Collect and package system information useful in troubleshooting problems. The information is packaged as a zip archive that can be sent to a technical support representative.
collect-support-data --bindDN uid=admin,dc=example,dc=com \
--bindPassword password
collect-support-data --hostname localhost --port 389 \
--bindDN uid=admin,dc=example,dc=com --bindPassword password --no-prompt \
--encrypt --passphraseFile collect-support-data.passphrase \
--generatePassphrase --securityLevel maximum
collect-support-data \
--decrypt support-data-ds-ldap1-20140102030405-zip-encrypted \
--passphraseFile collect-support-data.passphrase
-V
--version
| Description | Display Identity Broker version information |
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-h {host}
--hostname {host}
| Description | Fully qualified host name or IP address of the local Identity Broker |
| Default Value | localhost |
| Required | No |
| Multi-Valued | No |
-p {port}
--port {port}
| Description | Identity Broker port number |
| Lower Bound | 1 |
| Upper Bound | 65535 |
| Default Value | 389 |
| Required | No |
| Multi-Valued | No |
-D {bindDN}
--bindDN {bindDN}
| Description | DN used to bind to the server |
| Required | No |
| Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
| Description | Password used to bind to the server |
| Required | No |
| Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
| Description | Bind password file |
| Required | No |
| Multi-Valued | No |
-Z
--useSSL
| Description | Use SSL for secure communication with the server |
-q
--useStartTLS
| Description | Use StartTLS to secure communication with the server |
-X
--trustAll
| Description | Trust all server SSL certificates |
-K {keyStorePath}
--keyStorePath {keyStorePath}
| Description | Certificate key store path |
| Required | No |
| Multi-Valued | No |
-W {keyStorePassword}
--keyStorePassword {keyStorePassword}
| Description | Certificate key store PIN |
| Required | No |
| Multi-Valued | No |
-u {keyStorePasswordFile}
--keyStorePasswordFile {keyStorePasswordFile}
| Description | Certificate key store PIN file |
| Required | No |
| Multi-Valued | No |
-P {trustStorePath}
--trustStorePath {trustStorePath}
| Description | Certificate trust store path |
| Required | No |
| Multi-Valued | No |
-N {nickname}
--certNickname {nickname}
| Description | Nickname of the certificate for SSL client authentication |
| Required | No |
| Multi-Valued | No |
-o {name=value}
--saslOption {name=value}
| Description | SASL bind options |
| Required | No |
| Multi-Valued | Yes |
--propertiesFilePath {propertiesFilePath}
| Description | Path to the file that contains default property values used for command-line arguments |
| Required | No |
| Multi-Valued | No |
--noPropertiesFile
| Description | Specify that no properties file will be used to get default command-line argument values |
--script-friendly
| Description | Use script-friendly mode |
--noLdap
| Description | Specify that no effort should be made to collect any information over LDAP. This option should be used only as a last resort if the server is completely unresponsive or will not start |
--pid {pid}
| Description | Specify the ID of an additional process from which information is to be collected. This option is useful for troubleshooting external server tools |
| Required | No |
| Multi-Valued | Yes |
--sequential
| Description | Collect data sequentially as opposed to in parallel. This has the effect of reducing the initial memory footprint of this tool at a cost of taking longer to complete. Use this option if running this tool results in 'out of memory' errors |
--reportCount {count}
| Description | Number of reports generated for commands that support sampling (for example, mpstat). A value of 0 (zero) indicates that no reports will be generated for these commands. If not specified, this option is 10 by default |
| Lower Bound | 0 |
| Required | No |
| Multi-Valued | No |
--reportInterval {interval}
| Description | Number of seconds between reports for commands that support sampling (for example, mpstat). This option must have a value greater than 0 (zero). If not specified this option is 1 by default |
| Lower Bound | 1 |
| Required | No |
| Multi-Valued | No |
--maxJstacks {number}
| Description | Number of jstack samples to collect. If not specified, this option is 10 by default |
| Lower Bound | 0 |
| Required | No |
| Multi-Valued | No |
--collectExpensiveData
| Description | Collect data from expensive or long running processes. These processes are not executed by default because they may make the server unresponsive for a couple of minutes |
--collectReplicationStateDump
| Description | Run the replication state dump task against the server and collect the output. This is not done by default because the resulting file may be several megabytes in size. LDAP connection is required to collect this data |
--comment {comment}
| Description | Specify additional information about the collected data set. This comment will be added to the generated archive as a README file |
| Required | No |
| Multi-Valued | No |
--includeBinaryFiles
| Description | Specify that binary files should be included in the archive collection |
--securityLevel maximum
| Description | By default this tool takes many precautions to avoid collecting sensitive information, including only gathering information from a specific list of files and removing sensitive data regardless of where it appears. Log file snippets, stack traces, and server monitoring data can include a small amount of personally identifiable information in the form of LDAP DNs and search filters. By specifying a value of 'maximum' for this property, this tool will take steps to remove this information from the collected data. This should only be used when necessary, as it reduces the information available in the archive and can increase the time to find the source of support issues |
| Required | No |
| Multi-Valued | No |
--encrypt
| Description | Indicates that the resulting support data archive should be encrypted. If the '--passphraseFile' argument is not used to specify the passphrase used to generate the encryption key then the tool will interactively prompt for the passphrase. Note that when providing an encrypted collect-support-data archive to support personnel, it is strongly recommended that the encrypted archive and the encryption passphrase be conveyed over separate channels to help prevent an unauthorized third-party from obtaining both required elements |
--passphraseFile {path}
| Description | The path to a file containing the passphrase to use to generate the key when encrypting or decrypting a collect support data archive. If either the '--encrypt' or '--decrypt' argument is provided, then this argument may be used to specify the passphrase to use to generate the encryption key, and if this argument is not provided then the tool will interactively prompt for the passphrase |
| Required | No |
| Multi-Valued | No |
--generatePassphrase
| Description | Indicates that the tool should automatically generate the passphrase used to generate the encryption key and write it to the file specified by the '--passphraseFile' argument. This argument may only be used if both the '--encrypt' and '--passphraseFile' arguments are also provided |
--decrypt {path}
| Description | Decrypt an encrypted collect-support-data archive contained in the specified file. If the '--passphraseFile' argument is not used to specify the passphrase used when encrypting the archive then the tool will interactively prompt for the passphrase |
| Required | No |
| Multi-Valued | No |
-n
--no-prompt
| Description | Use non-interactive mode. If data in the command is missing, you will not be prompted and the tool will fail |