

Property

Licensing

Attribute

license.hwu.hosted.authorization.password

Description

Password to the Altair One account.

Default Value

Property

Licensing

Attribute

license.hwu.hosted.authorization.token

Description

An authorization token generated through the Altair One admin portal. Used to authorize a machine to the Hosted Altair Units system.

Default Value

Property

Licensing

Attribute

license.hwu.hosted.authorization.username

Description

Username to the Altair One account.

Default Value

Property

Licensing

Attribute

license.hwu.operating.system

Description

The operating system where Panopticon Real Time is installed. Possible values are: WIN_X86, WIN_X64, MAC, LINUX_X64, or LINUX_ARM64

NOTE: If the Java bitness (e.g., 32-bit) is different from the operating system (e.g., 64-bit), it is recommended to add the Java bitness in this property (e.g., WIN_X86).

Default Value

Property

Licensing

Attribute

license.hwu.uri

Description

The path where the License Server is running e.g., 6200@191.255.255.0 where the syntax is PORTNUMBER@HOST. If multiple servers are specified, use the ‘;’ semicolon separator sign for Windows and the ‘:’ colon separator sign for Linux.

NOTE:

If value is not set in the Panopticon.properties, the environment variable ALTAIR_LICENSE_PATH serves as the backup path and will be used.

Example

For Windows:

license.hwu.uri=6200@192.168.5.51;6200@192.168.5.52

For Linux:

license.hwu.uri=6200@192.168.5.51:6200@192.168.5.52

Default Value

Property

Licensing

Attribute

license.hwu.version

Description

Value must match the license version found in the Altair Units license file.

Default Value

19.0

Property

Licensing

Attribute

license.mode

Description

The license mode. Possible values are: FILE or HWU. To use the Altair Units license, set this property to HWU.

Default Value

FILE

Property

Log level

Attribute

logger.level.file

Description

Controls the level that is logged to file.

Default Value

WARNING

Property

Server Metrics

Attribute

metrics.authorization.level

Description

Specifies the required authorization level to get server metrics. Available values are ANONYMOUS, VIEWER, DESIGNER, ADMINISTRATOR.

NOTE: This property is case sensitive.

Default Value

ADMINISTRATOR

Property

Server Metrics

Attribute

metrics.collection.rate

Description

Specifies the rate at which metrics are collected in milliseconds.

Default Value

1000

Property

Server Metrics

Attribute

metrics.file.flush.rate

Description

Specifies how often metrics should be saved to disk in milliseconds. Only used if the metrics.publisher.type is set to FILE.

Default Value

10000

Property

Server Metrics

Attribute

metrics.memory.queue.size

Description

Specifies how many metric entries are stored in memory. When the number of metrics goes above the specifies value, the oldest value is removed to make room for the newest one (FIFO). Only used if the metrics.publisher.type is set to MEMORY.

Default Value

100

Property

Server Metrics

Attribute

metrics.publisher.configuration

Description

Specifies the id for which metric publisher configuration to use.

Default Value

Property

Server Metrics

Attribute

metrics.publisher.type

Description

Specifies the current metric publisher that is used. Available values are NONE, MEMORY, FILE, EMAIL, INFLUX_DB, JDBC, KAFKA, KDB, MQTT, REST, TEXT.

Default Value

MEMORY

Property

Bookmarks repository

Attribute

repository.import.bookmarks.paths

Description

Will import bookmarks from the old format into the repository. Will override any existing bookmarks inside the repository. Must be set to an absolute path. Only bookmarks for workbooks that exists inside the repository will be imported.

Default Value

Property

Workbook repository

Attribute

repository.migrate.archive.path

Description

Use this property if you have an older (pre 2020) server and wish to start the new server with the same workbook content as the old one, and also to import the workbooks' change history from the old server. Set the property to the absolute path to the old server's <AppData>/Archive/ directory, delete the new server's <AppData>/.repository/ directory, and start the new server. You typically use this property with the repository.migrate.workbooks.path property.

See also the section on content migration.

Example

C\:/vizserverdata/Archive

Default Value

Property

Bookmarks repository

Attribute

repository.migrate.bookmarks.path

Description

Will migrate bookmarks from the old format into the repository if there are no bookmarks inside the repository yet. Set to an absolute path or to the default Bookmarks folder. Only bookmarks for workbooks that exists inside the repository will be migrated.

