Skip to main content
Skip table of contents

Data Management configuration files

Overview

Data Management has several configuration files that you may need edit in order to perform actions such as enabling advanced security mode, defining an OS user as Administrator, configuring SSL, or defining JVM attributes. These files are located in the Data Management installation folder, and can be edited using a text editor.

You will need OS administrator permissions to edit these files.

Core settings used by all services

The properties specified in the file CoreCfg.properties are "root" settings that are used by all services, unless overridden in the individual service configuration file.

Java

Property

Usage

jvm_memory_mb

See JVM memory.

jvm_options

See JVM options.

Security

Property

Usage

administrator_os_user

If enable_advanced_security is set to true and administrator_os_user is defined, the OS user name to set as the Data Management Administrator user.

enable_advanced_security

If set to true, enables advanced security mode, which binds user authentication to the operating system.

private_key

If defined, path to the user-supplied private key file in PEM format. If this key is configured but the specified file does not exist or is invalid, the Data Management services will fail. See Signed certificates.

public_key

If defined, path to the user-supplied public key file in PEM format. If this key is configured but the specified file does not exist or is invalid, the Data Management services will fail. See Signed certificates.

use_ssl

If set to true (the default), requires SSL/TLS secure connections between server components and between the client and server. See Signed certificates.

enable_old_tls

Data Management defaults to a requirement for SSL/TLS v.1.2 or higher for inter-server and client-server communication. If you require an older TLS version, set this option to true.

ssl_cipher_list

Specifies the allowed ciphers for web services and inter-process communications. Ignored if enable_old_tls=true.

jdk_disabled_algorithms

Used to disable weaker SSL ciphers for SFTP. Ignored if enable_old_tls=true.

validate_ssl_cert

If set to true, requires all SSL certificates be tested by Data Management for self-signing and valid date ranges. This includes both the default Data Management-generated signed certificates and certificates specified by private_key and public_key. Self-signed and expired certificates will cause the Data Management services to fail.

no_getsecret_function

If set to true, disables the GetSecret function, which may pose a security risk

retired_keys_limit

Limits the number of retired crypto keys. Once that limit is reached, Data Management will recycle older keys. Defaults to 4.

validate_executables

If set to true, only executables defined in list_of_valid_executables can be run from Data Management tools and Automations that support external commands (CSV Streaming Transform and Flat File Streaming Transform tools, Execute steps).

list_of_valid_executables

If defined, comma separated list of absolute paths of executables that can be run from Data Management tools and Automations. If validate_executables is set to true and list_of_valid_executables is undefined, no executables can be run from Data Management.

allow_messages_in_tracelogs

If set to false (the default) the contents of all messages are redacted to prevent sensitive data from leaking into the server trace logs.

disable_nonsecure_protocols

If set to true, requires SSL/TLS secure connections between server components and between the client and server. This will disable FTP Automation steps, Web Service Call tools, and published web services configured to use non-secure FTP/HTTP file transfer protocols.

Networking

Property

Usage

base_port

The starting TCP port of a range of seven that will be used by the Data Management services. Defaults to 20410.

siteserver_address

The address of the host running the Data Management site server. Normally set by the installer.

web_service_proxy_address

The address of the host running the Data Management web service proxy server. Normally set by the installer.

Miscellaneous

Property

Usage

data_directory

Path to the directory containing large data files, which includes the repository, logs, and reference databases. This is normally set during installation, and defaults to the installation folder.

disable_windows_server_browse

Set to true to prevent the Data Management services from scanning Windows networks for servers, which can cause issues on some networks.

disable_windows_share_browse

Set to true to prevent the Data Management services from scanning Windows networks for server shares, which can cause issues on some networks.

Logging

Property

Usage

audit_log_folder

Location for security audit log file. Defaults to audit_logs in the Data Management installation folder. This path must be writable by the Data Management service user.

audit_log_max_file_size

Maximum size for any single security audit log file. Defaults to 1MB.

audit_log_max_total_size

Maximum total size for all security audit log files. Defaults to 10MB.

log_age_sweep_interval

The interval, in seconds, for checking on older server trace log files to be removed. Defaults to 5 minutes.

log_rotate_interval

The maximum age of an active server trace log before it is closed and a new log started. Normally not set in production. Defaults to one day.

max_log_age

The longest time that any server trace log file will be kept before deletion, in seconds. Defaults to 15 days.

max_log_entry_size

The largest entry allowed in server trace log files, in bytes. Defaults to 500KB.

max_log_size

The maximum size of an active server trace log, in bytes, file before it is closed and a new one opened. Defaults to 100MB.

max_total_log_size

The maximum size of all server trace log files, in bytes, before older ones are deleted. Defaults to 2GB.

