Core and Rule Engine Configuration
Server common parameters
Section titled “Server common parameters”Server bind-address
Server bind port
Server forward headers strategy. Required for SWAGGER UI when reverse proxy is used
Enable/disable SSL support
Server credentials type (PEM - pem certificate file; KEYSTORE - java keystore)
Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
Path to the server certificate private key file (optional). Required if the private key is not present in the server certificate file
Server certificate private key password (optional)
Type of the key store (JKS or PKCS12)
Path to the key store that holds the SSL certificate
Password used to access the key store
Key alias
Password used to access the key
Semi-colon-separated list of urlPattern=maxPayloadSize pairs that define max http request size for specified url pattern. After first match all other will be skipped
Enable/disable HTTP/2 support
Log errors with stacktrace when REST API throws an exception with the message “Please contact sysadmin”
Timeout for sending data to client WebSocket session in milliseconds
recommended timeout >= 30 seconds. The platform will attempt to send a ‘ping’ request 3 times within the timeout
Refresh rate of the dynamic alarm end entity data queries
Thread pool size to execute dynamic queries
Maximum number of dynamic queries per refresh interval. For example, no more than 10 alarm queries are executed by the user simultaneously in all browsers.
Maximum number of dynamic queries per user. For example, no more than 10 alarm widgets opened by the user simultaneously in all browsers
Maximum number of entities returned for single entity subscription. For example, no more than 10,000 entities on the map widget
Maximum number of alarms returned for single alarm subscription. For example, no more than 10,000 alarms on the alarm widget
Maximum size (bytes) of incoming WS text message
Maximum size (bytes) of incoming WS binary message
Maximum queue size of the websocket updates per session. This restriction prevents infinite updates of WS
Maximum time between WS session opening and sending auth command
Per-tenant rate limit for WS subscriptions
Per-user rate limit for WS subscriptions
Maximum number of active originator alarm ids being saved in cache for single alarm status subscription. For example, no more than 10 alarm ids on the alarm widget
Minimum value of the server-side RPC timeout. May override value provided in the REST API call. Since 2.5 migration to queues, the RPC delay depends on the size of the pending messages in the queue. So default UI parameter of 500ms may not be sufficient for loaded environments.
Default value of the server-side RPC timeout.
Limit that prohibits resetting the password for the user too often. The value of the rate limit. By default, no more than 5 requests per hour
Default timeout for waiting response of REST API request to Rule Engine in milliseconds
ZooKeeper connection parameters
Section titled “ZooKeeper connection parameters”Enable/disable ZooKeeper discovery service.
ZooKeeper connect string
ZooKeeper retry interval in milliseconds
ZooKeeper connection timeout in milliseconds
ZooKeeper session timeout in milliseconds
Name of the directory in ZooKeeper ‘filesystem’
The recalculate_delay property is recommended in a microservices architecture setup for rule-engine services. This property provides a pause to ensure that when a rule-engine service is restarted, other nodes don’t immediately attempt to recalculate their partitions. The delay is recommended because the initialization of rule chain actors is time-consuming. Avoiding unnecessary recalculations during a restart can enhance system performance and stability.
Cluster parameters
Section titled “Cluster parameters”Enable/Disable the cluster statistics. Calculates the number of messages sent between cluster nodes based on each type
Interval of printing the cluster stats to the log file
Plugins configuration parameters
Section titled “Plugins configuration parameters”Comma-separated package list used during classpath scanning for plugins
Security parameters
Section titled “Security parameters”Number of seconds (2.5 hours)
Number of seconds (1 week).
User JWT Token issuer
Base64 encoded
Enable/disable access to Tenant Administrators JWT token by System Administrator or Customer Users JWT token by Tenant Administrator
Prefix for the auto-generated API key. For example, tb_Ood4dQMxWvMH-76z3E_Cv0mZaBWT0Clk3hRSO0P_jNQ
Length of the auto-generated API key. Max is 255
Enable/disable case-sensitive username login
Enable/disable claiming devices; if false -> the device’s [claimingAllowed] SERVER_SCOPE attribute must be set to [true] to allow claiming the specific device
1 minute, note this value must equal claimDevices.timeToLiveInMinutes value
Enable/Disable basic security options
Redirect URL where access code from external user management system will be processed
The email addresses that will be mapped from the URL
CA certificates keystore default path. Typically this keystore is at JAVA_HOME/lib/security/cacerts
The password of the cacerts keystore file
Enable/disable X-Content-Type-Options header. Prevents browsers from MIME-sniffing the Content-Type
Enable/disable Referrer-Policy header
Referrer-Policy header value
Enable/disable X-Frame-Options header. Protects against clickjacking attacks
Valid values: DENY, SAMEORIGIN
Enable/disable Content-Security-Policy header. Mitigates XSS and data injection attacks
Full CSP directive string. The default value is a working policy for most ThingsBoard deployments
If true, uses Content-Security-Policy-Report-Only header instead — the browser reports violations but does not enforce them. Use for testing before enforcing.
Mail settings parameters
Section titled “Mail settings parameters”Interval for checking refresh token expiration in seconds(by default, 1 day).
Rate limits for sending mails per tenant. As example for 1000 per minute and 10000 per hour is “1000:60,10000:3600”
Usage statistics parameters
Section titled “Usage statistics parameters”Enable/Disable the collection of API usage statistics. Collected on a system and tenant level by default
Enable/Disable the collection of API usage statistics on a customer level
Statistics reporting interval, set to send summarized data every 10 seconds by default
Reporting interval for urgent keys (e.g. SMS, Email) that require quicker usage state updates
Amount of statistic messages in pack
Interval of checking the start of the next cycle and re-enabling the blocked tenants/customers
In milliseconds. The default value is 3 minutes
In seconds, the default value is 1 minute. When changing, in cluster mode, make sure usage.stats.gauge_report_interval is set to x2-x3 of this value
UI settings parameters
Section titled “UI settings parameters”Maximum allowed datapoints fetched by widgets
Base URL for UI help assets
Database telemetry parameters
Section titled “Database telemetry parameters”Max number of DB queries generated by a single API call to fetch telemetry records
cassandra, sql, or timescale (for hybrid mode, DATABASE_TS_TYPE value should be cassandra, or timescale)
cassandra, sql, or timescale (for hybrid mode, DATABASE_TS_TYPE value should be cassandra, or timescale)
Cassandra driver configuration parameters
Section titled “Cassandra driver configuration parameters”Thingsboard cluster name
Thingsboard keyspace name
Specify node list
Specify the local data center name
Enable/disable secure connection
Enable/disable validation of Cassandra server hostname If enabled, the hostname of the Cassandra server must match the CN of the server certificate
Set trust store for client authentication of the server (optional, uses trust store from default SSLContext if not set)
The password for Cassandra trust store key
Set key store for server authentication of the client (optional, uses key store from default SSLContext if not set) A key store is only needed if the Cassandra server requires client authentication
The password for the Cassandra key store
Comma-separated list of cipher suites (optional, uses Java default cipher suites if not set)
Enable/disable JMX
Enable/disable metrics collection.
NONE SNAPPY LZ4
Specify cassandra cluster initialization timeout in milliseconds (if no hosts are available during startup)
Specify cassandra cluster initialization retry interval (if no hosts available during startup)
Cassandra max local requests per connection
Cassandra max remote requests per connection
Credential parameters
Specify your username
Specify your password
/etc/thingsboard/astra/secure-connect-thingsboard.zip
DucitQPHMzPCBOZqFYexAfKk
ZnF7FpuHp43FP5BzM+KY8wGmSb4Ql6BhT4Z7sOU13ze+gXQ-n7OkFpNuB,oACUIQObQnK0g4bSPoZhK5ejkcF9F.j6f64j71Sr.tiRe0Fsq2hPS1ZCGSfAaIgg63IydG
Sets the timeout, in milliseconds, of a native connection from ThingsBoard to Cassandra. The default value is 5000
Timeout before closing the connection. Value set in milliseconds
Gets if TCP keep-alive must be used
Enable/Disable reuse-address. The socket option allows for the reuse of local addresses and ports
Sets the linger-on-close timeout. By default, this option is not set by the driver. The actual value will be the default from the underlying Netty transport
Enable/Disable Nagle’s algorithm
Sets a hint to the size of the underlying buffers for incoming network I/O. By default, this option is not set by the driver. The actual value will be the default from the underlying Netty transport
Returns the hint to the size of the underlying buffers for outgoing network I/O. By default, this option is not set by the driver. The actual value will be the default from the underlying Netty transport
Consistency levels in Cassandra can be configured to manage availability versus data accuracy. The consistency level defaults to ONE for all write and read operations
Consistency levels in Cassandra can be configured to manage availability versus data accuracy. The consistency level defaults to ONE for all write and read operations
The fetch size specifies how many rows will be returned at once by Cassandra (in other words, it’s the size of each page)
Specify partitioning size for timestamp key-value storage. Example: MINUTES, HOURS, DAYS, MONTHS, INDEFINITE
Enable/Disable timestamp key-value partitioning on read queries
Safety trigger to fall back to use_ts_key_value_partitioning_on_read as true if estimated partitions count is greater than safety trigger value. It helps to prevent building huge partition list (OOM) for corner cases (like from 0 to infinity) and prefer fewer reads strategy from NoSQL database
The number of partitions that are cached in memory of each service. It is useful to decrease the load of re-inserting the same partitions again
Timeseries Time To Live (in seconds) for Cassandra Record. 0 - record has never expired
Maximum number of Cassandra queries that are waiting for execution
Maximum number of concurrent Cassandra queries
Max time in milliseconds query waits for execution
Amount of threads to dispatch cassandra queries
Buffered rate executor (read, write) for managing I/O rate. See “nosql-*-callback” threads in JMX
Result set transformer and processing. See “cassandra-callback” threads in JMX
Cassandra query queue polling interval in milliseconds
Interval in milliseconds for printing Cassandra query queue statistic
When saving a value, set other data types to null (to avoid having multiple telemetry values with the same timestamp).
log one of cassandra queries with specified frequency (0 - logging is disabled)
Maximum total size in bytes of a Cassandra query result set across all pages. Default is 50MB. 0 means unlimited
Whether to print rate-limited tenant names when printing Cassandra query queue statistic
SQL configuration parameters
Section titled “SQL configuration parameters”Batch size for persisting attribute updates
Max timeout for attributes entries queue polling. The value is set in milliseconds
Interval in milliseconds for printing attributes updates statistic
batch thread count has to be a prime number like 3 or 5 to gain perfect hash distribution
If true attribute values will be checked for XSS vulnerability
Batch size for persisting timeseries inserts
Max timeout for time-series entries queue polling. The value set in milliseconds
Interval in milliseconds for printing timeseries insert statistic
batch thread count has to be a prime number like 3 or 5 to gain perfect hash distribution
If true telemetry values will be checked for XSS vulnerability
Thread pool size for telemetry callback executor
Batch size for persisting latest telemetry updates
Maximum timeout for latest telemetry entries queue polling. The value set in milliseconds
Interval in milliseconds for printing latest telemetry updates statistic
batch thread count has to be a prime number like 3 or 5 to gain perfect hash distribution
Update latest values only if the timestamp of the new record is greater or equals the timestamp of the previously saved latest value. The latest values are stored separately from historical values for fast lookup from DB. Insert of historical value happens in any case
Batch size for persisting latest telemetry updates
Max timeout for latest telemetry entries queue polling. The value set in milliseconds
Interval in milliseconds for printing latest telemetry updates statistic
batch thread count has to be a prime number like 3 or 5 to gain perfect hash distribution
Number of hours to partition the events. The current value corresponds to one week.
Number of hours to partition the debug events. The current value corresponds to one hour.
Batch size for persisting latest telemetry updates
Max timeout for latest telemetry entries queue polling. The value set in milliseconds
Interval in milliseconds for printing latest telemetry updates statistic
Number of hours to partition the events. The current value corresponds to one week.
Default value - 1 week
Default value - 1 week
Default value - 1 week
Specify whether to sort entities before batch update. Should be enabled for cluster mode to avoid deadlocks
Specify whether to remove null characters from strValue of attributes and timeseries before insert
Specify whether to log database queries and their parameters generated by the entity query repository
Threshold of slow SQL queries to log. The value set in milliseconds
Enable/Disable logging statistic information about tenants
Interval in milliseconds for printing the latest statistic information about the tenant
Specify partitioning size for timestamp key-value storage. Example: DAYS, MONTHS, YEARS, INDEFINITE.
Specify Interval size for new data chunks storage.
batch thread count has to be a prime number like 3 or 5 to gain perfect hash distribution
Enable/disable TTL (Time To Live) for timeseries records
Number of milliseconds. The current value corresponds to one day
The parameter to specify system TTL(Time To Live) value for timeseries records. Value set in seconds. 0 - records are never expired.
Enable/disable TTL (Time To Live) for event records
Number of milliseconds (max random initial delay and fixed period).
Number of seconds. TTL is disabled by default. The accuracy of the cleanup depends on the sql.events.partition_size parameter.
Number of seconds. The current value corresponds to one week. The accuracy of the cleanup depends on the sql.events.debug_partition_size parameter.
Enable/disable TTL (Time To Live) for edge event records
Number of milliseconds. The current value corresponds to one day
Number of seconds. The current value corresponds to one month
Number of milliseconds. The current value corresponds to two hours
Batch size for records removal
Enable/disable TTL (Time To Live) for rpc call records
Number of milliseconds. The current value corresponds to two hours
Batch size for records removal
Enable/disable TTL (Time To Live) for audit log records
Disabled by default. The accuracy of the cleanup depends on the sql.audit_logs.partition_size
Default value - 1 day
Enable/disable TTL (Time To Live) for notification center records
Default value - 30 days
Default value - 1 day
Batch size for records removal
Enable/disable TTL (Time To Live) for expired api keys records
Default value - 1 day
This value has to be reasonably small to prevent infinite recursion as early as possible
This value has to be reasonably small to prevent the relation query from blocking all other DB calls
This value has to be reasonably small to prevent the relation query from blocking all other DB calls
Actor system parameters
Section titled “Actor system parameters”Number of messages the actor system will process per actor before switching to processing of messages for the next actor
Thread pool size for actor system scheduler
Maximum number of attempts to init the actor before disabling the actor
Thread pool size for main actor system dispatcher
Thread pool size for actor system dispatcher that process messages for tenant actors
Thread pool size for actor system dispatcher that process messages for device actors
Thread pool size for actor system dispatcher that process messages for rule engine (chain/node) actors
Thread pool size for actor system dispatcher that process messages for edge actors
Thread pool size for actor system dispatcher that process messages for CalculatedField manager actors
Thread pool size for actor system dispatcher that process messages for CalculatedField entity actors
Create components in initialization
Max number of concurrent sessions per device
Default timeout for processing requests using synchronous session (HTTP, CoAP) in milliseconds
Specify thread pool size for database request callbacks executor service
Specify thread pool size for mail sender executor service
Specify thread pool size for password reset emails
Specify thread pool size for sms sender executor service
Whether to allow usage of system mail service for rules
Whether to allow usage of system sms service for rules
Specify thread pool size for external call service
The base name for threads
The maximum number of concurrent HTTP requests
The maximum time in seconds to wait for active tasks to complete during graceful shutdown
Errors for particular actors are persisted once per specified amount of milliseconds
Enable/Disable the rate limit of persisted debug events for all rule nodes per tenant
The value of DEBUG mode rate limit. By default, no more than 50 thousand events per hour
Errors for particular actor are persisted once per specified amount of milliseconds
Size of queues that store messages for transaction rule nodes
Time in milliseconds for transaction to complete
Force acknowledgment of the incoming message for external rule nodes to decrease processing latency. Enqueue the result of external node processing as a separate message to the rule engine.
