openobserve
diff --git a/‎docs/environment-variables.md‎
Lines changed: 2 additions & 0 deletions b/‎docs/environment-variables.md‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎docs/images/example-1-query-recommendations.png‎
145 KB b/‎docs/images/example-1-query-recommendations.png‎
145 KB
diff --git a/‎docs/images/example-2-query-recommendations.png‎
144 KB b/‎docs/images/example-2-query-recommendations.png‎
144 KB
diff --git a/‎docs/images/match-all-hash.png‎
230 KB b/‎docs/images/match-all-hash.png‎
230 KB
diff --git a/‎docs/images/organization-in-openobserve.png‎
192 KB b/‎docs/images/organization-in-openobserve.png‎
192 KB
diff --git a/‎docs/images/organization-role-permission.png‎
195 KB b/‎docs/images/organization-role-permission.png‎
195 KB
diff --git a/‎docs/images/select-query-recommendations.png‎
183 KB b/‎docs/images/select-query-recommendations.png‎
183 KB
diff --git a/‎docs/images/use-query-recommendations.png‎
145 KB b/‎docs/images/use-query-recommendations.png‎
145 KB
diff --git a/‎docs/user-guide/enrichment-tables/enrichment-table-upload-recovery.md‎
Lines changed: 21 additions & 0 deletions b/‎docs/user-guide/enrichment-tables/enrichment-table-upload-recovery.md‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎docs/user-guide/identity-and-access-management/organizations.md‎
Lines changed: 36 additions & 36 deletions b/‎docs/user-guide/identity-and-access-management/organizations.md‎
Lines changed: 36 additions & 36 deletions
@@ -333,6 +333,8 @@ OpenObserve is configured using the following environment variables.
 | ZO_NATS_DELIVER_POLICY  | all           | Starting point in the stream for message delivery. Allowed values are all, last, new. |
 | ZO_NATS_SUB_CAPACITY    | 65535         | Maximum subscription capacity.                                                        |
 | ZO_NATS_QUEUE_MAX_SIZE | 2048          | Maximum queue size in megabytes.                                                      |
+| ZO_NATS_KV_WATCH_MODULES | 2048          | Defines which internal modules use the NATS Key-Value Watcher instead of the default NATS Queue for event synchronization. Add one or more module prefixes separated by commas, such as /nodes/ or /user_sessions/. When left empty, all modules use the default NATS Queue mechanism.                                                      |
+| ZO_NATS_EVENT_STORAGE | memory          | Controls how NATS JetStream stores event data. Use memory for high-speed, in-memory event storage or file for durable, disk-based storage that persists across restarts. <br> Performance Benchmark Results: <br> • File Storage: 10,965 ops/sec (10.71 MB/s throughput, ~911 µs mean latency) <br>• Memory Storage: 16,957 ops/sec (16.56 MB/s throughput, ~589 µs mean latency) <br> Memory storage offers ~55 percent higher throughput and lower latency, while file storage ensures durability.                                                      |
 
 
 ## S3 and Object Storage
 
@@ -59,4 +59,25 @@ When no local disk cache is available:
 - The querier fetches the latest enrichment data from the metadata database, such as PostgreSQL, and the remote storage system, such as S3. It then provides the data to the restarting node.
 
 
+## Region-based caching in multi-region super clusters
+In a multi-region super cluster deployment, enrichment tables are typically queried from all regions when a node starts up and rebuilds its cache. While this ensures data completeness, it can slow startup or cause failures if one or more regions are unavailable.
+
+To address this, OpenObserve Enterprise supports primary region–based caching, controlled by the environment variable `ZO_ENRICHMENT_TABLE_GET_REGION`.
+
+### Requirements 
+
+- Available only in Enterprise Edition.
+- Requires Super Cluster to be enabled.
+- The `ZO_ENRICHMENT_TABLE_GET_REGION` variable must specify a valid region name.
+
+### How it works
+When a node starts, OpenObserve calls internal methods such as `get_enrichment_table_data()` and `cache_enrichment_tables()` to retrieve enrichment table data. <br>
+The boolean parameter `apply_primary_region_if_specified` controls whether to use only the primary region for these fetch operations.
+
+In a multi-region super cluster deployment, when `apply_primary_region_if_specified = true`, OpenObserve checks the value of `ZO_ENRICHMENT_TABLE_GET_REGION`. 
+
+- If `ZO_ENRICHMENT_TABLE_GET_REGION` specifies a primary region, the node queries only that region to fetch enrichment table data during cache initialization. 
+- If `ZO_ENRICHMENT_TABLE_GET_REGION` is not set, or the region name is empty, OpenObserve continues to query all regions as before.
+
+
 
@@ -11,48 +11,48 @@ Organizations provide logical boundaries for separating data, users, and access
 
 ![Organizations in OpenObserve](../../images/organization-in-openobserve.png)
 
-## Organization Types
+## Organization types
 
 OpenObserve supports two types of organizations:
 
 - **Default organization:** Automatically created for each user upon account creation. Typically named **default** and owned by the user. The UI labels it as type **default**.
 - **Custom organization:** Any organization other than the **default**. These are created manually using the UI or ingestion (if enabled). Displayed in the UI as type **custom**.
 
-!!! Info "What Is **_meta** Organization?"
-    **_meta Organization** is considered as a **custom** organization. It is a system-level organization that exists in both single-node and multi-node (HA) deployments. 
-
-    - The **_meta** organization provides visibility into the health and status of the OpenObserve instance, including node metrics, resource usage, and configuration across all organizations. 
-    - Use the **IAM > Roles > Permission** in the **_meta** organization to manage users across all organizations and control who can list, create, update, or delete organizations.
-
-## Access 
-
-In OpenObserve, access to organization-level operations, such as listing, creating, updating, or deleting organizations, depends on the deployment mode.
-
-### Open-Source Mode 
-Any authenticated user can create new organizations using the Add Organization button in the UI.
-### Enterprise Mode with RBAC Enabled
-- Access to organization management is strictly controlled through RBAC, which must be configured in the _meta organization.
-- The **root** user always has unrestricted access to all organizations, including **_meta**.
-- Only roles defined in **_meta** can include permissions for managing organizations.
-- The **organization** module is available in the role editor only within the **_meta** organization. 
-
-!!! Info "How to Grant Organization Management Access?"
-    To delegate organization management to users in enterprise mode:
-
-    1. Switch to the **_meta** organization.
-    2. Go to **IAM > Roles**.
-    3. Create a new role or edit an existing one.
-    4. In the **Permissions** tab, locate the Organizations module.
-    5. Select the required operations:
-
-        - **List**: View existing organizations
-        - **Create**: Add new organizations
-        - **Update**: Modify organization details
-        - **Delete**: Remove organizations
-    6. Click **Save**. <br>
-    ![Grant Organization Management Access in OpenObserve](../../images/organization-role-permission.png)
-
-    Once this role is assigned to a user within the **_meta** organization, they will have access to manage organizations across the system.
+### _meta organization
+**_meta Organization** is considered as a **custom** organization. It is a system-level organization that exists in both single-node and multi-node (HA) deployments. 
+
+- The **_meta** organization provides visibility into the health and status of the OpenObserve instance, including node metrics, resource usage, and configuration across all organizations. 
+- Use the **IAM > Roles > Permission** in the **_meta** organization to manage users across all organizations and control who can list, create, update, or delete organizations.
+
+!!! note "Who can access"
+    ## Who can access
+    In OpenObserve, access to organization-level operations, such as listing, creating, updating, or deleting organizations, depends on the deployment mode.
+
+    ### Access in the open-source mode 
+    Any authenticated user can create new organizations using the **Add Organization** button in the UI.
+    ### Access in the enterprise mode with RBAC enabled
+    - Access to organization management is strictly controlled through RBAC, which must be configured in the _meta organization.
+    - The **root** user always has unrestricted access to all organizations, including **_meta**.
+    - Only roles defined in **_meta** can include permissions for managing organizations.
+    - The **organization** module is available in the role editor only within the **_meta** organization. 
+
+## How to grant organization management access?
+To delegate organization management to users in enterprise mode:
+
+1. Switch to the **_meta** organization.
+2. Go to **IAM > Roles**.
+3. Create a new role or edit an existing one.
+4. In the **Permissions** tab, locate the Organizations module.
+5. Select the required operations:
+
+    - **Create**: Add new organizations
+    - **Update**: Modify organization details
+    !!! note "Note"
+        By default, OpenObserve displays the list of organizations a user belongs to. You do not need to explicitly grant permission to view or retrieve organization details.
+6. Click **Save**. <br>
+![Grant Organization Management Access in OpenObserve](../../images/organization-role-permission.png)
+
+Once this role is assigned to a user within the **_meta** organization, they will have access to manage organizations across the system.
 
 
 ## Create an Organization