Configure SuzieQ

In order to use SuzieQ functionalities, we need to provide a configuration file. A single yaml configuration file can be used to set up all components of SuzieQ, simplyfing the work of the user that doesn't need to maintain multiple files.

By default SuzieQ looks for the configuration file in one of these locations in the following order:

  • ./suzieq-cfg.yml (the same folder where the SuzieQ component is started)
  • $HOME/.suzieq/suzieq-cfg.yml

The configuration file can be explicitly set as argument of any of the SuzieQ components using -c flag

sq-poller -c my-config.yml

A complete SuzieQ configuration file example is available here and all fields are described in a table below. The following snippet is a small example of how the SuzieQ configuration file looks like:

data-directory: /user/parquet-data-dir
temp-directory: /tmp/

  API_KEY: 496157e6e869ef7f3d6ecb24a6f6d847b224ee4f
  logging-level: WARNING
  port: 8000

  logging-level: WARNING
  period: 60
  connect-timeout: 15

  period: 1h
  logging-level: WARNING

Fields description

Parameter Description Default Mandatory
data-directory The directory where the poller stores the data collected from the network - yes
temp-directory Where SuzieQ stores temporary data /tmp/.suzieq/ no certificate for the REST server - no keyfile for the REST server - no
rest.API_KEY API key for the REST server - yes (if using rest)
rest.address IP address of the REST server. no
rest.port port of the REST server 80 no
rest.logging-level logging level for REST server.
rest.logfile log file for REST /tmp/sq-rest-server.log no
rest.logsize maximum size of the REST logfile in bytes 10000000 no
rest.log-stdout log everything on the standard output instead of a file False no if True, the REST server doesn't use SSL. Highly discouraged in production. False no
poller.logging-level logging level for the poller.
poller.logfile log file for poller /tmp/sq-poller.log no
poller.log-stdout log on standard output instead of file False no
poller.period how often informations are gathered from each device (in seconds) 60 no
poller.timeout timeout for host connections (in seconds) 15 no
poller.inventory-file path of the inventory file.
When the inventory file is provided with the -I option to the poller, this field is ignored
suzieq/config/etc/inventory.yaml no
poller.inventory-timeout maximum time in seconds for a source to return its nodes 10 no
poller.max-cmd-pipeline The maximum values of authentication requests or commands per second that the poller should issue. For more information checkĀ Rate Limiting AAA Server Requests 0 no
poller.update-period inventory update period in seconds.
Only used with dynamic inventories like netbox
3600 no
poller.manager.workers number of poller instances to start
When the number of workers is provided with the -w option to the poller, this field is ignored
1 no
poller.chunker.policy defines how the inventory should be splitted between pollers.
Choices:sequential, namespace
sequential no
coalescer.period the period of data compression1 1h no
coalescer.archived-directory folder to store archived files in data-directory/_archived no
coalescer.logging-level coalescer logging level
coalescer.logfile coalescer log file location /tmp/sq-coalescer.log no
coalescer.logsize max size of the coalescer log file 10000000 no
coalescer.log-stdout log on standard output instead of log file False no
analyzer.timezone By default, the timezone is set to the local timezone.
Set this value if you want to display the time in a different timezone.
Check here the available values.
user local timezone no
ux.engine set the engine for the CLI. Set it to 'rest' to use remote CLI - no


1: the coalescer period can be expressed using the format <value><m,h,d,w> where:
m: minutes (i.e. 30m )
h: hours (i.e. 12h )
d: days (i.e. 1d )
w: weeks (i.e. 3w )