提交conf

conf/neo4j-admin.conf

@@ -0,0 +1,85 @@
+#********************************************************************
+# Memory Settings
+#********************************************************************
+#
+# Since the memory requirements of administration tasks generally differs from
+# the ones of the DBMS, it is recommended to provide an administration-task-specific
+# memory configuration.
+#
+# Memory settings are specified kibibytes with the 'k' suffix, mebibytes with
+# 'm' and gibibytes with 'g'.
+#
+# Java Heap Size: If not explicitly set in neo4j.conf, the Java heap size is dynamically
+# calculated based on available system resources. Uncomment these lines to set specific
+# initial and maximum heap size.
+#server.memory.heap.initial_size=512m
+#server.memory.heap.max_size=512m
+#
+# The amount of memory to use for mapping the store files.
+# If not explicitly set in any of the configuration files, the default page cache memory
+# assumes the machine is dedicated to running Neo4j, and is heuristically set to 50% of RAM minus
+# the Java heap size.
+#server.memory.pagecache.size=10g
+
+
+#********************************************************************
+# JVM Parameters
+#********************************************************************
+
+# Parallel GC as throughput-oriented GC is ideal for administration tasks.
+server.jvm.additional=-XX:+UseParallelGC
+
+# Have common exceptions keep producing stack traces, so they can be
+# debugged regardless of how often logs are rotated.
+server.jvm.additional=-XX:-OmitStackTraceInFastThrow
+
+# Trust that non-static final fields are really final.
+# This allows more optimizations and improves overall performance.
+server.jvm.additional=-XX:+UnlockExperimentalVMOptions
+server.jvm.additional=-XX:+TrustFinalNonStaticFields
+
+# Disable explicit garbage collection, which is occasionally invoked by the JDK itself.
+server.jvm.additional=-XX:+DisableExplicitGC
+
+# Restrict size of cached JDK buffers to 1 KB
+server.jvm.additional=-Djdk.nio.maxCachedBufferSize=1024
+
+# More efficient buffer allocation in Netty by allowing direct no cleaner buffers.
+server.jvm.additional=-Dio.netty.tryReflectionSetAccessible=true
+
+# Exits JVM on the first occurrence of an out-of-memory error. Its preferable to restart VM in case of out of memory errors.
+server.jvm.additional=-XX:+ExitOnOutOfMemoryError
+
+# Expand Diffie Hellman (DH) key size from default 1024 to 2048 for DH-RSA cipher suites used in server TLS handshakes.
+# This is to protect the server from any potential passive eavesdropping.
+server.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048
+
+# Enable remote debugging
+#server.jvm.additional=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
+
+# This filter prevents deserialization of arbitrary objects via java object serialization, addressing potential vulnerabilities.
+# By default this filter whitelists all neo4j classes, as well as classes from the hazelcast library and the java standard library.
+# These defaults should only be modified by expert users!
+# For more details (including filter syntax) see: https://openjdk.java.net/jeps/290
+#server.jvm.additional=-Djdk.serialFilter=java.**;org.neo4j.**;com.neo4j.**;com.hazelcast.**;net.sf.ehcache.Element;com.sun.proxy.*;org.openjdk.jmh.**;!*
+
+# Increase the default flight recorder stack sampling depth from 64 to 256, to avoid truncating frames when profiling.
+server.jvm.additional=-XX:FlightRecorderOptions=stackdepth=256
+
+# Allow profilers to sample between safepoints. Without this, sampling profilers may produce less accurate results.
+server.jvm.additional=-XX:+UnlockDiagnosticVMOptions
+server.jvm.additional=-XX:+DebugNonSafepoints
+
+# Open modules for neo4j to allow internal access
+server.jvm.additional=--add-opens=java.base/java.nio=ALL-UNNAMED
+server.jvm.additional=--add-opens=java.base/java.io=ALL-UNNAMED
+server.jvm.additional=--add-opens=java.base/sun.nio.ch=ALL-UNNAMED
+
+# Enable native memory access
+server.jvm.additional=--enable-native-access=ALL-UNNAMED
+
+# Enable access to JDK vector API
+# server.jvm.additional=--add-modules=jdk.incubator.vector
+
+# Disable logging JMX endpoint.
