> Usage > osctrl-tls
osctrl-tls

osctrl-tls is the TLS service for osctrl.
Execute ./osctrl-tls help to show the main help of the program:
$ ./osctrl-tls help
NAME:
   osctrl-tls - TLS service for osctrl, a fast and efficient osquery management

USAGE:
   osctrl-tls [global options] command [command options] [arguments...]

VERSION:
   0.4.1

DESCRIPTION:
   TLS service for osctrl, a fast and efficient osquery management

COMMANDS:
   help

GLOBAL OPTIONS:
   --config, -c                          Provide service configuration via JSON file (default: false) [$SERVICE_CONFIG]
   --config-file FILE, -C FILE           Load service configuration from FILE (default: "config/tls.json") [$SERVICE_CONFIG_FILE]
   --listener value, -l value            Listener for the service (default: "0.0.0.0") [$SERVICE_LISTENER]
   --port value, -p value                TCP port for the service (default: "9000") [$SERVICE_PORT]
   --auth value, -A value                Authentication mechanism for the service (default: "none") [$SERVICE_AUTH]
   --metrics-listener value              Listener for prometheus metrics (default: "0.0.0.0") [$METRICS_LISTENER]
   --metrics-port value                  Port for exposing prometheus metrics (default: "9090") [$METRICS_PORT]
   --metrics-enabled                     Enable prometheus metrics (default: false) [$METRICS_ENABLED]
   --host value, -H value                Exposed hostname the service uses (default: "0.0.0.0") [$SERVICE_HOST]
   --logger value, -L value              Logger mechanism to handle status/result logs from nodes (default: "db") [$SERVICE_LOGGER]
   --redis, -r                           Provide redis configuration via JSON file (default: false) [$REDIS_CONFIG]
   --redis-file FILE, -R FILE            Load redis configuration from FILE (default: "config/redis.json") [$REDIS_CONFIG_FILE]
   --redis-connection-string value       Redis connection string, must include schema (<redis|rediss|unix>://<user>:<pass>@<host>:<port>/<db>?<options> [$REDIS_CONNECTION_STRING]
   --redis-host value                    Redis host to be connected to (default: "127.0.0.1") [$REDIS_HOST]
   --redis-port value                    Redis port to be connected to (default: "6379") [$REDIS_PORT]
   --redis-pass value                    Password to be used for redis [$REDIS_PASS]
   --redis-db value                      Redis database to be selected after connecting (default: 0) [$REDIS_DB]
   --redis-status-exp value              Redis expiration in hours for status logs (default: 24) [$REDIS_STATUS_EXP]
   --redis-result-exp value              Redis expiration in hours for result logs (default: 24) [$REDIS_RESULT_EXP]
   --redis-query-exp value               Redis expiration in hours for query logs (default: 24) [$REDIS_QUERY_EXP]
   --redis-conn-retry value              Time in seconds to retry the connection to the cache, if set to 0 the service will stop if the connection fails (default: 7) [$REDIS_CONN_RETRY]
   --db, -d                              Provide DB configuration via JSON file (default: false) [$DB_CONFIG]
   --db-file FILE, -D FILE               Load DB configuration from FILE (default: "config/db.json") [$DB_CONFIG_FILE]
   --db-host value                       Backend host to be connected to (default: "127.0.0.1") [$DB_HOST]
   --db-port value                       Backend port to be connected to (default: "5432") [$DB_PORT]
   --db-name value                       Database name to be used in the backend (default: "osctrl") [$DB_NAME]
   --db-user value                       Username to be used for the backend (default: "postgres") [$DB_USER]
   --db-pass value                       Password to be used for the backend (default: "postgres") [$DB_PASS]
   --db-sslmode value                    SSL native support to encrypt the connection to the backend (default: "disable") [$DB_SSLMODE]
   --db-max-idle-conns value             Maximum number of connections in the idle connection pool (default: 20) [$DB_MAX_IDLE_CONNS]
   --db-max-open-conns value             Maximum number of open connections to the database (default: 100) [$DB_MAX_OPEN_CONNS]
   --db-conn-max-lifetime value          Maximum amount of time a connection may be reused (default: 30) [$DB_CONN_MAX_LIFETIME]
   --db-conn-retry value                 Time in seconds to retry the connection to the database, if set to 0 the service will stop if the connection fails (default: 7) [$DB_CONN_RETRY]
   --tls, -t                             Enable TLS termination. It requires certificate and key (default: false) [$TLS_SERVER]
   --cert FILE, -T FILE                  TLS termination certificate from FILE (default: "config/tls.crt") [$TLS_CERTIFICATE]
   --key FILE, -K FILE                   TLS termination private key from FILE (default: "config/tls.key") [$TLS_KEY]
   --logger-file value, -F value         Logger configuration to handle status/results logs from nodes (default: "config/logger.json") [$LOGGER_FILE]
   --logger-db-same                      Use the same DB configuration for the logger (default: false) [$LOGGER_DB_SAME]
   --always-log, -a, --always            Always log status and on-demand query logs from nodes in database (default: false) [$ALWAYS_LOG]
   --carver-type value                   Carver to be used to receive files extracted from nodes (default: "db") [$CARVER_TYPE]
   --carver-file value                   Carver configuration file to receive files extracted from nodes (default: "config/carver.json") [$CARVER_FILE]
   --log-s3-bucket value                 S3 bucket to be used as configuration for logging [$LOG_S3_BUCKET]
   --log-s3-region value                 S3 region to be used as configuration for logging [$LOG_S3_REGION]
   --log-s3-key-id value                 S3 access key id to be used as configuration for logging [$LOG_S3_KEY_ID]
   --log-s3-secret value                 S3 access key secret to be used as configuration for logging [$LOG_S3_SECRET]
   --carver-s3-bucket value              S3 bucket to be used as configuration for carves [$CARVER_S3_BUCKET]
   --carver-s3-region value              S3 region to be used as configuration for carves [$CARVER_S3_REGION]
   --carve-s3-key-id value               S3 access key id to be used as configuration for carves [$CARVER_S3_KEY_ID]
   --carve-s3-secret value               S3 access key secret to be used as configuration for carves [$CARVER_S3_SECRET]
   --log-kafka-boostrap-servers value    Kafka bootstrap servers to be used as configuration for logging [$LOG_KAFKA_BOOTSTRAP_SERVERS]
   --log-kafka-sslca-location value      Kafka sslca location to be used as configuration for logging [$LOG_KAFKA_SSLCA_LOCATION]
   --log-kafka-connection-timeout value  Kafka connection timeout to be used as configuration for logging (default: 5s) [$LOG_KAFKA_CONNECTION_TIMEOUT]
   --log-kafka-topic value               Kafka topic to be used as configuration for logging [$LOG_KAFKA_TOPIC]
   --log-kafka-sasl-mechanism value      Kafka sasl mechanism' to be used as configuration for logging [$LOG_KAFKA_SASL_MECHANISM]
   --log-kafka-sasl-username value       Kafka sasl username' to be used as configuration for logging [$LOG_KAFKA_SASL_USERNAME]
   --log-kafka-sasl-password value       Kafka sasl password' to be used as configuration for logging [$LOG_KAFKA_SASL_PASSWORD]
   --version, -v                         print the version