NOTE: If you do not wish to migrate bookmarks or already have bookmarks in the repository, set this property to blank to avoid a warning on startup.

Default Value

Bookmarks

Property

Workbook repository

Attribute

repository.migrate.data.extracts.path

Description

Starting with version 21.0, data extracts are stored inside the repository.

If this property is set to GlobalCaches (default value), or to an absolute path, the server will migrate data extracts into the repository on startup as long as the repository does not contain any previous data extracts.

NOTE: If you do not wish to migrate data extracts or already have data extracts in the repository, set this property to blank to avoid a warning on startup.

Default Value

GlobalCaches

Property

Data Templates Repository

Attribute

repository.migrate.datatable.templates.path

Description

Will migrate data table templates from the old format into the repository if there are no data table templates inside the repository yet. Set to an absolute path or to the default Datatables folder.

NOTE: If you do not wish to migrate data table templates or already have data table templates in the repository, set this property to blank to avoid a warning on startup.

Default Value

Datatables

Property

Themes repository

Attribute

repository.migrate.themes.path

Description

Will migrate themes from the old format into the repository if there are no themes inside the repository yet. Set to an absolute path or to the default Themes folder.

NOTE: If you do not wish to migrate themes or already have themes in the repository, set this property to blank to avoid a warning on startup.

Default Value

Themes

Property

Workbook repository

Attribute

repository.migrate.workbooks.path

Description

Use this property if you have an older (pre 2020) server and wish to start the new server with the same workbook content as the old one. Set the property to the absolute path to the old server's <AppData>/Workbooks/ directory, delete the new server's <AppData>/.repository/ directory, and start the new server.

See also the section on content migration.

Example

C\:/vizserverdata/Workbooks

Default Value

Property

Workbook repository

Attribute

repository.pack.enabled

Description

The repository tracks all changes to all workbooks. If you have a very large number of workbooks, or have kept the repository for a very long time, the sheer number of files inside the .repository subdirectory could cause the repository to become slower. Set this property to true to have the repository pack all the files into fewer larger ones for faster access.

Default Value

false

Property

Repository

Attribute

repository.startup.apply.permissions.clean

Description

Use this property with the repository.startup.apply.permissions.path to reset all existing workbook permissions on the server before applying the template. If you set it to true, the server will remove all permissions, then give users full permissions to their private folders, and the "Everyone" group full permissions to public folders.

Default Value

false

Property

Repository

Attribute

repository.startup.apply.permissions.create

Description

Use this property with the repository.startup.apply.permissions.path to create empty workbook folders for any folders that are in the template file but do not yet exist on the server. If you don't set it to true, these folders from the template will be ignored.

Default Value

true

Property

Repository

Attribute

repository.startup.apply.permissions.path

Description

Use this property to make the server apply workbook folder permissions from a template JSON file on startup. Workbook folder permissions in the template will overwrite any existing permissions on the server. This property will not migrate permissions from an older (pre 2020) server, you need to use the PCLI convertpermissions to generate a template file from the old permissions first. See also repository.startup.apply.permissions.clean and repository.startup.apply.permissions.create.

Default Value

Property

Repository

Attribute

repository.startup.filesystemcheck

Description

If set to true, server runs on startup to verify the repository integrity and reports any of the following issues:

·         a deleted /HEAD file,

·         a modified /HEAD,

·         a modified /refs/heads/master file,

·         any file deleted inside /objects/ (e.g., /objects/94/443eec118fb8bb2021071896ff7d386a9c9518),

·         any file modified inside /objects/.

NOTE: There may be dangling files in the /objects/ directory or those that are not in use. These files are typically results of failed saves and/or sync conflicts. The check may or may not detect deleted or modified dangling files, but that is not critical.

Default Value

false

Property

Repository Import

Attribute

repository.startup.import.paths

Description

NOTE: Use this property to make the server import content at startup. This is imported on top of the existing content and will always overwrite anything that is already there. This property can be useful for example, if you have multiple servers with different content but you want the latest version of a standard set of workbooks to be deployed on all of them. This property only has effect on a stand-alone or leader server.

This property is the list of paths to directories and files, separated by the system specific path separator “;” on Windows and “:” on Linux. Each directory is scanned and imported keeping its local tree structure.

For example, workbooks to be imported are placed in a folder and in this property, the absolute path to that folder is specified.