Enable Server-Side Request Forgery (SSRF) protection for external HTTP rule nodes (rest api call). When enabled, requests to private/internal network addresses are blocked.
Comma-separated list of additional blocked destinations (IPs, CIDR subnets, or hostnames). Example: “198.51.100.0/24,metadata.tencentyun.com,rancher-metadata”
Comma-separated list of allowed destinations that bypass SSRF blocking (IPs, CIDR subnets, or hostnames). Use this when your rule chains need to reach devices on private networks (e.g., 192.168.1.0/24). Example: “192.168.1.0/24,10.0.0.0/8,my-internal-service.corp”
Server-level ceiling for parallel in-flight HTTP requests per external HTTP rule node instance. Applied as min(nodeConfig, systemMax) when set; 0 = no system-level restriction (node config wins).
Server-level ceiling for the pending-request queue depth per external HTTP rule node instance. Applied as min(nodeConfig, systemMax) when set; 0 = no system-level restriction.
Maximum number of TCP connections in the reactor-netty connection pool per external HTTP rule node instance. Defaults to reactor-netty’s ConnectionProvider.DEFAULT_POOL_MAX_CONNECTIONS: max(availableProcessors, 8) * 2 (e.g. 16 on an 8-core host). Increase for high-throughput nodes calling remote services that support many connections. 0 = use reactor-netty default.
Maximum number of persistent RPC call retries in case of failed request delivery.
RPC submit strategies. Allowed values: BURST, SEQUENTIAL_ON_ACK_FROM_DEVICE, SEQUENTIAL_ON_RESPONSE_FROM_DEVICE.
Time in milliseconds for RPC to receive a response after delivery. Used only for SEQUENTIAL_ON_RESPONSE_FROM_DEVICE submit strategy.
Close transport session if RPC delivery timed out. If enabled, RPC will be reverted to the queued state. Note:
- For MQTT transport:
- QoS level 0: This feature does not apply, as no acknowledgment is expected, and therefore no timeout is triggered.
- QoS level 1: This feature applies, as an acknowledgment is expected.
- QoS level 2: Unsupported.
- For CoAP transport:
- Confirmable requests: This feature applies, as delivery confirmation is expected.
- Non-confirmable requests: This feature does not apply, as no delivery acknowledgment is expected.
- For HTTP and SNPM transports: RPC is considered delivered immediately, and there is no logic to await acknowledgment.
Enable/disable actor statistics
Actors statistic persistence frequency in milliseconds
Enable/Disable the rate limit of persisted debug events for all calculated fields per tenant
The value of DEBUG mode rate limit. By default, no more than 50 thousand events per hour
Time in seconds to receive calculation result.
Debug settings parameters
Section titled “Debug settings parameters”Default duration (in minutes) for debug mode. Min value is 1 minute. Tenant profile settings override this one. If value from this setting is invalid, the default value (15 minutes) will be used.
Cache settings parameters
Section titled “Cache settings parameters”caffeine or redis(7.2 - latest compatible version)
max pool size to process futures that call the external cache
make sure that if cache.type is ‘redis’ and cache.attributes.enabled is ‘true’ if you change ‘maxmemory-policy’ Redis config property to ‘allkeys-lru’, ‘allkeys-lfu’ or ‘allkeys-random’
Will enable cache-aside strategy for SQL timeseries latest DAO. make sure that if cache.type is ‘redis’ and cache.ts_latest.enabled is ‘true’ if you change ‘maxmemory-policy’ Redis config property to ‘allkeys-lru’, ‘allkeys-lfu’ or ‘allkeys-random’
Relations cache TTL
0 means the cache is disabled
Device credentials cache TTL
0 means the cache is disabled
Device cache TTL
0 means the cache is disabled
Sessions cache TTL
0 means the cache is disabled
Asset cache TTL
0 means the cache is disabled
Customer cache TTL
0 means the cache is disabled
User cache TTL
0 means the cache is disabled
Entity view cache TTL
0 means the cache is disabled
Claim devices cache TTL
0 means the cache is disabled
Security settings cache TTL
0 means the cache is disabled
Tenant profiles cache TTL
0 means the cache is disabled
Tenant cache TTL
0 means the cache is disabled
Environment variables are intentionally the same as in ‘tenants’ cache to be equal.
0 means the cache is disabled
Device profile cache TTL
0 means the cache is disabled
Asset profile cache TTL
0 means the cache is disabled
Notification settings cache TTL
0 means the cache is disabled
Sent notifications cache TTL
0 means the cache is disabled
Attributes cache TTL
0 means the cache is disabled
Timeseries latest cache TTL
0 means the cache is disabled
0 means the cache is disabled
Ota packages cache TTL
0 means the cache is disabled
Ota packages data cache TTL
0 means the cache is disabled
Edges cache TTL
0 means the cache is disabled
Edge Sessions cache TTL; no expiration time if set to ‘0’
0 means the cache is disabled
Related Edges cache TTL
0 means the cache is disabled
Repository settings cache TTL
0 means the cache is disabled
Autocommit settings cache TTL
0 means the cache is disabled
Two factor verification codes cache TTL
0 means the cache is disabled
Version control task cache TTL
0 means the cache is disabled
User settings cache TTL
0 means the cache is disabled
Dashboard titles cache TTL
0 means the cache is disabled
Entity count cache TTL
0 means the cache is disabled
Resource info cache TTL
0 means the cache is disabled
Alarm types cache TTL
0 means the cache is disabled
Qr code settings cache TTL
0 means the cache is disabled
QR secret key cache TTL
0 means the cache is disabled
Trendz settings cache TTL
0 means the cache is disabled
AI model cache TTL
0 means the cache is disabled
API keys cache TTL
0 means the cache is disabled
Notification rules cache TTL
0 means the cache is disabled
Rate limits cache TTL
0 means the cache is disabled
Entity limits cache TTL
0 means the cache is disabled
Image ETags cache TTL
0 means the cache is disabled
Browser cache TTL for system images in minutes. 0 means the cache is disabled
Browser cache TTL for tenant images in minutes. 0 means the cache is disabled
TB resource data cache TTL
0 means the cache is disabled
User auth details cache TTL
0 means the cache is disabled
Redis/Valkey configuration parameters
Section titled “Redis/Valkey configuration parameters”Redis deployment type: Standalone (single Redis node deployment) OR Cluster
Redis connection host
Redis connection port
Use the default Redis configuration file
This value may be used only if you used not default ClientConfig
This value may be used only if you used not default ClientConfig
This value may be used only if you used not default ClientConfig
This value may be used only if you used not default ClientConfig
Comma-separated list of “host:port” pairs to bootstrap from.