+server.jvm.additional=-Dlog4j2.disable.jmx=true

conf/neo4j.conf

@@ -0,0 +1,351 @@
+#*****************************************************************
+# Neo4j configuration
+#
+# For more details and a complete list of settings, please see
+# https://neo4j.com/docs/operations-manual/current/reference/configuration-settings/
+#*****************************************************************
+
+# The name of the default database
+#initial.dbms.default_database=neo4j
+
+# Paths of directories in the installation.
+#server.directories.data=data
+#server.directories.plugins=plugins
+#server.directories.logs=logs
+#server.directories.lib=lib
+#server.directories.run=run
+#server.directories.licenses=licenses
+#server.directories.transaction.logs.root=data/transactions
+
+# This setting constrains all `LOAD CSV` import files to be under the `import` directory. Remove or comment it out to
+# allow files to be loaded from anywhere in the filesystem; this introduces possible security problems. See the
+# `LOAD CSV` section of the manual for details.
+server.directories.import=import
+
+# Whether requests to Neo4j are authenticated.
+# To disable authentication, uncomment this line
+dbms.security.auth_enabled=false
+
+# Anonymous usage data reporting
+# To disable, uncomment this line
+#dbms.usage_report.enabled=false
+
+#********************************************************************
+# Memory Settings
+#********************************************************************
+#
+# Memory settings are specified kibibytes with the 'k' suffix, mebibytes with
+# 'm' and gibibytes with 'g'.
+# If Neo4j is running on a dedicated server, then it is generally recommended
+# to leave about 2-4 gigabytes for the operating system, give the JVM enough
+# heap to hold all your transaction state and query context, and then leave the
+# rest for the page cache.
+
+# Java Heap Size: by default the Java heap size is dynamically calculated based
+# on available system resources. Uncomment these lines to set specific initial
+# and maximum heap size.
+#server.memory.heap.initial_size=512m
+#server.memory.heap.max_size=512m
+
+# The amount of memory to use for mapping the store files.
+# The default page cache memory assumes the machine is dedicated to running
+# Neo4j, and is heuristically set to 50% of RAM minus the Java heap size.
+#server.memory.pagecache.size=10g
+
+# Limit the amount of memory that all of the running transaction can consume.
+# The default value is 70% of the heap size limit.
+#dbms.memory.transaction.total.max=256m
+
+# Limit the amount of memory that a single transaction can consume.
+# By default there is no limit.
+#db.memory.transaction.max=16m
+
+#*****************************************************************
+# Network connector configuration
+#*****************************************************************
+
+# With default configuration Neo4j only accepts local connections.
+# To accept non-local connections, uncomment this line:
+#server.default_listen_address=0.0.0.0
+
+# You can also choose a specific network interface, and configure a non-default
+# port for each connector, by setting their individual listen_address.
+
+# The address at which this server can be reached by its clients. This may be the server's IP address or DNS name, or
+# it may be the address of a reverse proxy which sits in front of the server. This setting may be overridden for
+# individual connectors below.
+#server.default_advertised_address=localhost
+
+# You can also choose a specific advertised hostname or IP address, and
+# configure an advertised port for each connector, by setting their
+# individual advertised_address.
+
+# By default, encryption is turned off.
+# To turn on encryption, an ssl policy for the connector needs to be configured
+# Read more in SSL policy section in this file for how to define a SSL policy.
+
+# Bolt connector
+server.bolt.enabled=true
+#server.bolt.tls_level=DISABLED
+#server.bolt.listen_address=:7687
+#server.bolt.advertised_address=:7687
+
+# HTTP Connector. There can be zero or one HTTP connectors.
+server.http.enabled=true
+server.http.listen_address=:7860
+server.http.advertised_address=:7860
+# server.http.listen_address=:7474
+# server.http.advertised_address=:7474
+# HTTPS Connector. There can be zero or one HTTPS connectors.
+server.https.enabled=false
+#server.https.listen_address=:7473
+#server.https.advertised_address=:7473
+
+# Number of Neo4j worker threads.
+#server.threads.worker_count=
+
+#*****************************************************************
+# SSL policy configuration
+#*****************************************************************
+
+# Each policy is configured under a separate namespace, e.g.
+#    dbms.ssl.policy.<scope>.*
+#    <scope> can be any of 'bolt', 'https', 'cluster' or 'backup'
+#
+# The scope is the name of the component where the policy will be used
+# Each component where the use of an ssl policy is desired needs to declare at least one setting of the policy.
