Configuration

SmartCollect SC² has a number of configuration options that you can specify in a .ini configuration file or specified using environment variables.

Note: You must restart SmartCollect SC² for any configuration changes to take effect.

Do not change defaults.ini! SmartCollect SC² defaults are stored in this file. Depending on your OS, make all configuration changes in either custom.ini or smartcollect.ini.

• Default configuration from $WORKING_DIR/conf/defaults.ini
• Custom configuration from $WORKING_DIR/conf/custom.ini
• The custom configuration file path can be overridden using the --config parameter

If you installed SmartCollect SC² using the deb or rpm packages, then your configuration file is located at /etc/smartcollect/smartcollect.ini and a separate custom.ini is not used. This path is specified in the SmartCollect SC² init.d script using --config file parameter.

sample.ini is in the same directory as defaults.ini and contains all the settings commented out. Copy sample.ini and name it custom.ini.

By default, the configuration file is located at /usr/local/etc/smartcollect/smartcollect.ini. To configure SmartCollect SC², add a configuration file named custom.ini to the conf folder to override any of the settings defined in conf/defaults.ini.

Semicolons (the ; char) are the standard way to comment out lines in a .ini file. If you want to change a setting, you must delete the semicolon (;) in front of the setting before it will work.

Example

# The HTTP port  to use
;http_port = 3000

A common problem is forgetting to uncomment a line in the custom.ini (or smartcollect.ini) file which causes the configuration option to be ignored.

All options in the configuration file can be overridden using environment variables using the syntax:

SC2_<SectionName>_<KeyName>

Where the section name is the text within the brackets. Everything should be uppercase, . and - should be replaced by _. For example, if you have these configuration settings:

# default section
instance_name = ${HOSTNAME}

[security]
admin_user = admin

[auth.google]
client_secret = 0ldS3cretKey

[plugin.smartcollect-image-renderer]
rendering_ignore_https_errors = true

You can override them on Linux machines with:

export SC2_DEFAULT_INSTANCE_NAME=my-instance
export SC2_SECURITY_ADMIN_USER=owner
export SC2_AUTH_GOOGLE_CLIENT_SECRET=newS3cretKey
export SC2_PLUGIN_SMARTCOLLECT_IMAGE_RENDERER_RENDERING_IGNORE_HTTPS_ERRORS=true

Only available in SmartCollect SC² 7.1+.

For any changes to conf/smartcollect.ini (or corresponding environment variables) to take effect, you must restart SmartCollect SC².

If any of your options contains the expression $__<provider>{<argument>} or ${<environment variable>}, then they will be processed by SmartCollect SC²'s variable expander. The expander runs the provider with the provided argument to get the final value of the option.

There are three providers: env, file, and vault.

The env provider can be used to expand an environment variable. If you set an option to $__env{PORT} the PORT environment variable will be used in its place. For environment variables you can also use the short-hand syntax ${PORT}. SmartCollect SC²'s log directory would be set to the smartcollect directory in the directory behind the LOGDIR environment variable in the following example.

[paths]
logs = $__env{LOGDIR}/smartcollect

file reads a file from the filesystem. It trims whitespace from the beginning and the end of files. The database password in the following example would be replaced by the content of the /etc/secrets/sc2_sql_password file:

[database]
password = $__file{/etc/secrets/sc2_sql_password}

The vault provider allows you to manage your secrets with Hashicorp Vault.

Options are production and development. Default is production. Do not change this option unless you are working on SmartCollect SC² development.

Set the name of the smartcollect-server instance. Used in logging, internal metrics, and clustering info. Defaults to: ${HOSTNAME}, which will be replaced with environment variable HOSTNAME, if that is empty or does not exist SmartCollect SC² will try to use system calls to get the machine name.

Path to where SmartCollect SC² stores the sqlite3 database (if used), file-based sessions (if used), and other data. This path is usually specified via command line in the init.d script or the systemd service file.

macOS: The default SQLite database is located at /usr/local/var/lib/smartcollect

How long temporary images in data directory should be kept. Defaults to: 24h. Supported modifiers: h (hours), m (minutes), for example: 168h, 30m, 10h30m. Use 0 to never clean up temporary files.