ADDITIONAL NOTES:

·         User-specific folders (e.g. “~john/”) can be targeted this way, but only if they already exist on the server.

·         Bundles (exz files) directly listed in the property or found in directories listed are also imported, but always to the root, with their internal structure preserved.

·         Files that are not legacy workbooks or bundles are ignored.

·         The same set of workbooks will get imported over and over (startup, user edit, restart) and for bundles (nothing changes in the history the second time), but legacy workbooks change their meta data.

·         The import always overwrites local changes (it resets the workbooks in the repository).

Permissions are not supported, and any folders created will have “SYSTEM” as owner.

Default Value

Property

Request parameter mapping

Attribute

request.cookie.parameters.mapping.entry.delimiter

Description

The delimiter that separates the configuration entries. This property will only affect incoming parameters.

Default Value

, (Comma)

Property

Request parameter mapping

Attribute

request.cookie.parameters.mapping.optional

Description

The parameters that could be updated with certain cookie values. This property will only affect incoming parameters. The operation will not fail if the cookie values are not present in the request. The parameters will keep their default value instead of the configured cookie value if the cookie is not present. The property should be formatted as follows: Parameter name (Value delimiter) Cookie name.

Default Value

Property

Request parameter mapping

Attribute

request.cookie.parameters.mapping.required

Description

The parameters that are required to be updated with certain cookie values. This property will only affect incoming parameters. The operation will fail if configured cookie values are not present in the request. The property should be formatted as follows: Parameter name (Value delimiter) Cookie name.

Default Value

Property

Request parameter mapping

Attribute

request.cookie.parameters.mapping.value.delimiter

Description

The delimiter that separates the parameter name and the cookie name. This property will only affect incoming parameters.

Default Value

: (Colon)

Property

Request parameter mapping

Attribute

request.header.parameters.mapping.entry.delimiter

Description

The delimiter that separates the configuration entries. This property will only affect incoming parameters.

Default Value

, (Comma)

Property

Request parameter mapping

Attribute

request.header.parameters.mapping.optional

Description

The parameters that could be updated with certain header values. This property will only affect incoming parameters. The operation will not fail if the header values are not present in the request. The parameters will keep their default value instead of the configured header value if the header is not present. The property should be formatted as follows: Parameter name (Value delimiter) Header name.

Default Value

Property

Request parameter mapping

Attribute

request.header.parameters.mapping.required

Description

The parameters that are required to be updated with certain header values. This property will only affect incoming parameters. The operation will fail if a configured header values are not present in the request. The property should be formatted as follows: Parameter name (Value delimiter) Header name.

Default Value

Property

Request parameter mapping

Attribute

request.header.parameters.mapping.value.delimiter

Description

The delimiter that separates the parameter name and the header name. This property will only affect incoming parameters.

Default Value

: (Colon)

Property

Response parameter mapping

Attribute

response.operation.parameters.mapping.entry.delimiter

Description

The delimiter that separates the configuration entries. This property will only affect outgoing parameters.

Default Value

, (Comma)

Property

Response parameter mapping

Attribute

response.operation.parameters.mapping.optional

Description

The parameters that could be updated with certain Header values. This property will only affect outgoing parameters. The operation will not fail if the Header values are not present in the request. The parameters will keep their default value instead of the configured Header value if the Header is not present. The property should be formatted as follows: Parameter name (Value delimiter) Header name.

Default Value

Property

Response parameter mapping

Attribute

response.operation.parameters.mapping.required

Description

The parameters that are required to be updated with certain Header values. This property will only affect outgoing parameters. The operation will fail if configured Header values are not present in the request. The property should be formatted as follows: Parameter name (Value delimiter) Header name.

Default Value

Property

Response parameter mapping

Attribute

response.operation.parameters.mapping.value.delimiter

Description

The delimiter that separates the parameter name and the Header name. This property will only affect incoming parameters.

Default Value

: (Colon)

Property

REST

Attribute

rest.response.error.stacktrace.included

Description

Include the error stack trace in REST responses.

Default Value

false

Property

Compatibility

Attribute

server.force_downgrade

Description

The server normally refuses to start if it detects that the AppData directory has been used by a server with a newer version. This is because downgrading content and other AppData files is not supported and can cause irreversable issues. You can set this property to true to force the server to start anyway, but it is strongly recommended that you do not.

