On This Page

Home / Stream/ Reference/ Config Files/instance.yml

instance.yml

Instance configuration is located under $CRIBL_HOME/local/_system/instance.yml (C:\ProgramData\Cribl\local\system\instance.yml for Cribl Edge on Windows).

$CRIBL_HOME/local/_system/instance.yml or C:\ProgramData\Cribl\local\_system.yml for Cribl Edge on Windows
distributed:
  # Mode - Choose one.
  # One of: single | worker | edge | managed-edge | master | outpost | search-supervisor
  # [string; default: single; required]
  mode:
  # Deployment ID - Deployment ID for reporting telemetry on multiple deployments.
  # [string]
  reportedDeploymentId:
  # Default Worker Group - Worker Group to report to leader
  # [string; default: default]
  group:
  # Tags - Tag values to report to leader
  tags:
  # Env Var Regex - Regex to select environment variables to report to leader
  # [string; default: /^CRIBL_/]
  envRegex:
  master:
    # Address - Address to bind on. Defaults to 0.0.0.0 (all addresses).
    # [string; default: 0.0.0.0; required]
    host:
    # Port - Port to listen on
    # [number; max: 65535; default: 4200; required]
    port:
    # Forward to Leader API - Respond to API requests from the distributed port. True by default.
    # [boolean; default: true]
    forwardToLeaderApi:
    # Auth token - Authentication token for Worker Nodes to communicate with Leader.
    # [string; default: criblmaster]
    authToken:
    # IP allowlist regex - Regex matching IP addresses that are allowed to establish a connection
    # [string; default: /.*/]
    ipWhitelistRegex:
    # Active connection limit - Maximum number of active connections allowed from Worker Nodes.
    # Use 0 for unlimited.
    # [number; min: 0; default: 0]
    maxActiveCxn:
    # Helper processes socket dir - Directory to hold sockets for inter-process communication
    # (IPC) between Leader and processes like Config Helpers and services. Defaults to your
    # system's temp directory.
    # [string]
    configHelperSocketDir:
    # Resiliency - Enable or disable failover.
    # One of: none | failover
    # [string; default: none]
    resiliency:
    configBundles:
      # S3 Bundle Bucket URL - Bucket to use for remote bundle storage, in s3://${bucket} format
      # [string]
      remoteUrl:
    failover:
      # Failover volume - NFS (network file system) directory to support Leader failover.
      # [string]
      volume:
      # Lease refresh period - How often the primary leader will refresh its hold on the lease
      # file
      # [string; default: 5s]
      period:
      # Missed refresh limit - How many Lease refresh periods that can be missed before the
      # standby nodes attempt to elect themselves to primary
      # [number; default: 3]
      missedHBLimit:
    tls:
      # Disabled
      # [boolean; default: true; required]
      disabled:
      # Certificate name - The name of the predefined certificate
      # [string]
      certificateName:
      # Private key path - Path on server in which to find the private key to use. PEM format. Can
      # reference $ENV_VARS.
      # [string; required]
      privKeyPath:
      # Passphrase - Passphrase to use to decrypt private key
      # [string]
      passphrase:
      # Certificate path - Path on server in which to find certificates to use. PEM format. Can
      # reference $ENV_VARS.
      # [string; required]
      certPath:
      # CA certificate path - Path on server where to find CA certificates to use. PEM format. Can
      # reference $ENV_VARS.
      # [string]
      caPath:
      # Minimum TLS version - Minimum TLS version. Defaults to TLS 1.2.
      # One of: TLSv1 | TLSv1.1 | TLSv1.2 | TLSv1.3
      # [string]
      minVersion:
      # Maximum TLS version - Maximum TLS version. Defaults to TLS 1.3.
      # One of: TLSv1 | TLSv1.1 | TLSv1.2 | TLSv1.3
      # [string]
      maxVersion:
      # Default cipher list - Default suite of enabled and disabled TLS ciphers. Defaults to:
      # ECDHE-RSA-AES128-GCM-SHA256:
      # ECDHE-ECDSA-AES128-GCM-SHA256:
      # ECDHE-RSA-AES256-GCM-SHA384:
      # ECDHE-ECDSA-AES256-GCM-SHA384:
      # DHE-RSA-AES128-GCM-SHA256:
      # ECDHE-RSA-AES128-SHA256:
      # DHE-RSA-AES128-SHA256:
      # ECDHE-RSA-AES256-SHA384:
      # DHE-RSA-AES256-SHA384:
      # ECDHE-RSA-AES256-SHA256:
      # DHE-RSA-AES256-SHA256:
      # HIGH:
      # !aNULL:
      # !eNULL:
      # !EXPORT:
      # !DES:
      # !RC4:
      # !MD5:
      # !PSK:
      # !SRP:
      # !CAMELLIA
      # [string]
      defaultCipherList:
      # ECDH curve - The curve name, or a colon-separated list of curve NIDs or names, to use for
      # ECDH key agreement. For example: 'P-521:P-384:P-256'. Defaults to 'auto'.
      # [string; default: auto]
      defaultEcdhCurve:
      # Validate server certs - Validate server certificates globally. Disable to allow
      # self-signed certificates.
      # [boolean; default: true]
      rejectUnauthorized:
    # Disable SNI-based connection routing - This is an advanced setting - do not touch unless
    # under supervision of Cribl Support. This affects how connections are routed within the Cribl
    # Control Plane. Changing this setting could affect the scalability of your system.
    # [boolean; default: false]
    disableSNIRouting:
    # Compression - Codec to use to compress the data before sending
    # One of: none | gzip
    # [string; default: gzip]
    compression:
    # Connection timeout (ms) - Amount of time (milliseconds) to wait before assuming the
    # connection has failed
    # [number; min: 0; default: 10000]
    connectionTimeout:
    # Write timeout (ms) - Amount of time (milliseconds) to wait for a write to complete before
    # assuming connection has failed
    # [number; min: 0; default: 60000]
    writeTimeout:
    # Protocol
    # One of: tcp | http2
    # [string; default: tcp]
    protocol:
    proxy:
      # Disabled - Whether to proxy Leader comms through SOCKS
      # [boolean; default: true; required]
      disabled:
      # User ID - Username for SOCKS proxy authentication
      # [string]
      userId:
      # Password - Password for SOCKS proxy authentication
      # [string]
      password:
      # Port - SOCKS proxy port
      # [number; default: 1080]
      port:
      # Proxy host - Proxy server host. Allowed formats are ipv4, ipv6, or hostname.
      # [string]
      host:
      # Protocol version - Version of the SOCKS protocol. Defaults to 5 for socks5.
      # One of: 4 | 5
      # [number; default: 5]
      type:
  cloudWorkspace:
    # Enable Cloud Connection - Link with your Cribl.Cloud instance to utilize a single license
    # [boolean; default: true; required]
    disabled:
    # [boolean; default: false; required]
    subscriptionAgreement:
    # Connection URL - URL of your Cribl.Cloud instance
    # [string; default: ''; min: 1; required]
    host:
    # Connection port
    # [number; max: 65535; default: 4200; required]
    port:
    # Connection auth token - The configured auth token of your Cribl.Cloud instance
    # [string; default: criblmaster; required]
    authToken:
    tls:
      # [boolean; default: false; required]
      disabled:
      # [boolean; default: true; required]
      rejectUnauthorized: