| --port <port> |
Port for connection. If not set then port 9000 is used for non-SSL connections and port 9543 is used for an SSL connection. |
| --logdir <path> |
Specifies the path to the logs directory. If this is not set, the path is: $(LOCALAPPDATA)\VMware\Log Insight Importer\log on Windows and ~/.loginsight-importer/log on Linux. |
| --manifest <file-path> |
Specifies the path to the manifest file (.ini format). If this is not set, the importer.ini file in the source directory is used. If the importer.ini file does not exist or is not found in the source directory, vRealize Log Insight Importer applies the default (hardcoded) manifest and collects all .txt and .log files (include=*.log*;*.txt*), and also applies the auto parser (extracts timestamp + kvp). |
| --no_ssl |
Do not use SSL for connections. This should not be set for authenticated connections (for example if --honor_timestamp is used). |
| --ssl_ca_path <path> |
Path to the trusted root certificates bundle file. |
| --tags <tags> |
Set tags for all sent events. For example --tags "{ \"tag1\" : \"value1\", \"tag2\":\"value2\"}"
Note: The tags option can accept
hostname as a tag name. The value of the
hostname tag from the command line is used instead of the FQDN of the sending machine as the value of the
hostname field for all events extracted by
vRealize Log Insight Importer. This is opposite of the tags parameter in the manifest file and extracted fields by parsers, which ignore the
hostname field.
A log bundle name, either a filename or a directory name in case of directory sources, is automatically determined and added as a bundle tag to all logs extracted from that specific bundle during the ingestion. This tag helps you to differentiate bundles on vRealize Log Insight Server. A bundle tag overrides tags with that same name from a manifest file. But it can be overridden by command line tags, if there is one with bundle name.
|
| --username <username > |
Username for authentication. Required if --honor_timestamp is set. |
| --password <password> |
Password for authentication. Required if --honor_timestamp is set. The username/password pair deactivates the allowed time-drift on vRealize Log Insight server so it is possible to import data with a historical timestamp. |
| --honor_timestamp |
Applies the extracted timestamp. The configured parsers extract the timestamp from the log entries and the
--honor_timestamp applies the extracted timestamp.
- If the timestamp is extracted using configured parsers, then the events will have that timestamp applied.
- If there is an event in the logs file, with no extracted timestamp, then the successfully extracted timestamp from the previous event in the same log file will be applied.
- If no timestamp is found or parsed in the file then the MTIME of the log file will be applied as the timestamp.
Note: If a manifest file was not provided, the default hardcoded manifest that the
vRealize Log Insight Importer will use has the Automatic Log parser enabled. In this case,
vRealize Log Insight Importer extracts the timestamp from the log entries if the
--honor_timestamp parameter is used.
|
| --debug_level <1|2> |
Increases the verbosity level of the log file. This should only be changed when troubleshooting. Under normal operations this flag should not be used. |
| --help |
Display help and exit. |
