This article describes the parameters of the palo.ini configuration file. These parameters can also be used as command line parameters for the In-Memory Database binary: palo.exe for Windows and “palo” for Linux.
The Palo parameters have a short and a long form. On the command line, the short form has one dash (-) in front; the long form has two dashes (- -) in front. Examples: palo -? / palo - -help. The table below lists the parameters in alphabetical order by long form.
Palo.exe gets these parameters as command line arguments and/or via the palo.ini file. Note: any changes made to the palo.ini file require restarting the OLAP service.
Please see Order of command execution at the end of this document. In the file …\Jedox Suite\olap\data\palo.ini.sample you can find descriptions and examples of how to use parameters in the palo.ini.
|
Long form |
Short form |
Argument(s) |
Description / Example(s) |
Default value |
|||||
|
add-new-databases |
D |
Tries to add directories with OLAP database automatically and adds them to palo.csv. |
True |
||||||
|
admin |
a |
<address> <port> |
Http interface with server browser and online documentation. An address can be a server name, an internet address or “” for all server internet addresses. |
||||||
|
amazon-id |
O |
False |
|||||||
|
audit |
1 |
See KB article Audit Information |
Disabled |
||||||
|
audit-blocksize |
{ |
<number> | Maximum number of rows returned for simple audit mode | ||||||
|
auto-commit |
B |
Commits all changes on server shutdown. |
True |
||||||
|
A |
Loads all databases on server start into memory which are defined in the palo.csv. On/off switch. |
True |
|||||||
| autosave-interval x | integer, minimum 5, maximum 1440 | If set, defines the interval (in minutes) in which automatic autosave runs. If not set, default interval of 5 minutes is used. | 5 | ||||||
|
b |
<max number |
Sets the max number of cells to store in each cube cache. |
100000000 |
||||||
|
chdir |
C |
Only for the command line. |
True |
||||||
|
cross-origin |
g |
<domain_name> |
|||||||
|
crypt |
c |
Turns on encrypting of the database files. Newly saved files are encrypted if this is set using the Blowfish algorithm. On/off switch. Note: If “crypt” is enabled, For decryption, just remove crypt from palo.ini and on next “save” the database files will be decrypted, i.e. if a value is written to a cube, it will be decrypted (with all its files). It will not be automatically decrypted. Don’t remove crypt-key otherwise it won’t be possible to load encrypted files. Remove the crypt-key after you’re sure that everything was decrypted. Procedure to decrypt all databases: |
False |
||||||
|
crypt-key |
k |
<passphrase for crypting csv files> |
Sets pass phrase used for encrypting/decrypting of the database files. |
Empty string |
|||||
|
data-directory |
d |
<directory> |
Only for command line. |
./Data |
|||||
|
R |
<right value> |
Default value for database access rights. |
D |
||||||
| defaults-directory
|
<directory_path> |
Specifies the path to the directory where some files for OLAP server are stored. The default directory (../defaults) contains a directory called subsets, which contains database script files that are used to generate default subsets for a dimension. Note: when the OLAP API function /dimension/create is called with parameter mode=1, then not only is a dimension created, but the OLAP server will also execute all database scripts from the subsets directory, if it exists in the directory indicated by defaults-directory palo.ini key. |
../defaults |
||||||
|
device |
j |
<bus_id0>.<device_id0> |
All available devices |
||||||
|
dimension-file-format |
Possible values: -legacy |
Legacy: dimensions are saved to database.csv Binary: dimensions are saved to database_DIM_*.csv and database_DIM_*.bin (if available), similar to cube save/load. Compare: used for testing and debugging. Dimensions are loaded from both database_DIM_*.bin and database_DIM_*.csv files and are compared to find identical content. Note: dimensions that have been saved as binary files are not portable between Linux and Windows. |
legacy |
||||||
|
disable-request-logging |
Allows you to control the flight recorder file (requests.txt in the data directory). When set in palo.ini, no requests.txt file is created or updated. | FALSE | |||||||
|
dump-upload |
G |
On/off switch. |
Disabled |
||||||
|
dump-upload-desc |
3 |
<description> |
“” |
||||||
|
dump-upload-reporter |
2 |
