Configuration

Encryption keys to protect your application secrets. This field is required.

secret_management.encryption_keys: []

Enterprise Search needs one-time permission to alter Elasticsearch settings. Ensure the Elasticsearch settings are correct, then set the following to true. Or, adjust Elasticsearch’s config/elasticsearch.yml instead.

allow_es_settings_modification: false

Elasticsearch full cluster URL.

elasticsearch.host: http://127.0.0.1:9200

Elasticsearch credentials.

elasticsearch.username: elastic

Elasticsearch credentials.

elasticsearch.password: changeme

Elasticsearch custom HTTP headers to add to each request.

elasticsearch.headers: 'X-My-Header: Contents of the header'

SSL communication with Elasticsearch enabled or not.

elasticsearch.ssl.enabled: false

Path to client certificate file to use for client-side validation from Elasticsearch.

Path to the keystore that contains Certificate Authorities for Elasticsearch SSL certificate.

Path to the key file for the client certificate.

Passphrase for the above key file.

true to verify SSL certificate from Elasticsearch, false otherwise.

elasticsearch.ssl.verify: true

Elasticsearch startup retry.

elasticsearch.startup_retry.enabled: true

Elasticsearch startup retry.

elasticsearch.startup_retry.interval: 5 # seconds

Elasticsearch startup retry.

elasticsearch.startup_retry.fail_after: 600 # seconds

The primary URL at which users interact with Kibana. This is used when Enterprise Search links users to Kibana.

Define the exposed URL at which users will reach Kibana. Defaults to kibana.host.

Custom HTTP headers to add to requests made to Kibana from Enterprise Search.

kibana.headers: 'X-My-Header: Contents of the header'

Kibana startup retry.

kibana.startup_retry.enabled: false

Kibana startup retry.

kibana.startup_retry.interval: 5 # seconds

Kibana startup retry.

kibana.startup_retry.fail_after: 600 # seconds

Define the exposed URL at which users will reach Enterprise Search. Defaults to localhost:3002 for testing purposes. Most cases will use one of:

Web application listen_host. Your application will run on this host. Must be a valid IPv4 or IPv6 address.

ent_search.listen_host: 127.0.0.1

Web application listen_port. Your application will run on this host and port. Must be a valid port number (1-65535).

ent_search.listen_port: 3002

Authentication settings are used for the standalone Enterprise Search interface. See User interfaces. Auth name associated with the options being set up. If realm chains are configured in elasticsearch.yml for the associated Elasticsearch instance, then the names of the realms should also be used here. Multiple auth providers may be configured. Each must have a unique name.

The origin of authenticated Enterprise Search users. Options are elasticsearch-native and elasticsearch-saml. See Users and access.

Auth providers are consulted in ascending order (that is to say, the realm with the lowest order value is consulted first). You should make sure each configured realm has a distinct order setting.

The name to be displayed on the login screen associated with this provider.

The URL to an icon to be displayed on the login screen associated with this provider.

Boolean value to determine whether or not to display this login option on the login screen. It is common to hide an option if you would like to create role mappings before allowing the option to be used as a valid login mechanism.

ent_search.auth.<auth_name>.hidden: false

Adds a message to the login screen. Useful for displaying information about maintenance windows, links to corporate sign up pages, etc. This field supports Markdown.

Configure the maximum allowed document size for a content source.

workplace_search.content_source.document_size.limit: 100kb

Configure how many fields a content source can have.

The Elasticsearch/Lucene setting indices.query.bool.max_clause_count might also need to be adjusted if "Max clause count exceeded" errors start occurring. See Search settings in the Elasticsearch documentation.

workplace_search.content_source.total_fields.limit: 64

Configure whether or not workplace search can run synchronization jobs. If this is set to false, no syncs will run. Default is true.

workplace_search.content_source.sync.enabled: true

Configure how many errors to tolerate in a sync job. If the job encounters more total errors than this value, the job will fail. This only applies to errors tied to individual documents.

workplace_search.content_source.sync.max_errors: 1000

Configure how many errors in a row to tolerate in a sync job. If the job encounters more errors in a row than this value, the job will fail. This only applies to errors tied to individual documents.

