This topic lists and describes the configuration parameters that are identical on both packet decoder and log decoder services.
Decoder Configuration Settings
This table lists and describes the Decoder and Log Decoder shared configuration settings.
| Decoder Configuration Path | /decoder/config |
|---|---|
| aggregate.buffer.size | Displays the size of the buffer (default unit is KB) used per round of aggregation. Larger buffers may improve aggregation performance but could impact capture performance. Change takes effect after capture restart. |
| aggregate.precache | Determines if the decoder will precache the next round of aggregation for upstream services. Can improve aggregation performance but could impact capture performance. Change takes effect immediately. |
| assembler.pool.ratio | Displays the percentage of pool pages that assembler manages and uses for the assembly process. Change takes effect on service restart. |
| assembler.session.flush | Flushes sessions when they are complete (1) or flushes sessions when they are parsed (2). Change takes effect on service restart. |
| assembler.session.pool | Lists the number of entries in the session pool. Change takes effect on service restart. |
| assembler.size.max | Lists the maximum size that a session will obtain. A setting of 0 removes the session size limit. Change takes effect immediately. |
| assembler.size.min | Lists the minimum size that a session must be before persisting. Change takes effect immediately. |
| assembler.timeout.packet | Lists the number of seconds before packets are timed out. Change takes effect immediately. |
| assembler.timeout.session | Lists the number of seconds before sessions are timed out. Change takes effect immediately. |
| assembler.voting.weights | Displays the weights used to determine which session stream is marked client and server. Change takes effect immediately. |
| capture.autostart | Determines if capture begins automatically when the service starts. Change takes effect on service restart. |
| capture.buffer.size | Displays capture memory buffer allocation size (default unit is MB). Change takes effect on service restart. |
| capture.device.params | Displays capture service specific parameters. Change takes effect on service restart. The parameters understood by this field are specific to the currently selected capture device. If any of the parameters are not recognized by the current capture device, they are ignored. On Log Decoders, there is only the Log Events capture device. It accepts some optional parameters.
|
| capture.selected | Displays current capture service and interface. Change takes effect immediately. |
| export.expire.minutes | Lists the number of minutes before export cache files are expired and flushed. Change takes effect immediately. |
| export.packet.enabled | Allows export of packet data, if enabled. Change takes effect on service restart. |
| export.packet.local.path | Displays the local location to cache packet exported data. Optional assigned max size (=#unit), units are: t for TB; g for GB, m for MB. Change takes effect on service restart. |
| export.packet.max | Displays the maximum packets per exported file. For export file types that cache this determines cached memory sizes. Zero is no limit. Change takes effect immediately. |
| export.packet.remote.path | Lists the remote protocol (nfs://) and location to export data. Change takes effect on service restart. |
| export.packet.size.max | Displays the packet maximum bytes per exported file. For export file types that cache this determines cached memory sizes. Zero is no limit. Change takes effect immediately. |
| export.rollup | Determines the rollup interval for export files. Change takes effect on service restart. |
| export.session.enabled | Allows export of session data, if enabled. Change takes effect on service restart. |
| export.session.format | Determines the file format used during session export. Change takes effect on service restart. |
| export.session.local.path | Displays the local location to cache session exported data. Optional assigned max size (=#unit), units are: t for TB; g for GB, m for MB. Change takes effect on service restart. |
| export.session.max | Displays the maximum sessions per exported file. For export file types that cache this determines cached memory sizes. Zero is no limit. Change takes effect immediately. |
| export.session.meta.fields | Determines which meta fields are exported. Comma list of fields. Star means all fields. Star plus field list means all fields BUT listed fields. Just field list says just include those fields. Change takes effect immediately. |
| export.session.remote.path | Displays the remote protocol (nfs://) and location to export data. Change takes effect on service restart. |
| export.session.size.max | Lists the session maximum bytes per exported file. For export file types that cache this determines cached memory sizes. Zero is no limit. Change takes effect immediately. |
| export.usage.max | Lists the session maximum bytes per exported file. For export file types that cache this determines cached memory sizes. Zero is no limit. Change takes effect immediately. |
| parse.threads | Lists the number of parse threads to use for session parsing. Zero means let server decide. Change takes effect on service restart. |
| pool.packet.page.size | Displays the size of a packet page (default is KB). Change takes effect on service restart. |
| pool.packet.pages | Lists the number of packet pages decoder will allocate and use. Change takes effect on service restart. |
| pool.session.page.size | Displays the size of a session page (default is KB). Change takes effect on service restart. |
| pool.session.pages | Lists the number of session pages decoder will allocate and use. Change takes effect on service restart. |
Previous Topic:Decoder Service Configuration
Next Topic:Log Decoder Service Configuration
You are here
Table of Contents > References > Service Configuration Settings > Decoder and Log Decoder Common Configuration