Path to where SmartCollect SC² stores logs. This path is usually specified via command line in the init.d script or the systemd service file. You can override it in the configuration file or in the default environment variable file. However, please note that by overriding this the default log path will be used temporarily until SmartCollect SC² has fully initialized/started.

Override log path using the command line argument cfg:default.paths.log:

./smartcollect-server --config /custom/config.ini --homepath /custom/homepath cfg:default.paths.logs=/custom/path

macOS: By default, the log file should be located at /usr/local/var/log/smartcollect/smartcollect.log.

Directory where SmartCollect SC² automatically scans and looks for plugins. Manually or automatically install any plugins here.

macOS: By default, the Mac plugin location is: /usr/local/var/lib/smartcollect/plugins.

Folder that contains provisioning config files that SmartCollect SC² will apply on startup. Dashboards will be reloaded when the json files changes.

http,https,h2 or socket

The IP address to bind to. If empty will bind to all interfaces

The port to bind to, defaults to 3000. To use port 80 you need to either give the SmartCollect SC² binary permission for example:

$ sudo setcap 'cap_net_bind_service=+ep' /usr/sbin/smartcollect-server

Or redirect port 80 to the SmartCollect SC² port using:

$ sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3000

Another way is put a webserver like Nginx or Apache in front of SmartCollect SC² and have them proxy requests to SmartCollect SC².

This setting is only used in as a part of the root_url setting (see below). Important if you use GitHub or Google OAuth.

Redirect to correct domain if host header does not match domain. Prevents DNS rebinding attacks. Default is false.

This is the full URL used to access SmartCollect SC² from a web browser. This is important if you use Google or GitHub OAuth authentication (for the callback URL to be correct).

Note: This setting is also important if you have a reverse proxy in front of SmartCollect SC² that exposes it through a subpath. In that case add the subpath to the end of this URL setting.

Serve SmartCollect SC² from subpath specified in root_url setting. By default it is set to false for compatibility reasons.

By enabling this setting and using a subpath in root_url above, e.g. root_url = http://localhost:3000/smartcollect, SmartCollect SC² is accessible on http://localhost:3000/smartcollect.

Set to true for SmartCollect SC² to log all HTTP requests (not just errors). These are logged as Info level events to the SmartCollect SC² log.

The path to the directory where the front end files (HTML, JS, and CSS files). Defaults to public which is why the SmartCollect SC² binary needs to be executed with working directory set to the installation path.

Set this option to true to enable HTTP compression, this can improve transfer speed and bandwidth utilization. It is recommended that most users set it to true. By default it is set to false for compatibility reasons.

Path to the certificate file (if protocol is set to https or h2).

Path to the certificate key file (if protocol is set to https or h2).

Path where the socket should be created when protocol=socket. Make sure that SmartCollect SC² has appropriate permissions before you change this setting.

SmartCollect SC² needs a database to store users and dashboards (and other things). By default it is configured to use sqlite3 which is an embedded database (included in the main SmartCollect SC² binary).

Either mysql, postgres or sqlite3, it’s your choice.

Only applicable to MySQL or Postgres. Includes IP or hostname and port or in case of Unix sockets the path to it. For example, for MySQL running on the same host as SmartCollect SC²: host = 127.0.0.1:3306 or with Unix sockets: host = /var/run/mysqld/mysqld.sock

The name of the SmartCollect SC² database. Leave it set to smartcollect or some other name.

The database user (not applicable for sqlite3).

The database user’s password (not applicable for sqlite3). If the password contains # or ; you have to wrap it with triple quotes. For example """#password;"""

Use either URL or the other fields below to configure the database Example: mysql://user:secret@host:port/database

The maximum number of connections in the idle connection pool.

The maximum number of open connections to the database.

Sets the maximum amount of time a connection may be reused. The default is 14400 (which means 14400 seconds or 4 hours). For MySQL, this setting should be shorter than the wait_timeout variable.

Set to true to log the sql calls and execution times.

For Postgres, use either disable, require or verify-full. For MySQL, use either true, false, or skip-verify.