workplace_search.content_source.sync.max_consecutive_errors: 10

Configure the ratio of <errored documents> / <total documents> to tolerate in a sync job or in a rolling window (see workplace_search.content_source.sync.error_ratio_window_size). If the job encounters an error ratio greater than this value in a given window, or overall at the end of the job, the job will fail. This only applies to errors tied to individual documents.

workplace_search.content_source.sync.max_error_ratio: 0.15

Configure how large of a window to consider when calculating an error ratio (see workplace_search.content_source.sync.max_error_ratio).

workplace_search.content_source.sync.error_ratio_window_size: 100

Configure whether or not a content source should generate thumbnails for the documents it syncs. Not all file types/sizes/content or Content Sources support thumbnail generation, even if this is enabled.

workplace_search.content_source.sync.thumbnails.enabled: true

Configure how many indexing rules a content source can have.

workplace_search.content_source.indexing.rules.limit: 100

Configure the refresh interval for full sync job (in ISO 8601 Duration format).

workplace_search.content_source.sync.refresh_interval.full: P3D

Configure the refresh interval for incremental sync job (in ISO 8601 Duration format).

workplace_search.content_source.sync.refresh_interval.incremental: PT2H

Configure the refresh interval for delete sync job (in ISO 8601 Duration format).

workplace_search.content_source.sync.refresh_interval.delete: PT6H

Configure the refresh interval for permissions sync job (in ISO 8601 Duration format).

workplace_search.content_source.sync.refresh_interval.permissions: PT5M

Configure whether or not Salesforce and Salesforce Sandbox connectors should sync Cases.

workplace_search.content_source.salesforce.enable_cases: true

Configure total number of synonym sets a Workplace Search instance can have.

workplace_search.synonyms.sets.limit: 256

Configure total number of terms an individual synonym set can have.

workplace_search.synonyms.terms_per_set.limit: 32

Configure the query timeout (in milliseconds) for remote sources via the Search API.

workplace_search.remote_sources.query_timeout: 10000

Configure whether to allow localhost URLs as base URLs in content sources (by default, they are not allowed).

workplace_search.content_source.localhost_base_urls.enabled: false

Configure the maximum allowed document size.

app_search.engine.document_size.limit: 100kb

Configure how many fields an engine can have. The Elasticsearch/Lucene setting indices.query.bool.max_clause_count might also need to be adjusted if "Max clause count exceeded" errors start occurring. See Search settings in the Elasticsearch documentation.

app_search.engine.total_fields.limit: 64

Configure how many source engines a meta engine can have.

app_search.engine.source_engines_per_meta_engine.limit: 15

Configure how many facet values can be returned by a search.

app_search.engine.total_facet_values_returned.limit: 250

Configure how big full-text queries are allowed. The Elasticsearch/Lucene setting indices.query.bool.max_clause_count might also need to be adjusted if "Max clause count exceeded" errors start occurring. See Search settings in the Elasticsearch documentation.

app_search.engine.query.limit: 128

Configure total number of synonym sets an engine can have.

app_search.engine.synonyms.sets.limit: 256

Configure total number of terms a synonym set can have.

app_search.engine.synonyms.terms_per_set.limit: 32

Configure how many analytics tags can be associated with a single query or clickthrough.

app_search.engine.analytics.total_tags.limit: 16

Configure the number of worker threads.

worker.threads: 1

Set to true hide product version information from API responses.

hide_version_info: false

Connect Enterprise Search to a mailer. See Configure a mail service.

email.account.enabled: false

Connect Enterprise Search to a mailer. See Configure a mail service.

email.account.smtp.auth: plain

Connect Enterprise Search to a mailer. See Configure a mail service.

email.account.smtp.starttls.enable: false

Connect Enterprise Search to a mailer. See Configure a mail service.

email.account.smtp.host: 127.0.0.1

Connect Enterprise Search to a mailer. See Configure a mail service.

email.account.smtp.port: 25

Connect Enterprise Search to a mailer. See Configure a mail service.

Connect Enterprise Search to a mailer. See Configure a mail service.

Connect Enterprise Search to a mailer. See Configure a mail service.