+# Allowable values are 'bolt', 'https', 'cluster' or 'backup'.
+
+# E.g if bolt and https connectors should use the same policy, the following could be declared
+#   dbms.ssl.policy.bolt.base_directory=certificates/default
+#   dbms.ssl.policy.https.base_directory=certificates/default
+# However, it's strongly encouraged to not use the same key pair for multiple scopes.
+#
+# N.B: Note that a connector must be configured to support/require
+#      SSL/TLS for the policy to actually be utilized.
+#
+# see: dbms.connector.*.tls_level
+
+# SSL settings (dbms.ssl.policy.<scope>.*)
+#  .base_directory       Base directory for SSL policies paths. All relative paths within the
+#                        SSL configuration will be resolved from the base dir.
+#
+#  .private_key          A path to the key file relative to the '.base_directory'.
+#
+#  .private_key_password The password for the private key.
+#
+#  .public_certificate   A path to the public certificate file relative to the '.base_directory'.
+#
+#  .trusted_dir          A path to a directory containing trusted certificates.
+#
+#  .revoked_dir          Path to the directory with Certificate Revocation Lists (CRLs).
+#
+#  .verify_hostname      If true, the server will verify the hostname that the client uses to connect with. In order
+#                        for this to work, the server public certificate must have a valid CN and/or matching
+#                        Subject Alternative Names.
+#
+#  .client_auth          How the client should be authorized. Possible values are: 'none', 'optional', 'require'.
+#
+#  .tls_versions         A comma-separated list of allowed TLS versions. By default only TLSv1.2 and TLSv1.3 are allowed.
+#
+#  .trust_all            Setting this to 'true' will ignore the trust truststore, trusting all clients and servers.
+#                        Use of this mode is discouraged. It would offer encryption but no security.
+#
+#  .ciphers              A comma-separated list of allowed ciphers. The default ciphers are the defaults of
+#                        the JVM platform.
+
+# Bolt SSL configuration
+#dbms.ssl.policy.bolt.enabled=true
+#dbms.ssl.policy.bolt.base_directory=certificates/bolt
+#dbms.ssl.policy.bolt.private_key=private.key
+#dbms.ssl.policy.bolt.public_certificate=public.crt
+#dbms.ssl.policy.bolt.client_auth=NONE
+
+# Https SSL configuration
+#dbms.ssl.policy.https.enabled=true
+#dbms.ssl.policy.https.base_directory=certificates/https
+#dbms.ssl.policy.https.private_key=private.key
+#dbms.ssl.policy.https.public_certificate=public.crt
+#dbms.ssl.policy.https.client_auth=NONE
+
+# Cluster SSL configuration
+#dbms.ssl.policy.cluster.enabled=true
+#dbms.ssl.policy.cluster.base_directory=certificates/cluster
+#dbms.ssl.policy.cluster.private_key=private.key
+#dbms.ssl.policy.cluster.public_certificate=public.crt
+
+# Backup SSL configuration
+#dbms.ssl.policy.backup.enabled=true
+#dbms.ssl.policy.backup.base_directory=certificates/backup
+#dbms.ssl.policy.backup.private_key=private.key
+#dbms.ssl.policy.backup.public_certificate=public.crt
+
+#*****************************************************************
+# Logging configuration
+#*****************************************************************
+
+# To enable HTTP logging, uncomment this line
+#dbms.logs.http.enabled=true
+
+# To enable GC Logging, uncomment this line
+#server.logs.gc.enabled=true
+
+# GC Logging Options
+# see https://docs.oracle.com/en/java/javase/11/tools/java.html#GUID-BE93ABDC-999C-4CB5-A88B-1994AAAC74D5
+#server.logs.gc.options=-Xlog:gc*,safepoint,age*=trace
+
+# Number of GC logs to keep.
+#server.logs.gc.rotation.keep_number=5
+
+# Size of each GC log that is kept.
+#server.logs.gc.rotation.size=20m
+
+#*****************************************************************
+# Miscellaneous configuration
+#*****************************************************************
+
+# Determines if Cypher will allow using file URLs when loading data using
+# `LOAD CSV`. Setting this value to `false` will cause Neo4j to fail `LOAD CSV`
+# clauses that load data from the file system.