<email-address> |
“” |
||||||
|
enable-drillthrough |
y |
Enables cell drillthrough. |
False |
||||||
|
P |
On/off switch. |
False |
|||||||
|
enable-password-retrieval |
Enables reading password hashes from OLAP System database | FALSE | |||||||
|
enable-profiling |
4 |
On/off switch. |
False |
||||||
|
encryption |
X |
<encryption-type> |
Sets the encryption type. |
None |
|||||
|
engine-configuration |
N |
[M][S][1][E] |
M – force engine to use Marker Driven Engine for rules with markers (5.1 algorithm) |
||||||
|
extensions |
E |
<directory> |
../Modules |
||||||
|
failed-login-threshold |
<count> |
Starts login delay when failed attempts count for username exceeds this value. |
10 | ||||||
|
friendly-service-name |
F |
<service-name> |
|||||||
|
goalseek-limit |
Z |
<number_of_cells> |
Goalseek algorithm can be executed on slices with maximum <number_of_cells>. |
1000 |
|||||
|
goalseek-timeout |
z |
<milliseconds> |
Algorithm must complete within <familliseconds>. |
10000 |
|||||
|
gpu-frame-size |
7 |
<number> |
Size of GPU computation frame in megabytes | ||||||
|
gzip |
[ |
<level> |
Level values: 0-9 |
Disabled |
|||||
|
? |
Displays the parameters of palo.exe. |
False |
|||||||
|
http |
h |
<address> <port> |
Examples for http interface: |
||||||
|
https |
H |
<port> |
Sets https connection port: |
||||||
|
ignore-cell-data |
U |
On/off switch. |
False |
||||||
|
ignore-journal |
I |
Turns off recovery of data from journal files. |
False |
||||||
|
init-file |
i |
<init-file> |
Only for command line. |
palo.ini |
|||||
|
key-files |
K |
<ca> <private> <dh> |
Empty vector |
||||||
|
load-init-file |
n |
Only for command line. |
True |
||||||
|
log |
o |
|
For details on log levels and parameters, see General Information about Logs |
ink=- |
|||||
|
maximum-return-cells |
l |
<number> |
Sets a maximum limit for cells return from an area call: |
100000 |
|||||
|
< |
Turns off saving of .archive files for cubes. | ||||||||
|
no-csv-save |
J |
Turns off saving of CSV files for cubes whenever possible. Only BIN files are saved. Reduces time needed for saving. |
False |
||||||
|
no-csv-save-dim |
Dimensions are saved only to database_DIM_*.bin files, NOT to database_DIM_*.csv. Behavior is similar to no_csv_save for cubes. | ||||||||
|
ntlm_auth |
( |
<path to ntlm_auth |
“/usr/bin/ntlm_auth |
||||||
|
password |
p |
<private-password> |
On/off switch. |
||||||
|
password-pattern |
<regular expression> |
Regular expression used for checking password complexity when the password is changed (or a password is assigned to a new user), to enforce password complexity. When multiple password patterns are defined, the last one has priority. |
empty string | ||||||
|
profile-interval |
5 |
<seconds> |
60 |
||||||
| profile-log |
sink=syslog address=<address:port> facility=<facility> |
If profiling is enabled, it specifies the address and port of syslog server and the facility of messages ‘address’ parameter is optional with the default value localhost:5556 ‘facility’ parameter is optional with default value 0 (kern) |
profile-log sink=syslog address=localhost:5556 facility=0 | ||||||
|
saml-authentication |
Enables SAML authentication mode | ||||||||
|
saml-authorization |
Enables saml-authorization mode | ||||||||
|
saml-certificate |
<path to certificate> | Certificate is published in metadata so identity provider can verify the signature or use it to encrypt its responses. | |||||||
|
saml-encrypt-login |
Enables encrypting of SAML login requests | ||||||||
|
saml-encrypt-logout |
Enables encrypting of SAML logout requests | ||||||||
|
saml-idp-metadata |
<url> |
IdP metadata XML url
If metadata is distributed as a file, or server is restricted from accessing the internet, use file://<filepath>. |
empty string | ||||||
|
saml-nameidpolicy |
<NameID policy> |
SAML NameID policy | Empty/omitted | ||||||
|
saml-privatekey |
<path to private key> |
Private key is used to sign requests (if enabled by saml-sign-login) and decrypt responses from identity provider. | |||||||
|
saml-sign-login |
Enables signing the SAML login requests | ||||||||
|
saml-sign-logout |
Enables signing the SAML logout requests | ||||||||
|
saml-signature-algorithm |
<algorithm type> |
Algorithm used for SAML signatures | http://www.w3.org/2000/09/xmldsig#rsa-sha1 | ||||||
|
saml-use-logout |
Enables SAML IdP logout | ||||||||
|
service-description |
q |
<service-description> |
|||||||
|
service-name |
S |
<service-name> |
