In the General Settings tab, you can do the following:
- Save the entire configuration used by XpoLog.
- Change the ports used by XpoLog for HTTP/HTTPS.
Saving the XpoLog Configuration
It is recommended to save in a directory, the entire configuration that XpoLog uses in a specific directory. This directory should be external to the installation directory, and XpoLog should be granted full permissions on it. You See Post Installation Recommendations for full explanation.
In cases where more than one XpoLog instance shares the same configuration, you also have the option of specifying that XpoLog run in Cluster mode, in cases where more than one XpoLog instance shares the same configuraton. Ports: you may change the ports used for HTTP/S by XpoLog.
o Default HTTP port: 30303
o Default HTTPS port: 30443so that the XpoLog instances are aware of each other. See HA Cluster Installation (multi-machines) for full explanation.
To save the entire XpoLog configuration:
- In the XpoLog General Settings console, open the General tab.
- Select the Use external configuration directory checkbox, and in Configuration full path, type the absolute path to a directory that XpoLog can use to store and manage its configuration and analysis. Example: C:/XpoLogConfig/.
- If you want XpoLog to run in cluster mode, select the Cluster mode checkbox.
Note: Changing this setting requires restarting XpoLog.mode check-box. This is required only if XpoLog is installed in a cluster with multiple instances. - If you want XpoLog to run as agent where ALL system activities are disabled select the Agent Mode check-box. Mainly used for Remote XpoLog in Agent mode or LogSync.
- Click Save.
- The XpoLog configuration is saved in the specified directory.
- Restart XpoLog.
Changing the HTTP/HTTPS Ports
The default HTTP port is 30303; default HTTPS port is 30443. You can change the ports used by XpoLog for HTTP/HTTPS.
To change the HTTP/HTTPS port:
- In the XpoLog General Settings General tab, in HTTP port, type the port to be used by XpoLog for HTTP, and/or in HTTPS port, type the port to be used by XpoLog for HTTPS.
- Click Save.
The ports configuration is saved.
Defining Folders and Logs auto cleanup
By default, XpoLog keeps all Folders and Logs created in the system and never deletes them. The deletion is done only by allowed users.
It is possible to activate auto cleanup of Folders and Logs by unchecking the default option (Keep Empty Folders and Logs) and set the desired configuration:
- Delete empty logs after N Days.
XpoLog will delete logs from the Folders and Logs tree if they are empty for the specified time. - Delete empty folders
XpoLog will delete empty folders.
Disabling HTTP/HTTPS Access to XpoLog
To disable the HTTP/HTTPS access to XpoLog it is required to edit the servlet container configuration that XpoLog uses (standalone installations only, if XpoLog is deployed on a different application server then it has to be done on the application server level):
- Stop XpoLog
- Go to XPOLOG_INSTALLATION_DIRECTORY/ServletContainer/conf/ and edit the file server.xml
- Follow these:
- To disable HTTP comment the line:
<!--
<Connector protocol="HTTP/1.1" acceptCount="100" connectionTimeout="50000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxPostSize="0" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="30303" redirectPort="30443" xpolog="http"/>
--> - To disable HTTPS comment the line:
<!--
<Connector acceptCount="100" clientAuth="false" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" compressableMimeType="text/html,text/xml" compression="on" compressionMinSize="2048" debug="0" disableUploadTimeout="true" enableLookups="false" keystoreFile="${catalina.home}/.keystore" maxHttpHeaderSize="8192" maxPostSize="0" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" noCompressionUserAgents="gozilla, traviata" port="30443" scheme="https" secure="true" sslProtocol="TLS" xpolog="ssl"/>
-->
- To disable HTTP comment the line:
- Save the modification and restart XpoLog.
Note: XpoLog will not be accessible on the disabled protocol and port (also consider modifying XpoLog agents account URLs if required).
HTTPS Certificate in XpoLog
XpoLog is not shipped with a certificate. These could leave you vulnerable, because the default certificate is the same in every XpoLog download.
Data encryption (HTTPS) can be easily used in XpoLog. Keep in mind that encryption with the default certificate is not fully secure and you're encouraged to create and replace it with your organization's trusted CA certificate.
For better security, replace the default certificates with certificates signed by a trusted CA. We strongly recommend using CA certs (note that a self-signed certificate is considered untrusted by users' browsers).
XpoLog standalone installation runs on a Tomcat, for more information about installing a certificate please refer to https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html