Maximum number of redirects to follow when executing commands across the cluster.
if set false will be used pool config build from values of the pool config section
Name of the master node
Comma-separated list of “host:port” pairs of sentinels
Password to authenticate with sentinel
If set false will be used pool config build from values of the pool config section
Redis logical database index to select after connecting.
Password for Redis authentication (leave empty if not required).
Redis username for ACL authentication (Redis 6.0+). Leave empty for legacy password-only auth
Enable/disable secure connection
Path redis server (CA) certificate
Path to user certificate file. This is optional for the client and can be used for two-way authentication for the client
Path to user private key file. This is optional for the client and only needed if ‘user_cert_file’ is configured.
Maximum number of connections that can be allocated by the connection pool
Maximum number of idle connections that can be maintained in the pool without being closed
Minumum number of idle connections that can be maintained in the pool without being closed
Enable/Disable PING command sent when a connection is borrowed
The property is used to specify whether to test the connection before returning it to the connection pool.
The property is used in the context of connection pooling in Redis
Minimum time that an idle connection should be idle before it can be evicted from the connection pool. The value is set in milliseconds
Specifies the time interval in milliseconds between two consecutive eviction runs
Maximum time in milliseconds where a client is willing to wait for a connection from the pool when all connections are exhausted
Specifies the number of connections to test for eviction during each eviction run
Determines the behavior when a thread requests a connection from the pool, but there are no available connections, and the pool cannot create more due to the maxTotal configuration
TTL for short-living SET commands that are used to replace DEL to enable transaction support
Update version parameters
Section titled “Update version parameters”Enable/disable checks for the new version
Spring CORS configuration parameters.
Section titled “Spring CORS configuration parameters.”Comma-separated list of origins to allow. ’*’ allows all origins. When not set, CORS support is disabled.
Comma-separated list of methods to allow. ’*’ allows all methods.
Comma-separated list of headers to allow in a request. ’*’ allows all headers.
How long, in seconds, the response from a pre-flight request can be cached by clients.
Set whether credentials are supported. When not set, credentials are not supported.
General spring parameters
Section titled “General spring parameters”The default timeout for asynchronous requests in milliseconds
Total file size cannot exceed 50MB when configuring file uploads
Total request size for a multipart/form-data cannot exceed 50MB
Note: as for current Spring JPA version, custom NullHandling for the Sort.Order is ignored and this parameter is used
we use custom dialect that contains ilike(arg1, arg2) function (is interpreted to postgres ILIKE operator)
SQL DAO Configuration parameters
Section titled “SQL DAO Configuration parameters”General timeout for JDBC queries
Database driver for Spring JPA - org.postgresql.Driver
Database connection URL
Database user name
Database user password
This property controls the amount of time that a connection can be out of the pool before a message is logged indicating a possible connection leak. A value of 0 means leak detection is disabled
This property increases the number of connections in the pool as demand increases. At the same time, the property ensures that the pool doesn’t grow to the point of exhausting a system’s resources, which ultimately affects an application’s performance and availability
Enable MBean to diagnose pools state via JMX
Enable dedicated datasource (a separate database) for events and audit logs. Before enabling this, make sure you have set up the following tables in the new DB: error_event, lc_event, rule_chain_debug_event, rule_node_debug_event, stats_event, audit_log, cf_debug_event
Database driver for Spring JPA for events datasource
Database connection URL for events datasource
Database username for events datasource
Database user password for events datasource
This property controls the amount of time that a connection can be out of the pool before a message is logged indicating a possible connection leak for events datasource. A value of 0 means leak detection is disabled
This property increases the number of connections in the pool as demand increases for events datasource. At the same time, the property ensures that the pool doesn’t grow to the point of exhausting a system’s resources, which ultimately affects an application’s performance and availability
Enable MBean to diagnose pools state via JMX for events datasource
Audit log parameters
Section titled “Audit log parameters”Enable/disable audit log functionality.
Device logging levels.
Asset logging levels.
Dashboard logging levels.
Widget type logging levels.
Widget bundles logging levels.
Customer logging levels.
User logging levels.
Rule chain logging levels.
Alarm logging levels.
Entity view logging levels.
Device profile logging levels.
Asset profile logging levels.
Edge logging levels.
TB resource logging levels.
Ota package logging levels.
Calculated field logging levels.
AI model logging levels.
Type of external sink. possible options: none, elasticsearch
Name of the index where audit logs are stored Index name could contain next placeholders (not mandatory): @{TENANT} - substituted by tenant ID @{DATE} - substituted by current date in format provided in audit_log.sink.date_format
Date format. Details of the pattern can be found here: https://docs.oracle.com/javase/8/docs/api/java/time/format/DateTimeFormatter.html
http or https
Host of external sink system
Port of external sink system
Username used to access external sink system
Password used to access external sink system
Device state parameters
Section titled “Device state parameters”Device inactivity timeout is a global configuration parameter that defines when the device will be marked as “inactive” by the server. The parameter value is in seconds. A user can overwrite this parameter for an individual device by setting the “inactivityTimeout” server-side attribute (NOTE: expects value in milliseconds). We recommend this parameter to be in sync with session inactivity timeout (“transport.sessions.inactivity_timeout” or TB_TRANSPORT_SESSIONS_INACTIVITY_TIMEOUT) parameter which is responsible for detection of the stale device connection sessions. The value of the session inactivity timeout parameter should be greater or equal to the device inactivity timeout. Note that the session inactivity timeout is set in milliseconds while device inactivity timeout is in seconds.
Interval for checking the device state after a specified period. Time in seconds
Controls whether we store the device ‘active’ flag in attributes (default) or telemetry. If you decide to change this parameter, you should re-create the device info view as one of the following: If ‘persistToTelemetry’ is changed from ‘false’ to ‘true’: ‘CREATE OR REPLACE VIEW device_info_view AS SELECT * FROM device_info_active_ts_view;’ If ‘persistToTelemetry’ is changed from ‘true’ to ‘false’: ‘CREATE OR REPLACE VIEW device_info_view AS SELECT * FROM device_info_active_attribute_view;‘
Millisecond value defining time-to-live for device state telemetry data (e.g. ‘active’, ‘lastActivityTime’). Used only when state.persistToTelemetry is set to ‘true’ and Cassandra is used for timeseries data. 0 means time-to-live mechanism is disabled.
Number of device records to fetch per batch when initializing device activity states
Defines the rate at which device connectivity events can be triggered. Comma-separated list of capacity:duration pairs that define bandwidth capacity and refill duration for token bucket rate limit algorithm. Refill is set to be greedy. Please refer to Bucket4j library documentation for more details.
TBEL parameters
Section titled “TBEL parameters”Enable/Disable TBEL feature.
Limit the number of arguments that are passed to the function to execute the script
Maximum allowed symbols in a result after processing a script
Maximum allowed symbols in the script body
Maximum allowed TBEL script execution memory
Maximum allowed TBEL script execution errors before it will be blacklisted
TBEL Eval max request timeout in milliseconds. 0 - no timeout
Maximum time in seconds for black listed function to stay in the list.
