3.2.1. Startup Core Configuration

Linux

The configuration file for the server is located in /etc/ometascan/ometascan.conf

After modifying the server configuration file you must restart the Metadefender Core service in order for the changes to take effect. You should use the distribution-standard way to restart the service.

[global] section

parameter

default value

required

description

restaddress

0.0.0.0

required

One of the IP addresses of the computer that runs the product to serve REST API and web user interface (0.0.0.0 means all interface)

restport

8008

required

Designated port number for the web and REST interface

address

 

optional

Address of the computer to accept external scan node connections

port

 

optional

Designated port number to accept external scan node connections

report_engine issue

true

optional

Enable reporting of engine issue count. (possible values: "true" or "false").

quarantinepath

[Core data directory]/quarantine

optional

Directory for quarantine database and quarantined items

sanitizepath

[Core data directory]/sanitized

optional

Directory for sanitized database and sanitized items

[logger] section

key

default value

required

description

logfile

/var/log/ometascan/ometascan.log

optional

Full path of a logfile to write log messages to

loglevel

info

optional

Level of logging. Supported values are: debug, info, warning, error

syslog

 

optional

Switch on logging to a local ('local') or remote ('protocol://<hostname>:<port>') syslog server

(Multiple server can be specified separated with comma)

syslog_level

 

optional

Level of logging. Supported values are: debug, info, warning, error

local_timezone

false

optional

Set local timezone for events sending to local syslog server

override

 

optional

Override specific log ids to display them on another level e.g.: "1723:error,663:info"

cef

false

optional

If true, the log format is Common Event Format.

nginx_logfile

/var/log/ometascan/nginx-ometascan.log

optional

File name and path to store the NGINX logs. If this value is changed, the /etc/logrotate.d/ometascan should be changed accordingly.

You should set both of syslog and syslog_level or none of them and you should set both of logfile and loglevel or none of them.

For override a list of log message ids needed with optionally a level. If there is no level set for an id, it will be displayed on every occasion. e.g.: "1723,663:info" means id 1723 dump message will be displayed every time and id 663 warning message is reduced to info level.

[internal] section

key

default value

required

description

data_directory

/var/lib/ometascan

optional

Full path for MD Core’s data (database, updates etc.)

E.g. /var/lib/ometascan/test

Windows

The configuration for the server is located in Windows Registry

After modifying the server configuration file you must restart the MetaDefender Core service in order for the changes to take effect.

Default logging target is Windows event log with default level of info (see below).

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\global

parameter

default value

type

required

description

restaddress

0.0.0.0

string value

required

One of the IP addresses of the computer that runs the product to serve REST API and web user interface (0.0.0.0 means all interface)

restport

8008

string value

required

Designated port number for the web and REST interface

address

 

string value

optional

Address of the computer to accept external scan node connections

port

 

string value

optional

Designated port number to accept external scan node connections

report_engine issue

true

string value

optional

Enable reporting of engine issue count. (possible values: "true" or "false").

quarantinepath

[installdir]\data\quarantine

string value

optional

Directory for quarantine database and quarantined items

sanitizepath

[installdir]\data\sanitized

string value

optional

Directory for sanitized database and sanitized items

Reporting of engine issue count

If reporting of engine issue count is enabled, Metadefender Core v4 server will send only the number of initialization errors and number of unexpected stops for the specific db/engine version. This information is sent over a HTTPS channel when the product downloads the latest package descriptors. This information is used for early detection of any specific 3rd party engine quality issues.

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\logger

key

default value

type

required

description

logfile

 

string value

optional

Location of a logfile to write log messages to

loglevel

 

string value

optional

Level of logging. Supported values are: debug, info, warning, error

wineventlog_level

info

string value

optional

Level of logging. Supported values are: debug, info, warning, error

syslog

 

string value

optional

Value can only by in form of 'udp://<hostname>:<port>'

(Multiple server can be specified separated with comma)

syslog_level

 

string value

optional

Level of logging. Supported values are: debug, info, warning, error

local_timezone

false

string value

optional

Set local timezone for events sending to local syslog server

override

 

string value

optional

Override specific log ids to display them on another level e.g.: "1723:error,663:info"

cef

false

string value

optional

If true, the log format is Common Event Format.

nginx_logfile

[installdir]\nginx\nginx.log

string value

optional

File name and path to store the NGINX logs. (Rotation of this log has not yet been solved on Windows systems)

You should set both of syslog and syslog_level or none of them and you should set both of logfile and loglevel or none of them.

Please note, if a data entry to be used does not exist, it should be created first.

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\internal

key

default value

type

required

description

data_directory

<MD Core installation folder>\data

string value

optional

Full path for MD Core’s data (database, updates etc.)

E.g. D:\custom_path