Connection Properties
The connection properties are the various options that can be used to establish a connection. This section provides a complete list of the options you can configure in the connection settings for this provider. Click the links for further details.
For more information on establishing a connection, see Establishing a Connection.
| Property | Description |
| AuthScheme | The scheme used for authentication. Accepted entries are None, Basic, Negotiate (Kerberos), AwsRootKeys, AwsIAMRoles, AwsEC2Roles, APIKey, and TemporaryCredentials. None is the default. |
| User | The user who is authenticating to Elasticsearch. |
| Password | The password used to authenticate to Elasticsearch. |
| UseSSL | This property sets whether the provider attempts to negotiate TLS/SSL connections to the server. |
| Server | The host name or IP address of the Elasticsearch REST server. Alternatively, multiple nodes in a single cluster can be specified, though all such nodes must be able to support REST API calls. |
| Port | The port for the Elasticsearch REST server. |
| APIKey | The APIKey used to authenticate to Elasticsearch. |
| APIKeyId | The APIKey Id to authenticate to Elasticsearch. |
| Property | Description |
| DataModel | Specifies the data model to use when parsing Elasticsearch documents and generating the database metadata. |
| ExposeDotIndices | If false, indices whose name starts with a '.' (dot indices) will not be exposed as tables or views by the provider. If true, dot indices will be exposed as tables or views. |
| AliasesFilter | A comma-separated list of alias names or filters that define the aliases exposed as views. |
| IndicesAndDataStreamsFilter | A comma-separated list of index and data stream names or filters. |
| UseLakeFormation | When this property is set to true, AWSLakeFormation service will be used to retrieve temporary credentials, which enforce access policies against the user based on the configured IAM role. The service can be used when authenticating through OKTA, ADFS, AzureAD, PingFederate, while providing a SAML assertion. |
| Property | Description |
| AWSAccessKey | Specifies your AWS account access key. This value is accessible from your AWS security credentials page. |
| AWSSecretKey | Your AWS account secret key. This value is accessible from your AWS security credentials page. |
| AWSRoleARN | The Amazon Resource Name of the role to use when authenticating. |
| AWSRegion | The hosting region for your Amazon Web Services. |
| AWSSessionToken | Your AWS session token. |
| TemporaryTokenDuration | The amount of time (in seconds) an AWS temporary token will last. |
| AWSExternalId | A unique identifier that might be required when you assume a role in another account. |
| AWSWebIdentityToken | The OAuth 2.0 access token or OpenID Connect ID token that is provided by an identity provider. |
| Property | Description |
| KerberosKDC | Identifies the Kerberos Key Distribution Center (KDC) service used to authenticate the user. (SPNEGO or Windows authentication only). |
| KerberosRealm | Identifies the Kerberos Realm used to authenticate the user. |
| KerberosSPN | Identifies the service principal name (SPN) for the Kerberos Domain Controller. |
| KerberosUser | Confirms the principal name for the Kerberos Domain Controller, which uses the format host/user@realm. |
| KerberosKeytabFile | Identifies the Keytab file containing your pairs of Kerberos principals and encrypted keys. |
| KerberosServiceRealm | Identifies the service's Kerberos realm. (Cross-realm authentication only). |
| KerberosServiceKDC | Identifies the service's Kerberos Key Distribution Center (KDC). |
| KerberosTicketCache | Specifies the full file path to an MIT Kerberos credential cache file. |
| Property | Description |
| SSLClientCert | Specifies the TLS/SSL client certificate store for SSL Client Authentication (2-way SSL). This property works in conjunction with other SSL-related properties to establish a secure connection. |
| SSLClientCertType | Specifies the type of key store containing the TLS/SSL client certificate for SSL Client Authentication. Choose from a variety of key store formats depending on your platform and certificate source. |
| SSLClientCertPassword | Specifes the password required to access the TLS/SSL client certificate store. Use this property if the selected certificate store type requires a password for access. |
| SSLClientCertSubject | Specifes the subject of the TLS/SSL client certificate to locate it in the certificate store. Use a comma-separated list of distinguished name fields, such as CN=www.server.com, C=US. The wildcard * selects the first certificate in the store. |
| SSLServerCert | Specifies the certificate to be accepted from the server when connecting using TLS/SSL. |
| Property | Description |
| FirewallType | Specifies the protocol the provider uses to tunnel traffic through a proxy-based firewall. |
| FirewallServer | Identifies the IP address, DNS name, or host name of a proxy used to traverse a firewall and relay user queries to network resources. |
| FirewallPort | Specifies the TCP port to be used for a proxy-based firewall. |
| FirewallUser | Identifies the user ID of the account authenticating to a proxy-based firewall. |
| FirewallPassword | Specifies the password of the user account authenticating to a proxy-based firewall. |
| Property | Description |
| ProxyAutoDetect | Specifies whether the provider checks your system proxy settings for existing proxy server configurations, rather than using a manually specified proxy server. |
| ProxyServer | Identifies the hostname or IP address of the proxy server through which you want to route HTTP traffic. |
| ProxyPort | Identifies the TCP port on your specified proxy server that has been reserved for routing HTTP traffic to and from the client. |
| ProxyAuthScheme | Specifies the authentication method the provider uses when authenticating to the proxy server specified in the ProxyServer connection property. |
| ProxyUser | Provides the username of a user account registered with the proxy server specified in the ProxyServer connection property. |
| ProxyPassword | Specifies the password of the user specified in the ProxyUser connection property. |
| ProxySSLType | Specifies the SSL type to use when connecting to the proxy server specified in the ProxyServer connection property. |
| ProxyExceptions | Specifies a semicolon-separated list of destination hostnames or IPs that are exempt from connecting through the proxy server set in the ProxyServer connection property. |
| Property | Description |
| Logfile | Specifes the file path to the log file where the provider records its activities, such as authentication, query execution, and connection details. |
| Verbosity | Specifies the verbosity level of the log file, which controls the amount of detail logged. Supported values range from 1 to 5. |
| LogModules | Specifies the core modules to include in the log file. Use a semicolon-separated list of module names. By default, all modules are logged. |
| MaxLogFileSize | Specifies the maximum size of a single log file in bytes. For example, '10 MB'. When the file reaches the limit, the provider creates a new log file with the date and time appended to the name. |
| MaxLogFileCount | Specifies the maximum number of log files the provider retains. When the limit is reached, the oldest log file is deleted to make space for a new one. |
| Property | Description |
| Location | Specifies the location of a directory containing schema files that define tables, views, and stored procedures. Depending on your service's requirements, this may be expressed as either an absolute path or a relative path. |
| BrowsableSchemas | Optional setting that restricts the schemas reported to a subset of all available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC . |
| Tables | Optional setting that restricts the tables reported to a subset of all available tables. For example, Tables=TableA,TableB,TableC . |
| Views | Optional setting that restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC . |
| FlattenObjects | Set FlattenObjects to true to flatten object properties into columns of their own. Otherwise, objects nested in arrays are returned as strings of JSON. |
| FlattenArrays | Set FlattenArrays to the number of nested array elements you want to return as table columns. By default, nested arrays are returned as strings of JSON. |
| Property | Description |
| ClientSideEvaluation | Set ClientSideEvaluation to true to perform Evaluation client side on nested objects. |
| GenerateSchemaFiles | Indicates the user preference as to when schemas should be generated and saved. |
| MaxResults | The maximum number of total results to return from Elasticsearch when using the default Search API. |
| MaxRows | Specifies the maximum number of rows returned for queries that do not include either aggregation or GROUP BY. |
| Other | Specifies additional hidden properties for specific use cases., to be used only when our Support team advises it, to address specific issues. See Remarks for details. |
| PageSize | The number of results to return per request from Elasticsearch. |
| PaginationMode | Specifies whether to use PIT with search_after or scrolls to page through query results. |
| PITDuration | Specifies the time unit to use for keep alive when retrieving results via PIT API. |
| PseudoColumns | Specifies the pseudocolumns to expose as table columns, expressed as a string in the format 'TableName=ColumnName;TableName=ColumnName'. |
| QueryPassthrough | This option allows you to pass exact queries to Elasticsearch. |
| Readonly | Toggles read-only access to Elasticsearch from the provider. |
| ReplaceInvalidUTF8Chars | Specifies whether to replace invalid UTF8 byte sequences found in reads of indexed document content with the U+FFFD replacement character. |
| RowScanDepth | The maximum number of rows to scan when generating table metadata. Set this property to gain more control over how the provider detects arrays. |
| RTK | Specifies the runtime key for licensing the provider. If unset or invalid, the provider defaults to the standard licensing method. This property is only required in environments where the standard licensing method is unsupported or requires a runtime key. |
| ScrollDuration | Specifies the time unit to use for keep alive when retrieving results via the Scroll API. |
| Timeout | Specifies the maximum time, in seconds, that the provider waits for a server response before throwing a timeout error. |
| UseFullyQualifiedNestedTableName | Set this to true to set the generated table name as the complete source path when flattening nested documents using Relational DataModel . |
| UserDefinedViews | Specifies a filepath to a JSON configuration file that defines custom views. The provider automatically detects and uses the views specified in this file. |