loki --help
Jump to navigation
Jump to search
Usage of config-file-loader:
-.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-.tls-insecure-skip-verify
Skip validating server certificate.
-.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-.tls-server-name string
Override the expected name on the server certificate.
-auth.enabled
Enables authentication through the X-Scope-OrgID header, which must be present if true. If false, the OrgID will always be set to 'fake'. (default true)
-azure.account-key value
Azure storage account key.
-azure.account-name string
Azure storage account name.
-azure.chunk-delimiter string
Chunk delimiter for blob ID to be used (default "-")
-azure.client-id string
Azure Service Principal ID(GUID).
-azure.client-secret value
Azure Service Principal secret key.
-azure.container-name string
Name of the storage account blob container used to store chunks. This container must be created before running cortex. (default "loki")
-azure.download-buffer-count int
Number of buffers used to used to upload a chunk. (default 1)
-azure.download-buffer-size int
Preallocated buffer size for downloads. (default 512000)
-azure.endpoint-suffix string
Azure storage endpoint suffix without schema. The storage account name will be prefixed to this value to create the FQDN.
-azure.environment string
Azure Cloud environment. Supported values are: AzureGlobal, AzureChinaCloud, AzureGermanCloud, AzureUSGovernment. (default "AzureGlobal")
-azure.max-retries int
Number of retries for a request which times out. (default 5)
-azure.max-retry-delay duration
Maximum time to wait before retrying a request. (default 500ms)
-azure.min-retry-delay duration
Minimum time to wait before retrying a request. (default 10ms)
-azure.request-timeout duration
Timeout for requests made against azure blob storage. (default 30s)
-azure.tenant-id string
Azure Tenant ID is used to authenticate through Azure OAuth.
-azure.upload-buffer-size int
Preallocated buffer size for uploads. (default 256000)
-azure.use-federated-token
Use Federated Token to authenticate to the Azure storage account.
-azure.use-managed-identity
Use Managed Identity to authenticate to the Azure storage account.
-azure.use-service-principal
Use Service Principal to authenticate through Azure OAuth.
-azure.user-assigned-id string
User assigned identity ID to authenticate to the Azure storage account.
-bigtable.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-bigtable.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-bigtable.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-bigtable.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-bigtable.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-bigtable.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-bigtable.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-bigtable.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-bigtable.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-bigtable.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-bigtable.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-bigtable.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-bigtable.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-bigtable.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-bigtable.instance string
Bigtable instance ID. Please refer to https://cloud.google.com/docs/authentication/production for more information about how to configure authentication.
-bigtable.project string
Bigtable project ID.
-bigtable.table-cache.enabled
If enabled, once a tables info is fetched, it is cached. (default true)
-bigtable.table-cache.expiration duration
Duration to cache tables before checking again. (default 30m0s)
-bigtable.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-bigtable.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-bigtable.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-bigtable.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used. (default true)
-bigtable.tls-insecure-skip-verify
Skip validating server certificate.
-bigtable.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-bigtable.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-bigtable.tls-server-name string
Override the expected name on the server certificate.
-boltdb.dir string
Location of BoltDB index files.
-boltdb.shipper.active-index-directory string
Directory where ingesters would write index files which would then be uploaded by shipper to configured storage
-boltdb.shipper.build-per-tenant-index
Build per tenant index files
-boltdb.shipper.cache-location string
Cache location for restoring index files from storage for queries
-boltdb.shipper.cache-ttl duration
TTL for index files restored in cache for queries (default 24h0m0s)
-boltdb.shipper.compactor.apply-retention-interval duration
Deprecated: Interval at which to apply/enforce retention. 0 means run at same interval as compaction. If non-zero, it should always be a multiple of compaction interval.
-boltdb.shipper.compactor.client.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-boltdb.shipper.compactor.client.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-boltdb.shipper.compactor.client.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-boltdb.shipper.compactor.client.tls-enabled
Enable TLS in the HTTP client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to HTTP server will be used.
-boltdb.shipper.compactor.client.tls-insecure-skip-verify
Skip validating server certificate.
-boltdb.shipper.compactor.client.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-boltdb.shipper.compactor.client.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-boltdb.shipper.compactor.client.tls-server-name string
Override the expected name on the server certificate.
-boltdb.shipper.compactor.compaction-interval duration
Deprecated: Interval at which to re-run the compaction operation. (default 10m0s)
-boltdb.shipper.compactor.delete-batch-size int
Deprecated: The max number of delete requests to run per compaction cycle. (default 70)
-boltdb.shipper.compactor.delete-max-interval duration
Deprecated: Constrain the size of any single delete request. When a delete request > delete_max_interval is input, the request is sharded into smaller requests of no more than delete_max_interval
-boltdb.shipper.compactor.delete-request-cancel-period duration
Deprecated: Allow cancellation of delete request until duration after they are created. Data would be deleted only after delete requests have been older than this duration. Ideally this should be set to at least 24h. (default 24h0m0s)
-boltdb.shipper.compactor.delete-request-store string
Deprecated: Store used for managing delete requests. Defaults to -compactor.shared-store.
-boltdb.shipper.compactor.deletion-mode value
Deprecated. This has been moved to the deletion_mode per tenant configuration.
-boltdb.shipper.compactor.max-compaction-parallelism int
Deprecated: Maximum number of tables to compact in parallel. While increasing this value, please make sure compactor has enough disk space allocated to be able to store and compact as many tables. (default 1)
-boltdb.shipper.compactor.retention-delete-delay duration
Deprecated: Delay after which chunks will be fully deleted during retention. (default 2h0m0s)
-boltdb.shipper.compactor.retention-delete-worker-count int
Deprecated: The total amount of worker to use to delete chunks. (default 150)
-boltdb.shipper.compactor.retention-enabled
Deprecated: (Experimental) Activate custom (per-stream,per-tenant) retention.
-boltdb.shipper.compactor.retention-table-timeout duration
Deprecated: The maximum amount of time to spend running retention and deletion on any given table in the index.
-boltdb.shipper.compactor.ring.consul.acl-token value
ACL Token used to interact with Consul.
-boltdb.shipper.compactor.ring.consul.cas-retry-delay duration
Maximum duration to wait before retrying a Compare And Swap (CAS) operation. (default 1s)
-boltdb.shipper.compactor.ring.consul.client-timeout duration
HTTP timeout when talking to Consul (default 20s)
-boltdb.shipper.compactor.ring.consul.consistent-reads
Enable consistent reads to Consul.
-boltdb.shipper.compactor.ring.consul.hostname string
Hostname and port of Consul. (default "localhost:8500")
-boltdb.shipper.compactor.ring.consul.watch-burst-size int
Burst size used in rate limit. Values less than 1 are treated as 1. (default 1)
-boltdb.shipper.compactor.ring.consul.watch-rate-limit float
Rate limit when watching key or prefix in Consul, in requests per second. 0 disables the rate limit. (default 1)
-boltdb.shipper.compactor.ring.etcd.dial-timeout duration
The dial timeout for the etcd connection. (default 10s)
-boltdb.shipper.compactor.ring.etcd.endpoints value
The etcd endpoints to connect to.
-boltdb.shipper.compactor.ring.etcd.max-retries int
The maximum number of retries to do for failed ops. (default 10)
-boltdb.shipper.compactor.ring.etcd.password value
Etcd password.
-boltdb.shipper.compactor.ring.etcd.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-boltdb.shipper.compactor.ring.etcd.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-boltdb.shipper.compactor.ring.etcd.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-boltdb.shipper.compactor.ring.etcd.tls-enabled
Enable TLS.
-boltdb.shipper.compactor.ring.etcd.tls-insecure-skip-verify
Skip validating server certificate.
-boltdb.shipper.compactor.ring.etcd.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-boltdb.shipper.compactor.ring.etcd.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-boltdb.shipper.compactor.ring.etcd.tls-server-name string
Override the expected name on the server certificate.
-boltdb.shipper.compactor.ring.etcd.username string
Etcd username.
-boltdb.shipper.compactor.ring.heartbeat-period duration
Period at which to heartbeat to the ring. 0 = disabled. (default 15s)
-boltdb.shipper.compactor.ring.heartbeat-timeout duration
The heartbeat timeout after which compactors are considered unhealthy within the ring. 0 = never (timeout disabled). (default 1m0s)
-boltdb.shipper.compactor.ring.instance-addr string
IP address to advertise in the ring.
-boltdb.shipper.compactor.ring.instance-availability-zone string
The availability zone where this instance is running. Required if zone-awareness is enabled.
-boltdb.shipper.compactor.ring.instance-enable-ipv6
Enable using a IPv6 instance address.
-boltdb.shipper.compactor.ring.instance-id string
Instance ID to register in the ring. (default "users-MacBook-Pro.local")
-boltdb.shipper.compactor.ring.instance-interface-names value
Name of network interface to read address from. (default [en0 bridge100])
-boltdb.shipper.compactor.ring.instance-port int
Port to advertise in the ring (defaults to server.grpc-listen-port).
-boltdb.shipper.compactor.ring.multi.mirror-enabled
Mirror writes to secondary store.
-boltdb.shipper.compactor.ring.multi.mirror-timeout duration
Timeout for storing value to secondary store. (default 2s)
-boltdb.shipper.compactor.ring.multi.primary string
Primary backend storage used by multi-client.
-boltdb.shipper.compactor.ring.multi.secondary string
Secondary backend storage used by multi-client.
-boltdb.shipper.compactor.ring.prefix string
The prefix for the keys in the store. Should end with a /. (default "collectors/")
-boltdb.shipper.compactor.ring.store string
Backend storage to use for the ring. Supported values are: consul, etcd, inmemory, memberlist, multi. (default "consul")
-boltdb.shipper.compactor.ring.tokens-file-path string
File path where tokens are stored. If empty, tokens are not stored at shutdown and restored at startup.
-boltdb.shipper.compactor.ring.zone-awareness-enabled
True to enable zone-awareness and replicate blocks across different availability zones.
-boltdb.shipper.compactor.run-once
Deprecated: Run the compactor one time to cleanup and compact index files only (no retention applied)
-boltdb.shipper.compactor.shared-store string
Deprecated: The shared store used for storing boltdb files. Supported types: gcs, s3, azure, swift, filesystem, bos, cos. If not set, compactor will be initialized to operate on all the object stores that contain either boltdb-shipper or tsdb index.
-boltdb.shipper.compactor.shared-store.key-prefix string
Deprecated: Prefix to add to object keys in shared store. Path separator(if any) should always be a '/'. Prefix should never start with a separator but should always end with it. (default "index/")
-boltdb.shipper.compactor.skip-latest-n-tables int
Deprecated: Do not compact N latest tables. Together with -compactor.run-once and -compactor.tables-to-compact, this is useful when clearing compactor backlogs.
-boltdb.shipper.compactor.tables-to-compact int
Deprecated: Number of tables that compactor will try to compact. Newer tables are chosen when this is less than the number of tables available.
-boltdb.shipper.compactor.upload-parallelism int
Deprecated: Number of upload/remove operations to execute in parallel when finalizing a compaction. NOTE: This setting is per compaction operation, which can be executed in parallel. The upper bound on the number of concurrent uploads is upload_parallelism * max_compaction_parallelism. (default 10)
-boltdb.shipper.compactor.working-directory string
Deprecated: Directory where files can be downloaded for compaction.
-boltdb.shipper.index-gateway-client.grpc.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-boltdb.shipper.index-gateway-client.grpc.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-boltdb.shipper.index-gateway-client.grpc.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-boltdb.shipper.index-gateway-client.grpc.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-boltdb.shipper.index-gateway-client.grpc.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-boltdb.shipper.index-gateway-client.grpc.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-boltdb.shipper.index-gateway-client.grpc.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-boltdb.shipper.index-gateway-client.grpc.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-boltdb.shipper.index-gateway-client.grpc.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-boltdb.shipper.index-gateway-client.grpc.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-boltdb.shipper.index-gateway-client.grpc.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-boltdb.shipper.index-gateway-client.grpc.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-boltdb.shipper.index-gateway-client.grpc.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-boltdb.shipper.index-gateway-client.grpc.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-boltdb.shipper.index-gateway-client.grpc.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-boltdb.shipper.index-gateway-client.grpc.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-boltdb.shipper.index-gateway-client.grpc.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-boltdb.shipper.index-gateway-client.grpc.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-boltdb.shipper.index-gateway-client.grpc.tls-insecure-skip-verify
Skip validating server certificate.
-boltdb.shipper.index-gateway-client.grpc.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-boltdb.shipper.index-gateway-client.grpc.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-boltdb.shipper.index-gateway-client.grpc.tls-server-name string
Override the expected name on the server certificate.
-boltdb.shipper.index-gateway-client.log-gateway-requests
Whether requests sent to the gateway should be logged or not.
-boltdb.shipper.index-gateway-client.server-address string
Hostname or IP of the Index Gateway gRPC server running in simple mode.
-boltdb.shipper.query-ready-num-days int
Number of days of common index to be kept downloaded for queries. For per tenant index query readiness, use limits overrides config.
-boltdb.shipper.resync-interval duration
Resync downloaded files with the storage (default 5m0s)
-boltdb.shipper.shared-store string
Shared store for keeping index files. Supported types: gcs, s3, azure, cos, filesystem
-boltdb.shipper.shared-store.key-prefix string
Prefix to add to Object Keys in Shared store. Path separator(if any) should always be a '/'. Prefix should never start with a separator but should always end with it (default "index/")
-boltdb.shipper.use-boltdb-shipper-as-backup
Use boltdb-shipper index store as backup for indexing chunks. When enabled, boltdb-shipper needs to be configured under storage_config
-bos.access-key-id string
Baidu Cloud Engine (BCE) Access Key ID.
-bos.bucket-name string
Name of BOS bucket.
-bos.endpoint string
BOS endpoint to connect to. (default "bj.bcebos.com")
-bos.secret-access-key value
Baidu Cloud Engine (BCE) Secret Access Key.
-cassandra.addresses string
Comma-separated hostnames or IPs of Cassandra instances.
-cassandra.auth
Enable password authentication when connecting to cassandra.
-cassandra.ca-path string
Path to certificate file to verify the peer.
-cassandra.connect-timeout duration
Initial connection timeout, used during initial dial to server. (default 5s)
-cassandra.consistency string
Consistency level for Cassandra. (default "QUORUM")
-cassandra.convict-hosts-on-failure
Convict hosts of being down on failure. (default true)
-cassandra.custom-authenticator value
If set, when authenticating with cassandra a custom authenticator will be expected during the handshake. This flag can be set multiple times.
-cassandra.disable-initial-host-lookup
Instruct the cassandra driver to not attempt to get host info from the system.peers table.
-cassandra.host-selection-policy string
Policy for selecting Cassandra host. Supported values are: round-robin, token-aware. (default "round-robin")
-cassandra.host-verification
Require SSL certificate validation. (default true)
-cassandra.keyspace string
Keyspace to use in Cassandra.
-cassandra.max-retries int
Number of retries to perform on a request. Set to 0 to disable retries.
-cassandra.num-connections int
Number of TCP connections per host. (default 2)
-cassandra.password value
Password to use when connecting to cassandra.
-cassandra.password-file string
File containing password to use when connecting to cassandra.
-cassandra.port int
Port that Cassandra is running on (default 9042)
-cassandra.query-concurrency int
Limit number of concurrent queries to Cassandra. Set to 0 to disable the limit.
-cassandra.reconnent-interval duration
Interval to retry connecting to cassandra nodes marked as DOWN. (default 1s)
-cassandra.replication-factor int
Replication factor to use in Cassandra. (default 3)
-cassandra.retry-max-backoff duration
Maximum time to wait before retrying a failed request. (default 10s)
-cassandra.retry-min-backoff duration
Minimum time to wait before retrying a failed request. (default 100ms)
-cassandra.ssl
Use SSL when connecting to cassandra instances.
-cassandra.table-options WITH
Table options used to create index or chunk tables. This value is used as plain text in the table WITH like this, "CREATE TABLE <generated_by_cortex> (...) WITH <cassandra.table-options>". For details, see https://cortexmetrics.io/docs/production/cassandra. By default it will use the default table options of your Cassandra cluster.
-cassandra.timeout duration
Timeout when connecting to cassandra. (default 2s)
-cassandra.tls-cert-path string
Path to certificate file used by TLS.
-cassandra.tls-key-path string
Path to private key file used by TLS.
-cassandra.username string
Username to use when connecting to cassandra.
-common.compactor-address string
the http address of the compactor in the form http://host:port
-common.compactor-grpc-address string
the grpc address of the compactor in the form host:port
-common.storage.azure.account-key value
Azure storage account key.
-common.storage.azure.account-name string
Azure storage account name.
-common.storage.azure.chunk-delimiter string
Chunk delimiter for blob ID to be used (default "-")
-common.storage.azure.client-id string
Azure Service Principal ID(GUID).
-common.storage.azure.client-secret value
Azure Service Principal secret key.
-common.storage.azure.container-name string
Name of the storage account blob container used to store chunks. This container must be created before running cortex. (default "loki")
-common.storage.azure.download-buffer-count int
Number of buffers used to used to upload a chunk. (default 1)
-common.storage.azure.download-buffer-size int
Preallocated buffer size for downloads. (default 512000)
-common.storage.azure.endpoint-suffix string
Azure storage endpoint suffix without schema. The storage account name will be prefixed to this value to create the FQDN.
-common.storage.azure.environment string
Azure Cloud environment. Supported values are: AzureGlobal, AzureChinaCloud, AzureGermanCloud, AzureUSGovernment. (default "AzureGlobal")
-common.storage.azure.max-retries int
Number of retries for a request which times out. (default 5)
-common.storage.azure.max-retry-delay duration
Maximum time to wait before retrying a request. (default 500ms)
-common.storage.azure.min-retry-delay duration
Minimum time to wait before retrying a request. (default 10ms)
-common.storage.azure.request-timeout duration
Timeout for requests made against azure blob storage. (default 30s)
-common.storage.azure.tenant-id string
Azure Tenant ID is used to authenticate through Azure OAuth.
-common.storage.azure.upload-buffer-size int
Preallocated buffer size for uploads. (default 256000)
-common.storage.azure.use-federated-token
Use Federated Token to authenticate to the Azure storage account.
-common.storage.azure.use-managed-identity
Use Managed Identity to authenticate to the Azure storage account.
-common.storage.azure.use-service-principal
Use Service Principal to authenticate through Azure OAuth.
-common.storage.azure.user-assigned-id string
User assigned identity ID to authenticate to the Azure storage account.
-common.storage.bos.access-key-id string
Baidu Cloud Engine (BCE) Access Key ID.
-common.storage.bos.bucket-name string
Name of BOS bucket.
-common.storage.bos.endpoint string
BOS endpoint to connect to. (default "bj.bcebos.com")
-common.storage.bos.secret-access-key value
Baidu Cloud Engine (BCE) Secret Access Key.
-common.storage.cos.access-key-id string
COS HMAC Access Key ID.
-common.storage.cos.api-key value
IAM API key to access COS.
-common.storage.cos.auth-endpoint string
IAM Auth Endpoint for authentication. (default "https://iam.cloud.ibm.com/identity/token")
-common.storage.cos.buckets string
Comma separated list of bucket names to evenly distribute chunks over.
-common.storage.cos.cr-token-file-path string
Compute resource token file path.
-common.storage.cos.endpoint string
COS Endpoint to connect to.
-common.storage.cos.force-path-style true
Set this to true to force the request to use path-style addressing.
-common.storage.cos.http.idle-conn-timeout duration
The maximum amount of time an idle connection will be held open. (default 1m30s)
-common.storage.cos.http.response-header-timeout duration
If non-zero, specifies the amount of time to wait for a server's response headers after fully writing the request.