The path to the CA certificate to use. On many Linux systems, certs can be found in /etc/ssl/certs.

The path to the client key. Only if server requires client authentication.

The path to the client cert. Only if server requires client authentication.

The common name field of the certificate used by the mysql or postgres server. Not necessary if ssl_mode is set to skip-verify.

Only applicable for sqlite3 database. The file path where the database will be stored.

For “sqlite3” only. Shared cache setting used for connecting to the database. (private, shared) Defaults to private.

Either redis, memcached, or database. Defaults to database

The remote cache connection string. The format depends on the type of the remote cache. Options are database, redis, and memcache.

Leave empty when using database since it will use the primary database.

Example connstr: addr=127.0.0.1:6379,pool_size=100,db=0,ssl=false

• addr is the host : port of the redis server.
• pool_size (optional) is the number of underlying connections that can be made to redis.
• db (optional) is the number identifier of the redis database you want to use.
• ssl (optional) is if SSL should be used to connect to redis server. The value may be true, false, or insecure. Setting the value to insecure skips verification of the certificate chain and hostname when making the connection.

Example connstr: 127.0.0.1:11211

This enables data proxy logging, default is false.

How long the data proxy should wait before timing out. Default is 30 seconds.

This setting also applies to core backend HTTP data sources where query requests use an HTTP client with timeout set.

Interval between keep-alive probes. Default is 30 seconds. For more details check the Dialer.KeepAlive documentation.

The length of time that SmartCollect SC² will wait for a successful TLS handshake with the datasource. Default is 10 seconds. For more details check the Transport.TLSHandshakeTimeout documentation.

The length of time that SmartCollect SC² will wait for a datasource’s first response headers after fully writing the request headers, if the request has an “Expect: 100-continue” header. A value of 0 will result in the body being sent immediately. Default is 1 second. For more details check the Transport.ExpectContinueTimeout documentation.

The maximum number of idle connections that SmartCollect SC² will maintain. Default is 100. For more details check the Transport.MaxIdleConns documentation.

The length of time that SmartCollect SC² maintains idle connections before closing them. Default is 90 seconds. For more details check the Transport.IdleConnTimeout documentation.

If enabled and user is not anonymous, data proxy will add X-SmartCollect SC²-User header with username into the request. Default is false.

When enabled SmartCollect SC² will send anonymous usage statistics to stats.scada-smartcollect.org. No IP addresses are being tracked, only simple counters to track running instances, versions, dashboard and error counts. It is very helpful to us, so please leave this enabled. Counters are sent every 24 hours. Default value is true.

Set to false to disable all checks to https://scada-smartcollect.com for new versions of installed plugins and to the SmartCollect SC² GitHub repository to check for a newer version of SmartCollect SC². The version information is used in some UI views to notify that a new SmartCollect SC² update or a plugin update exists. This option does not cause any auto updates, nor send any sensitive information. The check is run every 10 minutes.

If you want to track SmartCollect SC² usage via Google analytics specify your Universal Analytics ID here. By default this feature is disabled.

Google Tag Manager ID, only enabled if you enter an ID here.

Only available in SmartCollect SC² v6.5+.

Disable creation of admin user on first start of SmartCollect SC². Default is false.

The name of the default SmartCollect SC² Admin user, who has full permissions. Default is admin.

The password of the default SmartCollect SC² Admin. Set once on first-run. Default is admin.

Used for signing some data source settings like secrets and passwords, the encryption format used is AES-256 in CFB mode. Cannot be changed without requiring an update to data source settings to re-encode them.

Set to true to disable the use of Gravatar for user profile images. Default is false.

Define a whitelist of allowed IP addresses or domains, with ports, to be used in data source URLs with the SmartCollect SC² data source proxy. Format: ip_or_domain:port separated by spaces. PostgreSQL, MySQL, and MSSQL data sources do not use the proxy and are therefore unaffected by this setting.

Set to true to disable brute force login protection. Default is false.

Set to true if you host SmartCollect SC² behind HTTPS. Default is false.