Specify thread pool size for javascript executor service
Maximum cache size of TBEL compiled scripts
Enable/Disable stats collection for TBEL engine
Interval of logging for TBEL stats
JS parameters
Section titled “JS parameters”local (Nashorn Engine, deprecated) OR remote JS-Executors (NodeJS)
Limit the number of arguments that are passed to the function to execute the script
Maximum allowed symbols in a result after processing a script
Maximum allowed symbols in script body
Specify thread pool size for javascript executor service
Use Sandboxed (secured) JVM JavaScript environment
Specify thread pool size for JavaScript sandbox resource monitor
Maximum CPU time in milliseconds allowed for script execution
Maximum memory in Bytes which JS executor thread can allocate (approximate calculation). A zero memory limit in combination with a non-zero CPU limit is not recommended due to the implementation of Nashorn 0.4.2. 100MiB is effectively unlimited for most cases
Maximum allowed JavaScript execution errors before JavaScript will be blacklisted
JS Eval max request timeout. 0 - no timeout
Maximum time in seconds for black listed function to stay in the list.
Enable/Disable stats collection for local JS executor
Interval of logging for local JS executor stats
Specify thread pool size for javascript executor service
Maximum allowed JavaScript execution errors before JavaScript will be blacklisted
Maximum time in seconds for black listed function to stay in the list.
Enable/Disable stats collection for remote JS executor
Interval of logging for remote JS executor stats
Transport configuration parameters
Section titled “Transport configuration parameters”Session inactivity timeout is a global configuration parameter that defines how long the device transport session will be opened after the last message arrives from the device. The parameter value is in milliseconds. The last activity time of the device session is updated if the device sends any message, including keepalive messages If there is no activity, the session will be closed, and all subscriptions will be deleted. We recommend this parameter to be in sync with device inactivity timeout (“state.defaultInactivityTimeoutInSec” or DEFAULT_INACTIVITY_TIMEOUT) parameter which is responsible for detection of the device connectivity status in the core service of the platform. The value of the session inactivity timeout parameter should be greater or equal to the device inactivity timeout. Note that the session inactivity timeout is set in milliseconds while device inactivity timeout is in seconds.
Interval of periodic check for expired sessions and report of the changes to session last activity time
This property specifies the strategy for reporting activity events within each reporting period. The accepted values are ‘FIRST’, ‘LAST’, ‘FIRST_AND_LAST’ and ‘ALL’.
- ‘FIRST’: Only the first activity event in each reporting period is reported.
- ‘LAST’: Only the last activity event in the reporting period is reported.
- ‘FIRST_AND_LAST’: Both the first and last activity events in the reporting period are reported.
- ‘ALL’: All activity events in the reporting period are reported.
Cast String data types to Numeric if possible when processing Telemetry/Attributes JSON
Maximum allowed string value length when processing Telemetry/Attributes JSON (0 value disables string value length check)
Processing timeout interval of the RPC command on the CLIENT SIDE. Time in milliseconds
Enable/disable http/mqtt/coap/lwm2m transport protocols (has higher priority than certain protocol’s ‘enabled’ property)
Enable/Disable log of transport messages to telemetry. For example, logging of LwM2M registration update
Maximum length of the log message. The content will be truncated to the specified value if needed
Enable or disable generic rate limits. Device and Tenant-specific rate limits are controlled in Tenant Profile.
Maximum number of connect attempts with invalid credentials
Timeout (in milliseconds) to expire block IP addresses
Enable/Disable local HTTP transport protocol
HTTP request processing timeout in milliseconds
HTTP maximum request processing timeout in milliseconds
Semi-colon-separated list of urlPattern=maxPayloadSize pairs that define max http request size for specified url pattern. After first match all other will be skipped
Enable/disable mqtt transport protocol.
MQTT bind-address
MQTT bind port
Enable proxy protocol support. Disabled by default. If enabled, supports both v1 and v2. Useful to get the real IP address of the client in the logs and for rate limits.
MQTT processing timeout in milliseconds
MQTT disconnect timeout in milliseconds. The time to wait for the client to disconnect after the server sends a disconnect message.
messages await in the queue before the device connected state. This limit works on the low level before TenantProfileLimits mechanism
Interval of periodic report of the gateway metrics
Netty leak detector level
Netty BOSS threads count
Netty worker threads count
Max payload size in bytes
Enables TCP keepalive. This means that TCP starts sending keepalive probes when a connection is idle for some time
Enable/disable SSL support
MQTT SSL bind-address
MQTT SSL bind port
SSL protocol: See https://docs.oracle.com/en/java/javase/11/docs/specs/security/standard-names.html#sslcontext-algorithms
Server credentials type (PEM - pem certificate file; KEYSTORE - java keystore)
Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
Server certificate private key password (optional)
Type of the key store (JKS or PKCS12)
Path to the key store that holds the SSL certificate
Password used to access the key store
Optional alias of the private key. If not set, the platform will load the first private key from the keystore
Optional password to access the private key. If not set, the platform will attempt to load the private keys that are not protected with the password;
Skip certificate validity check for client certificates.
Enable/disable CoAP transport protocol.
CoaP processing timeout in milliseconds
CoaP piggyback response timeout in milliseconds
Default PSM Activity Timer if not specified in device profile
Default PSM Activity Timer if not specified in device profile
Enable/disable LwM2M transport protocol.
RFC7925_RETRANSMISSION_TIMEOUT_IN_MILLISECONDS = 9000
LWM2M DTLS connection ID length for LWM2M. RFC 9146, Connection Identifier for DTLS 1.2 Default: off.
Control usage of DTLS connection ID length (CID).
- ‘off’ to deactivate it.
- ‘on’ to activate Connection ID support (same as CID 0 or more 0).
- A positive value defines generated CID size in bytes.
- A value of 0 means we accept using CID but will not generate one for foreign peer (enables support but not for incoming traffic).
- A value between 0 and <= 4: SingleNodeConnectionIdGenerator is used
- A value that are > 4: MultiNodeConnectionIdGenerator is used
LwM2M Server ID
LwM2M server bind address. Bind to all interfaces by default
LwM2M server bind port
LwM2M server bind address for DTLS. Bind to all interfaces by default
LwM2M server bind port for DTLS
Whether to enable LWM2M server X509 Certificate/RPK support
Server credentials type (PEM - pem certificate file; KEYSTORE - java keystore)
Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
Path to the server certificate private key file. Optional by default. Required if the private key is not present in the server certificate file;
Server certificate private key password (optional)
Type of the key store (JKS or PKCS12)
Path to the key store that holds the SSL certificate
Password used to access the key store
Key alias
Password used to access the key
Only Certificate_x509:
Enable/disable Bootstrap Server
Default value in LwM2M client after start in mode Bootstrap for the object : name “LWM2M Security” field: “Short Server ID” (deviceProfile: Bootstrap.BOOTSTRAP SERVER.Short ID)
LwM2M bootstrap server bind address. Bind to all interfaces by default
LwM2M bootstrap server bind port
LwM2M bootstrap server bind address for DTLS. Bind to all interfaces by default
LwM2M bootstrap server bind address for DTLS. Bind to all interfaces by default
Whether to enable LWM2M bootstrap server X509 Certificate/RPK support
Server credentials type (PEM - pem certificate file; KEYSTORE - java keystore)
Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file
Server certificate private key password (optional)
Type of the key store (JKS or PKCS12)
Path to the key store that holds the SSL certificate
Password used to access the key store
Key alias
Password used to access the key
Whether to load X509 trust certificates
Trust certificates store type (PEM - pem certificates file; KEYSTORE - java keystore)
Path to the certificates file (holds trust certificates)
Type of the key store (JKS or PKCS12)
Path to the key store that holds the X509 certificates
Password used to access the key store
Set usage of recommended cipher suites; true - allow only recommended cipher suites; false - allow not recommended cipher suites
Set usage of recommended supported groups (curves); true - allow only recommended supported groups, false - allow not recommended supported groups
Timeout of LwM2M operation
Thread pool size for processing of the LwM2M uplinks
Thread pool size for processing of the LwM2M downlinks
Thread pool size for processing of the OTA updates
Period of cleanup for the registrations in store
Maximum log size
PSM Activity Timer if not specified in the device profile
Paging Transmission Window for eDRX support if not specified in the device profile
Enable/disable SNMP transport protocol
SNMP bind address
SNMP bind port. Zero (random) by default. When using SNMP TRAPs - make sure to specify some static value, e.g. 1620
parallelism level for executor (workStealingPool) that is responsible for handling responses from SNMP devices
to configure SNMP to work over UDP or TCP
Maximum size of a PDU (amount of OID mappings in a single SNMP request). The request will be split into multiple PDUs if mappings amount exceeds this number
Delay after sending each request chunk (in case the request was split into multiple PDUs due to max_request_oids)
To ignore SNMP response values that do not match the data type of the configured OID mapping (by default false - will throw an error if any value of the response not match configured data types)
Thread pool size for scheduler that executes device querying tasks
Maximum number of retry attempts for a single SNMP devices batch during bootstrap.