-common.storage.cos.max-backoff duration
Maximum backoff time when cos get Object. (default 3s)
-common.storage.cos.max-retries int
Maximum number of times to retry when cos get Object. (default 5)
-common.storage.cos.min-backoff duration
Minimum backoff time when cos get Object. (default 100ms)
-common.storage.cos.region string
COS region to use.
-common.storage.cos.secret-access-key value
COS HMAC Secret Access Key.
-common.storage.cos.service-instance-id string
COS service instance id to use.
-common.storage.cos.trusted-profile-id string
ID of the trusted profile.
-common.storage.cos.trusted-profile-name string
Name of the trusted profile.
-common.storage.filesystem.chunk-directory string
Directory to store chunks in.
-common.storage.filesystem.rules-directory string
Directory to store rules in.
-common.storage.gcs.bucketname string
Name of GCS bucket. Please refer to https://cloud.google.com/docs/authentication/production for more information about how to configure authentication.
-common.storage.gcs.chunk-buffer-size int
The size of the buffer that GCS client for each PUT request. 0 to disable buffering.
-common.storage.gcs.enable-http2
Enable HTTP2 connections. (default true)
-common.storage.gcs.enable-opencensus
Enable OpenCensus (OC) instrumentation for all requests. (default true)
-common.storage.gcs.request-timeout duration
The duration after which the requests to GCS should be timed out.
-common.storage.gcs.service-account value
Service account key content in JSON format, refer to https://cloud.google.com/iam/docs/creating-managing-service-account-keys for creation.
-common.storage.hedge-max-per-second int
The maximum of hedge requests allowed per seconds. (default 5)
-common.storage.hedge-requests-at duration
If set to a non-zero value a second request will be issued at the provided duration. Default is 0 (disabled)
-common.storage.hedge-requests-up-to int
The maximum of hedge requests allowed. (default 2)
-common.storage.oss.access-key-id string
alibabacloud Access Key ID
-common.storage.oss.bucketname string
Name of OSS bucket.
-common.storage.oss.endpoint string
oss Endpoint to connect to.
-common.storage.oss.secret-access-key string
alibabacloud Secret Access Key
-common.storage.ring.consul.acl-token value
ACL Token used to interact with Consul.
-common.storage.ring.consul.cas-retry-delay duration
Maximum duration to wait before retrying a Compare And Swap (CAS) operation. (default 1s)
-common.storage.ring.consul.client-timeout duration
HTTP timeout when talking to Consul (default 20s)
-common.storage.ring.consul.consistent-reads
Enable consistent reads to Consul.
-common.storage.ring.consul.hostname string
Hostname and port of Consul. (default "localhost:8500")
-common.storage.ring.consul.watch-burst-size int
Burst size used in rate limit. Values less than 1 are treated as 1. (default 1)
-common.storage.ring.consul.watch-rate-limit float
Rate limit when watching key or prefix in Consul, in requests per second. 0 disables the rate limit. (default 1)
-common.storage.ring.etcd.dial-timeout duration
The dial timeout for the etcd connection. (default 10s)
-common.storage.ring.etcd.endpoints value
The etcd endpoints to connect to.
-common.storage.ring.etcd.max-retries int
The maximum number of retries to do for failed ops. (default 10)
-common.storage.ring.etcd.password value
Etcd password.
-common.storage.ring.etcd.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-common.storage.ring.etcd.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-common.storage.ring.etcd.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-common.storage.ring.etcd.tls-enabled
Enable TLS.
-common.storage.ring.etcd.tls-insecure-skip-verify
Skip validating server certificate.
-common.storage.ring.etcd.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-common.storage.ring.etcd.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-common.storage.ring.etcd.tls-server-name string
Override the expected name on the server certificate.
-common.storage.ring.etcd.username string
Etcd username.
-common.storage.ring.heartbeat-period duration
Period at which to heartbeat to the ring. 0 = disabled. (default 15s)
-common.storage.ring.heartbeat-timeout duration
The heartbeat timeout after which compactors are considered unhealthy within the ring. 0 = never (timeout disabled). (default 1m0s)
-common.storage.ring.instance-addr string
IP address to advertise in the ring.
-common.storage.ring.instance-availability-zone string
The availability zone where this instance is running. Required if zone-awareness is enabled.
-common.storage.ring.instance-enable-ipv6
Enable using a IPv6 instance address.
-common.storage.ring.instance-id string
Instance ID to register in the ring. (default "users-MacBook-Pro.local")
-common.storage.ring.instance-interface-names value
Name of network interface to read address from. (default [en0 bridge100])
-common.storage.ring.instance-port int
Port to advertise in the ring (defaults to server.grpc-listen-port).
-common.storage.ring.multi.mirror-enabled
Mirror writes to secondary store.
-common.storage.ring.multi.mirror-timeout duration
Timeout for storing value to secondary store. (default 2s)
-common.storage.ring.multi.primary string
Primary backend storage used by multi-client.
-common.storage.ring.multi.secondary string
Secondary backend storage used by multi-client.
-common.storage.ring.prefix string
The prefix for the keys in the store. Should end with a /. (default "collectors/")
-common.storage.ring.store string
Backend storage to use for the ring. Supported values are: consul, etcd, inmemory, memberlist, multi. (default "consul")
-common.storage.ring.tokens-file-path string
File path where tokens are stored. If empty, tokens are not stored at shutdown and restored at startup.
-common.storage.ring.zone-awareness-enabled
True to enable zone-awareness and replicate blocks across different availability zones.
-common.storage.s3.access-key-id string
AWS Access Key ID
-common.storage.s3.buckets string
Comma separated list of bucket names to evenly distribute chunks over. Overrides any buckets specified in s3.url flag
-common.storage.s3.endpoint string
S3 Endpoint to connect to.
-common.storage.s3.force-path-style true
Set this to true to force the request to use path-style addressing.
-common.storage.s3.http.ca-file string
Path to the trusted CA file that signed the SSL certificate of the S3 endpoint.
-common.storage.s3.http.idle-conn-timeout duration
The maximum amount of time an idle connection will be held open. (default 1m30s)
-common.storage.s3.http.insecure-skip-verify
Set to true to skip verifying the certificate chain and hostname.
-common.storage.s3.http.response-header-timeout duration
If non-zero, specifies the amount of time to wait for a server's response headers after fully writing the request.
-common.storage.s3.http.timeout duration
Timeout specifies a time limit for requests made by s3 Client.
-common.storage.s3.insecure
Disable https on s3 connection.
-common.storage.s3.max-backoff duration
Maximum backoff time when s3 get Object (default 3s)
-common.storage.s3.max-retries int
Maximum number of times to retry when s3 get Object (default 5)
-common.storage.s3.min-backoff duration
Minimum backoff time when s3 get Object (default 100ms)
-common.storage.s3.region string
AWS region to use.
-common.storage.s3.secret-access-key value
AWS Secret Access Key
-common.storage.s3.session-token value
AWS Session Token
-common.storage.s3.signature-version string
The signature version to use for authenticating against S3. Supported values are: v4, v2. (default "v4")
-common.storage.s3.sse-encryption
Enable AWS Server Side Encryption [Deprecated: Use .sse instead. if s3.sse-encryption is enabled, it assumes .sse.type SSE-S3]
-common.storage.s3.sse.kms-encryption-context string
KMS Encryption Context used for object encryption. It expects JSON formatted string.
-common.storage.s3.sse.kms-key-id string
KMS Key ID used to encrypt objects in S3
-common.storage.s3.sse.type string
Enable AWS Server Side Encryption. Supported values: SSE-KMS, SSE-S3.
-common.storage.s3.storage-class string
The S3 storage class which objects will use. Supported values are: GLACIER, DEEP_ARCHIVE, GLACIER_IR, INTELLIGENT_TIERING, ONEZONE_IA, OUTPOSTS, REDUCED_REDUNDANCY, STANDARD, STANDARD_IA. (default "STANDARD")
-common.storage.s3.url value
S3 endpoint URL with escaped Key and Secret encoded. If only region is specified as a host, proper endpoint will be deduced. Use inmemory:///<bucket-name> to use a mock in-memory implementation.
-common.storage.swift.auth-url string
OpenStack Swift authentication URL
-common.storage.swift.auth-version int
OpenStack Swift authentication API version. 0 to autodetect.
-common.storage.swift.connect-timeout duration
Time after which a connection attempt is aborted. (default 10s)
-common.storage.swift.container-name string
Name of the OpenStack Swift container to put chunks in.
-common.storage.swift.domain-id string
OpenStack Swift user's domain ID.
-common.storage.swift.domain-name string
OpenStack Swift user's domain name.
-common.storage.swift.internal
Set this to true to use the internal OpenStack Swift endpoint URL
-common.storage.swift.max-retries int
Max retries on requests error. (default 3)
-common.storage.swift.password string
OpenStack Swift API key.
-common.storage.swift.project-domain-id string
ID of the OpenStack Swift project's domain (v3 auth only), only needed if it differs the from user domain.
-common.storage.swift.project-domain-name string
Name of the OpenStack Swift project's domain (v3 auth only), only needed if it differs from the user domain.
-common.storage.swift.project-id string
OpenStack Swift project ID (v2,v3 auth only).
-common.storage.swift.project-name string
OpenStack Swift project name (v2,v3 auth only).
-common.storage.swift.region-name string
OpenStack Swift Region to use (v2,v3 auth only).
-common.storage.swift.request-timeout duration
Time after which an idle request is aborted. The timeout watchdog is reset each time some data is received, so the timeout triggers after X time no data is received on a request. (default 5s)
-common.storage.swift.user-domain-id string
OpenStack Swift user's domain ID.
-common.storage.swift.user-domain-name string
OpenStack Swift user's domain name.
-common.storage.swift.user-id string
OpenStack Swift user ID.
-common.storage.swift.username string
OpenStack Swift username.
-compactor.allow-deletes value
Deprecated. Instead, see compactor.deletion-mode which is another per tenant configuration
-compactor.apply-retention-interval duration
Interval at which to apply/enforce retention. 0 means run at same interval as compaction. If non-zero, it should always be a multiple of compaction interval.
-compactor.compaction-interval duration
Interval at which to re-run the compaction operation. (default 10m0s)
-compactor.delete-batch-size int
The max number of delete requests to run per compaction cycle. (default 70)
-compactor.delete-max-interval duration
Constrain the size of any single delete request. When a delete request > delete_max_interval is input, the request is sharded into smaller requests of no more than delete_max_interval
-compactor.delete-request-cancel-period duration
Allow cancellation of delete request until duration after they are created. Data would be deleted only after delete requests have been older than this duration. Ideally this should be set to at least 24h. (default 24h0m0s)
-compactor.delete-request-store string
Store used for managing delete requests. Defaults to -compactor.shared-store.
-compactor.deletion-mode string
Deletion mode. Can be one of 'disabled', 'filter-only', or 'filter-and-delete'. When set to 'filter-only' or 'filter-and-delete', and if retention_enabled is true, then the log entry deletion API endpoints are available. (default "filter-and-delete")
-compactor.max-compaction-parallelism int
Maximum number of tables to compact in parallel. While increasing this value, please make sure compactor has enough disk space allocated to be able to store and compact as many tables. (default 1)
-compactor.retention-delete-delay duration
Delay after which chunks will be fully deleted during retention. (default 2h0m0s)
-compactor.retention-delete-worker-count int
The total amount of worker to use to delete chunks. (default 150)
-compactor.retention-enabled
(Experimental) Activate custom (per-stream,per-tenant) retention.
-compactor.retention-table-timeout duration
The maximum amount of time to spend running retention and deletion on any given table in the index.
-compactor.ring.consul.acl-token value
ACL Token used to interact with Consul.
-compactor.ring.consul.cas-retry-delay duration
Maximum duration to wait before retrying a Compare And Swap (CAS) operation. (default 1s)
-compactor.ring.consul.client-timeout duration
HTTP timeout when talking to Consul (default 20s)
-compactor.ring.consul.consistent-reads
Enable consistent reads to Consul.
-compactor.ring.consul.hostname string
Hostname and port of Consul. (default "localhost:8500")
-compactor.ring.consul.watch-burst-size int
Burst size used in rate limit. Values less than 1 are treated as 1. (default 1)
-compactor.ring.consul.watch-rate-limit float
Rate limit when watching key or prefix in Consul, in requests per second. 0 disables the rate limit. (default 1)
-compactor.ring.etcd.dial-timeout duration
The dial timeout for the etcd connection. (default 10s)
-compactor.ring.etcd.endpoints value
The etcd endpoints to connect to.
-compactor.ring.etcd.max-retries int
The maximum number of retries to do for failed ops. (default 10)
-compactor.ring.etcd.password value
Etcd password.
-compactor.ring.etcd.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-compactor.ring.etcd.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-compactor.ring.etcd.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-compactor.ring.etcd.tls-enabled
Enable TLS.
-compactor.ring.etcd.tls-insecure-skip-verify
Skip validating server certificate.
-compactor.ring.etcd.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-compactor.ring.etcd.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-compactor.ring.etcd.tls-server-name string
Override the expected name on the server certificate.
-compactor.ring.etcd.username string
Etcd username.
-compactor.ring.heartbeat-period duration
Period at which to heartbeat to the ring. 0 = disabled. (default 15s)
-compactor.ring.heartbeat-timeout duration
The heartbeat timeout after which compactors are considered unhealthy within the ring. 0 = never (timeout disabled). (default 1m0s)
-compactor.ring.instance-addr string
IP address to advertise in the ring.
-compactor.ring.instance-availability-zone string
The availability zone where this instance is running. Required if zone-awareness is enabled.
-compactor.ring.instance-enable-ipv6
Enable using a IPv6 instance address.
-compactor.ring.instance-id string
Instance ID to register in the ring. (default "users-MacBook-Pro.local")
-compactor.ring.instance-interface-names value
Name of network interface to read address from. (default [en0 bridge100])
-compactor.ring.instance-port int
Port to advertise in the ring (defaults to server.grpc-listen-port).
-compactor.ring.multi.mirror-enabled
Mirror writes to secondary store.
-compactor.ring.multi.mirror-timeout duration
Timeout for storing value to secondary store. (default 2s)
-compactor.ring.multi.primary string
Primary backend storage used by multi-client.
-compactor.ring.multi.secondary string
Secondary backend storage used by multi-client.
-compactor.ring.prefix string
The prefix for the keys in the store. Should end with a /. (default "collectors/")
-compactor.ring.store string
Backend storage to use for the ring. Supported values are: consul, etcd, inmemory, memberlist, multi. (default "consul")
-compactor.ring.tokens-file-path string
File path where tokens are stored. If empty, tokens are not stored at shutdown and restored at startup.
-compactor.ring.zone-awareness-enabled
True to enable zone-awareness and replicate blocks across different availability zones.
-compactor.run-once
Run the compactor one time to cleanup and compact index files only (no retention applied)
-compactor.shared-store string
The shared store used for storing boltdb files. Supported types: gcs, s3, azure, swift, filesystem, bos, cos. If not set, compactor will be initialized to operate on all the object stores that contain either boltdb-shipper or tsdb index.
-compactor.shared-store.key-prefix string
Prefix to add to object keys in shared store. Path separator(if any) should always be a '/'. Prefix should never start with a separator but should always end with it. (default "index/")
-compactor.skip-latest-n-tables int
Do not compact N latest tables. Together with -compactor.run-once and -compactor.tables-to-compact, this is useful when clearing compactor backlogs.
-compactor.tables-to-compact int
Number of tables that compactor will try to compact. Newer tables are chosen when this is less than the number of tables available.
-compactor.upload-parallelism int
Number of upload/remove operations to execute in parallel when finalizing a compaction. NOTE: This setting is per compaction operation, which can be executed in parallel. The upper bound on the number of concurrent uploads is upload_parallelism * max_compaction_parallelism. (default 10)
-compactor.working-directory string
Directory where files can be downloaded for compaction.
-config.ballast-bytes int
The amount of virtual memory in bytes to reserve as ballast in order to optimize garbage collection. Larger ballasts result in fewer garbage collection passes, reducing CPU overhead at the cost of heap size. The ballast will not consume physical memory, because it is never read from. It will, however, distort metrics, because it is counted as live memory.
-config.expand-env
Expands ${var} in config according to the values of the environment variables.
-config.file string
configuration file to load, can be a comma separated list of paths, first existing file will be used (default "config.yaml,config/config.yaml")
-consul.acl-token value
ACL Token used to interact with Consul.
-consul.cas-retry-delay duration
Maximum duration to wait before retrying a Compare And Swap (CAS) operation. (default 1s)
-consul.client-timeout duration
HTTP timeout when talking to Consul (default 20s)
-consul.consistent-reads
Enable consistent reads to Consul.
-consul.hostname string
Hostname and port of Consul. (default "localhost:8500")
-consul.watch-burst-size int
Burst size used in rate limit. Values less than 1 are treated as 1. (default 1)
-consul.watch-rate-limit float
Rate limit when watching key or prefix in Consul, in requests per second. 0 disables the rate limit. (default 1)
-cos.access-key-id string
COS HMAC Access Key ID.
-cos.api-key value
IAM API key to access COS.
-cos.auth-endpoint string
IAM Auth Endpoint for authentication. (default "https://iam.cloud.ibm.com/identity/token")
-cos.buckets string
Comma separated list of bucket names to evenly distribute chunks over.
-cos.cr-token-file-path string
Compute resource token file path.
-cos.endpoint string
COS Endpoint to connect to.
-cos.force-path-style true
Set this to true to force the request to use path-style addressing.
-cos.http.idle-conn-timeout duration
The maximum amount of time an idle connection will be held open. (default 1m30s)
-cos.http.response-header-timeout duration
If non-zero, specifies the amount of time to wait for a server's response headers after fully writing the request.
-cos.max-backoff duration
Maximum backoff time when cos get Object. (default 3s)
-cos.max-retries int
Maximum number of times to retry when cos get Object. (default 5)
-cos.min-backoff duration
Minimum backoff time when cos get Object. (default 100ms)
-cos.region string
COS region to use.
-cos.secret-access-key value
COS HMAC Secret Access Key.
-cos.service-instance-id string
COS service instance id to use.
-cos.trusted-profile-id string
ID of the trusted profile.
-cos.trusted-profile-name string
Name of the trusted profile.
-distributor.client-cleanup-period duration
How frequently to clean up clients for ingesters that have gone away. (default 15s)
-distributor.excluded-zones value
Comma-separated list of zones to exclude from the ring. Instances in excluded zones will be filtered out from the ring.
-distributor.health-check-ingesters
Run a health check on each ingester client during periodic cleanup. (default true)
-distributor.ingestion-burst-size-mb float
Per-user allowed ingestion burst size (in sample size). Units in MB. The burst size refers to the per-distributor local rate limiter even in the case of the 'global' strategy, and should be set at least to the maximum logs size expected in a single push request. (default 6)
-distributor.ingestion-rate-limit-mb float
Per-user ingestion rate limit in sample size per second. Units in MB. (default 4)
-distributor.ingestion-rate-limit-strategy string
Whether the ingestion rate limit should be applied individually to each distributor instance (local), or evenly shared across the cluster (global). The ingestion rate strategy cannot be overridden on a per-tenant basis.
- local: enforces the limit on a per distributor basis. The actual effective rate limit will be N times higher, where N is the number of distributor replicas.
- global: enforces the limit globally, configuring a per-distributor local rate limiter as 'ingestion_rate / N', where N is the number of distributor replicas (it's automatically adjusted if the number of replicas change). The global strategy requires the distributors to form their own ring, which is used to keep track of the current number of healthy distributor replicas. (default "global")
-distributor.max-line-size distributor.max-line-size-truncate
Maximum line size on ingestion path. Example: 256kb. Any log line exceeding this limit will be discarded unless distributor.max-line-size-truncate is set which in case it is truncated instead of discarding it completely. There is no limit when unset or set to 0.
