Using the Insight Command Line Interface (CLI)

Insight CLI documentation

Main Insight Command

The following command shows to access the help for the insight commands.

insight --help

Usage: insight [OPTIONS] COMMAND [ARGS]...

  Log Management and Log Forwarding commands.

  EXAMPLES:

  # Verify if configuration exists
  insight list fluentd
  or
  insight list syslog

  # Test connection to SIEM
  insight test fluentd --host <fluentd_address> --port <fluentd_port>
  or
  insight test syslog --host <syslog_address> --port <syslog_port>

  # Configure external SIEM
  insight configure fluentd --host <fluentd_address> --port <fluentd_port> --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>" --key_content "<client.key_content>"
  or
  insight configure syslog --host <syslog_address> --port <syslog_port> --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>" --key_content "<client.key_content>"

  # Update configurations
  insight update fluentd --host <fluentd_address> --port <fluentd_port> --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>" --key_content "<client.key_content>"
  or
  insight update syslog --host <syslog_address> --port <syslog_port> --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>" --key_content "<client.key_content>"

  # Delete if configuration exists
  insight delete fluentd
  or
  insight delete syslog

Options:
  --help  Show this message and exit.

Commands:
  configure  Configure log forwarding to external system.
  delete     Remove log forwarding configurations to external system.
  list       Show the current log forwarding configurations.
  test       Test connectivity to external system.
  update     Update log forwarding configurations.

Configure Command

The following section lists the insight configure commands. The pods take some time to initialize and stabilize, about 15 minutes, after running this command. Avoid updating any more configurations till the pds are ready. Verify the status of the pods using the kubectl get pods -n pty-insightcommand.

Main Configure Command

The following command shows how to access help for the insight configure command.

insight configure --help

Usage: insight configure [OPTIONS] COMMAND [ARGS]...

  Configure log forwarding to external system.

  EXAMPLES:

  # Configure external SIEM
  insight configure fluentd --host <fluentd_address> --port <fluentd_port> --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>" --key_content "<client.key_content>"
  or
  insight configure syslog --host <syslog_address> --port <syslog_port> --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>" --key_content "<client.key_content>"

Options:
  --help  Show this message and exit.

Commands:
  fluentd  Set up log forwarding to an external Fluentd server.
  syslog   Set up log forwarding to an external Syslog server.

Configure Fluentd Command

The following command shows how to access help for the insight configure fluentd command.

insight configure fluentd --help

Usage: insight configure fluentd [OPTIONS]

  Set up log forwarding to an external Fluentd server.

  EXAMPLES:

  # Configure external Fluentd server

  insight configure fluentd --host <fluentd_address> --port <fluentd_port>
  --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>"
  --key_content "<client.key_content>"

  # Configure external Fluentd server (with troubleshooting logs)

  insight configure fluentd --host <fluentd_address> --port <fluentd_port>
  --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>"
  --key_content "<client.key_content>" --troubleshooting_log True

Options:
  --host TEXT                    External Fluentd server address  [required]
  --port INTEGER                 External Fluentd server port  [required]
  --ca_content TEXT              Content of the CA certificate  [required]
  --cert_content TEXT            Content of the client certificate  [required]
  --key_content TEXT             Content of the client private key  [required]
  --troubleshooting_log  BOOLEAN Enable troubleshooting log forward
  --help                         Show this message and exit.

Configure Syslog Command

The following command shows how to access help for the insight configure syslog command.

insight configure syslog --help


Usage: insight configure syslog [OPTIONS]

  Set up log forwarding to an external Syslog server.

  EXAMPLES:

  # Configure external Syslog server

  insight configure syslog --host <syslog_address> --port <syslog_port>
  --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>"
  --key_content "<client.key_content>"

  # Configure external Syslog server (with troubleshooting logs)

  insight configure syslog --host <syslog_address> --port <syslog_port>
  --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>"
  --key_content "<client.key_content>" --troubleshooting_log True

Options:
  --host TEXT                    Syslog server address  [required]
  --port INTEGER                 Syslog server port  [required]
  --ca_content TEXT              Content of the CA certificate  [required]
  --cert_content TEXT            Content of the client certificate  [required]
  --key_content TEXT             Content of the client private key  [required]
  --troubleshooting_log  BOOLEAN Enable troubleshooting log forward
  --help                         Show this message and exit.

Delete Command

The following section lists the insight delete commands. The pods take some time to initialize and stabilize, about 15 minutes, after running this command. Avoid updating any more configurations till the pds are ready. Verify the status of the pods using the kubectl get pods -n pty-insightcommand.

Main Delete Command

The following command shows how to access help for the insight delete command.

insight delete --help

Usage: insight delete [OPTIONS] COMMAND [ARGS]...

  Remove log forwarding configurations to external system.

  EXAMPLES:

  # Delete if configuration exists
  insight delete fluentd
  or
  insight delete syslog

Options:
  --help  Show this message and exit.

Commands:
  fluentd  Remove log forwarding configurations and certificates to external system.
  syslog   Remove log forwarding configurations and certificates to external system.

Delete Fluentd Command

The following command shows how to access help for the insight delete fluentd command.

insight delete fluentd --help

Usage: insight delete fluentd [OPTIONS]

  Remove log forwarding configurations and certificates to external system.

  EXAMPLES:

  # Delete if configuration exists
  insight delete fluentd

Options:
  --help  Show this message and exit.

Delete Syslog Command

The following command shows how to access help for the insight delete syslog command.

insight delete syslog --help

Usage: insight delete syslog [OPTIONS]

  Remove log forwarding configurations and certificates to external system.

  EXAMPLES:

  # Delete if configuration exists
  insight delete syslog

Options:
  --help  Show this message and exit.

List Command

The following section lists the insight list commands.