Enable/Disable the collection of transport statistics
Interval of transport statistics logging
Enable/disable gateways dashboard sync with git repository
URL of gateways dashboard repository
Branch of gateways dashboard repository to work with
Fetch frequency in hours for gateways dashboard repository
CoAP server parameters
Section titled “CoAP server parameters”Enable/disable coap server.
CoAP bind address
CoAP bind port
Enable/disable DTLS 1.2 support
RFC7925_RETRANSMISSION_TIMEOUT_IN_MILLISECONDS = 9000
CoAP DTLS bind address
CoAP DTLS bind port
CoAP DTLS connection ID length. RFC 9146, Connection Identifier for DTLS 1.2 Default: off.
Control usage of DTLS connection ID length (CID).
- ‘off’ to deactivate it.
- ‘on’ to activate Connection ID support (same as CID 0 or more 0).
- A positive value defines generated CID size in bytes.
- A value of 0 means we accept using CID but will not generate one for foreign peer (enables support but not for incoming traffic).
- A value between 0 and <= 4: SingleNodeConnectionIdGenerator is used
- A value that are > 4: MultiNodeConnectionIdGenerator is used
Specify the MTU (Maximum Transmission Unit). Should be used if LAN MTU is not used, e.g. if IP tunnels are used or if the client uses a smaller value than the LAN MTU. Default = 1024 Minimum value = 64 If set to 0 - LAN MTU is used.
DTLS maximum fragment length (RFC 6066, Section 4). Default = 1024 Possible values: 512, 1024, 2048, 4096. If set to 0, the default maximum fragment size of 2^14 bytes (16,384 bytes) is used. Without this extension, TLS specifies a fixed maximum plaintext fragment length of 2^14 bytes. It may be desirable for constrained clients to negotiate a smaller maximum fragment length due to memory limitations or bandwidth limitations. In order to negotiate smaller maximum fragment lengths, clients MAY include an extension of type “max_fragment_length” in the (extended) client hello. The “extension_data” field of this extension SHALL contain: <pre> enum { 2^9(1) == 512, 2^10(2) == 1024, 2^11(3) == 2048, 2^12(4) == 4096, (255) } MaxFragmentLength; </pre> TLS already requires clients and servers to support fragmentation of handshake messages.
Server credentials type (PEM - pem certificate file; KEYSTORE - java keystore)
Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
Path to the server certificate private key file. Optional by default. Required if the private key is not present in the server certificate file;
Server certificate private key password (optional)
Type of the key store (JKS or PKCS12)
Path to the key store that holds the SSL certificate
Password used to access the key store
Key alias
Password used to access the key
Skip certificate validity check for client certificates.
Inactivity timeout of DTLS session. Used to cleanup cache
Interval of periodic eviction of the timed-out DTLS sessions
Device connectivity parameters
Section titled “Device connectivity parameters”If true check-connectivity service will include curl command to the list of all test commands using DEVICE_CONNECTIVITY_HTTP_HOST and DEVICE_CONNECTIVITY_HTTP_PORT variables
Host of http transport service. If empty, the base URL will be used.
Port of http transport service. If empty, default http port will be used.
If true check-connectivity service will include curl command to the list of all test commands using DEVICE_CONNECTIVITY_HTTPS_HOST and DEVICE_CONNECTIVITY_HTTPS_PORT variables
Host of http transport service. If empty, the base URL will be used.
Port of http transport service. If empty, the default https port will be used.
If true mosquito command will be included to the list of all test commands using DEVICE_CONNECTIVITY_MQTT_HOST and DEVICE_CONNECTIVITY_MQTT_PORT
Host of mqtt transport service. If empty, the base url host will be used.
Port of mqtt transport service
If true mosquito command will be included in the list of all test commands using DEVICE_CONNECTIVITY_MQTTS_HOST and DEVICE_CONNECTIVITY_MQTTS_PORT<
Host of mqtt transport service. If empty, the base URL host will be used.
Port of mqtt transport service. If empty, the default port for mqtts will be used.
Path to the MQTT CA root certificate file
If true coap command will be included in the list of all test commands using DEVICE_CONNECTIVITY_COAP_HOST and DEVICE_CONNECTIVITY_COAP_PORT.
Host of coap transport service. If empty, the base URL host will be used.
Port of coap transport service. If empty, the default port for coap will be used.
If true coap command will be included in the list of all test commands using DEVICE_CONNECTIVITY_COAPS_HOST and DEVICE_CONNECTIVITY_COAPS_PORT.
Host of coap transport service. If empty, the base URL host will be used.
Port of coap transport service. If empty, the default port for coaps will be used.
Path to the COAP CA root certificate file
The docker tag for thingsboard/tb-gateway image used in docker-compose file for gateway launch
Edges parameters
Section titled “Edges parameters”Enable/disable Edge instance
RPC port bind
Specifies the minimum amount of time that should elapse between keepalive pings sent by the client This prevents clients from sending pings too frequently, which can be a nuisance to the server (potentially even a denial-of-service attack vector if abused) If a client sends pings more frequently than this interval, the server may terminate the connection.
Sets the time of inactivity (no read operations on the connection) after which the server will send a keepalive ping to the client. This is used to ensure that the connection is still alive and to prevent network intermediaries from dropping connections due to inactivity. It’s a way for the server to proactively check if the client is still responsive.
Specifies the maximum amount of time the server waits for a response to its keepalive ping. If the ping is not acknowledged within this time frame, the server considers the connection dead and may close it. This timeout helps detect unresponsive clients.
Enable/disable SSL support
Path to the server certificate file (holds server certificate or certificate chain, may include server private key). Accepts an absolute filesystem path (e.g. /etc/thingsboard/certChainFile.pem), a relative path resolved against the working directory first then the classpath, or a classpath resource with the explicit “classpath:” prefix (e.g. classpath:conf/certChainFile.pem).