+#dbms.security.allow_csv_import_from_file_urls=true
+
+
+# Value of the Access-Control-Allow-Origin header sent over any HTTP or HTTPS
+# connector. This defaults to '*', which allows broadest compatibility. Note
+# that any URI provided here limits HTTP/HTTPS access to that URI only.
+#dbms.security.http_access_control_allow_origin=*
+
+# Value of the HTTP Strict-Transport-Security (HSTS) response header. This header
+# tells browsers that a webpage should only be accessed using HTTPS instead of HTTP.
+# It is attached to every HTTPS response. Setting is not set by default so
+# 'Strict-Transport-Security' header is not sent. Value is expected to contain
+# directives like 'max-age', 'includeSubDomains' and 'preload'.
+#dbms.security.http_strict_transport_security=
+
+# Retention policy for transaction logs needed to perform recovery and backups.
+db.tx_log.rotation.retention_policy=2 days 2G
+
+# Whether or not any database on this instance are read_only by default.
+# If false, individual databases may be marked as read_only using dbms.database.read_only.
+# If true, individual databases may be marked as writable using dbms.databases.writable.
+#dbms.databases.default_to_read_only=false
+
+# Comma separated list of JAX-RS packages containing JAX-RS resources, one
+# package name for each mountpoint. The listed package names will be loaded
+# under the mountpoints specified. Uncomment this line to mount the
+# org.neo4j.examples.server.unmanaged.HelloWorldResource.java from
+# neo4j-server-examples under /examples/unmanaged, resulting in a final URL of
+# http://localhost:7474/examples/unmanaged/helloworld/{nodeId}
+#server.unmanaged_extension_classes=org.neo4j.examples.server.unmanaged=/examples/unmanaged
+
+# A comma separated list of procedures and user defined functions that are allowed
+# full access to the database through unsupported/insecure internal APIs.
+#dbms.security.procedures.unrestricted=my.extensions.example,my.procedures.*
+
+# A comma separated list of procedures to be loaded by default.
+# Leaving this unconfigured will load all procedures found.
+#dbms.security.procedures.allowlist=apoc.coll.*,apoc.load.*,gds.*
+
+#********************************************************************
+# JVM Parameters
+#********************************************************************
+
+# G1GC generally strikes a good balance between throughput and tail
+# latency, without too much tuning.
+server.jvm.additional=-XX:+UseG1GC
+
+# Have common exceptions keep producing stack traces, so they can be
+# debugged regardless of how often logs are rotated.
+server.jvm.additional=-XX:-OmitStackTraceInFastThrow
+
+# Make sure that `initmemory` is not only allocated, but committed to
+# the process, before starting the database. This reduces memory
+# fragmentation, increasing the effectiveness of transparent huge
+# pages. It also reduces the possibility of seeing performance drop
+# due to heap-growing GC events, where a decrease in available page
+# cache leads to an increase in mean IO response time.
+# Try reducing the heap memory, if this flag degrades performance.
+server.jvm.additional=-XX:+AlwaysPreTouch
+
+# Trust that non-static final fields are really final.
+# This allows more optimizations and improves overall performance.
+# NOTE: Disable this if you use embedded mode, or have extensions or dependencies that may use reflection or
+# serialization to change the value of final fields!
+server.jvm.additional=-XX:+UnlockExperimentalVMOptions
+server.jvm.additional=-XX:+TrustFinalNonStaticFields
+
+# Disable explicit garbage collection, which is occasionally invoked by the JDK itself.
+server.jvm.additional=-XX:+DisableExplicitGC
+
+# Restrict size of cached JDK buffers to 1 KB
+server.jvm.additional=-Djdk.nio.maxCachedBufferSize=1024
+
+# More efficient buffer allocation in Netty by allowing direct no cleaner buffers.
+server.jvm.additional=-Dio.netty.tryReflectionSetAccessible=true
+
+# Exits JVM on the first occurrence of an out-of-memory error. Its preferable to restart VM in case of out of memory errors.
+# server.jvm.additional=-XX:+ExitOnOutOfMemoryError
+
+# Expand Diffie Hellman (DH) key size from default 1024 to 2048 for DH-RSA cipher suites used in server TLS handshakes.
+# This is to protect the server from any potential passive eavesdropping.
+server.jvm.additional=-Djdk.tls.ephemeralDHKeySize=2048
+
+# This mitigates a DDoS vector.