Main List Command

The following command shows how to access help for the insight list command.

insight list --help

Usage: insight list [OPTIONS] COMMAND [ARGS]...

  Show the current log forwarding configurations.

  EXAMPLES:

  # Verify if configuration exists
  insight list fluentd
  or
  insight list syslog

Options:
  --help  Show this message and exit.

Commands:
  fluentd  Show the current log forwarding configurations.
  syslog   Show the current log forwarding configurations.

List Fluentd Command

The following command shows how to access help for the insight list fluentd command.

insight list fluentd --help

Usage: insight list fluentd [OPTIONS]

  Show the current log forwarding configurations.

  EXAMPLES:

  # Verify if configuration exists
  insight list fluentd

Options:
  --help  Show this message and exit.

List Syslog Command

The following command shows how to access help for the insight list syslog command.

insight list syslog --help

Usage: insight list syslog [OPTIONS]

  Show the current log forwarding configurations.

  EXAMPLES:

  # Verify if configuration exists
  insight list syslog

Options:
  --help  Show this message and exit.

Test Command

The following section lists the insight test commands.

Main Test Command

The following command shows how to access help for the insight test command.

insight test --help

Usage: insight test [OPTIONS] COMMAND [ARGS]...

  Test connectivity to external system.

  EXAMPLES:

  # Test connection to SIEM
  insight test fluentd --host <fluentd_address> --port <fluentd_port>
  or
  insight test syslog --host <syslog_address> --port <syslog_port>

Options:
  --help  Show this message and exit.

Commands:
  fluentd  Test connectivity to external Fluentd server.
  syslog   Test connectivity to external Syslog server.

Test Fluentd Command

The following command shows how to access help for the insight test fluentd command.

insight test fluentd --help

Usage: insight test fluentd [OPTIONS]

  Test connectivity to external Fluentd server.

  EXAMPLES:

  # Test connection
  insight test fluentd --host <fluentd_address> --port <fluentd_port>

Options:
  --host TEXT        External Fluentd server address  [required]
  --port INTEGER     External Fluentd server port  [required]
  --timeout INTEGER  Time allowed for the test  [default: 5]
  --help             Show this message and exit.

Test Syslog Command

The following command shows how to access help for the insight test syslog command.

insight test syslog --help

Usage: insight test syslog [OPTIONS]

  Test connectivity to external Syslog server.

  EXAMPLES:

  # Test connection
  insight test syslog --host <syslog_address> --port <syslog_port>

Options:
  --host TEXT        Syslog server address  [required]
  --port INTEGER     Syslog server port  [required]
  --timeout INTEGER  Time allowed for the test  [default: 5]
  --help             Show this message and exit.

Update Command

The following section lists the insight update commands. The pods take some time to initialize and stabilize, about 15 minutes, after running this command. Avoid updating any more configurations till the pds are ready. Verify the status of the pods using the kubectl get pods -n pty-insightcommand.

Main Update Command

The following command shows how to access help for the insight update command.

insight update --help

Usage: insight update [OPTIONS] COMMAND [ARGS]...

  Update log forwarding configurations.

  EXAMPLES:

  # Update log forwarding configurations to external SIEM
  insight update fluentd --host <fluentd_address> --port <fluentd_port> --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>" --key_content "<client.key_content>"
  or
  insight update syslog --host <syslog_address> --port <syslog_port> --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>" --key_content "<client.key_content>"

Options:
  --help  Show this message and exit.

Commands:
  fluentd  Update log forwarding for external Fluentd server.
  syslog   Update log forwarding for external Syslog server.

Update Fluentd Command

The following command shows how to access help for the insight update fluentd command.

insight update fluentd --help

Usage: insight update fluentd [OPTIONS]

  Update log forwarding for external Fluentd server.

  EXAMPLES:

  # Update configurations for external Fluentd server

  insight update fluentd --host <fluentd_address> --port <fluentd_port>
  --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>"
  --key_content "<client.key_content>"

  # Update configurations for external Fluentd server (with troubleshooting
  logs)

  insight update fluentd --host <fluentd_address> --port <fluentd_port>
  --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>"
  --key_content "<client.key_content>" --troubleshooting_log True

Options:
  --host TEXT                    External Fluentd server address  [required]
  --port INTEGER                 External Fluentd server port  [required]
  --ca_content TEXT              Content of the CA certificate  [required]
  --cert_content TEXT            Content of the client certificate  [required]
  --key_content TEXT             Content of the client private key  [required]
  --troubleshooting_log  BOOLEAN Enable troubleshooting log forward
  --help                         Show this message and exit.

Update Syslog Command

The following command shows how to access help for the insight update syslog command.

insight update syslog --help

Usage: insight update syslog [OPTIONS]

  Update log forwarding for external Syslog server.

  EXAMPLES:

  # Update configurations for external Syslog server

  insight update syslog --host <syslog_address> --port <syslog_port>
  --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>"
  --key_content "<client.key_content>"

  # Update configurations for external Syslog server (with troubleshooting
  logs)

  insight update syslog --host <syslog_address> --port <syslog_port>
  --ca_content "<ca.crt_content>"  --cert_content "<client.crt_content>"
  --key_content "<client.key_content>" --troubleshooting_log True

Options:
  --host TEXT                    Syslog server address  [required]
  --port INTEGER                 Syslog server port  [required]
  --ca_content TEXT              Content of the CA certificate  [required]
  --cert_content TEXT            Content of the client certificate  [required]
  --key_content TEXT             Content of the client private key  [required]
  --troubleshooting_log  BOOLEAN Enable troubleshooting log forward
  --help                         Show this message and exit.

Sending logs to an external security information and event management (SIEM)

Information to forward the logs generated to the Audit Store and SIEM.

Feedback

Was this page helpful?

Last modified : April 13, 2026