-distributor.max-line-size-truncate
Whether to truncate lines that exceed max_line_size.
-distributor.rate-store.debug
If enabled, detailed logs and spans will be emitted.
-distributor.rate-store.ingester-request-timeout duration
Timeout for communication between distributors and any given ingester when updating rates (default 500ms)
-distributor.rate-store.max-request-parallelism int
The max number of concurrent requests to make to ingester stream apis (default 200)
-distributor.rate-store.stream-rate-update-interval duration
The interval on which distributors will update current stream rates from ingesters (default 1s)
-distributor.replication-factor int
The number of ingesters to write to and read from. (default 3)
-distributor.ring.consul.acl-token value
ACL Token used to interact with Consul.
-distributor.ring.consul.cas-retry-delay duration
Maximum duration to wait before retrying a Compare And Swap (CAS) operation. (default 1s)
-distributor.ring.consul.client-timeout duration
HTTP timeout when talking to Consul (default 20s)
-distributor.ring.consul.consistent-reads
Enable consistent reads to Consul.
-distributor.ring.consul.hostname string
Hostname and port of Consul. (default "localhost:8500")
-distributor.ring.consul.watch-burst-size int
Burst size used in rate limit. Values less than 1 are treated as 1. (default 1)
-distributor.ring.consul.watch-rate-limit float
Rate limit when watching key or prefix in Consul, in requests per second. 0 disables the rate limit. (default 1)
-distributor.ring.etcd.dial-timeout duration
The dial timeout for the etcd connection. (default 10s)
-distributor.ring.etcd.endpoints value
The etcd endpoints to connect to.
-distributor.ring.etcd.max-retries int
The maximum number of retries to do for failed ops. (default 10)
-distributor.ring.etcd.password value
Etcd password.
-distributor.ring.etcd.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-distributor.ring.etcd.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-distributor.ring.etcd.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-distributor.ring.etcd.tls-enabled
Enable TLS.
-distributor.ring.etcd.tls-insecure-skip-verify
Skip validating server certificate.
-distributor.ring.etcd.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-distributor.ring.etcd.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-distributor.ring.etcd.tls-server-name string
Override the expected name on the server certificate.
-distributor.ring.etcd.username string
Etcd username.
-distributor.ring.heartbeat-period duration
Period at which to heartbeat to the ring. 0 = disabled. (default 5s)
-distributor.ring.heartbeat-timeout duration
The heartbeat timeout after which distributors are considered unhealthy within the ring. 0 = never (timeout disabled). (default 1m0s)
-distributor.ring.instance-addr string
IP address to advertise in the ring.
-distributor.ring.instance-enable-ipv6
Enable using a IPv6 instance address.
-distributor.ring.instance-id string
Instance ID to register in the ring. (default "users-MacBook-Pro.local")
-distributor.ring.instance-interface-names value
Name of network interface to read address from. (default [en0 bridge100])
-distributor.ring.instance-port int
Port to advertise in the ring (defaults to server.grpc-listen-port).
-distributor.ring.multi.mirror-enabled
Mirror writes to secondary store.
-distributor.ring.multi.mirror-timeout duration
Timeout for storing value to secondary store. (default 2s)
-distributor.ring.multi.primary string
Primary backend storage used by multi-client.
-distributor.ring.multi.secondary string
Secondary backend storage used by multi-client.
-distributor.ring.prefix string
The prefix for the keys in the store. Should end with a /. (default "collectors/")
-distributor.ring.store string
Backend storage to use for the ring. Supported values are: consul, etcd, inmemory, memberlist, multi. (default "consul")
-distributor.write-failures-logging.add-insights-label
Experimental and subject to change. Whether a insight=true key should be logged or not. Default: false.
-distributor.write-failures-logging.rate value
Experimental and subject to change. Log volume allowed (per second). Default: 1KB. (default 1KB)
-distributor.zone-awareness-enabled
True to enable the zone-awareness and replicate ingested samples across different availability zones.
-dynamodb.api-limit float
DynamoDB table management requests per second limit. (default 2)
-dynamodb.chunk-gang-size int
Number of chunks to group together to parallelise fetches (zero to disable) (default 10)
-dynamodb.chunk.get-max-parallelism int
Max number of chunk-get operations to start in parallel (default 32)
-dynamodb.kms-key-id string
KMS key used for encrypting DynamoDB items. DynamoDB will use an Amazon owned KMS key if not provided.
-dynamodb.max-backoff duration
Maximum backoff time (default 50s)
-dynamodb.max-retries int
Maximum number of times to retry an operation (default 20)
-dynamodb.min-backoff duration
Minimum backoff time (default 100ms)
-dynamodb.throttle-limit float
DynamoDB rate cap to back off when throttled. (default 10)
-dynamodb.url value
DynamoDB endpoint URL with escaped Key and Secret encoded. If only region is specified as a host, proper endpoint will be deduced. Use inmemory:///<table-name> to use a mock in-memory implementation.
-etcd.dial-timeout duration
The dial timeout for the etcd connection. (default 10s)
-etcd.endpoints value
The etcd endpoints to connect to.
-etcd.max-retries int
The maximum number of retries to do for failed ops. (default 10)
-etcd.password value
Etcd password.
-etcd.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-etcd.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-etcd.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-etcd.tls-enabled
Enable TLS.
-etcd.tls-insecure-skip-verify
Skip validating server certificate.
-etcd.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-etcd.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-etcd.tls-server-name string
Override the expected name on the server certificate.
-etcd.username string
Etcd username.
-experimental.ruler.enable-api
Enable the ruler API.
-experimental.store.chunks-cache-l2.background.write-back-buffer int
How many key batches to buffer for background write-back. (default 10000)
-experimental.store.chunks-cache-l2.background.write-back-concurrency int
At what concurrency to write back to cache. (default 10)
-experimental.store.chunks-cache-l2.background.write-back-size-limit value
Size limit in bytes for background write-back. (default 1GB)
-experimental.store.chunks-cache-l2.cache.enable-fifocache
(deprecated: use embedded-cache instead) Enable in-memory cache (auto-enabled for the chunks & query results cache if no other cache is configured).
-experimental.store.chunks-cache-l2.default-validity duration
The default validity of entries for caches unless overridden. (default 1h0m0s)
-experimental.store.chunks-cache-l2.embedded-cache.enabled
Whether embedded cache is enabled.
-experimental.store.chunks-cache-l2.embedded-cache.max-size-mb int
Maximum memory size of the cache in MB. (default 100)
-experimental.store.chunks-cache-l2.embedded-cache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-experimental.store.chunks-cache-l2.fifocache.duration duration
Deprecated (use ttl instead): The expiry duration for the cache.
-experimental.store.chunks-cache-l2.fifocache.max-size-bytes string
Maximum memory size of the cache in bytes. A unit suffix (KB, MB, GB) may be applied. (default "1GB")
-experimental.store.chunks-cache-l2.fifocache.max-size-items int
deprecated: Maximum number of entries in the cache.
-experimental.store.chunks-cache-l2.fifocache.size int
Deprecated (use max-size-items or max-size-bytes instead): The number of entries to cache.
-experimental.store.chunks-cache-l2.fifocache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-experimental.store.chunks-cache-l2.handoff duration
Experimental, subject to change or removal. Chunks will be handed off to the L2 cache after this duration. 0 to disable L2 cache.
-experimental.store.chunks-cache-l2.max-async-cache-write-back-buffer-size int
The maximum number of enqueued asynchronous writeback cache allowed. (default 500)
-experimental.store.chunks-cache-l2.max-async-cache-write-back-concurrency int
The maximum number of concurrent asynchronous writeback cache can occur. (default 16)
-experimental.store.chunks-cache-l2.memcached.addresses string
EXPERIMENTAL: Comma separated addresses list in DNS Service Discovery format: https://cortexmetrics.io/docs/configuration/arguments/#dns-service-discovery
-experimental.store.chunks-cache-l2.memcached.batchsize int
How many keys to fetch in each batch. (default 1024)
-experimental.store.chunks-cache-l2.memcached.circuit-breaker-consecutive-failures uint
Trip circuit-breaker after this number of consecutive dial failures (if zero then circuit-breaker is disabled). (default 10)
-experimental.store.chunks-cache-l2.memcached.circuit-breaker-interval duration
Reset circuit-breaker counts after this long (if zero then never reset). (default 10s)
-experimental.store.chunks-cache-l2.memcached.circuit-breaker-timeout duration
Duration circuit-breaker remains open after tripping (if zero then 60 seconds is used). (default 10s)
-experimental.store.chunks-cache-l2.memcached.consistent-hash
Use consistent hashing to distribute to memcache servers. (default true)
-experimental.store.chunks-cache-l2.memcached.expiration duration
How long keys stay in the memcache.
-experimental.store.chunks-cache-l2.memcached.hostname string
Hostname for memcached service to use. If empty and if addresses is unset, no memcached will be used.
-experimental.store.chunks-cache-l2.memcached.max-idle-conns int
Maximum number of idle connections in pool. (default 16)
-experimental.store.chunks-cache-l2.memcached.max-item-size int
The maximum size of an item stored in memcached. Bigger items are not stored. If set to 0, no maximum size is enforced.
-experimental.store.chunks-cache-l2.memcached.parallelism int
Maximum active requests to memcache. (default 100)
-experimental.store.chunks-cache-l2.memcached.service string
SRV service used to discover memcache servers. (default "memcached")
-experimental.store.chunks-cache-l2.memcached.timeout duration
Maximum time to wait before giving up on memcached requests. (default 100ms)
-experimental.store.chunks-cache-l2.memcached.update-interval duration
Period with which to poll DNS for memcache servers. (default 1m0s)
-experimental.store.chunks-cache-l2.redis.db int
Database index.
-experimental.store.chunks-cache-l2.redis.endpoint string
Redis Server or Cluster configuration endpoint to use for caching. A comma-separated list of endpoints for Redis Cluster or Redis Sentinel. If empty, no redis will be used.
-experimental.store.chunks-cache-l2.redis.expiration duration
How long keys stay in the redis.
-experimental.store.chunks-cache-l2.redis.idle-timeout duration
Close connections after remaining idle for this duration. If the value is zero, then idle connections are not closed.
-experimental.store.chunks-cache-l2.redis.master-name string
Redis Sentinel master name. An empty string for Redis Server or Redis Cluster.
-experimental.store.chunks-cache-l2.redis.max-connection-age duration
Close connections older than this duration. If the value is zero, then the pool does not close connections based on age.
-experimental.store.chunks-cache-l2.redis.password value
Password to use when connecting to redis.
-experimental.store.chunks-cache-l2.redis.pool-size int
Maximum number of connections in the pool.
-experimental.store.chunks-cache-l2.redis.route-randomly
By default, the Redis client only reads from the master node. Enabling this option can lower pressure on the master node by randomly routing read-only commands to the master and any available replicas.
-experimental.store.chunks-cache-l2.redis.timeout duration
Maximum time to wait before giving up on redis requests. (default 500ms)
-experimental.store.chunks-cache-l2.redis.tls-enabled
Enable connecting to redis with TLS.
-experimental.store.chunks-cache-l2.redis.tls-insecure-skip-verify
Skip validating server certificate.
-experimental.store.chunks-cache-l2.redis.username string
Username to use when connecting to redis.
-frontend.background.write-back-buffer int
How many key batches to buffer for background write-back. (default 10000)
-frontend.background.write-back-concurrency int
At what concurrency to write back to cache. (default 10)
-frontend.background.write-back-size-limit value
Size limit in bytes for background write-back. (default 1GB)
-frontend.cache-split-interval value
Deprecated: The maximum interval expected for each request, results will be cached per single interval. This behavior is now determined by querier.split-queries-by-interval.
-frontend.cache.enable-fifocache
(deprecated: use embedded-cache instead) Enable in-memory cache (auto-enabled for the chunks & query results cache if no other cache is configured).
-frontend.compression string
Use compression in cache. The default is an empty value , which disables compression. Supported values are: 'snappy' and .
-frontend.default-validity duration
The default validity of entries for caches unless overridden. (default 1h0m0s)
-frontend.downstream-url string
URL of downstream Loki.
-frontend.embedded-cache.enabled
Whether embedded cache is enabled.
-frontend.embedded-cache.max-size-mb int
Maximum memory size of the cache in MB. (default 100)
-frontend.embedded-cache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-frontend.fifocache.duration duration
Deprecated (use ttl instead): The expiry duration for the cache.
-frontend.fifocache.max-size-bytes string
Maximum memory size of the cache in bytes. A unit suffix (KB, MB, GB) may be applied. (default "1GB")
-frontend.fifocache.max-size-items int
deprecated: Maximum number of entries in the cache.
-frontend.fifocache.size int
Deprecated (use max-size-items or max-size-bytes instead): The number of entries to cache.
-frontend.fifocache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-frontend.forward-headers-list value
Deprecated. List of headers forwarded by the query Frontend to downstream querier.
-frontend.graceful-shutdown-timeout duration
Time to wait for inflight requests to finish before forcefully shutting down. This needs to be aligned with the query timeout and the graceful termination period of the process orchestrator. (default 5m0s)
-frontend.grpc-client-config.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-frontend.grpc-client-config.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-frontend.grpc-client-config.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-frontend.grpc-client-config.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-frontend.grpc-client-config.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-frontend.grpc-client-config.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-frontend.grpc-client-config.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-frontend.grpc-client-config.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-frontend.grpc-client-config.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-frontend.grpc-client-config.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-frontend.grpc-client-config.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-frontend.grpc-client-config.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-frontend.grpc-client-config.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-frontend.grpc-client-config.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-frontend.grpc-client-config.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-frontend.grpc-client-config.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-frontend.grpc-client-config.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-frontend.grpc-client-config.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-frontend.grpc-client-config.tls-insecure-skip-verify
Skip validating server certificate.
-frontend.grpc-client-config.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-frontend.grpc-client-config.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-frontend.grpc-client-config.tls-server-name string
Override the expected name on the server certificate.
-frontend.index-stats-results-cache.background.write-back-buffer int
How many key batches to buffer for background write-back. (default 10000)
-frontend.index-stats-results-cache.background.write-back-concurrency int
At what concurrency to write back to cache. (default 10)
-frontend.index-stats-results-cache.background.write-back-size-limit value
Size limit in bytes for background write-back. (default 1GB)
-frontend.index-stats-results-cache.cache-split-interval value
Deprecated: The maximum interval expected for each request, results will be cached per single interval. This behavior is now determined by querier.split-queries-by-interval.
-frontend.index-stats-results-cache.cache.enable-fifocache
(deprecated: use embedded-cache instead) Enable in-memory cache (auto-enabled for the chunks & query results cache if no other cache is configured).
-frontend.index-stats-results-cache.compression string
Use compression in cache. The default is an empty value , which disables compression. Supported values are: 'snappy' and .
-frontend.index-stats-results-cache.default-validity duration
The default validity of entries for caches unless overridden. (default 1h0m0s)
-frontend.index-stats-results-cache.embedded-cache.enabled
Whether embedded cache is enabled.
-frontend.index-stats-results-cache.embedded-cache.max-size-mb int
Maximum memory size of the cache in MB. (default 100)
-frontend.index-stats-results-cache.embedded-cache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-frontend.index-stats-results-cache.fifocache.duration duration
Deprecated (use ttl instead): The expiry duration for the cache.
-frontend.index-stats-results-cache.fifocache.max-size-bytes string
Maximum memory size of the cache in bytes. A unit suffix (KB, MB, GB) may be applied. (default "1GB")
-frontend.index-stats-results-cache.fifocache.max-size-items int
deprecated: Maximum number of entries in the cache.
-frontend.index-stats-results-cache.fifocache.size int
Deprecated (use max-size-items or max-size-bytes instead): The number of entries to cache.
-frontend.index-stats-results-cache.fifocache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-frontend.index-stats-results-cache.max-async-cache-write-back-buffer-size int
The maximum number of enqueued asynchronous writeback cache allowed. (default 500)
-frontend.index-stats-results-cache.max-async-cache-write-back-concurrency int
The maximum number of concurrent asynchronous writeback cache can occur. (default 16)
-frontend.index-stats-results-cache.memcached.addresses string
EXPERIMENTAL: Comma separated addresses list in DNS Service Discovery format: https://cortexmetrics.io/docs/configuration/arguments/#dns-service-discovery
-frontend.index-stats-results-cache.memcached.batchsize int
How many keys to fetch in each batch. (default 1024)
-frontend.index-stats-results-cache.memcached.circuit-breaker-consecutive-failures uint
Trip circuit-breaker after this number of consecutive dial failures (if zero then circuit-breaker is disabled). (default 10)
-frontend.index-stats-results-cache.memcached.circuit-breaker-interval duration
Reset circuit-breaker counts after this long (if zero then never reset). (default 10s)
-frontend.index-stats-results-cache.memcached.circuit-breaker-timeout duration
Duration circuit-breaker remains open after tripping (if zero then 60 seconds is used). (default 10s)
-frontend.index-stats-results-cache.memcached.consistent-hash
Use consistent hashing to distribute to memcache servers. (default true)
-frontend.index-stats-results-cache.memcached.expiration duration
How long keys stay in the memcache.
-frontend.index-stats-results-cache.memcached.hostname string
Hostname for memcached service to use. If empty and if addresses is unset, no memcached will be used.
-frontend.index-stats-results-cache.memcached.max-idle-conns int
Maximum number of idle connections in pool. (default 16)
-frontend.index-stats-results-cache.memcached.max-item-size int
The maximum size of an item stored in memcached. Bigger items are not stored. If set to 0, no maximum size is enforced.
-frontend.index-stats-results-cache.memcached.parallelism int
Maximum active requests to memcache. (default 100)
-frontend.index-stats-results-cache.memcached.service string
SRV service used to discover memcache servers. (default "memcached")
-frontend.index-stats-results-cache.memcached.timeout duration
Maximum time to wait before giving up on memcached requests. (default 100ms)
-frontend.index-stats-results-cache.memcached.update-interval duration
Period with which to poll DNS for memcache servers. (default 1m0s)
-frontend.index-stats-results-cache.redis.db int
Database index.
-frontend.index-stats-results-cache.redis.endpoint string
Redis Server or Cluster configuration endpoint to use for caching. A comma-separated list of endpoints for Redis Cluster or Redis Sentinel. If empty, no redis will be used.
-frontend.index-stats-results-cache.redis.expiration duration
How long keys stay in the redis.
-frontend.index-stats-results-cache.redis.idle-timeout duration
Close connections after remaining idle for this duration. If the value is zero, then idle connections are not closed.
-frontend.index-stats-results-cache.redis.master-name string
Redis Sentinel master name. An empty string for Redis Server or Redis Cluster.
-frontend.index-stats-results-cache.redis.max-connection-age duration
Close connections older than this duration. If the value is zero, then the pool does not close connections based on age.
-frontend.index-stats-results-cache.redis.password value
Password to use when connecting to redis.
-frontend.index-stats-results-cache.redis.pool-size int
Maximum number of connections in the pool.
-frontend.index-stats-results-cache.redis.route-randomly
By default, the Redis client only reads from the master node. Enabling this option can lower pressure on the master node by randomly routing read-only commands to the master and any available replicas.
-frontend.index-stats-results-cache.redis.timeout duration
Maximum time to wait before giving up on redis requests. (default 500ms)
-frontend.index-stats-results-cache.redis.tls-enabled
Enable connecting to redis with TLS.
-frontend.index-stats-results-cache.redis.tls-insecure-skip-verify
Skip validating server certificate.