Choose your log export path.

log_directory: log

Log level can be: debug, info, warn, error, fatal, or unknown.

log_level: info

Log format can be: default, json

log_format: default

Choose your Filebeat logs export path.

filebeat_log_directory: log

Use Index Lifecycle Management (ILM) to manage analytics and API logs retention.

Enable logging app logs to stdout (enabled by default).

enable_stdout_app_logging: true

The number of files to keep on disk when rotating logs. When set to 0, no rotation will take place.

log_rotation.keep_files: 7

The maximum file size in bytes before rotating the log file. If log_rotation.keep_files is set to 0, no rotation will take place and there will be no size limit for the singular log file.

log_rotation.rotate_every_bytes: 1048576 # 1 MiB

Configure TLS/SSL encryption.

ent_search.ssl.enabled: false

Configure TLS/SSL encryption.

Configure TLS/SSL encryption.

Configure TLS/SSL encryption.

Configure TLS/SSL encryption.

Set a session key to persist user sessions through process restarts.

Enable Elastic APM agent within Enterprise Search.

apm.enabled: true

Set the custom APM Server URL.

apm.server_url: 'http://localhost:8200'

Set the APM authentication token (use if APM Server requires a secret token).

apm.secret_token: 'your-token-here'

Override the APM service name. Allowed characters: a-z, A-Z, 0-9, -, _ and space.

apm.service_name: 'Enterprise Search'

Override the APM service environment.

apm.environment: 'production'

Enable automatic monitoring metrics reporting to Elasticsearch via metricbeat.

monitoring.reporting_enabled: false

Configure metrics reporting frequency. This setting should be aligned with monitoring.ui.min_interval_seconds setting in Kibana, or Stack Monitoring dashboards for Enterprise Search may have gaps in graphs on high metric resolutions.

monitoring.reporting_period: 10s

Configure metricsets to be reported to Elasticsearch

monitoring.metricsets: ['health', 'stats']

Override the index name prefix used to index Enterprise Search metrics. The index will have ILM enabled and will be managed by Enterprise Search.

monitoring.index_prefix: metricbeat-ent-search

Reporting your basic feature usage statistics helps us improve your user experience. Your data is never shared with anyone. If kibana.external_url is set, the analogous Kibana Telemetry settings will take precedence. Set to false to disable telemetry capabilities entirely. You can alternatively opt out through the Settings page.

telemetry.enabled: true

If false, collection of telemetry data is disabled; however, it can be enabled via the Settings page if telemetry.allow_changing_opt_in_status is true.

telemetry.opt_in: true

If true, users are able to change the telemetry setting at a later time through the Settings page. If false, the value of telemetry.opt_in determines whether to send telemetry data or not.

telemetry.allow_changing_opt_in_status: true

Path where diagnostic reports will be generated.

diagnostic_report_directory: diagnostics

The User-Agent HTTP Header used for the Crawler.

crawler.http.user_agent: Elastic-Crawler (<crawler_version_number>)

The user agent platform used for the Crawler with identifying information. See User-Agent - Syntax in the MDN web docs.

This value will be added as a suffix to crawler.http.user_agent and used as the final User-Agent Header.

The number of parallel crawls allowed per instance of Enterprise Search. By default, it is set to 2x the number of available logical CPU cores. On Intel CPUs, the default value is 4x the number of physical CPU cores due to hyper-threading. See Hyper-threading on Wikipedia.

crawler.workers.pool_size.limit: N

The maximum duration of a crawl, in seconds. Beyond this limit, the crawler will stop, abandoning all remaining URLs in the crawl queue.

crawler.crawl.max_duration.limit: 86400 # seconds

The maximum number of sequential pages the crawler will traverse starting from the given set of entry points. Beyond this limit, the crawler will stop discovering new links.

crawler.crawl.max_crawl_depth.limit: 10

The maximum number of characters within each URL to crawl. The crawler will skip URLs that exceed this length.

crawler.crawl.max_url_length.limit: 2048

The maximum number of segments within the path of each URL to crawl. The crawler will skip URLs whose paths exceed this length. Example: The path /a/b/c/d has 4 segments.

crawler.crawl.max_url_segments.limit: 16

The maximum number of query parameters within each URL to crawl. The crawler will skip URLs that exceed this length. Example: The query string in /a?b=c&d=e has 2 query parameters.