Tuning and diagnostics

Change these only after consultation with Redpoint Global Inc. support staff.

Property

Usage

crash_dump_level

Controls Windows crash dump verbosity. Sets a level between 1 and 4, where 1 is a "minidump" and 4 is full memory.

crash_dump_location

Controls Windows crash dump folder.

trace_console

Normally not defined; for development and debug use.

trace_filter

If defined, the server trace logs will be limited to only messages that contain the defined string.

trace_level

A number between 0 and 5 determines the verbosity of the server trace logs, where…

  • 0 is "none"

  • 1 is "minimal"

  • 3 is "chatty"

  • 5 is "debug only"

You may define this separately for site, execution, project, and automation servers.

tcp_interface_startup_timeout

If defined, increase the time that all servers wait for a new TCP interface to become active (from the default of 30 seconds).

Change this only if you experience errors while running new projects, and see messages like this in the server trace logs:

TCP connection thread failed to start

taskqueue_thread_startup_timeout

If defined, increase the time that all servers wait for a TaskQueue (parallel task executor) to become active (from the default of 30 seconds).

Change this only if you experience errors while running new projects, and see messages like this in the server trace logs:

some threads failed to become active after 10 seconds

request_processor_background_startup_timeout

If defined, increase the time that all servers wait for a background request processor to become active (from the default of 30 seconds).

Change this only if you experience errors while while starting services, and see messages like this in the server trace logs:

RequestProcessorTask::Run: failed to start background thread

tcp_accept_timeout

If defined, change the time that all servers wait to confirm an accepted TCP connection (from the default of 20 seconds).

Testing/debug

Property

Usage

test_harness/enable
test_harness/client_request_latency
test_harness/retire_browse_server_rate
test_harness/command_of_doom
test_harness/count_of_doom
test_harness/action_of_doom

These properties are for internal development and debug use. Use them only when working with Redpoint Global Inc. support staff.

Site server settings

The file SiteServerCfg.properties contains a single property.

Property

Usage

trace_file

File name and path for site server trace logs.

Execution server settings

The properties specified in the file ExecutionServerCfg.properties are settings used by the Data Management execution servers.

Property

Usage

machine_name

Name of the execution server. If missing, defaults to hostname. Normally set by the installer.

machine_address

The address of the host running the Data Management site server. Normally set by the installer.

alt_addresses (list)

A list of addresses that the client can use when connecting from a network that doesn't resolve DNS names the same way, or uses a different IP address (for example, the site has different internal and external addresses).

trace_file

File name and path for execution server trace logs.

mapped_drives

If defined, a list of mapped drives for use in parallel as temporary storage.

project_spawn_wait_seconds

If defined, increases the time that the execution server waits for a newly-spawned project to connect from the default value of 310 seconds.

Change this only if you experience timeout errors while running new projects, and see server trace log messages like:

launched project server with pid=12345 failed to connect in 120 seconds

Project server settings

The properties specified in the file ProjectServerCfg.properties are settings used during project execution.

Property

Usage

per_tool_log

Set to true to create a PerToolLogs folder in the installation folder, which will receive a set of files containing the input and output records of every tool in a project. Extremely resource intensive and requires that a single project has exclusive use of Data Management. Can be useful for debugging complex projects.

Web service proxy settings

The file WSPServerCfg.properties controls aspects of projects deployed as real time web services.

Property

Usage

webservice_private_key

If set, a path to the user-supplied private key file in PEM format, which will be used to present authentication to web service callers using HTTPS. If this key is configured but the specified file does not exist or is invalid, the web services will fail to listen for requests.

webservice_public_key

If set, a path to the user-supplied public key file in PEM format, which will be used to present authentication to web service callers using HTTPS. If this key is configured but the specified file does not exist or is invalid, the web services will fail to listen for requests.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.