-frontend.index-stats-results-cache.redis.username string
Username to use when connecting to redis.
-frontend.instance-addr string
IP address to advertise to querier (via scheduler) (resolved via interfaces by default).
-frontend.instance-interface-names value
Name of network interface to read address from. This address is sent to query-scheduler and querier, which uses it to send the query response back to query-frontend. (default [en0 bridge100])
-frontend.instance-port int
Port to advertise to querier (via scheduler) (defaults to server.grpc-listen-port).
-frontend.log-queries-longer-than duration
Log queries that are slower than the specified duration. Set to 0 to disable. Set to < 0 to enable on all queries.
-frontend.max-async-cache-write-back-buffer-size int
The maximum number of enqueued asynchronous writeback cache allowed. (default 500)
-frontend.max-async-cache-write-back-concurrency int
The maximum number of concurrent asynchronous writeback cache can occur. (default 16)
-frontend.max-body-size int
Max body size for downstream prometheus. (default 10485760)
-frontend.max-cache-freshness value
Most recent allowed cacheable result per-tenant, to prevent caching very recent results that might still be in flux. (default 1m)
-frontend.max-querier-bytes-read value
Max number of bytes a query can fetch after splitting and sharding. Enforced in log and metric queries only when TSDB is used. The default value of 0 disables this limit.
-frontend.max-queriers-per-tenant int
Maximum number of queriers that can handle requests for a single tenant. If set to 0 or value higher than number of available queriers, *all* queriers will handle requests for the tenant. Each frontend (or query-scheduler, if used) will select the same set of queriers for the same tenant (given that all queriers are connected to all frontends / query-schedulers). This option only works with queriers connecting to the query-frontend / query-scheduler, not when using downstream URL.
-frontend.max-query-bytes-read value
Max number of bytes a query can fetch. Enforced in log and metric queries only when TSDB is used. The default value of 0 disables this limit.
-frontend.max-stats-cache-freshness value
Do not cache requests with an end time that falls within Now minus this duration. 0 disables this feature (default).
-frontend.memcached.addresses string
EXPERIMENTAL: Comma separated addresses list in DNS Service Discovery format: https://cortexmetrics.io/docs/configuration/arguments/#dns-service-discovery
-frontend.memcached.batchsize int
How many keys to fetch in each batch. (default 1024)
-frontend.memcached.circuit-breaker-consecutive-failures uint
Trip circuit-breaker after this number of consecutive dial failures (if zero then circuit-breaker is disabled). (default 10)
-frontend.memcached.circuit-breaker-interval duration
Reset circuit-breaker counts after this long (if zero then never reset). (default 10s)
-frontend.memcached.circuit-breaker-timeout duration
Duration circuit-breaker remains open after tripping (if zero then 60 seconds is used). (default 10s)
-frontend.memcached.consistent-hash
Use consistent hashing to distribute to memcache servers. (default true)
-frontend.memcached.expiration duration
How long keys stay in the memcache.
-frontend.memcached.hostname string
Hostname for memcached service to use. If empty and if addresses is unset, no memcached will be used.
-frontend.memcached.max-idle-conns int
Maximum number of idle connections in pool. (default 16)
-frontend.memcached.max-item-size int
The maximum size of an item stored in memcached. Bigger items are not stored. If set to 0, no maximum size is enforced.
-frontend.memcached.parallelism int
Maximum active requests to memcache. (default 100)
-frontend.memcached.service string
SRV service used to discover memcache servers. (default "memcached")
-frontend.memcached.timeout duration
Maximum time to wait before giving up on memcached requests. (default 100ms)
-frontend.memcached.update-interval duration
Period with which to poll DNS for memcache servers. (default 1m0s)
-frontend.min-sharding-lookback value
Limit queries that can be sharded. Queries within the time range of now and now minus this sharding lookback are not sharded. The default value of 0s disables the lookback, causing sharding of all queries at all times.
-frontend.query-stats-enabled
True to enable query statistics tracking. When enabled, a message with some statistics is logged for every query.
-frontend.redis.db int
Database index.
-frontend.redis.endpoint string
Redis Server or Cluster configuration endpoint to use for caching. A comma-separated list of endpoints for Redis Cluster or Redis Sentinel. If empty, no redis will be used.
-frontend.redis.expiration duration
How long keys stay in the redis.
-frontend.redis.idle-timeout duration
Close connections after remaining idle for this duration. If the value is zero, then idle connections are not closed.
-frontend.redis.master-name string
Redis Sentinel master name. An empty string for Redis Server or Redis Cluster.
-frontend.redis.max-connection-age duration
Close connections older than this duration. If the value is zero, then the pool does not close connections based on age.
-frontend.redis.password value
Password to use when connecting to redis.
-frontend.redis.pool-size int
Maximum number of connections in the pool.
-frontend.redis.route-randomly
By default, the Redis client only reads from the master node. Enabling this option can lower pressure on the master node by randomly routing read-only commands to the master and any available replicas.
-frontend.redis.timeout duration
Maximum time to wait before giving up on redis requests. (default 500ms)
-frontend.redis.tls-enabled
Enable connecting to redis with TLS.
-frontend.redis.tls-insecure-skip-verify
Skip validating server certificate.
-frontend.redis.username string
Username to use when connecting to redis.
-frontend.required-query-response-format string
The downstream querier is required to answer in the accepted format. Can be 'json' or 'protobuf'. Note: Both will still be routed over GRPC. (default "json")
-frontend.scheduler-address string
DNS hostname used for finding query-schedulers.
-frontend.scheduler-dns-lookup-period duration
How often to resolve the scheduler-address, in order to look for new query-scheduler instances. Also used to determine how often to poll the scheduler-ring for addresses if the scheduler-ring is configured. (default 10s)
-frontend.scheduler-worker-concurrency int
Number of concurrent workers forwarding queries to single query-scheduler. (default 5)
-frontend.tail-proxy-url string
URL of querier for tail proxy.
-frontend.tail-tls-config.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-frontend.tail-tls-config.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-frontend.tail-tls-config.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-frontend.tail-tls-config.tls-insecure-skip-verify
Skip validating server certificate.
-frontend.tail-tls-config.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-frontend.tail-tls-config.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-frontend.tail-tls-config.tls-server-name string
Override the expected name on the server certificate.
-gcs.bucketname string
Name of GCS bucket. Please refer to https://cloud.google.com/docs/authentication/production for more information about how to configure authentication.
-gcs.chunk-buffer-size int
The size of the buffer that GCS client for each PUT request. 0 to disable buffering.
-gcs.enable-http2
Enable HTTP2 connections. (default true)
-gcs.enable-opencensus
Enable OpenCensus (OC) instrumentation for all requests. (default true)
-gcs.request-timeout duration
The duration after which the requests to GCS should be timed out.
-gcs.service-account value
Service account key content in JSON format, refer to https://cloud.google.com/iam/docs/creating-managing-service-account-keys for creation.
-grpc-store.server-address string
Hostname or IP of the gRPC store instance.
-index-gateway.mode string
Defines in which mode the index gateway server will operate (default to 'simple'). It supports two modes:
- 'simple': an index gateway server instance is responsible for handling, storing and returning requests for all indices for all tenants.
- 'ring': an index gateway server instance is responsible for a subset of tenants instead of all tenants. (default "simple")
-index-gateway.ring.consul.acl-token value
ACL Token used to interact with Consul.
-index-gateway.ring.consul.cas-retry-delay duration
Maximum duration to wait before retrying a Compare And Swap (CAS) operation. (default 1s)
-index-gateway.ring.consul.client-timeout duration
HTTP timeout when talking to Consul (default 20s)
-index-gateway.ring.consul.consistent-reads
Enable consistent reads to Consul.
-index-gateway.ring.consul.hostname string
Hostname and port of Consul. (default "localhost:8500")
-index-gateway.ring.consul.watch-burst-size int
Burst size used in rate limit. Values less than 1 are treated as 1. (default 1)
-index-gateway.ring.consul.watch-rate-limit float
Rate limit when watching key or prefix in Consul, in requests per second. 0 disables the rate limit. (default 1)
-index-gateway.ring.etcd.dial-timeout duration
The dial timeout for the etcd connection. (default 10s)
-index-gateway.ring.etcd.endpoints value
The etcd endpoints to connect to.
-index-gateway.ring.etcd.max-retries int
The maximum number of retries to do for failed ops. (default 10)
-index-gateway.ring.etcd.password value
Etcd password.
-index-gateway.ring.etcd.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-index-gateway.ring.etcd.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-index-gateway.ring.etcd.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-index-gateway.ring.etcd.tls-enabled
Enable TLS.
-index-gateway.ring.etcd.tls-insecure-skip-verify
Skip validating server certificate.
-index-gateway.ring.etcd.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-index-gateway.ring.etcd.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-index-gateway.ring.etcd.tls-server-name string
Override the expected name on the server certificate.
-index-gateway.ring.etcd.username string
Etcd username.
-index-gateway.ring.heartbeat-period duration
Period at which to heartbeat to the ring. 0 = disabled. (default 15s)
-index-gateway.ring.heartbeat-timeout duration
The heartbeat timeout after which compactors are considered unhealthy within the ring. 0 = never (timeout disabled). (default 1m0s)
-index-gateway.ring.instance-addr string
IP address to advertise in the ring.
-index-gateway.ring.instance-availability-zone string
The availability zone where this instance is running. Required if zone-awareness is enabled.
-index-gateway.ring.instance-enable-ipv6
Enable using a IPv6 instance address.
-index-gateway.ring.instance-id string
Instance ID to register in the ring. (default "users-MacBook-Pro.local")
-index-gateway.ring.instance-interface-names value
Name of network interface to read address from. (default [en0 bridge100])
-index-gateway.ring.instance-port int
Port to advertise in the ring (defaults to server.grpc-listen-port).
-index-gateway.ring.multi.mirror-enabled
Mirror writes to secondary store.
-index-gateway.ring.multi.mirror-timeout duration
Timeout for storing value to secondary store. (default 2s)
-index-gateway.ring.multi.primary string
Primary backend storage used by multi-client.
-index-gateway.ring.multi.secondary string
Secondary backend storage used by multi-client.
-index-gateway.ring.prefix string
The prefix for the keys in the store. Should end with a /. (default "collectors/")
-index-gateway.ring.store string
Backend storage to use for the ring. Supported values are: consul, etcd, inmemory, memberlist, multi. (default "consul")
-index-gateway.ring.tokens-file-path string
File path where tokens are stored. If empty, tokens are not stored at shutdown and restored at startup.
-index-gateway.ring.zone-awareness-enabled
True to enable zone-awareness and replicate blocks across different availability zones.
-index-gateway.shard-size int
The shard size defines how many index gateways should be used by a tenant for querying. If the global shard factor is 0, the global shard factor is set to the deprecated -replication-factor for backwards compatibility reasons.
-ingester.autoforget-unhealthy ring.kvstore.heartbeat_timeout
Forget about ingesters having heartbeat timestamps older than ring.kvstore.heartbeat_timeout. This is equivalent to clicking on the `/ring` `forget` button in the UI: the ingester is removed from the ring. This is a useful setting when you are sure that an unhealthy node won't return. An example is when not using stateful sets or the equivalent. Use `memberlist.rejoin_interval` > 0 to handle network partition cases when using a memberlist.
-ingester.availability-zone string
The availability zone where this instance is running.
-ingester.checkpoint-duration duration
Interval at which checkpoints should be created. (default 5m0s)
-ingester.chunk-encoding string
The algorithm to use for compressing chunk. (none, gzip, lz4-64k, snappy, lz4-256k, lz4-1M, lz4, flate, zstd) (default "gzip")
-ingester.chunk-target-size int
A target _compressed_ size in bytes for chunks. This is a desired size not an exact size, chunks may be slightly bigger or significantly smaller if they get flushed for other reasons (e.g. chunk_idle_period). A value of 0 creates chunks with a fixed 10 blocks, a non zero value will create chunks with a variable number of blocks to meet the target size. (default 1572864)
-ingester.chunks-block-size int
The targeted _uncompressed_ size in bytes of a chunk block When this threshold is exceeded the head block will be cut and compressed inside the chunk. (default 262144)
-ingester.chunks-idle-period duration
How long chunks should sit in-memory with no updates before being flushed if they don't hit the max block size. This means that half-empty chunks will still be flushed after a certain period as long as they receive no further activity. (default 30m0s)
-ingester.chunks-retain-period duration
How long chunks should be retained in-memory after they've been flushed.
-ingester.client.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-ingester.client.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-ingester.client.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-ingester.client.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-ingester.client.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-ingester.client.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-ingester.client.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-ingester.client.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-ingester.client.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-ingester.client.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-ingester.client.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-ingester.client.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-ingester.client.healthcheck-timeout duration
How quickly a dead client will be removed after it has been detected to disappear. Set this to a value to allow time for a secondary health check to recover the missing client. (default 1s)
-ingester.client.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-ingester.client.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-ingester.client.timeout duration
The remote request timeout on the client side. (default 5s)
-ingester.client.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-ingester.client.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-ingester.client.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-ingester.client.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-ingester.client.tls-insecure-skip-verify
Skip validating server certificate.
-ingester.client.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-ingester.client.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-ingester.client.tls-server-name string
Override the expected name on the server certificate.
-ingester.concurrent-flushes int
How many flushes can happen concurrently from each stream. (default 32)
-ingester.enable-inet6
Enable IPv6 support. Required to make use of IP addresses from IPv6 interfaces.
-ingester.final-sleep duration
Duration to sleep for before exiting, to ensure metrics are scraped.
-ingester.flush-check-period duration
How often should the ingester see if there are any blocks to flush. The first flush check is delayed by a random time up to 0.8x the flush check period. Additionally, there is +/- 1% jitter added to the interval. (default 30s)
-ingester.flush-on-shutdown
When WAL is enabled, should chunks be flushed to long-term storage on shutdown.
-ingester.flush-op-timeout duration
The timeout before a flush is cancelled. (default 10m0s)
-ingester.heartbeat-period duration
Period at which to heartbeat to consul. 0 = disabled. (default 5s)
-ingester.heartbeat-timeout duration
Heartbeat timeout after which instance is assumed to be unhealthy. 0 = disabled. (default 1m0s)
-ingester.index-shards int
Shard factor used in the ingesters for the in process reverse index. This MUST be evenly divisible by ALL schema shard factors or Loki will not start. (default 32)
-ingester.join-after duration
Period to wait for a claim from another member; will join automatically after this.
-ingester.lifecycler.ID string
ID to register in the ring. (default "users-MacBook-Pro.local")
-ingester.lifecycler.addr string
IP address to advertise in the ring.
-ingester.lifecycler.interface value
Name of network interface to read address from. (default [en0 bridge100])
-ingester.lifecycler.port int
port to advertise in consul (defaults to server.grpc-listen-port).
-ingester.max-chunk-age duration
The maximum duration of a timeseries chunk in memory. If a timeseries runs for longer than this, the current chunk will be flushed to the store and a new chunk created. (default 2h0m0s)
-ingester.max-global-streams-per-user int
Maximum number of active streams per user, across the cluster. 0 to disable. When the global limit is enabled, each ingester is configured with a dynamic local limit based on the replication factor and the current number of healthy ingesters, and is kept updated whenever the number of ingesters change. (default 5000)
-ingester.max-ignored-stream-errors int
The maximum number of errors a stream will report to the user when a push fails. 0 to make unlimited. (default 10)
-ingester.max-streams-per-user int
Maximum number of active streams per user, per ingester. 0 to disable.
-ingester.max-transfer-retries int
Number of times to try and transfer chunks before falling back to flushing. If set to 0 or negative value, transfers are disabled.
-ingester.min-ready-duration duration
Minimum duration to wait after the internal readiness checks have passed but before succeeding the readiness endpoint. This is used to slowdown deployment controllers (eg. Kubernetes) after an instance is ready and before they proceed with a rolling update, to give the rest of the cluster instances enough time to receive ring updates. (default 15s)
-ingester.num-tokens int
Number of tokens for each ingester. (default 128)
-ingester.observe-period duration
Observe tokens after generating to resolve collisions. Useful when using gossiping ring.
-ingester.per-stream-rate-limit value
Maximum byte rate per second per stream, also expressible in human readable forms (1MB, 256KB, etc). (default 3MB)
-ingester.per-stream-rate-limit-burst value
Maximum burst bytes per stream, also expressible in human readable forms (1MB, 256KB, etc). This is how far above the rate limit a stream can 'burst' before the stream is limited. (default 15MB)
-ingester.query-store-max-look-back-period duration
How far back should an ingester be allowed to query the store for data, for use only with boltdb-shipper/tsdb index and filesystem object store. -1 for infinite.
-ingester.readiness-check-ring-health
When enabled the readiness probe succeeds only after all instances are ACTIVE and healthy in the ring, otherwise only the instance itself is checked. This option should be disabled if in your cluster multiple instances can be rolled out simultaneously, otherwise rolling updates may be slowed down. (default true)
-ingester.shutdown-marker-path string
Path where the shutdown marker file is stored. If not set and common.path_prefix is set then common.path_prefix will be used.
-ingester.sync-min-utilization float
Minimum utilization of chunk when doing synchronization.
-ingester.sync-period duration
Parameters used to synchronize ingesters to cut chunks at the same moment. Sync period is used to roll over incoming entry to a new chunk. If chunk's utilization isn't high enough (eg. less than 50% when sync_min_utilization is set to 0.5), then this chunk rollover doesn't happen.
-ingester.tailer.max-dropped-streams int
Maximum number of dropped streams to keep in memory during tailing. (default 10)
-ingester.tokens-file-path string
File path where tokens are stored. If empty, tokens are not stored at shutdown and restored at startup.
-ingester.unordered-writes
Deprecated. When true, out-of-order writes are accepted. (default true)
-ingester.unregister-on-shutdown
Unregister from the ring upon clean shutdown. It can be useful to disable for rolling restarts with consistent naming in conjunction with -distributor.extend-writes=false. (default true)
-ingester.wal-dir string
Directory where the WAL data is stored and/or recovered from. (default "wal")
-ingester.wal-enabled
Enable writing of ingested data into WAL. (default true)
-ingester.wal-replay-memory-ceiling value
Maximum memory size the WAL may use during replay. After hitting this, it will flush data to storage before continuing. A unit suffix (KB, MB, GB) may be applied. (default 4GB)
-internal-server.enable
Disable the internal http server.
-internal-server.graceful-shutdown-timeout duration
Timeout for graceful shutdowns (default 30s)
-internal-server.http-conn-limit int
Maximum number of simultaneous http connections, <=0 to disable
-internal-server.http-idle-timeout duration
Idle timeout for HTTP server (default 2m0s)
-internal-server.http-listen-address string
HTTP internal server listen address. (default "localhost")
-internal-server.http-listen-network string
HTTP internal server listen network, default tcp (default "tcp")
-internal-server.http-listen-port int
HTTP internal server listen port. (default 3101)
-internal-server.http-read-timeout duration
Read timeout for HTTP server (default 30s)
-internal-server.http-tls-ca-path string
HTTP TLS Client CA path.
-internal-server.http-tls-cert-path string
HTTP internal server cert path.
-internal-server.http-tls-cipher-suites string
HTTP TLS Cipher Suites.
-internal-server.http-tls-client-auth string
HTTP TLS Client Auth type.
-internal-server.http-tls-key-path string
HTTP internal server key path.
-internal-server.http-tls-min-version string
HTTP TLS Min Version.
-internal-server.http-write-timeout duration
Write timeout for HTTP server (default 30s)
-legacy-read-mode
Set to false to disable the legacy read mode and use new scalable mode with 3rd backend target. The default will be flipped to false in the next Loki release. (default true)
-limits.per-user-override-config string
Feature renamed to 'runtime configuration', flag deprecated in favor of -runtime-config.file (runtime_config.file in YAML).