Path to the server certificate private key file. Optional if the private key is already present in the cert file above. Supports the same path resolution as ‘cert’: absolute, relative/classpath, or “classpath:” prefix. Leave empty when using a combined PEM cert that already contains the private key.
Server certificate private key password (optional). Leave empty if the key is not encrypted.
Maximum size (in bytes) of inbound messages the cloud can handle from the edge. By default, it can handle messages up to 4 Megabytes
Maximum length of telemetry (time-series and attributes) message the cloud sends to the edge. By default, there is no limitation.
Max records of edge event to read from DB and sent to the edge
Number of milliseconds to wait before the next check of edge events in DB
Number of milliseconds to wait before resending failed batch of edge events to edge
Time (in milliseconds) to subtract from the start timestamp when fetching edge events. This compensates for possible misordering between created_time (used for partitioning) and seqId (used for sorting). Without this, events with smaller seqId but larger created_time might be skipped, especially across partition boundaries.
Max number of high priority edge events per edge session. No persistence - stored in memory
Number of threads that are used to check DB for edge events
Number of threads that are used to send downlink messages to edge over gRPC
Number of threads that are used to convert edge events from DB into downlink messages and send them for delivery
Persist state of edge (active, last connect, last disconnect) into timeseries or attributes tables. ‘false’ means to store edge state into attributes table
Enable or disable reporting of edge communication stats (true or false)
Time-to-live in days for stored edge communication stats in timeseries
How often to report edge communication stats in milliseconds
Spring doc common parameters
Section titled “Spring doc common parameters”If false swagger API docs will be unavailable
Swagger default produces media-type
Swagger common parameters
Section titled “Swagger common parameters”General swagger match pattern of swagger UI links
General swagger match pattern path of swagger UI links
Nonsecurity API path match pattern of swagger UI links
The title on the API doc UI page
The description on the API doc UI page
The contact name on the API doc UI page
The contact URL on the API doc UI page
The contact email on the API doc UI page
The license title on the API doc UI page
Link to the license body on the API doc UI page
The version of the API doc to display. Default to the package version.
The group name (definition) on the API doc UI page.
Control the initial display state of API operations and tags (none or list)
Queue configuration parameters
Section titled “Queue configuration parameters”in-memory or kafka (Apache Kafka)
Global queue prefix. If specified, prefix is added before default topic name: ‘prefix.default_topic_name’. Prefix is applied to all topics (and consumer groups for kafka).
For debug level
Kafka Bootstrap nodes in “host:port” format
Enable/Disable SSL Kafka communication
The location of the trust store file
The password of trust store file if specified
The location of the key store file. This is optional for the client and can be used for two-way authentication for the client
The store password for the key store file. This is optional for the client and only needed if ‘ssl.keystore.location’ is configured. Key store password is not supported for PEM format
The password of the private key in the key store file or the PEM key specified in ‘keystore.key’
The number of acknowledgments the producer requires the leader to have received before considering a request complete. This controls the durability of records that are sent. The following settings are allowed:0, 1 and all
Number of retries. Resend any record whose send fails with a potentially transient error
none or gzip
Default batch size. This setting gives the upper bound of the batch size to be sent
This variable creates a small amount of artificial delay—that is, rather than immediately sending out a record
The maximum size of a request in bytes. This setting will limit the number of record batches the producer will send in a single request to avoid sending huge requests
The maximum number of unacknowledged requests the client will send on a single connection before blocking
The total bytes of memory the producer can use to buffer records waiting to be sent to the server
The multiple copies of data over the multiple brokers of Kafka
The maximum delay between invocations of poll() method when using consumer group management. This places an upper bound on the amount of time that the consumer can be idle before fetching more records
The maximum number of records returned in a single call of poll() method
The maximum amount of data per-partition the server will return. Records are fetched in batches by the consumer
The maximum amount of data the server will return. Records are fetched in batches by the consumer
(30 seconds)
(10 seconds)
earliest, latest or none
Enable/Disable using of Confluent Cloud
The endpoint identification algorithm used by clients to validate server hostname. The default value is https
The mechanism used to authenticate Schema Registry requests. SASL/PLAIN should only be used with TLS/SSL as a transport layer to ensure that clear passwords are not transmitted on the wire without encryption
Using JAAS Configuration for specifying multiple SASL mechanisms on a broker
Protocol used to communicate with brokers. Valid values are: PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL
Example of specific consumer properties value per topic
Example of specific consumer properties value per topic for VC
Define the maximum number of records that can be polled from tb_edge topics per request.
Define the maximum number of records that can be polled from tb_edge.notifications.SERVICE_ID topics.
Define the maximum number of records that can be polled from tb_edge_event.notifications.TENANT_ID.EDGE_ID topics.
Amount of records to be returned in a single poll. For Housekeeper tasks topic, we should consume messages (tasks) one by one
Amount of records to be returned in a single poll. For Housekeeper reprocessing topic, we should consume messages (tasks) one by one
Max poll records for edqs.events topic
Max poll records for edqs.state topic
Max poll records for tasks topics
If you override any default Kafka topic name using environment variables, you must also specify the related consumer properties for the new topic in consumer-properties-per-topic-inline. Otherwise, the topic will not inherit its expected configuration (e.g., max.poll.records, timeouts, etc). Each entry sets a single property for a specific topic. To define multiple properties for a topic, repeat the topic key. Format: “topic1:key=value;topic1:key=value;topic2:key=value” Example: tb_core_updated:max.poll.records=10;tb_core_updated:bootstrap.servers=kafka1:9092,kafka2:9092;tb_edge_updated:auto.offset.reset=latest
In this section you can specify custom parameters (semicolon separated) for Kafka consumer/producer/admin
Kafka properties for Rule Engine
Kafka properties for Core topics
Kafka properties for Transport Api topics
Kafka properties for Notifications topics
Kafka properties for JS Executor topics
Kafka properties for OTA updates topic
Kafka properties for Version Control topic
Kafka properties for Housekeeper tasks topic
Kafka properties for Housekeeper reprocessing topic; retention.ms is set to 90 days; partitions is set to 1 since only one reprocessing service is running at a time
Kafka properties for Edge topic
Kafka properties for Edge event topic
Kafka properties for Calculated Field topics
Kafka properties for Calculated Field State topics
Kafka properties for EDQS events topics
Kafka properties for EDQS requests topic (default: 3 minutes retention)
Kafka properties for EDQS state topic (infinite retention, compaction)
Kafka properties for tasks topics
Prints lag between consumer group offset and last messages offset in Kafka topics
Statistics printing interval for Kafka’s consumer-groups stats
Time to wait for the stats-loading requests to Kafka to finish
Topics cache TTL in milliseconds. 5 minutes by default
murmur3_32, murmur3_128 or sha256
Topic used to consume api requests from transport microservices
Topic used to produce api responses to transport microservices
Maximum pending api requests from transport microservices to be handled by server
Maximum timeout in milliseconds to handle api request from transport microservice by server
Amount of threads used to invoke callbacks
Amount of threads used for transport API requests
Interval in milliseconds to poll api requests from transport microservices
Interval in milliseconds to poll api response from transport microservices
Default topic name
For high-priority notifications that require minimum latency and processing time
Interval in milliseconds to poll messages by Core microservices
Amount of partitions used by Core microservices
Timeout for processing a message pack by Core microservices
Enable/disable a separate consumer per partition for Core queue
Default topic name for OTA updates
The interval of processing the OTA updates for devices. Used to avoid any harm to the network due to many parallel OTA updates
The size of OTA updates notifications fetched from the queue. The queue stores pairs of firmware and device ids
Stats topic name
Enable/disable statistics for Core microservices
Statistics printing interval for Core microservices
Topic name for Housekeeper tasks
Topic name for Housekeeper tasks to be reprocessed
Poll interval for topics related to Housekeeper
Timeout in milliseconds for task processing. Tasks that fail to finish on time will be submitted for reprocessing
Comma-separated list of task types that shouldn’t be processed. Available task types: DELETE_ATTRIBUTES, DELETE_TELEMETRY (both DELETE_LATEST_TS and DELETE_TS_HISTORY will be disabled), DELETE_LATEST_TS, DELETE_TS_HISTORY, DELETE_EVENTS, DELETE_ALARMS, UNASSIGN_ALARMS
Delay in milliseconds between tasks reprocessing
Maximum amount of task reprocessing attempts. After exceeding, the task will be dropped
Enable/disable statistics for Housekeeper
Statistics printing interval for Housekeeper
Enable/disable EDQS synchronization
Batch size of entities being synced with EDQS
Batch size of timeseries data being synced with EDQS
Whether to forward entity data query requests to EDQS (otherwise use PostgreSQL implementation)
Whether to auto-enable EDQS API (if queue.edqs.api.supported is true) when sync of data to Kafka is finished
Interval in milliseconds to check for ready EDQS servers
Mode of EDQS: local (for monolith) or remote (with separate EDQS microservices)
Path to RocksDB for EDQS backup when running in local mode
Number of partitions for EDQS topics
EDQS partitioning strategy: tenant (partition is resolved by tenant id) or none (no specific strategy, resolving by message key)
EDQS events topic
EDQS state topic
EDQS requests topic
EDQS responses topic
Poll interval for EDQS topics
Maximum amount of pending requests to EDQS
Maximum timeout for requests to EDQS
Thread pool size for EDQS requests executor
Time to live for EDQS versions cache in minutes. Must be bigger than the time taken for the sync process.