Sets the SameSite cookie attribute and prevents the browser from sending this cookie along with cross-site requests. The main goal is to mitigate the risk of cross-origin information leakage. This setting also provides some protection against cross-site request forgery attacks (CSRF), read more about SameSite here. Valid values are lax, strict, none, and disabled. Default is lax. Using value disabled does not add any SameSite attribute to cookies.

When false, the HTTP header X-Frame-Options: deny will be set in SmartCollect SC² HTTP responses which will instruct browsers to not allow rendering SmartCollect SC² in a <frame>, <iframe>, <embed> or <object>. The main goal is to mitigate the risk of Clickjacking. Default is false.

Set to true if you want to enable HTTP Strict-Transport-Security (HSTS) response header. This is only sent when HTTPS is enabled in this configuration. HSTS tells browsers that the site should only be accessed using HTTPS.

Sets how long a browser should cache HSTS in seconds. Only applied if strict_transport_security is enabled. The default value is 86400.

Set to true to enable HSTS preloading option. Only applied if strict_transport_security is enabled. The default value is false.

Set to true if to enable the HSTS includeSubDomains option. Only applied if strict_transport_security is enabled. The default value is false.

Set to true to enable the X-Content-Type-Options response header. The X-Content-Type-Options response HTTP header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. The default value is false.

Set to false to disable the X-XSS-Protection header, which tells browsers to stop pages from loading when they detect reflected cross-site scripting (XSS) attacks. The default value is false until the next minor release, 6.3.

Set to false to disable external snapshot publish endpoint (default true).

Set root URL to a SmartCollect SC² instance where you want to publish external snapshots (defaults to https://snapshots-origin.raintank.io).

Set name for external snapshot button. Defaults to Publish to snapshot.raintank.io.

Set to true to enable this SmartCollect SC² instance to act as an external snapshot server and allow unauthenticated requests for creating and deleting snapshots. Default is false.

Enable this to automatically remove expired snapshots. Default is true.

Number dashboard versions to keep (per dashboard). Default: 20, Minimum: 1.

Only available in SmartCollect SC² v6.7+.

This feature prevents users from setting the dashboard refresh interval to a lower value than a given interval value. The default interval value is 5 seconds. The interval string is a possibly signed sequence of decimal numbers, followed by a unit suffix (ms, s, m, h, d), e.g. 30s or 1m.

As of SmartCollect SC² v7.3, this also limits the refresh interval options in Explore.

Path to the default home dashboard. If this value is empty, then SmartCollect SC² uses StaticRootPath + “dashboards/home.json”

Set to false to prohibit users from being able to sign up / create user accounts. Default is false. The admin user can still create users from the SmartCollect SC² Admin Pages.

Set to false to prohibit users from creating new organizations. Default is false.

Set to true to automatically add new users to the main organization (id 1). When set to false, new users automatically cause a new organization to be created for that new user. Default is true.

Set this value to automatically add new users to the provided org. This requires auto_assign_org to be set to true. Please make sure that this organization already exists. Default is 1.

The role new users will be assigned for the main organization (if the above setting is set to true). Defaults to Viewer, other valid options are Admin and Editor. e.g.:

auto_assign_org_role = Viewer

Require email validation before sign up completes. Default is false.

Text used as placeholder text on login page for login/username input.

Text used as placeholder text on login page for password input.

Set the default UI theme: dark or light. Default is dark.

If you manage users externally you can replace the user invite button for organizations with a link to an external site together with a description.

Viewers can edit/inspect dashboard settings in the browser, but not save the dashboard. Default is false.

Editors can administrate dashboards, folders and teams they create. Default is false.

The duration in time a user invitation remains valid before expiring. This setting should be expressed as a duration. Examples: 6h (hours), 2d (days), 1w (week). Default is 24h (24 hours). The minimum supported duration is 15m (15 minutes).

SmartCollect SC² provides many ways to authenticate users. Refer to the SmartCollect SC² Authentication overview and other authentication documentation for detailed instructions on how to set up and configure authentication.

The cookie name for storing the auth token. Default is smartcollect_session.

The lifetime (days) an authenticated user can be inactive before being required to log in at next visit. Default is 7 days.