-limits.per-user-override-period value
Feature renamed to 'runtime configuration'; flag deprecated in favor of -runtime-config.reload-period (runtime_config.period in YAML). (default 10s)
-limits.volume-max-series int
The default number of aggregated series or labels that can be returned from a log-volume endpoint (default 1000)
-list-targets
List available targets
-local.chunk-directory string
Directory to store chunks in.
-log-config-reverse-order
Dump the entire Loki config object at Info log level with the order reversed, reversing the order makes viewing the entries easier in Grafana.
-log.format value
Output log messages in the given format. Valid formats: [logfmt, json] (default logfmt)
-log.level value
Only log messages with the given severity or above. Valid levels: [debug, info, warn, error] (default info)
-log.use-buffered
Deprecated. Uses a line-buffered logger to improve performance. (default true)
-log.use-sync
Deprecated. Forces all lines logged to hold a mutex to serialize writes. (default true)
-memberlist.abort-if-join-fails
If this node fails to join memberlist cluster, abort.
-memberlist.advertise-addr string
Gossip address to advertise to other members in the cluster. Used for NAT traversal.
-memberlist.advertise-port int
Gossip port to advertise to other members in the cluster. Used for NAT traversal. (default 7946)
-memberlist.bind-addr value
IP address to listen on for gossip messages. Multiple addresses may be specified. Defaults to 0.0.0.0
-memberlist.bind-port int
Port to listen on for gossip messages. (default 7946)
-memberlist.cluster-label string
The cluster label is an optional string to include in outbound packets and gossip streams. Other members in the memberlist cluster will discard any message whose label doesn't match the configured one, unless the 'cluster-label-verification-disabled' configuration option is set to true.
-memberlist.cluster-label-verification-disabled
When true, memberlist doesn't verify that inbound packets and gossip streams have the cluster label matching the configured one. This verification should be disabled while rolling out the change to the configured cluster label in a live memberlist cluster.
-memberlist.compression-enabled
Enable message compression. This can be used to reduce bandwidth usage at the cost of slightly more CPU utilization. (default true)
-memberlist.dead-node-reclaim-time duration
How soon can dead node's name be reclaimed with new address. 0 to disable.
-memberlist.gossip-interval duration
How often to gossip. (default 200ms)
-memberlist.gossip-nodes int
How many nodes to gossip to. (default 3)
-memberlist.gossip-to-dead-nodes-time duration
How long to keep gossiping to dead nodes, to give them chance to refute their death. (default 30s)
-memberlist.join value
Other cluster members to join. Can be specified multiple times. It can be an IP, hostname or an entry specified in the DNS Service Discovery format.
-memberlist.leave-timeout duration
Timeout for leaving memberlist cluster. (default 20s)
-memberlist.left-ingesters-timeout duration
How long to keep LEFT ingesters in the ring. (default 5m0s)
-memberlist.max-join-backoff duration
Max backoff duration to join other cluster members. (default 1m0s)
-memberlist.max-join-retries int
Max number of retries to join other cluster members. (default 10)
-memberlist.message-history-buffer-bytes int
How much space to use for keeping received and sent messages in memory for troubleshooting (two buffers). 0 to disable.
-memberlist.min-join-backoff duration
Min backoff duration to join other cluster members. (default 1s)
-memberlist.nodename string
Name of the node in memberlist cluster. Defaults to hostname.
-memberlist.packet-dial-timeout duration
Timeout used when connecting to other nodes to send packet. (default 2s)
-memberlist.packet-write-timeout duration
Timeout for writing 'packet' data. (default 5s)
-memberlist.pullpush-interval duration
How often to use pull/push sync. (default 30s)
-memberlist.randomize-node-name
Add random suffix to the node name. (default true)
-memberlist.rejoin-interval duration
If not 0, how often to rejoin the cluster. Occasional rejoin can help to fix the cluster split issue, and is harmless otherwise. For example when using only few components as a seed nodes (via -memberlist.join), then it's recommended to use rejoin. If -memberlist.join points to dynamic service that resolves to all gossiping nodes (eg. Kubernetes headless service), then rejoin is not needed.
-memberlist.retransmit-factor int
Multiplication factor used when sending out messages (factor * log(N+1)). (default 4)
-memberlist.stream-timeout duration
The timeout for establishing a connection with a remote node, and for read/write operations. (default 10s)
-memberlist.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-memberlist.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-memberlist.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-memberlist.tls-enabled
Enable TLS on the memberlist transport layer.
-memberlist.tls-insecure-skip-verify
Skip validating server certificate.
-memberlist.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-memberlist.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-memberlist.tls-server-name string
Override the expected name on the server certificate.
-memberlist.transport-debug
Log debug transport messages. Note: global log.level must be at debug level as well.
-metrics.ignore-throttle-below float
Ignore throttling below this level (rate per second) (default 1)
-metrics.queue-length-query string
query to fetch ingester queue length (default "sum(avg_over_time(cortex_ingester_flush_queue_length{job=\"cortex/ingester\"}[2m]))")
-metrics.read-error-query string
query to fetch read errors per table (default "sum(increase(cortex_dynamo_failures_total{operation=\"DynamoDB.QueryPages\",error=\"ProvisionedThroughputExceededException\"}[1m])) by (table) > 0")
-metrics.read-usage-query string
query to fetch read capacity usage per table (default "sum(rate(cortex_dynamo_consumed_capacity_total{operation=\"DynamoDB.QueryPages\"}[1h])) by (table) > 0")
-metrics.scale-up-factor float
Scale up capacity by this multiple (default 1.3)
-metrics.target-queue-length int
Queue length above which we will scale up capacity (default 100000)
-metrics.url string
Use metrics-based autoscaling, via this query URL
-metrics.usage-query string
query to fetch write capacity usage per table (default "sum(rate(cortex_dynamo_consumed_capacity_total{operation=\"DynamoDB.BatchWriteItem\"}[15m])) by (table) > 0")
-metrics.write-throttle-query string
query to fetch throttle rates per table (default "sum(rate(cortex_dynamo_throttled_total{operation=\"DynamoDB.BatchWriteItem\"}[1m])) by (table) > 0")
-multi.mirror-enabled
Mirror writes to secondary store.
-multi.mirror-timeout duration
Timeout for storing value to secondary store. (default 2s)
-multi.primary string
Primary backend storage used by multi-client.
-multi.secondary string
Secondary backend storage used by multi-client.
-print-config-stderr
Dump the entire Loki config object to stderr
-querier.align-querier-with-step
Mutate incoming queries to align their start and end with their step.
-querier.cache-index-stats-results
Cache index stats query results.
-querier.cache-results
Cache query results.
-querier.compress-http-responses
Compress HTTP responses.
-querier.dns-lookup-period duration
How often to query DNS for query-frontend or query-scheduler address. Also used to determine how often to poll the scheduler-ring for addresses if the scheduler-ring is configured. (default 3s)
-querier.engine.max-lookback-period duration
The maximum amount of time to look back for log lines. Used only for instant log queries. (default 30s)
-querier.engine.timeout duration
Use querier.query-timeout instead. Timeout for query execution. (default 5m0s)
-querier.extra-query-delay duration
Time to wait before sending more than the minimum successful query requests.
-querier.frontend-address string
Address of query frontend service, in host:port format. If -querier.scheduler-address is set as well, querier will use scheduler instead. Only one of -querier.frontend-address or -querier.scheduler-address can be set. If neither is set, queries are only received via HTTP endpoint.
-querier.frontend-client.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-querier.frontend-client.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-querier.frontend-client.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-querier.frontend-client.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-querier.frontend-client.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-querier.frontend-client.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-querier.frontend-client.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-querier.frontend-client.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-querier.frontend-client.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-querier.frontend-client.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-querier.frontend-client.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-querier.frontend-client.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-querier.frontend-client.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-querier.frontend-client.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-querier.frontend-client.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-querier.frontend-client.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-querier.frontend-client.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-querier.frontend-client.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-querier.frontend-client.tls-insecure-skip-verify
Skip validating server certificate.
-querier.frontend-client.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-querier.frontend-client.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-querier.frontend-client.tls-server-name string
Override the expected name on the server certificate.
-querier.id string
Querier ID, sent to frontend service to identify requests from the same querier. Defaults to hostname.
-querier.max-concurrent int
The maximum number of concurrent queries allowed. (default 10)
-querier.max-concurrent-tail-requests int
Maximum number of concurrent tail requests. (default 10)
-querier.max-outstanding-requests-per-tenant int
Maximum number of outstanding requests per tenant per frontend; requests beyond this error with HTTP 429. (default 2048)
-querier.max-query-lookback value
Limit how far back in time series data and metadata can be queried, up until lookback duration ago. This limit is enforced in the query frontend, the querier and the ruler. If the requested time range is outside the allowed range, the request will not fail, but will be modified to only query data within the allowed time range. The default value of 0 does not set a limit.
-querier.max-query-parallelism int
Maximum number of queries that will be scheduled in parallel by the frontend. (default 32)
-querier.max-query-range value
Limit the length of the [range] inside a range query. Default is 0 or unlimited
-querier.max-query-series int
Limit the maximum of unique series that is returned by a metric query. When the limit is reached an error is returned. (default 500)
-querier.max-retries-per-request int
Maximum number of retries for a single request; beyond this, the downstream error is returned. (default 5)
-querier.max-streams-matcher-per-query int
Maximum number of stream matchers per query. (default 1000)
-querier.multi-tenant-queries-enabled
When true, allow queries to span multiple tenants.
-querier.parallelise-shardable-queries
Perform query parallelisations based on storage sharding configuration and query ASTs. This feature is supported only by the chunks storage engine. (default true)
-querier.per-request-limits-enabled
When true, querier limits sent via a header are enforced.
-querier.query-ingester-only
When true, queriers only query the ingesters, and not stored data. This is useful when the object store is unavailable.
-querier.query-ingesters-within duration
Maximum lookback beyond which queries are not sent to ingester. 0 means all queries are sent to ingester. (default 3h0m0s)
-querier.query-store-only
Only query the store, and not attempt any ingesters. This is useful for running a standalone querier pool operating only against stored data.
-querier.query-timeout value
Timeout when querying backends (ingesters or storage) during the execution of a query request. When a specific per-tenant timeout is used, the global timeout is ignored. (default 1m)
-querier.scheduler-address string
Hostname (and port) of scheduler that querier will periodically resolve, connect to and receive queries from. Only one of -querier.frontend-address or -querier.scheduler-address can be set. If neither is set, queries are only received via HTTP endpoint.
-querier.split-queries-by-interval value
Split queries by a time interval and execute in parallel. The value 0 disables splitting by time. This also determines how cache keys are chosen when result caching is enabled. (default 30m)
-querier.tail-max-duration duration
Maximum duration for which the live tailing requests are served. (default 1h0m0s)
-querier.tsdb-max-bytes-per-shard value
Maximum number of bytes assigned to a single sharded query. Also expressible in human readable forms (1GB, etc). (default 600MB)
-querier.tsdb-max-query-parallelism int
Maximum number of queries will be scheduled in parallel by the frontend for TSDB schemas. (default 512)
-querier.worker-match-max-concurrent
Force worker concurrency to match the -querier.max-concurrent option. Overrides querier.worker-parallelism. (default true)
-querier.worker-parallelism int
Number of simultaneous queries to process per query-frontend or query-scheduler. (default 10)
-query-frontend.querier-forget-delay duration
In the event a tenant is repeatedly sending queries that lead the querier to crash or be killed due to an out-of-memory error, the crashed querier will be disconnected from the query frontend and a new querier will be immediately assigned to the tenant’s shard. This invalidates the assumption that shuffle sharding can be used to reduce the impact on tenants. This option mitigates the impact by configuring a delay between when a querier disconnects because of a crash and when the crashed querier is actually removed from the tenant's shard.
-query-scheduler.grpc-client-config.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-query-scheduler.grpc-client-config.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-query-scheduler.grpc-client-config.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-query-scheduler.grpc-client-config.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-query-scheduler.grpc-client-config.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-query-scheduler.grpc-client-config.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-query-scheduler.grpc-client-config.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-query-scheduler.grpc-client-config.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-query-scheduler.grpc-client-config.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-query-scheduler.grpc-client-config.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-query-scheduler.grpc-client-config.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-query-scheduler.grpc-client-config.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-query-scheduler.grpc-client-config.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-query-scheduler.grpc-client-config.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-query-scheduler.grpc-client-config.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-query-scheduler.grpc-client-config.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-query-scheduler.grpc-client-config.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-query-scheduler.grpc-client-config.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-query-scheduler.grpc-client-config.tls-insecure-skip-verify
Skip validating server certificate.
-query-scheduler.grpc-client-config.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-query-scheduler.grpc-client-config.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-query-scheduler.grpc-client-config.tls-server-name string
Override the expected name on the server certificate.
-query-scheduler.max-outstanding-requests-per-tenant int
Maximum number of outstanding requests per tenant per query-scheduler. In-flight requests above this limit will fail with HTTP response status code 429. (default 100)
-query-scheduler.max-queue-hierarchy-levels int
Maximum number of levels of nesting of hierarchical queues. 0 means that hierarchical queues are disabled. (default 3)
-query-scheduler.querier-forget-delay duration
If a querier disconnects without sending notification about graceful shutdown, the query-scheduler will keep the querier in the tenant's shard until the forget delay has passed. This feature is useful to reduce the blast radius when shuffle-sharding is enabled.
-query-scheduler.ring.consul.acl-token value
ACL Token used to interact with Consul.
-query-scheduler.ring.consul.cas-retry-delay duration
Maximum duration to wait before retrying a Compare And Swap (CAS) operation. (default 1s)
-query-scheduler.ring.consul.client-timeout duration
HTTP timeout when talking to Consul (default 20s)
-query-scheduler.ring.consul.consistent-reads
Enable consistent reads to Consul.
-query-scheduler.ring.consul.hostname string
Hostname and port of Consul. (default "localhost:8500")
-query-scheduler.ring.consul.watch-burst-size int
Burst size used in rate limit. Values less than 1 are treated as 1. (default 1)
-query-scheduler.ring.consul.watch-rate-limit float
Rate limit when watching key or prefix in Consul, in requests per second. 0 disables the rate limit. (default 1)
-query-scheduler.ring.etcd.dial-timeout duration
The dial timeout for the etcd connection. (default 10s)
-query-scheduler.ring.etcd.endpoints value
The etcd endpoints to connect to.
-query-scheduler.ring.etcd.max-retries int
The maximum number of retries to do for failed ops. (default 10)
-query-scheduler.ring.etcd.password value
Etcd password.
-query-scheduler.ring.etcd.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-query-scheduler.ring.etcd.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-query-scheduler.ring.etcd.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-query-scheduler.ring.etcd.tls-enabled
Enable TLS.
-query-scheduler.ring.etcd.tls-insecure-skip-verify
Skip validating server certificate.
-query-scheduler.ring.etcd.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-query-scheduler.ring.etcd.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-query-scheduler.ring.etcd.tls-server-name string
Override the expected name on the server certificate.
-query-scheduler.ring.etcd.username string
Etcd username.
-query-scheduler.ring.heartbeat-period duration
Period at which to heartbeat to the ring. 0 = disabled. (default 15s)
-query-scheduler.ring.heartbeat-timeout duration
The heartbeat timeout after which compactors are considered unhealthy within the ring. 0 = never (timeout disabled). (default 1m0s)
-query-scheduler.ring.instance-addr string
IP address to advertise in the ring.
-query-scheduler.ring.instance-availability-zone string
The availability zone where this instance is running. Required if zone-awareness is enabled.
-query-scheduler.ring.instance-enable-ipv6
Enable using a IPv6 instance address.
-query-scheduler.ring.instance-id string
Instance ID to register in the ring. (default "users-MacBook-Pro.local")
-query-scheduler.ring.instance-interface-names value
Name of network interface to read address from. (default [en0 bridge100])
-query-scheduler.ring.instance-port int
Port to advertise in the ring (defaults to server.grpc-listen-port).
-query-scheduler.ring.multi.mirror-enabled
Mirror writes to secondary store.
-query-scheduler.ring.multi.mirror-timeout duration
Timeout for storing value to secondary store. (default 2s)
-query-scheduler.ring.multi.primary string
Primary backend storage used by multi-client.
-query-scheduler.ring.multi.secondary string
Secondary backend storage used by multi-client.
-query-scheduler.ring.prefix string
The prefix for the keys in the store. Should end with a /. (default "collectors/")
-query-scheduler.ring.store string
Backend storage to use for the ring. Supported values are: consul, etcd, inmemory, memberlist, multi. (default "consul")
-query-scheduler.ring.tokens-file-path string
File path where tokens are stored. If empty, tokens are not stored at shutdown and restored at startup.
-query-scheduler.ring.zone-awareness-enabled
True to enable zone-awareness and replicate blocks across different availability zones.
-query-scheduler.use-scheduler-ring
Set to true to have the query schedulers create and place themselves in a ring. If no frontend_address or scheduler_address are present anywhere else in the configuration, Loki will toggle this value to true.
-replication-factor int
Deprecated: How many index gateway instances are assigned to each tenant. Use -index-gateway.shard-size instead. The shard size is also a per-tenant setting. (default 3)
-reporting.enabled
Enable anonymous usage reporting. (default true)
-reporting.usage-stats-url string
URL to which reports are sent (default "https://stats.grafana.org/loki-usage-report")
-ring.heartbeat-timeout duration
The heartbeat timeout after which ingesters are skipped for reads/writes. 0 = never (timeout disabled). (default 1m0s)
-ring.prefix string
The prefix for the keys in the store. Should end with a /. (default "collectors/")
-ring.store string
Backend storage to use for the ring. Supported values are: consul, etcd, inmemory, memberlist, multi. (default "consul")
-ruler.alertmanager-client.basic-auth-password string
HTTP Basic authentication password. It overrides the password set in the URL (if any).
-ruler.alertmanager-client.basic-auth-username string
HTTP Basic authentication username. It overrides the username set in the URL (if any).
-ruler.alertmanager-client.credentials string
HTTP Header authorization credentials.
-ruler.alertmanager-client.credentials-file string
HTTP Header authorization credentials file.
-ruler.alertmanager-client.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-ruler.alertmanager-client.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-ruler.alertmanager-client.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-ruler.alertmanager-client.tls-insecure-skip-verify
Skip validating server certificate.
-ruler.alertmanager-client.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-ruler.alertmanager-client.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-ruler.alertmanager-client.tls-server-name string
Override the expected name on the server certificate.
-ruler.alertmanager-client.type string
HTTP Header authorization type (default: Bearer). (default "Bearer")
-ruler.alertmanager-discovery
Use DNS SRV records to discover Alertmanager hosts.
-ruler.alertmanager-refresh-interval duration
How long to wait between refreshing DNS resolutions of Alertmanager hosts. (default 1m0s)
-ruler.alertmanager-url string
Comma-separated list of Alertmanager URLs to send notifications to. Each Alertmanager URL is treated as a separate group in the configuration. Multiple Alertmanagers in HA per group can be supported by using DNS resolution via '-ruler.alertmanager-discovery'.
-ruler.alertmanager-use-v2
If enabled requests to Alertmanager will utilize the V2 API.
-ruler.client-timeout value
This flag has been renamed to ruler.configs.client-timeout
-ruler.client.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-ruler.client.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-ruler.client.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-ruler.client.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-ruler.client.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-ruler.client.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-ruler.client.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-ruler.client.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-ruler.client.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-ruler.client.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-ruler.client.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-ruler.client.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-ruler.client.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-ruler.client.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-ruler.client.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-ruler.client.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-ruler.client.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-ruler.client.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-ruler.client.tls-insecure-skip-verify
Skip validating server certificate.