Default Value

false

Property

Email

Attribute

server.host

Description

The server endpoint address. This will be used to generate links in emails sent by the server, so it should be the server's or load balancer's public URL and needs to be resolvable from the email recipient's machine. For example:

server.host=http://www.company.com/dashboards/

Default Value

Property

PDF and Image generation

Attribute

server.host.internal

Description

The local server endpoint address. To generate PDFs and images, the server fires up an external process which then makes HTTP calls to the server itself. This URL needs to be resolvable on the server itself. For example:

server.host.internal=http://127.0.0.1:8080/panopticon/

Default Value

Property

Server

Attribute

server.id

Description

Specifies an id for the current server. The value of this property will be part of each metric entry so that it can be tied to a specific server if a server cluster is used. If no value is specified, the MAC address of the localhost network will be attempted to be used to identify the server. If this is not possible, a UUID will be generated.

Default Value

Property

SOAP

Attribute

soap.enabled

Description

Enable or disable the SOAP interface

Default Value

true

Property

Data table regression testing

Attribute

startup.regression.datatable.exclude.folders

Description

Comma-separated list of folders that will be excluded in the testing.

Use this property in combination with the startup.regression.datatable.include.folders property to control which workbooks to include in the testing. For example, you can set startup.regression.datatable.include.folders to "pub\\" and startup.regression.datatable.exclude.folders to "pub\\examples\\,pub\\temp\\".

Default Value

Property

Data table regression testing

Attribute

startup.regression.datatable.include.folders

Description

Comma-separated list of folders to test.

The default is blank, which means the root folder and all workbooks will be tested. If you list folders here, then only the data tables in workbooks in these folders will be tested, unless also excluded. Folder paths should include a trailing backslash, and you need to use double backslashes since this is the escape character in Java property files. For example, to only include prod and qa\final, you should set the property to "prod\\,qa\\final\\" (without quotes).

Default Value

Property

Data table regression testing

Attribute

startup.regression.datatable.runonce

Description

If set to true, the server will run a data table regression test during the next startup. The property is immediately reset to false, so you need to set it to true again to run another test.

NOTE: You can set the property through an environment variable if you want to force the server to run it on every startup.

Default Value

false

Property

Authorization

Attribute

statistics.authorization.level

Description

Allows users to set the authorization level for the statistics and diagnostic REST services. Possible values include: ANONYMOUS, VIEWER, DESIGNER, ADMINISTRATOR.

NOTE: This property is case sensitive.

Default Value

ADMINISTRATOR

Property

Subscription

Attribute

subscription.broadcasting.pool.max.size

Description

The maximum number of threads for the broadcasting thread pools of refresh events.

The default value is empty, which means that there is no limit. Any value less than 1 also means that there is no limit. When setting a max value for the thread pools, it means that the pool cannot create more than that number of threads. If there are more concurrent events handled by the thread pools than there are threads, they are queued until a thread becomes available.

The thread pools are also configured to only increase the pool size if all threads are busy and a new event needs to be processed. If a thread is idle more than 1 minute, it will be removed from the pool and the size of the pool thereby decreases.

Any subscription for a static data source are scheduled to refresh each X seconds (based of the refresh period of the datatable) using the TaskScheduled built in to Spring.

If multiple subscriptions with the same data query tries to load data at the same time, only one thread will actually load the data. The rest of the subscriptions are queued. When the data is loaded all waiting subscriptions will be given the same data set that are then broadcasted to their respective client.

Default Value

Property

Subscription

Attribute

subscription.compression.delta.enabled

Description

With delta compression, the server only sends the difference from the last data result on each refresh. For data where only a fraction changes on each refresh, this means much smaller response messages.

The trade-offs are that both client and server needs to keep the last result to calculate the difference and apply it, and that this operation takes some additional time both on the server and the client.

In rare cases, delta compression may worsen performance, e.g., if you have a large data set with very high refresh rate and a large portion of the data changes on each refresh. You can then disable delta processing completely by setting this property to false.

Default Value

true

Property

Subscription

Attribute

subscription.compression.enabled

Description

Enable or disable compression and encoding of subscription broadcast messages.

Default Value

true

Property

Subscription

Attribute

subscription.congestion.control.enabled

Description

When the server loads data for a subscription, it checks that the previous data load for it has completed. If not, it might be a sign that the refresh rate is set too high on the data table. If this happens subscription.maximum.failure times in a row, the server will cancel the subscription. Set this property to false to disable this behavior.

