# netdata configuration for aggregating data from remote hosts
#
# API keys authorize a pair of sending-receiving netdata servers.
# Once their communication is authorized, they can exchange metrics for any
# number of hosts.
#
# You can generate API keys, with the linux command: uuidgen


# -----------------------------------------------------------------------------
# 1. ON SLAVE NETDATA - THE ONE THAT WILL BE SENDING METRICS

[stream]
    # Enable this on slaves, to have them send metrics.
    enabled = no

    # Where is the receiving netdata?
    # A space separated list of:
    #
    #      [PROTOCOL:]HOST[%INTERFACE][:PORT][:SSL]
    #
    # If many are given, the first available will get the metrics.
    #
    # PROTOCOL  = tcp, udp, or unix (only tcp and unix are supported by masters)
    # HOST      = an IPv4, IPv6 IP, or a hostname, or a unix domain socket path.
    #             IPv6 IPs should be given with brackets [ip:address]
    # INTERFACE = the network interface to use (only for IPv6)
    # PORT      = the port number or service name (/etc/services)
    # SSL       = when this word appear at the end of the destination string
    #             the Netdata will do encrypt connection with the master.
    #
    # This communication is not HTTP (it cannot be proxied by web proxies).
    destination =

    # Skip Certificate verification?
    #
    # The netdata slave is configurated to avoid invalid SSL/TLS certificate,
    # so certificates that are self-signed or expired will stop the streaming.
    # Case the server certificate is not valid, you can enable the use of
    # 'bad' certificates setting the next option as 'yes'.
    #
    #ssl skip certificate verification = yes

    # Certificate Authority Path
    #
    # OpenSSL has a default directory where the known certificates are stored,
    # case it is necessary it is possible to change this rule using the variable
    # "CApath"
    #
    #CApath = /etc/ssl/certs/

    # Certificate Authority file
    #
    # When the Netdata master has certificate, that is not recognized as valid,
    # we can add this certificate in the list of known certificates in CApath
    # and give for Netdata as argument.
    #
    #CAfile = /etc/ssl/certs/cert.pem

    # The API_KEY to use (as the sender)
    api key =

    # The timeout to connect and send metrics
    timeout seconds = 60

    # If the destination line above does not specify a port, use this
    default port = 19999

    # filter the charts to be streamed
    # netdata SIMPLE PATTERN:
    # - space separated list of patterns (use \ to include spaces in patterns)
    # - use * as wildcard, any number of times within each pattern
    # - prefix a pattern with ! for a negative match (ie not stream the charts it matches)
    # - the order of patterns is important (left to right)
    # To send all except a few, use: !this !that *   (ie append a wildcard pattern)
    send charts matching = *

    # The buffer to use for sending metrics.
    # 1MB is good for 10-20 seconds of data, so increase this if you expect latencies.
    # The buffer is flushed on reconnects (this will not prevent gaps at the charts).
    buffer size bytes = 1048576

    # If the connection fails, or it disconnects,
    # retry after that many seconds.
    reconnect delay seconds = 5

    # Sync the clock of the charts for that many iterations, when starting.
    initial clock resync iterations = 60


# -----------------------------------------------------------------------------
# 2. ON MASTER NETDATA - THE ONE THAT WILL BE RECEIVING METRICS

#    You can have one API key per slave,
#         or the same API key for all slaves.
#
#    netdata searches for options in this order:
#
#    a) master netdata settings (netdata.conf)
#    b) [stream] section        (above)
#    c) [API_KEY] section       (below, settings for the API key)
#    d) [MACHINE_GUID] section  (below, settings for each machine)
#
#    You can combine the above (the more specific setting will be used).