-ruler.client.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-ruler.client.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-ruler.client.tls-server-name string
Override the expected name on the server certificate.
-ruler.datasource-uid string
Datasource UID for the dashboard.
-ruler.disable-rule-group-label
Disable the rule_group label on exported metrics.
-ruler.disabled-tenants value
Comma separated list of tenants whose rules this ruler cannot evaluate. If specified, a ruler that would normally pick the specified tenant(s) for processing will ignore them instead. Subject to sharding.
-ruler.enable-api
Enable the ruler API. (default true)
-ruler.enable-sharding
Distribute rule evaluation using ring backend.
-ruler.enabled-tenants value
Comma separated list of tenants whose rules this ruler can evaluate. If specified, only these tenants will be handled by ruler, otherwise this ruler can process rules from all tenants. Subject to sharding.
-ruler.evaluation-delay-duration value
Deprecated. Duration to delay the evaluation of rules to ensure the underlying metrics have been pushed to Cortex.
-ruler.evaluation-interval duration
How frequently to evaluate rules. (default 1m0s)
-ruler.evaluation.max-jitter duration
Upper bound of random duration to wait before rule evaluation to avoid contention during concurrent execution of rules. Jitter is calculated consistently for a given rule. Set 0 to disable (default).
-ruler.evaluation.mode string
The evaluation mode for the ruler. Can be either 'local' or 'remote'. If set to 'local', the ruler will evaluate rules locally. If set to 'remote', the ruler will evaluate rules remotely. If unset, the ruler will evaluate rules locally. (default "local")
-ruler.evaluation.query-frontend.address string
GRPC listen address of the query-frontend(s). Must be a DNS address (prefixed with dns:///) to enable client side load balancing.
-ruler.evaluation.query-frontend.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-ruler.evaluation.query-frontend.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-ruler.evaluation.query-frontend.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-ruler.evaluation.query-frontend.tls-enabled
Set to true if query-frontend connection requires TLS.
-ruler.evaluation.query-frontend.tls-insecure-skip-verify
Skip validating server certificate.
-ruler.evaluation.query-frontend.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-ruler.evaluation.query-frontend.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-ruler.evaluation.query-frontend.tls-server-name string
Override the expected name on the server certificate.
-ruler.external.url value
Base URL of the Grafana instance.
-ruler.flush-period duration
Period with which to attempt to flush rule groups. (default 1m0s)
-ruler.for-grace-period duration
Minimum duration between alert and restored "for" state. This is maintained only for alerts with configured "for" time greater than the grace period. (default 10m0s)
-ruler.for-outage-tolerance duration
Max time to tolerate outage for restoring "for" state of alert. (default 1h0m0s)
-ruler.group-timeout value
This flag is no longer functional.
-ruler.max-rule-groups-per-tenant int
Maximum number of rule groups per-tenant. 0 to disable.
-ruler.max-rules-per-rule-group int
Maximum number of rules per rule group per-tenant. 0 to disable.
-ruler.notification-queue-capacity int
Capacity of the queue for notifications to be sent to the Alertmanager. (default 10000)
-ruler.notification-timeout duration
HTTP timeout duration when sending notifications to the Alertmanager. (default 10s)
-ruler.num-workers value
This flag is no longer functional. For increased concurrency horizontal sharding is recommended
-ruler.poll-interval duration
How frequently to poll for rule changes. (default 1m0s)
-ruler.query-stats-enabled
Report the wall time for ruler queries to complete as a per user metric and as an info level log message.
-ruler.remote-write.config-refresh-period duration
Minimum period to wait between refreshing remote-write reconfigurations. This should be greater than or equivalent to -limits.per-user-override-period. (default 10s)
-ruler.remote-write.enabled
Enable remote-write functionality.
-ruler.resend-delay duration
Minimum amount of time to wait before resending an alert to Alertmanager. (default 1m0s)
-ruler.ring.consul.acl-token value
ACL Token used to interact with Consul.
-ruler.ring.consul.cas-retry-delay duration
Maximum duration to wait before retrying a Compare And Swap (CAS) operation. (default 1s)
-ruler.ring.consul.client-timeout duration
HTTP timeout when talking to Consul (default 20s)
-ruler.ring.consul.consistent-reads
Enable consistent reads to Consul.
-ruler.ring.consul.hostname string
Hostname and port of Consul. (default "localhost:8500")
-ruler.ring.consul.watch-burst-size int
Burst size used in rate limit. Values less than 1 are treated as 1. (default 1)
-ruler.ring.consul.watch-rate-limit float
Rate limit when watching key or prefix in Consul, in requests per second. 0 disables the rate limit. (default 1)
-ruler.ring.etcd.dial-timeout duration
The dial timeout for the etcd connection. (default 10s)
-ruler.ring.etcd.endpoints value
The etcd endpoints to connect to.
-ruler.ring.etcd.max-retries int
The maximum number of retries to do for failed ops. (default 10)
-ruler.ring.etcd.password value
Etcd password.
-ruler.ring.etcd.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-ruler.ring.etcd.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-ruler.ring.etcd.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-ruler.ring.etcd.tls-enabled
Enable TLS.
-ruler.ring.etcd.tls-insecure-skip-verify
Skip validating server certificate.
-ruler.ring.etcd.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-ruler.ring.etcd.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-ruler.ring.etcd.tls-server-name string
Override the expected name on the server certificate.
-ruler.ring.etcd.username string
Etcd username.
-ruler.ring.heartbeat-period duration
Interval between heartbeats sent to the ring. 0 = disabled. (default 5s)
-ruler.ring.heartbeat-timeout duration
The heartbeat timeout after which ruler ring members are considered unhealthy within the ring. 0 = never (timeout disabled). (default 1m0s)
-ruler.ring.instance-addr string
IP address to advertise in the ring.
-ruler.ring.instance-enable-ipv6
Enable using a IPv6 instance address.
-ruler.ring.instance-id string
Instance ID to register in the ring. (default "users-MacBook-Pro.local")
-ruler.ring.instance-interface-names value
Name of network interface to read addresses from. (default [en0 bridge100])
-ruler.ring.instance-port int
Port to advertise in the ring (defaults to server.grpc-listen-port).
-ruler.ring.multi.mirror-enabled
Mirror writes to secondary store.
-ruler.ring.multi.mirror-timeout duration
Timeout for storing value to secondary store. (default 2s)
-ruler.ring.multi.primary string
Primary backend storage used by multi-client.
-ruler.ring.multi.secondary string
Secondary backend storage used by multi-client.
-ruler.ring.num-tokens int
The number of tokens the lifecycler will generate and put into the ring if it joined without transferring tokens from another lifecycler. (default 128)
-ruler.ring.prefix string
The prefix for the keys in the store. Should end with a /. (default "rulers/")
-ruler.ring.store string
Backend storage to use for the ring. Supported values are: consul, etcd, inmemory, memberlist, multi. (default "consul")
-ruler.rule-path string
File path to store temporary rule files. (default "/rules")
-ruler.search-pending-for duration
Time to spend searching for a pending ruler when shutting down. (default 5m0s)
-ruler.sharding-algo string
The sharding algorithm to use for deciding how rules & groups are sharded. Supported values are: by-group, by-rule. (default "by-group")
-ruler.sharding-strategy string
The sharding strategy to use. Supported values are: default, shuffle-sharding. (default "default")
-ruler.storage.azure.account-key value
Azure storage account key.
-ruler.storage.azure.account-name string
Azure storage account name.
-ruler.storage.azure.chunk-delimiter string
Chunk delimiter for blob ID to be used (default "-")
-ruler.storage.azure.client-id string
Azure Service Principal ID(GUID).
-ruler.storage.azure.client-secret value
Azure Service Principal secret key.
-ruler.storage.azure.container-name string
Name of the storage account blob container used to store chunks. This container must be created before running cortex. (default "loki")
-ruler.storage.azure.download-buffer-count int
Number of buffers used to used to upload a chunk. (default 1)
-ruler.storage.azure.download-buffer-size int
Preallocated buffer size for downloads. (default 512000)
-ruler.storage.azure.endpoint-suffix string
Azure storage endpoint suffix without schema. The storage account name will be prefixed to this value to create the FQDN.
-ruler.storage.azure.environment string
Azure Cloud environment. Supported values are: AzureGlobal, AzureChinaCloud, AzureGermanCloud, AzureUSGovernment. (default "AzureGlobal")
-ruler.storage.azure.max-retries int
Number of retries for a request which times out. (default 5)
-ruler.storage.azure.max-retry-delay duration
Maximum time to wait before retrying a request. (default 500ms)
-ruler.storage.azure.min-retry-delay duration
Minimum time to wait before retrying a request. (default 10ms)
-ruler.storage.azure.request-timeout duration
Timeout for requests made against azure blob storage. (default 30s)
-ruler.storage.azure.tenant-id string
Azure Tenant ID is used to authenticate through Azure OAuth.
-ruler.storage.azure.upload-buffer-size int
Preallocated buffer size for uploads. (default 256000)
-ruler.storage.azure.use-federated-token
Use Federated Token to authenticate to the Azure storage account.
-ruler.storage.azure.use-managed-identity
Use Managed Identity to authenticate to the Azure storage account.
-ruler.storage.azure.use-service-principal
Use Service Principal to authenticate through Azure OAuth.
-ruler.storage.azure.user-assigned-id string
User assigned identity ID to authenticate to the Azure storage account.
-ruler.storage.bos.access-key-id string
Baidu Cloud Engine (BCE) Access Key ID.
-ruler.storage.bos.bucket-name string
Name of BOS bucket.
-ruler.storage.bos.endpoint string
BOS endpoint to connect to. (default "bj.bcebos.com")
-ruler.storage.bos.secret-access-key value
Baidu Cloud Engine (BCE) Secret Access Key.
-ruler.storage.cos.access-key-id string
COS HMAC Access Key ID.
-ruler.storage.cos.api-key value
IAM API key to access COS.
-ruler.storage.cos.auth-endpoint string
IAM Auth Endpoint for authentication. (default "https://iam.cloud.ibm.com/identity/token")
-ruler.storage.cos.buckets string
Comma separated list of bucket names to evenly distribute chunks over.
-ruler.storage.cos.cr-token-file-path string
Compute resource token file path.
-ruler.storage.cos.endpoint string
COS Endpoint to connect to.
-ruler.storage.cos.force-path-style true
Set this to true to force the request to use path-style addressing.
-ruler.storage.cos.http.idle-conn-timeout duration
The maximum amount of time an idle connection will be held open. (default 1m30s)
-ruler.storage.cos.http.response-header-timeout duration
If non-zero, specifies the amount of time to wait for a server's response headers after fully writing the request.
-ruler.storage.cos.max-backoff duration
Maximum backoff time when cos get Object. (default 3s)
-ruler.storage.cos.max-retries int
Maximum number of times to retry when cos get Object. (default 5)
-ruler.storage.cos.min-backoff duration
Minimum backoff time when cos get Object. (default 100ms)
-ruler.storage.cos.region string
COS region to use.
-ruler.storage.cos.secret-access-key value
COS HMAC Secret Access Key.
-ruler.storage.cos.service-instance-id string
COS service instance id to use.
-ruler.storage.cos.trusted-profile-id string
ID of the trusted profile.
-ruler.storage.cos.trusted-profile-name string
Name of the trusted profile.
-ruler.storage.gcs.bucketname string
Name of GCS bucket. Please refer to https://cloud.google.com/docs/authentication/production for more information about how to configure authentication.
-ruler.storage.gcs.chunk-buffer-size int
The size of the buffer that GCS client for each PUT request. 0 to disable buffering.
-ruler.storage.gcs.enable-http2
Enable HTTP2 connections. (default true)
-ruler.storage.gcs.enable-opencensus
Enable OpenCensus (OC) instrumentation for all requests. (default true)
-ruler.storage.gcs.request-timeout duration
The duration after which the requests to GCS should be timed out.
-ruler.storage.gcs.service-account value
Service account key content in JSON format, refer to https://cloud.google.com/iam/docs/creating-managing-service-account-keys for creation.
-ruler.storage.local.directory string
Directory to scan for rules
-ruler.storage.oss.access-key-id string
alibabacloud Access Key ID
-ruler.storage.oss.bucketname string
Name of OSS bucket.
-ruler.storage.oss.endpoint string
oss Endpoint to connect to.
-ruler.storage.oss.secret-access-key string
alibabacloud Secret Access Key
-ruler.storage.s3.access-key-id string
AWS Access Key ID
-ruler.storage.s3.buckets string
Comma separated list of bucket names to evenly distribute chunks over. Overrides any buckets specified in s3.url flag
-ruler.storage.s3.endpoint string
S3 Endpoint to connect to.
-ruler.storage.s3.force-path-style true
Set this to true to force the request to use path-style addressing.
-ruler.storage.s3.http.ca-file string
Path to the trusted CA file that signed the SSL certificate of the S3 endpoint.
-ruler.storage.s3.http.idle-conn-timeout duration
The maximum amount of time an idle connection will be held open. (default 1m30s)
-ruler.storage.s3.http.insecure-skip-verify
Set to true to skip verifying the certificate chain and hostname.
-ruler.storage.s3.http.response-header-timeout duration
If non-zero, specifies the amount of time to wait for a server's response headers after fully writing the request.
-ruler.storage.s3.http.timeout duration
Timeout specifies a time limit for requests made by s3 Client.
-ruler.storage.s3.insecure
Disable https on s3 connection.
-ruler.storage.s3.max-backoff duration
Maximum backoff time when s3 get Object (default 3s)
-ruler.storage.s3.max-retries int
Maximum number of times to retry when s3 get Object (default 5)
-ruler.storage.s3.min-backoff duration
Minimum backoff time when s3 get Object (default 100ms)
-ruler.storage.s3.region string
AWS region to use.
-ruler.storage.s3.secret-access-key value
AWS Secret Access Key
-ruler.storage.s3.session-token value
AWS Session Token
-ruler.storage.s3.signature-version string
The signature version to use for authenticating against S3. Supported values are: v4, v2. (default "v4")
-ruler.storage.s3.sse-encryption
Enable AWS Server Side Encryption [Deprecated: Use .sse instead. if s3.sse-encryption is enabled, it assumes .sse.type SSE-S3]
-ruler.storage.s3.sse.kms-encryption-context string
KMS Encryption Context used for object encryption. It expects JSON formatted string.
-ruler.storage.s3.sse.kms-key-id string
KMS Key ID used to encrypt objects in S3
-ruler.storage.s3.sse.type string
Enable AWS Server Side Encryption. Supported values: SSE-KMS, SSE-S3.
-ruler.storage.s3.storage-class string
The S3 storage class which objects will use. Supported values are: GLACIER, DEEP_ARCHIVE, GLACIER_IR, INTELLIGENT_TIERING, ONEZONE_IA, OUTPOSTS, REDUCED_REDUNDANCY, STANDARD, STANDARD_IA. (default "STANDARD")
-ruler.storage.s3.url value
S3 endpoint URL with escaped Key and Secret encoded. If only region is specified as a host, proper endpoint will be deduced. Use inmemory:///<bucket-name> to use a mock in-memory implementation.
-ruler.storage.swift.auth-url string
OpenStack Swift authentication URL
-ruler.storage.swift.auth-version int
OpenStack Swift authentication API version. 0 to autodetect.
-ruler.storage.swift.connect-timeout duration
Time after which a connection attempt is aborted. (default 10s)
-ruler.storage.swift.container-name string
Name of the OpenStack Swift container to put chunks in.
-ruler.storage.swift.domain-id string
OpenStack Swift user's domain ID.
-ruler.storage.swift.domain-name string
OpenStack Swift user's domain name.
-ruler.storage.swift.internal
Set this to true to use the internal OpenStack Swift endpoint URL
-ruler.storage.swift.max-retries int
Max retries on requests error. (default 3)
-ruler.storage.swift.password string
OpenStack Swift API key.
-ruler.storage.swift.project-domain-id string
ID of the OpenStack Swift project's domain (v3 auth only), only needed if it differs the from user domain.
-ruler.storage.swift.project-domain-name string
Name of the OpenStack Swift project's domain (v3 auth only), only needed if it differs from the user domain.
-ruler.storage.swift.project-id string
OpenStack Swift project ID (v2,v3 auth only).
-ruler.storage.swift.project-name string
OpenStack Swift project name (v2,v3 auth only).
-ruler.storage.swift.region-name string
OpenStack Swift Region to use (v2,v3 auth only).
-ruler.storage.swift.request-timeout duration
Time after which an idle request is aborted. The timeout watchdog is reset each time some data is received, so the timeout triggers after X time no data is received on a request. (default 5s)
-ruler.storage.swift.user-domain-id string
OpenStack Swift user's domain ID.
-ruler.storage.swift.user-domain-name string
OpenStack Swift user's domain name.
-ruler.storage.swift.user-id string
OpenStack Swift user ID.
-ruler.storage.swift.username string
OpenStack Swift username.
-ruler.storage.type string
Method to use for backend rule storage (configdb, azure, gcs, s3, swift, local, bos, cos)
-ruler.tenant-shard-size int
The default tenant's shard size when shuffle-sharding is enabled in the ruler. When this setting is specified in the per-tenant overrides, a value of 0 disables shuffle sharding for the tenant.
-ruler.wal-cleaer.period duration
Deprecated: CLI flag -ruler.wal-cleaer.period.
Use -ruler.wal-cleaner.period instead.
-ruler.wal-cleaner.min-age duration
The minimum age of a WAL to consider for cleaning. (default 12h0m0s)
-ruler.wal-cleaner.period duration
Deprecated: CLI flag -ruler.wal-cleaer.period.
Use -ruler.wal-cleaner.period instead.
How often to run the WAL cleaner. 0 = disabled.
-ruler.wal.dir string
The directory in which to write tenant WAL files. Each tenant will have its own directory one level below this directory. (default "ruler-wal")
-ruler.wal.max-age duration
Maximum age that samples must exist in the WAL before being truncated. (default 4h0m0s)
-ruler.wal.min-age duration
Minimum age that samples must exist in the WAL before being truncated. (default 5m0s)
-ruler.wal.truncate-frequency duration
Frequency with which to run the WAL truncation process. (default 1h0m0s)
-runtime-config.file value
Comma separated list of yaml files with the configuration that can be updated at runtime. Runtime config files will be merged from left to right.
-runtime-config.reload-period duration
How often to check runtime config files. (default 10s)
-s3.access-key-id string
AWS Access Key ID
-s3.buckets string
Comma separated list of bucket names to evenly distribute chunks over. Overrides any buckets specified in s3.url flag
-s3.endpoint string
S3 Endpoint to connect to.
-s3.force-path-style true
Set this to true to force the request to use path-style addressing.
-s3.http.ca-file string
Path to the trusted CA file that signed the SSL certificate of the S3 endpoint.
-s3.http.idle-conn-timeout duration
The maximum amount of time an idle connection will be held open. (default 1m30s)
-s3.http.insecure-skip-verify
Set to true to skip verifying the certificate chain and hostname.
-s3.http.response-header-timeout duration
If non-zero, specifies the amount of time to wait for a server's response headers after fully writing the request.
-s3.http.timeout duration
Timeout specifies a time limit for requests made by s3 Client.
-s3.insecure
Disable https on s3 connection.
-s3.max-backoff duration
Maximum backoff time when s3 get Object (default 3s)
-s3.max-retries int
Maximum number of times to retry when s3 get Object (default 5)
-s3.min-backoff duration
Minimum backoff time when s3 get Object (default 100ms)
-s3.region string
AWS region to use.