The maximum lifetime (days) an authenticated user can be logged in before being required to login. Default is 30 days.

How often auth tokens are rotated for authenticated users when the user is active. The default is each 10 minutes.

Set to true to disable (hide) the login form, useful if you use OAuth. Default is false.

Set to true to disable the signout link in the side menu. This is useful if you use auth.proxy. Default is false.

URL to redirect the user to after they sign out.

Set to true to attempt login with OAuth automatically, skipping the login screen. This setting is ignored if multiple OAuth providers are configured. Default is false.

How many seconds the OAuth state cookie lives before being deleted. Default is 600 (seconds) Administrators can increase this if they experience OAuth login state mismatch errors.

Limit of API key seconds to live before expiration. Default is -1 (unlimited).

Only available in SmartCollect SC² 7.3+.

Set to true to enable the AWS Signature Version 4 Authentication option for HTTP-based datasources. Default is false.

Refer to Anonymous authentication for detailed instructions.

Refer to GitHub OAuth2 authentication for detailed instructions.

Refer to Gitlab OAuth2 authentication for detailed instructions.

Refer to Google OAuth2 authentication for detailed instructions.

Legacy key names, still in the config file so they work in env variables.

Legacy key names, still in the config file so they work in env variables.

Refer to Azure AD OAuth2 authentication for detailed instructions.

Refer to Okta OAuth2 authentication for detailed instructions.

Refer to Generic OAuth authentication for detailed instructions.

Refer to Basic authentication for detailed instructions.

Refer to Auth proxy authentication for detailed instructions.

Refer to LDAP authentication for detailed instructions.

Email server settings.

Enable this to allow SmartCollect SC² to send email. Default is false.

If the password contains # or ;, then you have to wrap it with triple quotes. Example: “""#password;”""

Default is localhost:25.

In case of SMTP auth, default is empty.

In case of SMTP auth, default is empty.

File path to a cert file, default is empty.

File path to a key file, default is empty.

Verify SSL for SMTP server, default is false.

Address used when sending out emails, default is admin@smartcollect.localhost.

Name to be used when sending out emails, default is SmartCollect SC².

Name to be used as client identity for EHLO in SMTP dialog, default is <instance_name>.

Either “OpportunisticStartTLS”, “MandatoryStartTLS”, “NoStartTLS”. Default is empty.

Default is false.

Default is emails/*.html.

SmartCollect SC² logging options.

Options are “console”, “file”, and “syslog”. Default is “console” and “file”. Use spaces to separate multiple modes, e.g. console file.

Options are “debug”, “info”, “warn”, “error”, and “critical”. Default is info.

Optional settings to set different levels for specific loggers. For example: filters = sqlstore:debug

Only applicable when “console” is used in [log] mode.

Options are “debug”, “info”, “warn”, “error”, and “critical”. Default is inherited from [log] level.

Log line format, valid options are text, console and json. Default is console.

Only applicable when “file” used in [log] mode.

Options are “debug”, “info”, “warn”, “error”, and “critical”. Default is inherited from [log] level.

Log line format, valid options are text, console and json. Default is text.

Enable automated log rotation, valid options are false or true. Default is true. When enabled use the max_lines, max_size_shift, daily_rotate and max_days to configure the behavior of the log rotation.

Maximum lines per file before rotating it. Default is 1000000.

Maximum size of file before rotating it. Default is 28, which means 1 << 28, 256MB.

Enable daily rotation of files, valid options are false or true. Default is true.

Maximum number of days to keep log files. Default is 7.

Only applicable when “syslog” used in [log] mode.

Options are “debug”, “info”, “warn”, “error”, and “critical”. Default is inherited from [log] level.

Log line format, valid options are text, console, and json. Default is text.

Syslog network type and address. This can be UDP, TCP, or UNIX. If left blank, then the default UNIX endpoints are used.

Syslog facility. Valid options are user, daemon or local0 through local7. Default is empty.

Syslog tag. By default, the process’s argv[0] is used.

Set quotas to -1 to make unlimited.

Enable usage quotas. Default is false.

Limit the number of users allowed per organization. Default is 10.