# API key authentication
# If the key is not listed here, it will not be able to push metrics.

# [API_KEY] is [YOUR-API-KEY], i.e [11111111-2222-3333-4444-555555555555]
[API_KEY]
    # Default settings for this API key

    # You can disable the API key, by setting this to: no
    # The default (for unknown API keys) is: no
    enabled = no

    # A list of simple patterns matching the IPs of the servers that
    # will be pushing metrics using this API key.
    # The metrics are received via the API port, so the same IPs
    # should also be matched at netdata.conf [web].allow connections from
    allow from = *

    # The default history in entries, for all hosts using this API key.
    # You can also set it per host below.
    # If you don't set it here, the history size of the central netdata
    # will be used.
    default history = 3600

    # The default memory mode to be used for all hosts using this API key.
    # You can also set it per host below.
    # If you don't set it here, the memory mode of netdata.conf will be used.
    # Valid modes:
    #    save     save on exit, load on start
    #    map      like swap (continuously syncing to disks - you need SSD)
    #    ram      keep it in RAM, don't touch the disk
    #    none     no database at all (use this on headless proxies)
    #    dbengine like a traditional database
    default memory mode = ram

    # Shall we enable health monitoring for the hosts using this API key?
    # 3 possible values:
    #    yes     enable alarms
    #    no      do not enable alarms
    #    auto    enable alarms, only when the sending netdata is connected. For ephemeral slaves or slave system restarts,
    #            ensure that the netdata process on the slave is gracefully stopped, to prevent invalid last_collected alarms
    # You can also set it per host, below.
    # The default is taken from [health].enabled of netdata.conf
    health enabled by default = auto

    # postpone alarms for a short period after the sender is connected
    default postpone alarms on connect seconds = 60

    # allow or deny multiple connections for the same host?
    # If you are sure all your netdata have their own machine GUID,
    # set this to 'allow', since it allows faster reconnects.
    # When set to 'deny', new connections for a host will not be
    # accepted until an existing connection is cleared.
    multiple connections = allow

    # need to route metrics differently? set these.
    # the defaults are the ones at the [stream] section (above)
    #default proxy enabled = yes | no
    #default proxy destination = IP:PORT IP:PORT ...
    #default proxy api key = API_KEY
    #default proxy send charts matching = *


# -----------------------------------------------------------------------------
# 3. PER SENDING HOST SETTINGS, ON MASTER NETDATA
#    THIS IS OPTIONAL - YOU DON'T HAVE TO CONFIGURE IT

# This section exists to give you finer control of the master settings for each
# slave host, when the same API key is used by many netdata slaves / proxies.
#
# Each netdata has a unique GUID - generated the first time netdata starts.
# You can find it at /var/lib/netdata/registry/netdata.public.unique.id
# (at the slave).
#
# The host sending data will have one. If the host is not ephemeral,
# you can give settings for each sending host here.

[MACHINE_GUID]
    # enable this host: yes | no
    # When disabled, the master will not receive metrics for this host.
    # THIS IS NOT A SECURITY MECHANISM - AN ATTACKER CAN SET ANY OTHER GUID.
    # Use only the API key for security.
    enabled = no

    # A list of simple patterns matching the IPs of the servers that
    # will be pushing metrics using this MACHINE GUID.
    # The metrics are received via the API port, so the same IPs
    # should also be matched at netdata.conf [web].allow connections from
    # and at stream.conf [API_KEY].allow from
    allow from = *

    # The number of entries in the database
    history = 3600

    # The memory mode of the database: save | map | ram | none | dbengine
    memory mode = save

    # Health / alarms control: yes | no | auto
    health enabled = yes

    # postpone alarms when the sender connects
    postpone alarms on connect seconds = 60

    # allow or deny multiple connections for the same host?
    # If you are sure all your netdata have their own machine GUID,
    # set this to 'allow', since it allows faster reconnects.
    # When set to 'deny', new connections for a host will not be
    # accepted until an existing connection is cleared.
    multiple connections = allow

    # need to route metrics differently?
    # the defaults are the ones at the [API KEY] section
    #proxy enabled = yes | no
    #proxy destination = IP:PORT IP:PORT ...
    #proxy api key = API_KEY
    #proxy send charts matching = *