-s3.secret-access-key value
AWS Secret Access Key
-s3.session-token value
AWS Session Token
-s3.signature-version string
The signature version to use for authenticating against S3. Supported values are: v4, v2. (default "v4")
-s3.sse-encryption
Enable AWS Server Side Encryption [Deprecated: Use .sse instead. if s3.sse-encryption is enabled, it assumes .sse.type SSE-S3]
-s3.sse.kms-encryption-context string
KMS Encryption Context used for object encryption. It expects JSON formatted string.
-s3.sse.kms-key-id string
KMS Key ID used to encrypt objects in S3
-s3.sse.type string
Enable AWS Server Side Encryption. Supported values: SSE-KMS, SSE-S3.
-s3.storage-class string
The S3 storage class which objects will use. Supported values are: GLACIER, DEEP_ARCHIVE, GLACIER_IR, INTELLIGENT_TIERING, ONEZONE_IA, OUTPOSTS, REDUCED_REDUNDANCY, STANDARD, STANDARD_IA. (default "STANDARD")
-s3.url value
S3 endpoint URL with escaped Key and Secret encoded. If only region is specified as a host, proper endpoint will be deduced. Use inmemory:///<bucket-name> to use a mock in-memory implementation.
-schema-config-file string
The path to the schema config file. The schema config is used only when running Cortex with the chunks storage.
-server.graceful-shutdown-timeout duration
Timeout for graceful shutdowns (default 30s)
-server.grpc-conn-limit int
Maximum number of simultaneous grpc connections, <=0 to disable
-server.grpc-listen-address string
gRPC server listen address.
-server.grpc-listen-network string
gRPC server listen network (default "tcp")
-server.grpc-listen-port int
gRPC server listen port. (default 9095)
-server.grpc-max-concurrent-streams uint
Limit on the number of concurrent streams for gRPC calls (0 = unlimited) (default 100)
-server.grpc-max-recv-msg-size-bytes int
Limit on the size of a gRPC message this server can receive (bytes). (default 4194304)
-server.grpc-max-send-msg-size-bytes int
Limit on the size of a gRPC message this server can send (bytes). (default 4194304)
-server.grpc-tls-ca-path string
GRPC TLS Client CA path.
-server.grpc-tls-cert-path string
GRPC TLS server cert path.
-server.grpc-tls-client-auth string
GRPC TLS Client Auth type.
-server.grpc-tls-key-path string
GRPC TLS server key path.
-server.grpc.keepalive.max-connection-age duration
The duration for the maximum amount of time a connection may exist before it will be closed. Default: infinity (default 2562047h47m16.854775807s)
-server.grpc.keepalive.max-connection-age-grace duration
An additive period after max-connection-age after which the connection will be forcibly closed. Default: infinity (default 2562047h47m16.854775807s)
-server.grpc.keepalive.max-connection-idle duration
The duration after which an idle connection should be closed. Default: infinity (default 2562047h47m16.854775807s)
-server.grpc.keepalive.min-time-between-pings duration
Minimum amount of time a client should wait before sending a keepalive ping. If client sends keepalive ping more often, server will send GOAWAY and close the connection. (default 10s)
-server.grpc.keepalive.ping-without-stream-allowed
If true, server allows keepalive pings even when there are no active streams(RPCs). If false, and client sends ping when there are no active streams, server will send GOAWAY and close the connection. (default true)
-server.grpc.keepalive.time duration
Duration after which a keepalive probe is sent in case of no activity over the connection., Default: 2h (default 2h0m0s)
-server.grpc.keepalive.timeout duration
After having pinged for keepalive check, the duration after which an idle connection should be closed, Default: 20s (default 20s)
-server.http-conn-limit int
Maximum number of simultaneous http connections, <=0 to disable
-server.http-idle-timeout duration
Idle timeout for HTTP server (default 2m0s)
-server.http-listen-address string
HTTP server listen address.
-server.http-listen-network string
HTTP server listen network, default tcp (default "tcp")
-server.http-listen-port int
HTTP server listen port. (default 3100)
-server.http-read-timeout duration
Read timeout for HTTP server (default 30s)
-server.http-tls-ca-path string
HTTP TLS Client CA path.
-server.http-tls-cert-path string
HTTP server cert path.
-server.http-tls-client-auth string
HTTP TLS Client Auth type.
-server.http-tls-key-path string
HTTP server key path.
-server.http-write-timeout duration
Write timeout for HTTP server (default 30s)
-server.log-request-at-info-level-enabled
Optionally log requests at info level instead of debug level. Applies to request headers as well if server.log-request-headers is enabled.
-server.log-request-headers
Optionally log request headers.
-server.log-request-headers-exclude-list string
Comma separated list of headers to exclude from loggin. Only used if server.log-request-headers is true.
-server.log-source-ips-enabled
Optionally log the source IPs.
-server.log-source-ips-header string
Header field storing the source IPs. Only used if server.log-source-ips-enabled is true. If not set the default Forwarded, X-Real-IP and X-Forwarded-For headers are used
-server.log-source-ips-regex string
Regex for matching the source IPs. Only used if server.log-source-ips-enabled is true. If not set the default Forwarded, X-Real-IP and X-Forwarded-For headers are used
-server.path-prefix string
Base path to serve all API routes from (e.g. /v1/)
-server.register-instrumentation
Register the intrumentation handlers (/metrics etc). (default true)
-server.tls-cipher-suites string
Comma-separated list of cipher suites to use. If blank, the default Go cipher suites is used.
-server.tls-min-version string
Minimum TLS version to use. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. If blank, the Go TLS minimum version is used.
-shard-streams.desired-rate value
threshold used to cut a new shard. Default (3MB) means if a rate is above 3MB, it will be sharded. (default 3MB)
-shard-streams.enabled
Automatically shard streams to keep them under the per-stream rate limit
-shard-streams.logging-enabled
Enable logging when sharding streams
-shutdown-delay duration
How long to wait between SIGTERM and shutdown. After receiving SIGTERM, Loki will report 503 Service Unavailable status via /ready endpoint.
-store.cache-lookups-older-than value
Cache index entries older than this period. 0 to disable.
-store.cardinality-limit int
Cardinality limit for index queries. (default 100000)
-store.chunks-cache.background.write-back-buffer int
How many key batches to buffer for background write-back. (default 10000)
-store.chunks-cache.background.write-back-concurrency int
At what concurrency to write back to cache. (default 10)
-store.chunks-cache.background.write-back-size-limit value
Size limit in bytes for background write-back. (default 1GB)
-store.chunks-cache.cache-stubs
If true, don't write the full chunk to cache, just a stub entry.
-store.chunks-cache.cache.enable-fifocache
(deprecated: use embedded-cache instead) Enable in-memory cache (auto-enabled for the chunks & query results cache if no other cache is configured).
-store.chunks-cache.default-validity duration
The default validity of entries for caches unless overridden. (default 1h0m0s)
-store.chunks-cache.embedded-cache.enabled
Whether embedded cache is enabled.
-store.chunks-cache.embedded-cache.max-size-mb int
Maximum memory size of the cache in MB. (default 100)
-store.chunks-cache.embedded-cache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-store.chunks-cache.fifocache.duration duration
Deprecated (use ttl instead): The expiry duration for the cache.
-store.chunks-cache.fifocache.max-size-bytes string
Maximum memory size of the cache in bytes. A unit suffix (KB, MB, GB) may be applied. (default "1GB")
-store.chunks-cache.fifocache.max-size-items int
deprecated: Maximum number of entries in the cache.
-store.chunks-cache.fifocache.size int
Deprecated (use max-size-items or max-size-bytes instead): The number of entries to cache.
-store.chunks-cache.fifocache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-store.chunks-cache.max-async-cache-write-back-buffer-size int
The maximum number of enqueued asynchronous writeback cache allowed. (default 500)
-store.chunks-cache.max-async-cache-write-back-concurrency int
The maximum number of concurrent asynchronous writeback cache can occur. (default 16)
-store.chunks-cache.memcached.addresses string
EXPERIMENTAL: Comma separated addresses list in DNS Service Discovery format: https://cortexmetrics.io/docs/configuration/arguments/#dns-service-discovery
-store.chunks-cache.memcached.batchsize int
How many keys to fetch in each batch. (default 1024)
-store.chunks-cache.memcached.circuit-breaker-consecutive-failures uint
Trip circuit-breaker after this number of consecutive dial failures (if zero then circuit-breaker is disabled). (default 10)
-store.chunks-cache.memcached.circuit-breaker-interval duration
Reset circuit-breaker counts after this long (if zero then never reset). (default 10s)
-store.chunks-cache.memcached.circuit-breaker-timeout duration
Duration circuit-breaker remains open after tripping (if zero then 60 seconds is used). (default 10s)
-store.chunks-cache.memcached.consistent-hash
Use consistent hashing to distribute to memcache servers. (default true)
-store.chunks-cache.memcached.expiration duration
How long keys stay in the memcache.
-store.chunks-cache.memcached.hostname string
Hostname for memcached service to use. If empty and if addresses is unset, no memcached will be used.
-store.chunks-cache.memcached.max-idle-conns int
Maximum number of idle connections in pool. (default 16)
-store.chunks-cache.memcached.max-item-size int
The maximum size of an item stored in memcached. Bigger items are not stored. If set to 0, no maximum size is enforced.
-store.chunks-cache.memcached.parallelism int
Maximum active requests to memcache. (default 100)
-store.chunks-cache.memcached.service string
SRV service used to discover memcache servers. (default "memcached")
-store.chunks-cache.memcached.timeout duration
Maximum time to wait before giving up on memcached requests. (default 100ms)
-store.chunks-cache.memcached.update-interval duration
Period with which to poll DNS for memcache servers. (default 1m0s)
-store.chunks-cache.redis.db int
Database index.
-store.chunks-cache.redis.endpoint string
Redis Server or Cluster configuration endpoint to use for caching. A comma-separated list of endpoints for Redis Cluster or Redis Sentinel. If empty, no redis will be used.
-store.chunks-cache.redis.expiration duration
How long keys stay in the redis.
-store.chunks-cache.redis.idle-timeout duration
Close connections after remaining idle for this duration. If the value is zero, then idle connections are not closed.
-store.chunks-cache.redis.master-name string
Redis Sentinel master name. An empty string for Redis Server or Redis Cluster.
-store.chunks-cache.redis.max-connection-age duration
Close connections older than this duration. If the value is zero, then the pool does not close connections based on age.
-store.chunks-cache.redis.password value
Password to use when connecting to redis.
-store.chunks-cache.redis.pool-size int
Maximum number of connections in the pool.
-store.chunks-cache.redis.route-randomly
By default, the Redis client only reads from the master node. Enabling this option can lower pressure on the master node by randomly routing read-only commands to the master and any available replicas.
-store.chunks-cache.redis.timeout duration
Maximum time to wait before giving up on redis requests. (default 500ms)
-store.chunks-cache.redis.tls-enabled
Enable connecting to redis with TLS.
-store.chunks-cache.redis.tls-insecure-skip-verify
Skip validating server certificate.
-store.chunks-cache.redis.username string
Username to use when connecting to redis.
-store.disable-broad-index-queries
Disable broad index queries which results in reduced cache usage and faster query performance at the expense of somewhat higher QPS on the index store.
-store.hedge-max-per-second int
The maximum of hedge requests allowed per seconds. (default 5)
-store.hedge-requests-at duration
If set to a non-zero value a second request will be issued at the provided duration. Default is 0 (disabled)
-store.hedge-requests-up-to int
The maximum of hedge requests allowed. (default 2)
-store.index-cache-read.background.write-back-buffer int
How many key batches to buffer for background write-back. (default 10000)
-store.index-cache-read.background.write-back-concurrency int
At what concurrency to write back to cache. (default 10)
-store.index-cache-read.background.write-back-size-limit value
Size limit in bytes for background write-back. (default 1GB)
-store.index-cache-read.cache.enable-fifocache
(deprecated: use embedded-cache instead) Enable in-memory cache (auto-enabled for the chunks & query results cache if no other cache is configured).
-store.index-cache-read.default-validity duration
The default validity of entries for caches unless overridden. (default 1h0m0s)
-store.index-cache-read.embedded-cache.enabled
Whether embedded cache is enabled.
-store.index-cache-read.embedded-cache.max-size-mb int
Maximum memory size of the cache in MB. (default 100)
-store.index-cache-read.embedded-cache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-store.index-cache-read.fifocache.duration duration
Deprecated (use ttl instead): The expiry duration for the cache.
-store.index-cache-read.fifocache.max-size-bytes string
Maximum memory size of the cache in bytes. A unit suffix (KB, MB, GB) may be applied. (default "1GB")
-store.index-cache-read.fifocache.max-size-items int
deprecated: Maximum number of entries in the cache.
-store.index-cache-read.fifocache.size int
Deprecated (use max-size-items or max-size-bytes instead): The number of entries to cache.
-store.index-cache-read.fifocache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-store.index-cache-read.max-async-cache-write-back-buffer-size int
The maximum number of enqueued asynchronous writeback cache allowed. (default 500)
-store.index-cache-read.max-async-cache-write-back-concurrency int
The maximum number of concurrent asynchronous writeback cache can occur. (default 16)
-store.index-cache-read.memcached.addresses string
EXPERIMENTAL: Comma separated addresses list in DNS Service Discovery format: https://cortexmetrics.io/docs/configuration/arguments/#dns-service-discovery
-store.index-cache-read.memcached.batchsize int
How many keys to fetch in each batch. (default 1024)
-store.index-cache-read.memcached.circuit-breaker-consecutive-failures uint
Trip circuit-breaker after this number of consecutive dial failures (if zero then circuit-breaker is disabled). (default 10)
-store.index-cache-read.memcached.circuit-breaker-interval duration
Reset circuit-breaker counts after this long (if zero then never reset). (default 10s)
-store.index-cache-read.memcached.circuit-breaker-timeout duration
Duration circuit-breaker remains open after tripping (if zero then 60 seconds is used). (default 10s)
-store.index-cache-read.memcached.consistent-hash
Use consistent hashing to distribute to memcache servers. (default true)
-store.index-cache-read.memcached.expiration duration
How long keys stay in the memcache.
-store.index-cache-read.memcached.hostname string
Hostname for memcached service to use. If empty and if addresses is unset, no memcached will be used.
-store.index-cache-read.memcached.max-idle-conns int
Maximum number of idle connections in pool. (default 16)
-store.index-cache-read.memcached.max-item-size int
The maximum size of an item stored in memcached. Bigger items are not stored. If set to 0, no maximum size is enforced.
-store.index-cache-read.memcached.parallelism int
Maximum active requests to memcache. (default 100)
-store.index-cache-read.memcached.service string
SRV service used to discover memcache servers. (default "memcached")
-store.index-cache-read.memcached.timeout duration
Maximum time to wait before giving up on memcached requests. (default 100ms)
-store.index-cache-read.memcached.update-interval duration
Period with which to poll DNS for memcache servers. (default 1m0s)
-store.index-cache-read.redis.db int
Database index.
-store.index-cache-read.redis.endpoint string
Redis Server or Cluster configuration endpoint to use for caching. A comma-separated list of endpoints for Redis Cluster or Redis Sentinel. If empty, no redis will be used.
-store.index-cache-read.redis.expiration duration
How long keys stay in the redis.
-store.index-cache-read.redis.idle-timeout duration
Close connections after remaining idle for this duration. If the value is zero, then idle connections are not closed.
-store.index-cache-read.redis.master-name string
Redis Sentinel master name. An empty string for Redis Server or Redis Cluster.
-store.index-cache-read.redis.max-connection-age duration
Close connections older than this duration. If the value is zero, then the pool does not close connections based on age.
-store.index-cache-read.redis.password value
Password to use when connecting to redis.
-store.index-cache-read.redis.pool-size int
Maximum number of connections in the pool.
-store.index-cache-read.redis.route-randomly
By default, the Redis client only reads from the master node. Enabling this option can lower pressure on the master node by randomly routing read-only commands to the master and any available replicas.
-store.index-cache-read.redis.timeout duration
Maximum time to wait before giving up on redis requests. (default 500ms)
-store.index-cache-read.redis.tls-enabled
Enable connecting to redis with TLS.
-store.index-cache-read.redis.tls-insecure-skip-verify
Skip validating server certificate.
-store.index-cache-read.redis.username string
Username to use when connecting to redis.
-store.index-cache-validity duration
Cache validity for active index entries. Should be no higher than -ingester.max-chunk-idle. (default 5m0s)
-store.index-cache-write.background.write-back-buffer int
How many key batches to buffer for background write-back. (default 10000)
-store.index-cache-write.background.write-back-concurrency int
At what concurrency to write back to cache. (default 10)
-store.index-cache-write.background.write-back-size-limit value
Size limit in bytes for background write-back. (default 1GB)
-store.index-cache-write.cache.enable-fifocache
(deprecated: use embedded-cache instead) Enable in-memory cache (auto-enabled for the chunks & query results cache if no other cache is configured).
-store.index-cache-write.default-validity duration
The default validity of entries for caches unless overridden. (default 1h0m0s)
-store.index-cache-write.embedded-cache.enabled
Whether embedded cache is enabled.
-store.index-cache-write.embedded-cache.max-size-mb int
Maximum memory size of the cache in MB. (default 100)
-store.index-cache-write.embedded-cache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-store.index-cache-write.fifocache.duration duration
Deprecated (use ttl instead): The expiry duration for the cache.
-store.index-cache-write.fifocache.max-size-bytes string
Maximum memory size of the cache in bytes. A unit suffix (KB, MB, GB) may be applied. (default "1GB")
-store.index-cache-write.fifocache.max-size-items int
deprecated: Maximum number of entries in the cache.
-store.index-cache-write.fifocache.size int
Deprecated (use max-size-items or max-size-bytes instead): The number of entries to cache.
-store.index-cache-write.fifocache.ttl duration
The time to live for items in the cache before they get purged. (default 1h0m0s)
-store.index-cache-write.max-async-cache-write-back-buffer-size int
The maximum number of enqueued asynchronous writeback cache allowed. (default 500)
-store.index-cache-write.max-async-cache-write-back-concurrency int
The maximum number of concurrent asynchronous writeback cache can occur. (default 16)
-store.index-cache-write.memcached.addresses string
EXPERIMENTAL: Comma separated addresses list in DNS Service Discovery format: https://cortexmetrics.io/docs/configuration/arguments/#dns-service-discovery
-store.index-cache-write.memcached.batchsize int
How many keys to fetch in each batch. (default 1024)
-store.index-cache-write.memcached.circuit-breaker-consecutive-failures uint
Trip circuit-breaker after this number of consecutive dial failures (if zero then circuit-breaker is disabled). (default 10)
-store.index-cache-write.memcached.circuit-breaker-interval duration
Reset circuit-breaker counts after this long (if zero then never reset). (default 10s)
-store.index-cache-write.memcached.circuit-breaker-timeout duration
Duration circuit-breaker remains open after tripping (if zero then 60 seconds is used). (default 10s)
-store.index-cache-write.memcached.consistent-hash
Use consistent hashing to distribute to memcache servers. (default true)
-store.index-cache-write.memcached.expiration duration
How long keys stay in the memcache.
-store.index-cache-write.memcached.hostname string
Hostname for memcached service to use. If empty and if addresses is unset, no memcached will be used.
-store.index-cache-write.memcached.max-idle-conns int
Maximum number of idle connections in pool. (default 16)
-store.index-cache-write.memcached.max-item-size int
The maximum size of an item stored in memcached. Bigger items are not stored. If set to 0, no maximum size is enforced.