Limit the number of dashboards allowed per organization. Default is 100.

Limit the number of data sources allowed per organization. Default is 10.

Limit the number of API keys that can be entered per organization. Default is 10.

Limit the number of organizations a user can create. Default is 10.

Sets a global limit of users. Default is -1 (unlimited).

Sets a global limit on the number of organizations that can be created. Default is -1 (unlimited).

Sets a global limit on the number of dashboards that can be created. Default is -1 (unlimited).

Sets global limit of API keys that can be entered. Default is -1 (unlimited).

Sets a global limit on number of users that can be logged in at one time. Default is -1 (unlimited).

For more information about the Alerting feature in SmartCollect SC², refer to Alerts overview.

Set to false to disable alerting engine and hide Alerting in the SmartCollect SC² UI. Default is true.

Turns off alert rule execution, but Alerting is still visible in the SmartCollect SC² UI.

Default setting for new alert rules. Defaults to categorize error and timeouts as alerting. (alerting, keep_state)

Defines how SmartCollect SC² handles nodata or null values in alerting. Options are alerting, no_data, keep_state, and ok. Default is no_data.

Alert notifications can include images, but rendering many images at the same time can overload the server. This limit protects the server from render overloading and ensures notifications are sent out quickly. Default value is 5.

Sets the alert calculation timeout. Default value is 30.

Sets the alert notification timeout. Default value is 30.

Sets a maximum limit on attempts to sending alert notifications. Default value is 3.

Sets the minimum interval between rule evaluations. Default value is 1.

Note. This setting has precedence over each individual rule frequency. If a rule frequency is lower than this value, then this value is enforced.

Configures for how long alert annotations are stored. Default is 0, which keeps them forever. This setting should be expressed as a duration. Examples: 6h (hours), 10d (days), 2w (weeks), 1M (month).

Configures max number of alert annotations that SmartCollect SC² stores. Default value is 0, which keeps all alert annotations.

Dashboard annotations means that annotations are associated with the dashboard they are created on.

Configures how long dashboard annotations are stored. Default is 0, which keeps them forever. This setting should be expressed as a duration. Examples: 6h (hours), 10d (days), 2w (weeks), 1M (month).

Configures max number of dashboard annotations that SmartCollect SC² stores. Default value is 0, which keeps all dashboard annotations.

API annotations means that the annotations have been created using the API without any association with a dashboard.

Configures how long SmartCollect SC² stores API annotations. Default is 0, which keeps them forever. This setting should be expressed as a duration. Examples: 6h (hours), 10d (days), 2w (weeks), 1M (month).

Configures max number of API annotations that SmartCollect SC² keeps. Default value is 0, which keeps all API annotations.

For more information about this feature, refer to Explore.

Enable or disable the Explore section. Default is enabled.

Enable metrics reporting. defaults true. Available via HTTP API <URL>/metrics.

Flush/write interval when sending metrics to external TSDB. Defaults to 10.

If set to true, then total stats generation (stat_totals_* metrics) is disabled. Default is false.

If both are set, then basic authentication is required to access the metrics endpoint.

Adds dimensions to the smartcollect_environment_info metric, which can expose more information about the SmartCollect SC² instance.

; exampleLabel1 = exampleValue1
; exampleLabel2 = exampleValue2

Default is https://scada-smartcollect.com.

Default is https://scada-smartcollect.com.

Configure SmartCollect SC²'s Jaeger client for distributed tracing.

You can also use the standard JAEGER_* environment variables to configure Jaeger. See the table at the end of https://www.jaegertracing.io/docs/1.16/client-features/ for the full list. Environment variables will override any settings provided here.

The host:port destination for reporting spans. (ex: localhost:6831)

Can be set with the environment variables JAEGER_AGENT_HOST and JAEGER_AGENT_PORT.

Comma-separated list of tags to include in all new spans, such as tag1:value1,tag2:value2.

Can be set with the environment variable JAEGER_TAGS (use = instead of : with the environment variable).

Default value is const.

Specifies the type of sampler: const, probabilistic, ratelimiting, or remote.