Strings longer than this threshold will be compressed
Enable/disable statistics for EDQS
Threshold for slow queries to log, in milliseconds
Default topic name
Number of partitions to associate with this queue. Used for scaling the number of messages that can be processed in parallel
Interval in milliseconds between polling of the messages if no new messages arrive
Timeout before retrying all failed and timed-out messages from the processing pack
Timeout for a request to VC-executor (for a request for the version of the entity, for a commit charge, etc.)
Limit for single queue message size
JS Eval request topic
JS Eval responses topic prefix that is combined with node id
JS Eval max pending requests
JS Eval max request timeout
JS max request timeout
JS execution max request timeout
JS response poll interval
Deprecated. It will be removed in the nearest releases
For high-priority notifications that require minimum latency and processing time
Interval in milliseconds to poll messages by Rule Engine
Timeout for processing a message pack of Rule Engine
Enable/disable statistics for Rule Engine
Statistics printing interval for Rule Engine
Max length of the error message that is printed by statistics
Enable/disable Prometheus statistics for individual Rule Engine message processing (records time in ms for success/failure).
After a queue is deleted (or the profile’s isolation option was disabled), Rule Engine will continue reading related topics during this period before deleting the actual topics
Size of the thread pool that handles such operations as partition changes, config updates, queue deletion
Topic name for Calculated Field (CF) events from Rule Engine
Topic name for Calculated Field (CF) compacted states
For high-priority notifications that require minimum latency and processing time
Interval in milliseconds to poll messages by CF (Rule Engine) microservices
Timeout for processing a message pack by CF microservices
Thread pool size for processing of the incoming messages
RocksDB path for storing CF states
The fetch size specifies how many rows will be fetched from the database per request for initial fetching
The fetch size specifies how many rows will be fetched from the database per request for per-tenant fetching
For high-priority notifications that require minimum latency and processing time
Interval in milliseconds to poll messages
Topic name to notify edge service on entity updates, assignment, etc.
Topic prefix for high-priority edge notifications (rpc, lifecycle, new messages in queue) that require minimum latency and processing time. Each tb-core has its own topic: PREFIX.SERVICE_ID
Topic prefix for downlinks to be pushed to specific edge. Every edge has its own unique topic: PREFIX.TENANT_ID.EDGE_ID
Amount of partitions used by Edge services
Poll interval for topics related to Edge services
Timeout for processing a message pack by Edge services
Retries for processing a failure message pack by Edge services
Enable/disable a separate consumer per partition for Edge queue
Enable/disable statistics for Edge services
Statistics printing interval for Edge services
Poll interval in milliseconds for tasks topics
Partitions count for tasks queues
Custom partitions count for tasks queues per type. Format: ‘TYPE1:24;TYPE2:36’, e.g. ‘CF_REPROCESSING:24;TENANT_EXPORT:6’
Tasks partitioning strategy: ‘tenant’ or ‘entity’. By default, using ‘tenant’ - tasks of a specific tenant are processed in the same partition. In a single-tenant environment, use ‘entity’ strategy to distribute the tasks among multiple partitions.
Name for the tasks stats topic
Poll interval in milliseconds for tasks stats topic
Interval in milliseconds to process job stats
Event configuration parameters
Section titled “Event configuration parameters”Maximum number of symbols per debug event. The event content will be truncated if needed
General service parameters
Section titled “General service parameters”monolith or tb-core or tb-rule-engine
Unique id for this service (autogenerated if empty)
Comma-separated list of tenant profile ids assigned to this Rule Engine. This Rule Engine will only be responsible for tenants with these profiles (in case ‘isolation’ option is enabled in the profile).
Thread pool size for pubsub rule node executor provider. If not set - default pubsub executor provider value will be used (5 * number of available processors)
Metrics parameters
Section titled “Metrics parameters”Enable/disable actuator metrics.
Metrics percentiles returned by actuator for timer metrics. List of double values (divided by ,).
Persist frequency of system info (CPU, memory usage, etc.) in seconds
TTL in days for system info timeseries
Version control parameters
Section titled “Version control parameters”Pool size for handling export tasks
Pool size for handling the git IO operations
Default storing repository path
Notification system parameters
Section titled “Notification system parameters”Specify thread pool size for Notification System processing notification rules and notification sending. Recommend value <= 10
Semicolon-separated deduplication durations (in millis) for trigger types. Format: ‘NotificationRuleTriggerType1:123;NotificationRuleTriggerType2:456’
General management parameters
Section titled “General management parameters”Expose metrics endpoint (use value ‘prometheus’ to enable prometheus metrics).
Mobile application settings for Thingsboard mobile application
Section titled “Mobile application settings for Thingsboard mobile application”Server domain name for Thingsboard Live mobile application
Link to Google Play store for Thingsboard Live mobile application
Link to App Store for Thingsboard Live mobile application
MQTT client parameters
Section titled “MQTT client parameters”Maximum number of retransmission attempts allowed. If the attempt count exceeds this value, retransmissions will stop and the pending message will be dropped.
Base delay (in milliseconds) before the first retransmission attempt, measured from the moment the message is sent. Subsequent delays are calculated using exponential backoff. This base delay is also used as the reference value for applying jitter.
Jitter factor applied to the calculated retransmission delay. The actual delay is randomized within a range defined by multiplying the base delay by a factor between (1 - jitter_factor) and (1 + jitter_factor). For example, a jitter_factor of 0.15 means the actual delay may vary by up to ±15% of the base delay.