-store.index-cache-write.memcached.parallelism int
Maximum active requests to memcache. (default 100)
-store.index-cache-write.memcached.service string
SRV service used to discover memcache servers. (default "memcached")
-store.index-cache-write.memcached.timeout duration
Maximum time to wait before giving up on memcached requests. (default 100ms)
-store.index-cache-write.memcached.update-interval duration
Period with which to poll DNS for memcache servers. (default 1m0s)
-store.index-cache-write.redis.db int
Database index.
-store.index-cache-write.redis.endpoint string
Redis Server or Cluster configuration endpoint to use for caching. A comma-separated list of endpoints for Redis Cluster or Redis Sentinel. If empty, no redis will be used.
-store.index-cache-write.redis.expiration duration
How long keys stay in the redis.
-store.index-cache-write.redis.idle-timeout duration
Close connections after remaining idle for this duration. If the value is zero, then idle connections are not closed.
-store.index-cache-write.redis.master-name string
Redis Sentinel master name. An empty string for Redis Server or Redis Cluster.
-store.index-cache-write.redis.max-connection-age duration
Close connections older than this duration. If the value is zero, then the pool does not close connections based on age.
-store.index-cache-write.redis.password value
Password to use when connecting to redis.
-store.index-cache-write.redis.pool-size int
Maximum number of connections in the pool.
-store.index-cache-write.redis.route-randomly
By default, the Redis client only reads from the master node. Enabling this option can lower pressure on the master node by randomly routing read-only commands to the master and any available replicas.
-store.index-cache-write.redis.timeout duration
Maximum time to wait before giving up on redis requests. (default 500ms)
-store.index-cache-write.redis.tls-enabled
Enable connecting to redis with TLS.
-store.index-cache-write.redis.tls-insecure-skip-verify
Skip validating server certificate.
-store.index-cache-write.redis.username string
Username to use when connecting to redis.
-store.max-chunk-batch-size int
The maximum number of chunks to fetch per batch. (default 50)
-store.max-look-back-period value
This flag is deprecated. Use -querier.max-query-lookback instead.
-store.max-parallel-get-chunk int
Maximum number of parallel chunk reads. (default 150)
-store.max-query-length value
The limit to length of chunk store queries. 0 to disable. (default 30d1h)
-store.query-chunk-limit int
Maximum number of chunks that can be fetched in a single query. (default 2000000)
-store.query-ready-index-num-days int
Number of days of index to be kept always downloaded for queries. Applies only to per user index in boltdb-shipper index store. 0 to disable.
-store.retention value
Retention period to apply to stored data, only applies if retention_enabled is true in the compactor config. As of version 2.8.0, a zero value of 0 or 0s disables retention. In previous releases, Loki did not properly honor a zero value to disable retention and a really large value should be used instead.
-swift.auth-url string
OpenStack Swift authentication URL
-swift.auth-version int
OpenStack Swift authentication API version. 0 to autodetect.
-swift.connect-timeout duration
Time after which a connection attempt is aborted. (default 10s)
-swift.container-name string
Name of the OpenStack Swift container to put chunks in.
-swift.domain-id string
OpenStack Swift user's domain ID.
-swift.domain-name string
OpenStack Swift user's domain name.
-swift.internal
Set this to true to use the internal OpenStack Swift endpoint URL
-swift.max-retries int
Max retries on requests error. (default 3)
-swift.password string
OpenStack Swift API key.
-swift.project-domain-id string
ID of the OpenStack Swift project's domain (v3 auth only), only needed if it differs the from user domain.
-swift.project-domain-name string
Name of the OpenStack Swift project's domain (v3 auth only), only needed if it differs from the user domain.
-swift.project-id string
OpenStack Swift project ID (v2,v3 auth only).
-swift.project-name string
OpenStack Swift project name (v2,v3 auth only).
-swift.region-name string
OpenStack Swift Region to use (v2,v3 auth only).
-swift.request-timeout duration
Time after which an idle request is aborted. The timeout watchdog is reset each time some data is received, so the timeout triggers after X time no data is received on a request. (default 5s)
-swift.user-domain-id string
OpenStack Swift user's domain ID.
-swift.user-domain-name string
OpenStack Swift user's domain name.
-swift.user-id string
OpenStack Swift user ID.
-swift.username string
OpenStack Swift username.
-table-manager.chunk-table.enable-ondemand-throughput-mode
Enables on demand throughput provisioning for the storage provider (if supported). Applies only to tables which are not autoscaled. Supported by DynamoDB
-table-manager.chunk-table.inactive-enable-ondemand-throughput-mode
Enables on demand throughput provisioning for the storage provider (if supported). Applies only to tables which are not autoscaled. Supported by DynamoDB
-table-manager.chunk-table.inactive-read-throughput int
Table read throughput for inactive tables. Supported by DynamoDB (default 300)
-table-manager.chunk-table.inactive-read-throughput.scale-last-n int
Number of last inactive tables to enable read autoscale. (default 4)
-table-manager.chunk-table.inactive-read-throughput.scale.enabled
Should we enable autoscale for the table.
-table-manager.chunk-table.inactive-read-throughput.scale.in-cooldown int
DynamoDB minimum seconds between each autoscale down. (default 1800)
-table-manager.chunk-table.inactive-read-throughput.scale.max-capacity int
DynamoDB maximum provision capacity. (default 6000)
-table-manager.chunk-table.inactive-read-throughput.scale.min-capacity int
DynamoDB minimum provision capacity. (default 3000)
-table-manager.chunk-table.inactive-read-throughput.scale.out-cooldown int
DynamoDB minimum seconds between each autoscale up. (default 1800)
-table-manager.chunk-table.inactive-read-throughput.scale.role-arn string
AWS AutoScaling role ARN
-table-manager.chunk-table.inactive-read-throughput.scale.target-value float
DynamoDB target ratio of consumed capacity to provisioned capacity. (default 80)
-table-manager.chunk-table.inactive-write-throughput int
Table write throughput for inactive tables. Supported by DynamoDB (default 1)
-table-manager.chunk-table.inactive-write-throughput.scale-last-n int
Number of last inactive tables to enable write autoscale. (default 4)
-table-manager.chunk-table.inactive-write-throughput.scale.enabled
Should we enable autoscale for the table.
-table-manager.chunk-table.inactive-write-throughput.scale.in-cooldown int
DynamoDB minimum seconds between each autoscale down. (default 1800)
-table-manager.chunk-table.inactive-write-throughput.scale.max-capacity int
DynamoDB maximum provision capacity. (default 6000)
-table-manager.chunk-table.inactive-write-throughput.scale.min-capacity int
DynamoDB minimum provision capacity. (default 3000)
-table-manager.chunk-table.inactive-write-throughput.scale.out-cooldown int
DynamoDB minimum seconds between each autoscale up. (default 1800)
-table-manager.chunk-table.inactive-write-throughput.scale.role-arn string
AWS AutoScaling role ARN
-table-manager.chunk-table.inactive-write-throughput.scale.target-value float
DynamoDB target ratio of consumed capacity to provisioned capacity. (default 80)
-table-manager.chunk-table.read-throughput int
Table default read throughput. Supported by DynamoDB (default 300)
-table-manager.chunk-table.read-throughput.scale.enabled
Should we enable autoscale for the table.
-table-manager.chunk-table.read-throughput.scale.in-cooldown int
DynamoDB minimum seconds between each autoscale down. (default 1800)
-table-manager.chunk-table.read-throughput.scale.max-capacity int
DynamoDB maximum provision capacity. (default 6000)
-table-manager.chunk-table.read-throughput.scale.min-capacity int
DynamoDB minimum provision capacity. (default 3000)
-table-manager.chunk-table.read-throughput.scale.out-cooldown int
DynamoDB minimum seconds between each autoscale up. (default 1800)
-table-manager.chunk-table.read-throughput.scale.role-arn string
AWS AutoScaling role ARN
-table-manager.chunk-table.read-throughput.scale.target-value float
DynamoDB target ratio of consumed capacity to provisioned capacity. (default 80)
-table-manager.chunk-table.write-throughput int
Table default write throughput. Supported by DynamoDB (default 1000)
-table-manager.chunk-table.write-throughput.scale.enabled
Should we enable autoscale for the table.
-table-manager.chunk-table.write-throughput.scale.in-cooldown int
DynamoDB minimum seconds between each autoscale down. (default 1800)
-table-manager.chunk-table.write-throughput.scale.max-capacity int
DynamoDB maximum provision capacity. (default 6000)
-table-manager.chunk-table.write-throughput.scale.min-capacity int
DynamoDB minimum provision capacity. (default 3000)
-table-manager.chunk-table.write-throughput.scale.out-cooldown int
DynamoDB minimum seconds between each autoscale up. (default 1800)
-table-manager.chunk-table.write-throughput.scale.role-arn string
AWS AutoScaling role ARN
-table-manager.chunk-table.write-throughput.scale.target-value float
DynamoDB target ratio of consumed capacity to provisioned capacity. (default 80)
-table-manager.index-table.enable-ondemand-throughput-mode
Enables on demand throughput provisioning for the storage provider (if supported). Applies only to tables which are not autoscaled. Supported by DynamoDB
-table-manager.index-table.inactive-enable-ondemand-throughput-mode
Enables on demand throughput provisioning for the storage provider (if supported). Applies only to tables which are not autoscaled. Supported by DynamoDB
-table-manager.index-table.inactive-read-throughput int
Table read throughput for inactive tables. Supported by DynamoDB (default 300)
-table-manager.index-table.inactive-read-throughput.scale-last-n int
Number of last inactive tables to enable read autoscale. (default 4)
-table-manager.index-table.inactive-read-throughput.scale.enabled
Should we enable autoscale for the table.
-table-manager.index-table.inactive-read-throughput.scale.in-cooldown int
DynamoDB minimum seconds between each autoscale down. (default 1800)
-table-manager.index-table.inactive-read-throughput.scale.max-capacity int
DynamoDB maximum provision capacity. (default 6000)
-table-manager.index-table.inactive-read-throughput.scale.min-capacity int
DynamoDB minimum provision capacity. (default 3000)
-table-manager.index-table.inactive-read-throughput.scale.out-cooldown int
DynamoDB minimum seconds between each autoscale up. (default 1800)
-table-manager.index-table.inactive-read-throughput.scale.role-arn string
AWS AutoScaling role ARN
-table-manager.index-table.inactive-read-throughput.scale.target-value float
DynamoDB target ratio of consumed capacity to provisioned capacity. (default 80)
-table-manager.index-table.inactive-write-throughput int
Table write throughput for inactive tables. Supported by DynamoDB (default 1)
-table-manager.index-table.inactive-write-throughput.scale-last-n int
Number of last inactive tables to enable write autoscale. (default 4)
-table-manager.index-table.inactive-write-throughput.scale.enabled
Should we enable autoscale for the table.
-table-manager.index-table.inactive-write-throughput.scale.in-cooldown int
DynamoDB minimum seconds between each autoscale down. (default 1800)
-table-manager.index-table.inactive-write-throughput.scale.max-capacity int
DynamoDB maximum provision capacity. (default 6000)
-table-manager.index-table.inactive-write-throughput.scale.min-capacity int
DynamoDB minimum provision capacity. (default 3000)
-table-manager.index-table.inactive-write-throughput.scale.out-cooldown int
DynamoDB minimum seconds between each autoscale up. (default 1800)
-table-manager.index-table.inactive-write-throughput.scale.role-arn string
AWS AutoScaling role ARN
-table-manager.index-table.inactive-write-throughput.scale.target-value float
DynamoDB target ratio of consumed capacity to provisioned capacity. (default 80)
-table-manager.index-table.read-throughput int
Table default read throughput. Supported by DynamoDB (default 300)
-table-manager.index-table.read-throughput.scale.enabled
Should we enable autoscale for the table.
-table-manager.index-table.read-throughput.scale.in-cooldown int
DynamoDB minimum seconds between each autoscale down. (default 1800)
-table-manager.index-table.read-throughput.scale.max-capacity int
DynamoDB maximum provision capacity. (default 6000)
-table-manager.index-table.read-throughput.scale.min-capacity int
DynamoDB minimum provision capacity. (default 3000)
-table-manager.index-table.read-throughput.scale.out-cooldown int
DynamoDB minimum seconds between each autoscale up. (default 1800)
-table-manager.index-table.read-throughput.scale.role-arn string
AWS AutoScaling role ARN
-table-manager.index-table.read-throughput.scale.target-value float
DynamoDB target ratio of consumed capacity to provisioned capacity. (default 80)
-table-manager.index-table.write-throughput int
Table default write throughput. Supported by DynamoDB (default 1000)
-table-manager.index-table.write-throughput.scale.enabled
Should we enable autoscale for the table.
-table-manager.index-table.write-throughput.scale.in-cooldown int
DynamoDB minimum seconds between each autoscale down. (default 1800)
-table-manager.index-table.write-throughput.scale.max-capacity int
DynamoDB maximum provision capacity. (default 6000)
-table-manager.index-table.write-throughput.scale.min-capacity int
DynamoDB minimum provision capacity. (default 3000)
-table-manager.index-table.write-throughput.scale.out-cooldown int
DynamoDB minimum seconds between each autoscale up. (default 1800)
-table-manager.index-table.write-throughput.scale.role-arn string
AWS AutoScaling role ARN
-table-manager.index-table.write-throughput.scale.target-value float
DynamoDB target ratio of consumed capacity to provisioned capacity. (default 80)
-table-manager.periodic-table.grace-period duration
Periodic tables grace period (duration which table will be created/deleted before/after it's needed). (default 10m0s)
-table-manager.poll-interval duration
How frequently to poll backend to learn our capacity. (default 2m0s)
-table-manager.retention-deletes-enabled
If true, enables retention deletes of DB tables
-table-manager.retention-period value
Tables older than this retention period are deleted. Must be either 0 (disabled) or a multiple of 24h. When enabled, be aware this setting is destructive to data!
-table-manager.throughput-updates-disabled
If true, disable all changes to DB capacity
-target value
A comma-separated list of components to run. The default value 'all' runs Loki in single binary mode. The value 'read' is an alias to run only read-path related components such as the querier and query-frontend, but all in the same process. The value 'write' is an alias to run only write-path related components such as the distributor and compactor, but all in the same process. Supported values: all, compactor, distributor, ingester, querier, query-scheduler, ingester-querier, query-frontend, index-gateway, ruler, table-manager, read, write. A full list of available targets can be printed when running Loki with the '-list-targets' command line flag. (default all)
-tracing.enabled
Set to false to disable tracing. (default true)
-tsdb.enable-postings-cache
Experimental. Whether TSDB should cache postings or not. The index-read-cache will be used as the backend.
-tsdb.shipper.active-index-directory string
Directory where ingesters would write index files which would then be uploaded by shipper to configured storage
-tsdb.shipper.cache-location string
Cache location for restoring index files from storage for queries
-tsdb.shipper.cache-ttl duration
TTL for index files restored in cache for queries (default 24h0m0s)
-tsdb.shipper.index-gateway-client.grpc.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-tsdb.shipper.index-gateway-client.grpc.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-tsdb.shipper.index-gateway-client.grpc.backoff-on-ratelimits
Enable backoff and retry when we hit rate limits.
-tsdb.shipper.index-gateway-client.grpc.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-tsdb.shipper.index-gateway-client.grpc.connect-backoff-base-delay duration
Initial backoff delay after first connection failure. Only relevant if ConnectTimeout > 0. (default 1s)
-tsdb.shipper.index-gateway-client.grpc.connect-backoff-max-delay duration
Maximum backoff delay when establishing a connection. Only relevant if ConnectTimeout > 0. (default 5s)
-tsdb.shipper.index-gateway-client.grpc.connect-timeout duration
The maximum amount of time to establish a connection. A value of 0 means default gRPC client connect timeout and backoff. (default 5s)
-tsdb.shipper.index-gateway-client.grpc.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-tsdb.shipper.index-gateway-client.grpc.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-tsdb.shipper.index-gateway-client.grpc.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and (disable compression)
-tsdb.shipper.index-gateway-client.grpc.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-tsdb.shipper.index-gateway-client.grpc.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-tsdb.shipper.index-gateway-client.grpc.initial-connection-window-size value
Initial connection window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-tsdb.shipper.index-gateway-client.grpc.initial-stream-window-size value
Initial stream window size. Values less than the default are not supported and are ignored. Setting this to a value other than the default disables the BDP estimator. (default 63KiB1023B)
-tsdb.shipper.index-gateway-client.grpc.tls-ca-path string
Path to the CA certificates to validate server certificate against. If not set, the host's root CA certificates are used.
-tsdb.shipper.index-gateway-client.grpc.tls-cert-path string
Path to the client certificate, which will be used for authenticating with the server. Also requires the key path to be configured.
-tsdb.shipper.index-gateway-client.grpc.tls-cipher-suites string
Override the default cipher suite list (separated by commas).
-tsdb.shipper.index-gateway-client.grpc.tls-enabled
Enable TLS in the gRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-tsdb.shipper.index-gateway-client.grpc.tls-insecure-skip-verify
Skip validating server certificate.
-tsdb.shipper.index-gateway-client.grpc.tls-key-path string
Path to the key for the client certificate. Also requires the client certificate to be configured.
-tsdb.shipper.index-gateway-client.grpc.tls-min-version string
Override the default minimum TLS version. Allowed values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13
-tsdb.shipper.index-gateway-client.grpc.tls-server-name string
Override the expected name on the server certificate.
-tsdb.shipper.index-gateway-client.log-gateway-requests
Whether requests sent to the gateway should be logged or not.
-tsdb.shipper.index-gateway-client.server-address string
Hostname or IP of the Index Gateway gRPC server running in simple mode.
-tsdb.shipper.query-ready-num-days int
Number of days of common index to be kept downloaded for queries. For per tenant index query readiness, use limits overrides config.
-tsdb.shipper.resync-interval duration
Resync downloaded files with the storage (default 5m0s)
-tsdb.shipper.shared-store string
Shared store for keeping index files. Supported types: gcs, s3, azure, cos, filesystem
-tsdb.shipper.shared-store.key-prefix string
Prefix to add to Object Keys in Shared store. Path separator(if any) should always be a '/'. Prefix should never start with a separator but should always end with it (default "index/")
-tsdb.shipper.use-boltdb-shipper-as-backup
Use boltdb-shipper index store as backup for indexing chunks. When enabled, boltdb-shipper needs to be configured under storage_config
-validation.allow-structured-metadata
Allow user to send structured metadata (non-indexed labels) in push payload.
-validation.create-grace-period value
Duration which table will be created/deleted before/after it's needed; we won't accept sample from before this time. (default 10m)
-validation.enforce-metric-name
Enforce every sample has a metric name. (default true)
-validation.increment-duplicate-timestamps
Alter the log line timestamp during ingestion when the timestamp is the same as the previous entry for the same stream. When enabled, if a log line in a push request has the same timestamp as the previous line for the same stream, one nanosecond is added to the log line. This will preserve the received order of log lines with the exact same timestamp when they are queried, by slightly altering their stored timestamp. NOTE: This is imperfect, because Loki accepts out of order writes, and another push request for the same stream could contain duplicate timestamps to existing entries and they will not be incremented.
-validation.max-entries-limit int
Maximum number of log entries that will be returned for a query. (default 5000)
-validation.max-label-names-per-series int
Maximum number of label names per series. (default 30)
-validation.max-length-label-name int
Maximum length accepted for label names. (default 1024)
-validation.max-length-label-value int
Maximum length accepted for label value. This setting also applies to the metric name. (default 2048)
-validation.reject-old-samples
Whether or not old samples will be rejected. (default true)
-validation.reject-old-samples.max-age value
Maximum accepted sample age before rejecting. (default 1w)
-verify-config
Verify config file and exits
-version
Print this builds version information
Advertising:
