# Elasticsearch Configuration
ES_NODE=http://localhost:9200
ES_USERNAME=elastic
ES_PASSWORD=changeme
ES_INDEX=network-packets

# Capture Configuration
# Comma-separated list of interfaces (leave empty for all)
CAPTURE_INTERFACES=

# Enable promiscuous mode
PROMISCUOUS_MODE=false

# Buffer size in bytes
BUFFER_SIZE=10485760

# Custom BPF filter (leave empty to use filter configuration below)
CAPTURE_FILTER=

# Filter Configuration
# Comma-separated protocols: tcp,udp,icmp
FILTER_PROTOCOLS=

# Comma-separated ports to exclude
EXCLUDE_PORTS=

# Port ranges to exclude (JSON array format)
# Example: [[8000,9000],[3000,3100]]
EXCLUDE_PORT_RANGES=[]

# Comma-separated ports to include (takes precedence over excludes)
INCLUDE_PORTS=

# Content Configuration
# Maximum content size to index in bytes (1MB default)
MAX_CONTENT_SIZE=1048576

# Index readable content
INDEX_READABLE_CONTENT=true

# Cache Configuration (for Elasticsearch failover)
# Maximum documents to keep in memory when ES is down
CACHE_MAX_SIZE=10000

# Check ES availability interval in milliseconds
CACHE_CHECK_INTERVAL=5000

# Logging Configuration
# Log level: debug, info, warn, error
LOG_LEVEL=info

# Statistics interval in seconds
STATS_INTERVAL=60