crawler.crawl.max_url_params.limit: 32

The maximum number of unique URLs the crawler will index during a single crawl. Beyond this limit, the crawler will stop.

crawler.crawl.max_unique_url_count.limit: 100000

The number of parallel threads to use for each crawl. The main effect from increasing this value will be an increased throughput of the crawler at the expense of higher CPU load on Enterprise Search and Elasticsearch instances as well as higher load on the website being crawled.

crawler.crawl.threads.limit: 10

The maximum size of the crawl frontier - the list of URLs the crawler needs to visit. The list is stored in Elasticsearch, so the limit could be increased as long as the Elasticsearch cluster has enough resources (disk space) to hold the queue index.

crawler.crawl.url_queue.url_count.limit: 100000

The maximum period to wait until abortion of the request, when a connection is being initiated.

crawler.http.connection_timeout: 10 # seconds

The maximum period of inactivity between two data packets, before the request is aborted.

crawler.http.read_timeout: 10 # seconds

The maximum period of the entire request, before the request is aborted.

crawler.http.request_timeout: 60 # seconds

The maximum size of an HTTP response (in bytes) supported by the crawler.

crawler.http.response_size.limit: 10485760

The maximum number of HTTP redirects before a request is failed.

crawler.http.redirects.limit: 10

The maximum size (in bytes) of some fields extracted from crawled pages.

crawler.extraction.title_size.limit: 1024

The maximum size (in bytes) of some fields extracted from crawled pages.

crawler.extraction.body_size.limit: 5242880

The maximum size (in bytes) of some fields extracted from crawled pages.

crawler.extraction.keywords_size.limit: 512

The maximum size (in bytes) of some fields extracted from crawled pages.

crawler.extraction.description_size.limit: 1024

The maximum number of links extracted from each page for further crawling.

crawler.extraction.extracted_links_count.limit: 1000

The maximum number of links extracted from each page and indexed in a document.

crawler.extraction.indexed_links_count.limit: 25

The maximum number of HTML headers to be extracted from each page.

crawler.extraction.headings_count.limit: 25

Default document fields used to compare documents during de-duplication.

crawler.extraction.default_deduplication_fields: ['title', 'body_content', 'meta_keywords', 'meta_description', 'links', 'headings']

A list of custom SSL Certificate Authority certificates to be used for all connections made by the crawler to your websites. These certificates are added to the standard list of CA certificates trusted by the JVM. Each item in this list could be a file name of a certificate in PEM format or a PEM-formatted certificate as a string.

crawler.security.ssl.certificate_authorities: []

Control SSL verification mode used by the crawler:

Allow crawler to access the localhost (127.0.0.0/8 IP namespace).

crawler.security.dns.allow_loopback_access: false

Allow crawler to access the private IP space: link-local, network-local addresses, etc. See Reserved IP addresses - IPv4 on Wikipedia for more details.

crawler.security.dns.allow_private_networks_access: false

If you need the Crawler to send HTTP requests through a proxy, you can configure with this setting. Please note:

If you need the Crawler to send HTTP requests through a proxy, you can configure with this setting. Please note:

Protocol to be used for connecting to the proxy: http (default) or https.

crawler.http.proxy.protocol: http

Basic HTTP credentials to be used for connecting to the proxy.

Basic HTTP credentials to be used for connecting to the proxy.

If true, pending migrations can be executed without enabling read-only mode. Proceeding with migrations while indices are allowing writes can have unintended consequences. Use at your own risk, should not be set to true when upgrading a production instance with ongoing traffic.

skip_read_only_check: false

Java options for JVM tuning (used for app-server and CLI commands).

export JAVA_OPTS=${JAVA_OPTS:-"-Xms2g -Xmx2g"}

Additional Java options for the application server.

export APP_SERVER_JAVA_OPTS="${APP_SERVER_JAVA_OPTS:-}"

Enable Java GC logging (see below for the default configuration).

export JAVA_GC_LOGGING=true

Where to put the files.

export JAVA_GC_LOG_DIR=log

How many of the most recent files to keep.

export JAVA_GC_LOG_KEEP_FILES=10

How big GC logs should grow before triggering log rotation.

export JAVA_GC_LOG_MAX_FILE_SIZE=10m