Refer to https://www.jaegertracing.io/docs/1.16/sampling/#client-sampling-configuration for details on the different tracing types.

Can be set with the environment variable JAEGER_SAMPLER_TYPE.

Default value is 1.

This is the sampler configuration parameter. Depending on the value of sampler_type, it can be 0, 1, or a decimal value in between.

• For const sampler, 0 or 1 for always false/true respectively
• For probabilistic sampler, a probability between 0 and 1.0
• For rateLimiting sampler, the number of spans per second
• For remote sampler, param is the same as for probabilistic and indicates the initial sampling rate before the actual one is received from the mothership

May be set with the environment variable JAEGER_SAMPLER_PARAM.

Default value is false.

Controls whether or not to use Zipkin’s span propagation format (with x-b3- HTTP headers). By default, Jaeger’s format is used.

Can be set with the environment variable and value JAEGER_PROPAGATION=b3.

Default value is false.

Setting this to true turns off shared RPC spans. Leaving this available is the most common setting when using Zipkin elsewhere in your infrastructure.

These options control how images should be made public so they can be shared on services like Slack or email message.

Options are s3, webdav, gcs, azure_blob, local). If left empty, then SmartCollect SC² ignores the upload action.

Optional endpoint URL (hostname or fully qualified URI) to override the default generated S3 endpoint. If you want to keep the default, just leave this empty. You must still provide a region value if you specify an endpoint.

Set this to true to force path-style addressing in S3 requests, i.e., http://s3.amazonaws.com/BUCKET/KEY, instead of the default, which is virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY).

Note: This option is specific to the Amazon S3 service.

(for backward compatibility, only works when no bucket or region are configured) Bucket URL for S3. AWS region can be specified within URL or defaults to ‘us-east-1’, e.g.

• http://smartcollect.s3.amazonaws.com/
• https://smartcollect.s3-ap-southeast-2.amazonaws.com/

Bucket name for S3. e.g. smartcollect.snapshot.

Region name for S3. e.g. ‘us-east-1’, ‘cn-north-1’, etc.

Optional extra path inside bucket, useful to apply expiration policies.

Access key, e.g. AAAAAAAAAAAAAAAAAAAA.

Access key requires permissions to the S3 bucket for the ‘s3:PutObject’ and ‘s3:PutObjectAcl’ actions.

Secret key, e.g. AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.

URL where SmartCollect SC² sends PUT request with images.

Basic auth username.

Basic auth password.

Optional URL to send to users in notifications. If the string contains the sequence ${file}, it is replaced with the uploaded filename. Otherwise, the file name is appended to the path part of the URL, leaving any query string unchanged.

Optional path to JSON key file associated with a Google service account to authenticate and authorize. If no value is provided it tries to use the application default credentials. Service Account keys can be created and downloaded from https://console.developers.google.com/permissions/serviceaccounts.

Service Account should have “Storage Object Writer” role. The access control model of the bucket needs to be “Set object-level and bucket-level permissions”. SmartCollect SC² itself will make the images public readable when signed urls are not enabled.

Bucket Name on Google Cloud Storage.

Optional extra path inside bucket.

If set to true, SmartCollect SC² creates a [signed URL](https://cloud.google.com/storage/docs/access-control/signed-urls] for the image uploaded to Google Cloud Storage.

Sets the signed URL expiration, which defaults to seven days.

Storage account name.

Storage account key

Container name where to store “Blob” images with random names. Creating the blob container beforehand is required. Only public containers are supported.

This option does not require any configuration.

Options to configure a remote HTTP image rendering service, e.g. using https://github.com/scada-smartcollect/scada-smartcollect-image-renderer.

URL to a remote HTTP image renderer service, e.g. http://localhost:8081/render, will enable SmartCollect SC² to render panels and dashboards to PNG-images using HTTP requests to an external service.

If the remote HTTP image renderer service runs on a different server than the SmartCollect SC² server you may have to configure this to a URL where SmartCollect SC² is reachable, e.g. http://smartcollect.domain/.

Concurrent render request limit affects when the /render HTTP endpoint is used. Rendering many images at the same time can overload the server, which this setting can help protect against by only allowing a certain number of concurrent requests. Default is 30.