Default Value

true

Property

Subscription

Attribute

subscription.data.loading.pool.max.size

Description

The maximum number of threads for loading thread pools of refresh events.

The default value is empty, which means that there is no limit. Any value less than 1 also means that there is no limit. When setting a max value for the thread pools, it means that the pool cannot create more than that number of threads. If there are more concurrent events handled by the thread pools than there are threads, they are queued until a thread becomes available.

The thread pools are also configured to only increase the pool size if all threads are busy and a new event needs to be processed. If a thread is idle more than 1 minute, it will be removed from the pool and the size of the pool thereby decreases.

Any subscription for a static data source are scheduled to refresh each X seconds (based of the refresh period of the datatable) using the TaskScheduled built in to Spring.

If multiple subscriptions with the same data query tries to load data at the same time, only one thread will actually load the data. The rest of the subscriptions are queued. When the data is loaded all waiting subscriptions will be given the same data set that are then broadcasted to their respective client.

Default Value

Property

Subscription

Attribute

subscription.limitation.action

Description

Controls the behavior when the subscription.limitation.limit is reached. Allowed values: EXCEPTION, PURGE

Default Value

EXCEPTION

Property

Subscription

Attribute

subscription.limitation.enabled

Description

Enables limitation of subscriptions.

Default Value

false

Property

Subscription

Attribute

subscription.limitation.limit

Description

Defines a subscription limit.

Default Value

100

Property

Subscription

Attribute

subscription.log.slow.data.loads.seconds

Description

Logs a subscription that has been loading data for more than X seconds at a WARNING level.

NOTES:

·         Any integer less than 1 (or an empty value) will disable the logging.

·         If a slow data load has been logged and then returns data, a log message at INFO level will be printed stating that a previously logged slow data load has returned data.

Default Value

60

Property

Subscription

Attribute

subscription.maximum.failure

Description

The amount of time a subscription is allowed to fail in a row before it should be cancelled. The number will be reset to zero if data loading is successful. The maximum failure limit is used so that invalid subscription will not loop forever and fill the logs with error messages. The value -1 will disable the fail mechanism. This means that a subscription can fail endless of times and not be cancelled.

Default Value

5

Property

Subscription

Attribute

subscription.purge.condition

Description

Defines the condition for when subscriptions will be purged. Allowed values: NONE, MEMORY

Default Value

NONE

Property

Subscription

Attribute

subscription.purge.condition.memory.threshold

Description

Defines a percentual memory threshold for subscription purging, when the subscription.purge.condition = MEMORY.

Default Value

80

Property

Subscription

Attribute

subscription.purge.enabled

Description

Enables subscription purging.

Default Value

true

Property

Subscription

Attribute

subscription.purge.post.restart

Description

Option to re-start active subscriptions after purge. Only valid when subscription.purge.scope = ALL

Default Value

false

Property

Subscription

Attribute

subscription.purge.rate

Description

Defines a fixed rate, in milliseconds. for subscription purging.

Default Value

10000

Property

Subscription

Attribute

subscription.purge.scope

Description

Defines the scope of subscriptions to purge. Allowed values: NON_PERSISTENT_ORPHANS, ALL.

Default Value

NON_PERSISTENT_ORPHANS

Property

Timeout Session

Attribute

timeout.session.enabled

Description

Boolean value stating if timeout functionality should be used or not.

Default Value

false

Property

Timeout Session

Attribute

timeout.session.exception.delimiter

Description

The delimiter to use for the usernames stated in the timeout.session.exception.usernames property.

Default Value

, (comma)

Property

Timeout Session

Attribute

timeout.session.exception.usernames

Description

Usernames that should be excluded from the timeout functionality. Separated by the delimiter stated in the timeout.session.exception.delimiter property.

Default Value

Property

Timeout Session

Attribute

timeout.session.minutes

Description

Minutes of inactivity before a user session is terminated by logging out the user.

Default Value

480

Property

Timeout Session

Attribute

timeout.session.notification.minutes

Description

Minutes before a timeout that a notification about session timeout is sent to the user.

Default Value

1

Property

WebSocket Connection

Attribute

transport.buffer.size.max.bytes

Description

Maximum size of message buffer for the WebSocket connections.

Default Value

10000000

Property

WebSocket Connection

Attribute

transport.message.size.max.bytes

Description

Maximum size of messages for the WebSocket connections.

Default Value

1000000