3.2.2. Startup Node Configuration
Linux
The configuration file for the node is located in /etc/ometascan-node/ometascan-node.conf
After modifying the node configuration file you must restart the Metadefender Core Node service in order for the changes to take effect. You should use the distribution-standard way to restart the service.
[global] section
parameter |
default value |
required |
description |
serveraddress |
|
optional |
Address of the computer to accept external scan node connections |
serverport |
|
optional |
Designated port number to accept external scan node connections |
tempdirectory |
|
optional |
Full path of a directory to use for storing temporary files (Node creates a subfolder called resources in this folder) |
tempdirectory_create_timeout |
|
optional |
If node cannot create the resources folder, it will retry for the specified amount of milliseconds |
In case the serveraddress and serverport are not provided, the scan node will try to connect the Metadefender Core server on the local machine. You should set both or none of them.
[logger] section
key |
default value |
required |
description |
logfile |
/var/log/ometascan/ometascan-node.log |
optional |
Full path of a logfile to write log messages to |
loglevel |
info |
optional |
Level of logging. Supported values are: debug, info, warning, error |
syslog |
|
optional |
Switch on logging to a local ('local') or remote ('protocol://<hostname>:<port>') syslog server (Multiple server can be specified separated with comma) |
syslog_level |
|
optional |
Level of logging. Supported values are: debug, info, warning , error |
local_timezone |
false |
optional |
Set local timezone for events sending to local syslog server |
override |
|
optional |
Override specific log ids to display them on another level e.g.: "1723:error,663:info" |
cef |
false |
optional |
If true, the log format is Common Event Format. |
archive_debug |
0 |
optional |
When enabled (set to 1), verbose debug info will be written into the Core log file |
You should set both of syslog and syslog_level or none of them and you should set both of logfile and loglevel or none of them.
For override a list of log message ids needed with optionally a level. If there is no level set for an id, it will be displayed on every occasion. e.g.: "1723,663:info" means id 1723 dump message will be displayed every time and id 663 warning message is reduced to info level.
[internal] section
key |
default value |
required |
description |
data_directory |
/var/lib/ometascan-node |
optional |
Full path for Node’s data (engines, resources etc.) E.g. /var/lib/ometascan-node/test |
parallelcount |
20 |
optional |
Set maximum number of threads (files) sending to engine at the same time, applicable to all engines except Archive engine (extraction, default = -1 unlimited) and Proactive DLP engine (default = 5) |
parallelcount_<enginename> |
|
optional |
<enginename> is the first part of engine id which all can be found in <MD Core folder>\data\updates\metadescriptor For example: engine id: symantec_1_windows → <enginename> = symantec Some common use-cases:
|
Windows
The configuration for the node is located in Windows Registry
After modifying the node configuration file you must restart the Metadefender Core Node service in order for the changes to take effect. You should use the distribution-standard way to restart the service.
HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan Node\global
parameter |
default value |
type |
required |
description |
serveraddress |
|
string value |
optional |
Address of the computer to accept external scan node connections |
serverport |
|
string value |
optional |
Designated port number to accept external scan node connections |
In case the serveraddress and serverport are not provided, the scan node will try to connect the Metadefender Core server on the local machine.
HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan Node\logger
key |
default value |
type |
required |
description |
logfile |
|
string value |
optional |
Location of a logfile to write log messages to. |
loglevel |
|
string value |
optional |
Level of logging. Supported values are: debug, info, warning, error. Must set value on this key when logfile key is also set accordingly. |
log_rotation |
0 |
string value |
optional |
This setting is only applicable MD Core version 4.17.3 or above, Windows OS only (on Linux, we use already-supported OS log rotation) Should only set this key when logfile key is also set accordingly. Supported values:
|
wineventlog_level |
info |
string value |
optional |
Level of logging. Supported values are: debug, info, warning, error. |
syslog |
|
string value |
optional |
Value can only by in form of 'udp://<hostname>:<port>' (Multiple server can be specified separated with comma) |
syslog_level |
|
string value |
optional |
Level of logging. Supported values are: debug, info, warning, error. Only set this key when syslog key is also set accordingly. |
override |
|
string value |
optional |
override specific log ids to display them on another level e.g.: "1723:error,663:info". |
cef |
false |
string value |
optional |
If true, the log format is Common Event Format. |
archive_debug |
0 |
string value |
optional |
When enabled (set to 1), verbose debug info will be written into the Core log file. |
You should set both of syslog and syslog_level or none of them and you should set both of logfile and loglevel or none of them.
Please note, if a data entry to be used does not exist, it should be created first.
In versions older that v4.6.0 the location of the configuration option is HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan Agent\...
HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan Node\internal
key |
default value |
type |
required |
description |
data_directory |
<MD Core installation folder>\data |
string value |
optional |
Full path for MD Core’s data (database, updates etc.) E.g. D:\custom_path |
parallelcount |
20 |
string value |
optional |
Set maximum number of threads (files) sending to engine at the same time, applicable to all engines except Archive engine (extraction, default = -1 unlimited) and Proactive DLP engine (default = 3) |
parallelcount_<enginename> |
|
string value |
optional |
<enginename> is the first part of engine id which all can be found in <MD Core folder>\data\updates\metadescriptor For example: engine id: symantec_1_windows → <enginename> = symantec Some common use-cases:
|