Set to true if you want to test alpha panels that are not yet ready for general usage. Default is false.

If set to true SmartCollect SC² will allow script tags in text panels. Not recommended as it enables XSS vulnerabilities. Default is false. This setting was introduced in SmartCollect SC² v6.0.

Set to true if you want to test alpha plugins that are not yet ready for general usage. Default is false.

Enter a comma-separated list of plugin identifiers to identify plugins that are allowed to be loaded even if they lack a valid signature.

For more information, refer to Image rendering.

Instruct headless browser instance to use a default timezone when not provided by SmartCollect SC², e.g. when rendering panel image of alert. See ICUs metaZones.txt for a list of supported timezone IDs. Fallbacks to TZ environment variable if not set.

Instruct headless browser instance to use a default language when not provided by SmartCollect SC², e.g. when rendering panel image of alert. Refer to the HTTP header Accept-Language to understand how to format this value, e.g. ‘fr-CH, fr;q=0.9, en;q=0.8, de;q=0.7, *;q=0.5’.

Instruct headless browser instance to use a default device scale factor when not provided by SmartCollect SC², e.g. when rendering panel image of alert. Default is 1. Using a higher value will produce more detailed images (higher DPI), but requires more disk space to store an image.

Instruct headless browser instance whether to ignore HTTPS errors during navigation. Per default HTTPS errors are not ignored. Due to the security risk, we do not recommend that you ignore HTTPS errors.

Instruct headless browser instance whether to capture and log verbose information when rendering an image. Default is false and will only capture and log error messages.

When enabled, debug messages are captured and logged as well.

For the verbose information to be included in the SmartCollect SC² server log you have to adjust the rendering log level to debug, configure [log].filter = rendering:debug.

Instruct headless browser instance whether to output its debug and error messages into running process of remote rendering service. Default is false.

It can be useful to set this to true when troubleshooting.

Additional arguments to pass to the headless browser instance. Default is –no-sandbox. The list of Chromium flags can be found at (https://peter.sh/experiments/chromium-command-line-switches/). Separate multiple arguments with commas.

You can configure the plugin to use a different browser binary instead of the pre-packaged version of Chromium.

Please note that this is not recommended. You might encounter problems if the installed version of Chrome/Chromium is not compatible with the plugin.

Instruct how headless browser instances are created. Default is default and will create a new browser instance on each request.

Mode clustered will make sure that only a maximum of browsers/incognito pages can execute concurrently.

Mode reusable will have one browser instance and will create a new incognito page on each request.

When rendering_mode = clustered you can instruct how many browsers or incognito pages can execute concurrently. Default is browser and will cluster using browser instances.

Mode context will cluster using incognito pages.

When rendering_mode = clustered you can define the maximum number of browser instances/incognito pages that can execute concurrently.

Limit the maximum viewport width that can be requested.

Limit the maximum viewport height that can be requested.

Limit the maximum viewport device scale factor that can be requested.

Change the listening host of the gRPC server. Default host is 127.0.0.1.

Change the listening port of the gRPC server. Default port is 0 and will automatically assign a port not in use.

Keys of alpha features to enable, separated by space. Available alpha features are: transformations,ngalert

Note: The date format options below are only available in SmartCollect SC² v7.2+.

This section controls system-wide defaults for date formats used in time ranges, graphs, and date input boxes.

The format patterns use Moment.js formatting tokens.

Full date format used by time range picker and in other places where a full date is rendered.

These intervals formats are used in the graph to show only a partial date or time. For example, if there are only minutes between Y-axis tick labels then the interval_minute format is used.

Defaults

interval_second = HH:mm:ss
interval_minute = HH:mm
interval_hour = MM/DD HH:mm
interval_day = MM/DD
interval_month = YYYY-MM
interval_year = YYYY

Set this to true to have date formats automatically derived from your browser location. Defaults to false. This is an experimental feature.

Used as the default time zone for user preferences. Can be either browser for the browser local time zone or a time zone name from the IANA Time Zone database, such as UTC or Europe/Amsterdam.