+server.jvm.additional=-Djdk.tls.rejectClientInitiatedRenegotiation=true
+
+# Enable remote debugging
+#server.jvm.additional=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
+
+# This filter prevents deserialization of arbitrary objects via java object serialization, addressing potential vulnerabilities.
+# By default this filter whitelists all neo4j classes, as well as classes from the hazelcast library and the java standard library.
+# These defaults should only be modified by expert users!
+# For more details (including filter syntax) see: https://openjdk.java.net/jeps/290
+#server.jvm.additional=-Djdk.serialFilter=java.**;org.neo4j.**;com.neo4j.**;com.hazelcast.**;net.sf.ehcache.Element;com.sun.proxy.*;org.openjdk.jmh.**;!*
+
+# Increase the default flight recorder stack sampling depth from 64 to 256, to avoid truncating frames when profiling.
+server.jvm.additional=-XX:FlightRecorderOptions=stackdepth=256
+
+# Allow profilers to sample between safepoints. Without this, sampling profilers may produce less accurate results.
+server.jvm.additional=-XX:+UnlockDiagnosticVMOptions
+server.jvm.additional=-XX:+DebugNonSafepoints
+
+# Open modules for neo4j to allow internal access
+server.jvm.additional=--add-opens=java.base/java.nio=ALL-UNNAMED
+server.jvm.additional=--add-opens=java.base/java.io=ALL-UNNAMED
+server.jvm.additional=--add-opens=java.base/sun.nio.ch=ALL-UNNAMED
+
+# Enable native memory access
+server.jvm.additional=--enable-native-access=ALL-UNNAMED
+
+# Enable access to JDK vector API
+# server.jvm.additional=--add-modules=jdk.incubator.vector
+
+# Disable logging JMX endpoint.
+server.jvm.additional=-Dlog4j2.disable.jmx=true
+
+# Increasing the JSON log string maximum length
+server.jvm.additional=-Dlog4j.layout.jsonTemplate.maxStringLength=32768
+
+# Limit JVM metaspace and code cache to allow garbage collection. Used by cypher for code generation and may grow indefinitely unless constrained.
+# Useful for memory constrained environments
+#server.jvm.additional=-XX:MaxMetaspaceSize=1024m
+#server.jvm.additional=-XX:ReservedCodeCacheSize=512m
+
+# Allow big methods to be JIT compiled.
+# Useful for big queries and big expressions where cypher code generation can create large methods.
+#server.jvm.additional=-XX:-DontCompileHugeMethods
+
+#********************************************************************
+# Wrapper Windows NT/2000/XP Service Properties
+#********************************************************************
+# WARNING - Do not modify any of these properties when an application
+#  using this configuration file has been installed as a service.
+#  Please uninstall the service before modifying this section.  The
+#  service can then be reinstalled.
+
+# Name of the service
+server.windows_service_name=neo4j
+
+#********************************************************************
+# Other Neo4j system properties
+#********************************************************************

conf/server-logs.xml

@@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright (c) "Neo4j"
+    Neo4j Sweden AB [https://neo4j.com]
+
+    This file is part of Neo4j.
+
+    Neo4j is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+-->
+<!--
+    This is a log4j 2 configuration file.
+
+    It is highly recommended to keep the original "debug.log" as is, to make sure enough data is captured in case
+    of errors in a format that neo4j developers can work with.
+
+    All configuration values can be queried with the lookup prefix "config:". You can for example, resolve
+    the path to your neo4j home directory with ${config:dbms.directories.neo4j_home}.
+
+    Please consult https://logging.apache.org/log4j/2.x/manual/configuration.html for instructions and
+    available configuration options.