|||||||
|
session-timeout |
M |
<seconds> |
Specifies the idle time after which the session is closed: |
-1 (300s) |
|||||
|
splash-limit |
L |
<error> <warning> <info> |
Splashing limits in megabytes: |
1000, 500, 100 |
|||||
|
ssl-ciphers |
<list of SSL ciphers> |
List of allowed ssl ciphers Example: HIGH:!ADH:!EDH:!DHE:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!kRSA |
|||||||
|
start-service |
s |
On/off switch. |
False |
||||||
|
template-directory |
t |
<directory> |
Directory of online documentation: |
../Api |
|||||
|
trace |
T |
<trace-file> |
Empty string |
||||||
|
undo-file-size |
u |
<number of |
In a locked cube area it is possible to undo changes. Each lock can use <number of bytes per lock> bytes in files for storing changes: |
50 * 1024 * 1024 |
|||||
|
undo-memory-size |
m |
<number of bytes per lock> |
In a locked cube area it is possible to undo changes. Each lock can use <number of bytes per lock> bytes in memory for storing changes: |
10 * 1024 * 1024 |
|||||
|
use-cube-worker |
Y |
Uses cube worker. |
False |
||||||
|
W |
Uses dimension worker. Can react on creation, deletion, and renaming of an element in a specified dimension. |
False |
|||||||
|
verbose |
v |
<level> |
Log levels: If no value has been set, then error is the default value. |
Error |
|||||
|
version |
V |
Only for command line. |
False |
||||||
|
wbinfo |
) |
<path to wbinfo> |
“/usr/bin/wbinfo” |
||||||
|
windows-sso |
e |
Enables Windows SSO authentication. |
False |
||||||
|
windows-sso-authentication |
} |
||||||||
|
windows-sso-ignore-groups |
Disables group fetching in authentication mode (i.e., when windows-sso-authentication is active). Can speed up authentication process when users are assigned to many groups. When activated, arrays with group names are not retrieved from AD, so SVS authentication script receives empty array with group names. |
||||||||
|
worker |
w |
<worker-executable> |
worker /usr/bin/php5 / |
Empty string |
|||||
|
workerlogin |
x |
<worker-login-type> |
Uses a worker for login The workerlogin parameter has one additional argument. If you supply workerlogin on the command line and in the configuration file, then the value supplied in the configuration will be taken. If the http option is supplied for port A on the command line and for port B in the configuration file, then both ports A and B are used. |
None |
|||||
|
zip-backup |
] |
<level> |
Level values: 0-9 |
The following values are possible for <facility> (code or keyword)
| Code | Keyword |
| 0 | kern |
| 1 | user |
| 2 | |
| 3 | daemon |
| 4 | auth |
| 5 | syslog |
| 6 | lpr |
| 7 | news |
| 8 | uucp |
| 9 | cron |
| 10 | authpriv |
| 11 | ftp |
| 12 | ntp |
| 13 | security |
| 14 | console |
| 15 | solaris-cron |
| 16-23 | local0…local7 |
Order of command execution
A comment starts with a “#” sign in palo.ini. The command line arguments are evaluated first, and the file palo.ini is evaluated after the command line arguments have been processed. If you start palo with -n or – -load-init-file on the command line, then the init file is not read. The load-init-file option is ignored if given in the configuration file. Parameters without additional parameters like “auto-load” or “auto-commit” toggle a state from “true” to “false” and vice versa. You can declare a “toggle” parameter more than once.
If additional parameters like “worker” or “workerlogin” are given more than once on the command line or the configuration file, then only the last definition is valid, with the exception of the parameters “admin” and “http”, which are treated specially. All the definitions supplied on the command line and in the init file are used. For example, the default of “add-new-database” is true (see palo -?). If you supply – -add-new-database on the command line but not in the configuration file, then the option will be set to false. If you supply add-new-database in the configuration file but not on the command line then the option will also be set to false. If you supply – -add-new-database on the command line and in the configuration file, then the option will be true again, as it is toggled twice.
The option “workerlogin” has one additional argument. If you supply workerlogin on the command line and in the configuration file, then the value supplied in the configuration will be taken. If the http option is supplied for port A on the command line and for port B in the configuration file, then both ports A and B are used.