System Commands
LogZilla documentation for System Commands
System Commands
LogZilla provides comprehensive command line tools for system configuration, service management, and administrative tasks. These commands handle core system operations including settings management, licensing, application installation, and service control.
System Configuration
Settings Management
Configure LogZilla system parameters including time zones, SMTP settings, retention policies, and feature toggles.
View Settings
bash# List all current settings (all groups)
logzilla settings list
# List settings for a specific group (e.g., generic)
logzilla settings list generic
Modify Settings
bash# Change settings
logzilla settings update TIME_ZONE=UTC
logzilla settings update SMTP_SERVER=mail.company.com
# Set multiple settings at once
logzilla settings update TIME_ZONE=EST SMTP_SERVER=mail.local.com
Tip: Use
logzilla settings listto discover exact setting names and groups available in your installation before updating values.
License Management
Manage LogZilla licensing, view usage limits, and handle license updates.
View License Information
bash# Display license details
logzilla license info
License Installation
bash# Get server's unique host key (needed for licensing)
logzilla license key
# Download license from LogZilla servers (requires internet)
logzilla license download
# Load license from file
logzilla license load /path/to/license.txt
# Verify license validity
logzilla license verify
Application Management
Install and manage pre-built parsing rules, dashboards, and integrations for specific products such as Cisco ASA, Palo Alto Networks, and other systems.
List Applications
bash# List available applications
logzilla apps list
Install Applications
bash# Install an application by code
logzilla apps install cisco-asa
# Reinstall if already installed
logzilla apps install cisco-asa --force
Manage Applications
bash# Remove an application
logzilla apps uninstall cisco-asa
# Test application definition without installing
logzilla apps test cisco-asa
Create Custom Applications
bash# Create a custom application from template
logzilla apps create my-custom-app
HTTPS Configuration
Configure SSL/TLS certificates to secure the LogZilla web interface.
Enable HTTPS
bash# Enable HTTPS with certificate and key files
logzilla https --set /path/to/private.key /path/to/certificate.crt
Note: The HTTPS tool currently supports setting the key and certificate. Other management actions are handled automatically by the platform.
User and Access Management
Password Management
Change passwords for local LogZilla user accounts.
bash# Change password for a user (interactive prompt)
logzilla password username
# Provide password non-interactively (use with caution)
logzilla password username --password 'newpass'
API Token Management
Create and manage API tokens for programmatic access to LogZilla.
Create Tokens
bash# Create token for a user (defaults to admin if omitted)
logzilla authtoken create --user admin
# Create ingest-only token (for sending data)
logzilla authtoken create --ingest-only
Manage Tokens
bash# List all active tokens (table)
logzilla authtoken list
# List tokens for specific user (JSON)
logzilla authtoken list --user admin --json-dump
# View token details
logzilla authtoken info <token>
# Revoke a token
logzilla authtoken revoke <token>
LDAP Authentication
Configure Active Directory or LDAP authentication for user management.
Initial Configuration
bash# Initialize LDAP configuration (interactive wizard)
logzilla ldap init
# Create an additional LDAP configuration instance
logzilla ldap create
Manage LDAP Settings
bash# List configured LDAP instances
logzilla ldap list
# Enable LDAP configuration
logzilla ldap enable --id 1
# Disable LDAP configuration
logzilla ldap disable --id 1
Test LDAP
bash# Test LDAP connection and user authentication
logzilla ldap test --id 1 --username testuser --password testpass
# Show detailed debug logs
logzilla ldap test --id 1 --show-debug-logs
Control LDAP
bash# Enable LDAP configuration
logzilla ldap enable --id 1
# Disable LDAP configuration
logzilla ldap disable --id 1
# Sync users from LDAP
logzilla ldap sync --id 1
# Import LDAP groups
logzilla ldap import-groups --id 1
Service Control
Basic Service Operations
Control the LogZilla service lifecycle and check system status.
bash# Start LogZilla
logzilla start
# Stop LogZilla
logzilla stop
# Restart LogZilla
logzilla restart
Version and Updates
bash# Display current version
logzilla version
# Upgrade to latest version
sudo logzilla upgrade
# Upgrade to a specific version
logzilla upgrade --version v6.2.0
# Upgrade using offline images
logzilla upgrade --offline-dir /path/to/images
System Maintenance
System Operations
bash# Uninstall LogZilla (use with caution)
logzilla uninstall --force-removal
# Factory reset (removes data)
logzilla reset --all --force-removal
# Reset only events
logzilla reset --events --force-removal
# Reset admin password to 'admin'
logzilla reset --adminpass
Configuration Management
Snapshots
bash# Create snapshot
logzilla snapshot create
# List available snapshots
logzilla snapshot list
# Restore from snapshot (latest if --id omitted)
logzilla snapshot restore --id <snapshot-id>
# Remove old snapshots automatically
logzilla snapshot autoremove
Migration
bash# Create migration package
logzilla migrate-dump create --dump-dir /tmp/migration
# Restore from migration package
logzilla migrate-dump restore --dump-dir /tmp/migration --force
Troubleshooting Commands
System Diagnostics
bash# Create comprehensive diagnostic package
logzilla inspect-dump --output /tmp/diagnostics-$(date +%Y%m%d)
# Test system performance
logzilla speedtest
Log Management
bash# Show the path to follow logs (tail command)
logzilla logs
# Example follow
sudo tail -f /var/log/logzilla/logzilla.log
Container Access
bash# Access a container shell (default: watcher)
logzilla shell --container watcher
# Run a command in a specific container
logzilla shell --container runtime -- bash -lc 'ls -la /'
Best Practices
Security
- Regularly rotate API tokens and remove unused ones
- Use HTTPS in production environments
- Implement strong password policies for local accounts
- Monitor LDAP connectivity and authentication logs
Maintenance
- Create snapshots before major configuration changes
- Monitor license expiration and usage limits
- Keep applications updated to latest versions
- Regular system backups for disaster recovery
Performance
- Monitor system resources during maintenance operations
- Schedule upgrades during maintenance windows
- Test configuration changes in development first
- Use appropriate retention policies to manage disk usage
These system administration commands provide the foundation for managing LogZilla infrastructure. Combined with proper monitoring and maintenance procedures, they ensure reliable operation and optimal performance.