+-->
+<Configuration status="ERROR" monitorInterval="30" packages="org.neo4j.logging.log4j">
+    <Appenders>
+        <!-- Default debug.log, please keep -->
+        <RollingRandomAccessFile name="DebugLog" fileName="${config:server.directories.logs}/debug.log"
+                                 filePattern="$${config:server.directories.logs}/debug.log.%02i">
+            <Neo4jDebugLogLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSSZ}{GMT+0} %-5p [%c{1.}] %m%n"/>
+            <Policies>
+                <SizeBasedTriggeringPolicy size="20 MB"/>
+            </Policies>
+            <DefaultRolloverStrategy fileIndex="min" max="7"/>
+        </RollingRandomAccessFile>
+
+        <RollingRandomAccessFile name="HttpLog" fileName="${config:server.directories.logs}/http.log"
+                                 filePattern="$${config:server.directories.logs}/http.log.%02i">
+            <PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSSZ}{GMT+0} %-5p %m%n"/>
+            <Policies>
+                <SizeBasedTriggeringPolicy size="20 MB"/>
+            </Policies>
+            <DefaultRolloverStrategy fileIndex="min" max="5"/>
+        </RollingRandomAccessFile>
+
+        <RollingRandomAccessFile name="QueryLog" fileName="${config:server.directories.logs}/query.log"
+                                 filePattern="$${config:server.directories.logs}/query.log.%02i">
+            <PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSSZ}{GMT+0} %-5p %m%n"/>
+            <Policies>
+                <SizeBasedTriggeringPolicy size="20 MB"/>
+            </Policies>
+            <DefaultRolloverStrategy fileIndex="min" max="7"/>
+        </RollingRandomAccessFile>
+
+        <RollingRandomAccessFile name="SecurityLog" fileName="${config:server.directories.logs}/security.log"
+                                 filePattern="$${config:server.directories.logs}/security.log.%02i">
+            <PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSSZ}{GMT+0} %-5p %m%n"/>
+            <Policies>
+                <SizeBasedTriggeringPolicy size="20 MB"/>
+            </Policies>
+            <DefaultRolloverStrategy fileIndex="min" max="7"/>
+        </RollingRandomAccessFile>
+    </Appenders>
+
+    <Loggers>
+        <!-- Log levels. One of DEBUG, INFO, WARN, ERROR or OFF -->
+
+        <!-- The debug log is used as the root logger to catch everything -->
+        <Root level="INFO">
+            <AppenderRef ref="DebugLog"/> <!-- Keep this -->
+        </Root>
+
+        <!-- The query log, must be named "QueryLogger" -->
+        <Logger name="QueryLogger" level="INFO" additivity="false">
+            <AppenderRef ref="QueryLog"/>
+        </Logger>
+
+        <!-- The http request log, must be named "HttpLogger" -->
+        <Logger name="HttpLogger" level="INFO" additivity="false">
+            <AppenderRef ref="HttpLog"/>
+        </Logger>
+
+        <!-- The security log, must be named "SecurityLogger" -->
+        <Logger name="SecurityLogger" level="INFO" additivity="false">
+            <AppenderRef ref="SecurityLog"/>
+        </Logger>
+    </Loggers>
+</Configuration>

conf/user-logs.xml

@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright (c) "Neo4j"
+    Neo4j Sweden AB [https://neo4j.com]
+
+    This file is part of Neo4j.
+
+    Neo4j is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+-->
+<!--
+    This is a log4j 2 configuration file that provides maximum flexibility.
+
+    All configuration values can be queried with the lookup prefix "config:". You can for example, resolve
+    the path to your neo4j home directory with ${config:dbms.directories.neo4j_home}.
+
+    Please consult https://logging.apache.org/log4j/2.x/manual/configuration.html for instructions and
+    available configuration options.
+-->
+<Configuration status="ERROR" monitorInterval="30" packages="org.neo4j.logging.log4j">
+
+    <Appenders>
+        <RollingRandomAccessFile name="Neo4jLog" fileName="${config:server.directories.logs}/neo4j.log"
+                                 filePattern="$${config:server.directories.logs}/neo4j.log.%02i">
+            <PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSSZ}{GMT+0} %-5p %m%n"/>
+            <Policies>
+                <SizeBasedTriggeringPolicy size="20 MB"/>
+            </Policies>
+            <DefaultRolloverStrategy fileIndex="min" max="7"/>
+        </RollingRandomAccessFile>
+
+        <!-- Only used by "neo4j console", will be ignored otherwise -->
+        <Console name="ConsoleAppender" target="SYSTEM_OUT">
+            <PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSSZ}{GMT+0} %-5p %m%n"/>
+        </Console>
+    </Appenders>
+
+    <Loggers>
+        <!-- Log level for the neo4j log. One of DEBUG, INFO, WARN, ERROR or OFF -->
+        <Root level="INFO">
+            <AppenderRef ref="Neo4jLog"/>
+            <AppenderRef ref="ConsoleAppender"/>
+        </Root>
+    </Loggers>
+
+</Configuration>