[thirdparty/systemd.git] / man / systemd-journal-remote.xml

<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY % entities SYSTEM "custom-entities.ent" >
%entities;
]>

<!--
  SPDX-License-Identifier: LGPL-2.1+

  This file is part of systemd.

  Copyright 2012 Zbigniew Jędrzejewski-Szmek

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->

<refentry id="systemd-journal-remote" conditional='HAVE_MICROHTTPD'
          xmlns:xi="http://www.w3.org/2001/XInclude">

  <refentryinfo>
    <title>systemd-journal-remote</title>
    <productname>systemd</productname>

    <authorgroup>
      <author>
        <contrib>Developer</contrib>
        <firstname>Zbigniew</firstname>
        <surname>Jędrzejewski-Szmek</surname>
        <email>zbyszek@in.waw.pl</email>
      </author>
    </authorgroup>
  </refentryinfo>

  <refmeta>
    <refentrytitle>systemd-journal-remote</refentrytitle>
    <manvolnum>8</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>systemd-journal-remote</refname>
    <refpurpose>Receive journal messages over the network</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <cmdsynopsis>
      <command>systemd-journal-remote</command>
      <arg choice="opt" rep="repeat">OPTIONS</arg>
      <arg choice="opt" rep="norepeat">-o/--output=<replaceable>DIR</replaceable>|<replaceable>FILE</replaceable></arg>
      <arg choice="opt" rep="repeat">SOURCES</arg>
    </cmdsynopsis>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

    <para>
      <filename>systemd-journal-remote</filename> is a command to
      receive serialized journal events and store them to the journal.
      Input streams are in the
      <ulink url="https://www.freedesktop.org/wiki/Software/systemd/export">
        Journal Export Format
      </ulink>,
      i.e. like the output from
      <command>journalctl --output=export</command>. For transport over
      the network, this serialized stream is usually carried over an
      HTTPS connection.
    </para>
  </refsect1>

  <refsect1>
    <title>Sources</title>

    <para>
      Sources can be either "active"
      (<command>systemd-journal-remote</command> requests and pulls
      the data), or "passive"
      (<command>systemd-journal-remote</command> waits for a
      connection and then receives events pushed by the other side).
    </para>

    <para>
      <command>systemd-journal-remote</command> can read more than one
      event stream at a time. They will be interleaved in the output
      file. In case of "active" connections, each "source" is one
      stream, and in case of "passive" connections, each connection can
      result in a separate stream. Sockets can be configured in
      "accept" mode (i.e. only one connection), or "listen" mode (i.e.
      multiple connections, each resulting in a stream).
    </para>

    <para>
      When there are no more connections, and no more can be created
      (there are no listening sockets), then
      <command>systemd-journal-remote</command> will exit.
    </para>

    <para>Active sources can be specified in the following
    ways:</para>

    <variablelist>
      <varlistentry>
        <term><arg choice="opt" rep="repeat">SOURCES</arg></term>

        <listitem><para>When <option>-</option> is given as a
        positional argument, events will be read from standard input.
        Other positional arguments will be treated as filenames
        to open and read from.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--url=<replaceable>ADDRESS</replaceable></option></term>

        <listitem><para>With the
        <option>--url=<replaceable>ADDRESS</replaceable></option> option,
        events will be retrieved using HTTP from
        <replaceable>ADDRESS</replaceable>. This URL should refer to the
        root of a remote
        <citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
        instance, e.g. http://some.host:19531/ or
        https://some.host:19531/.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--getter='<replaceable>PROG</replaceable> <arg choice="opt" rep="repeat">OPTIONS</arg>'</option></term>

        <listitem><para>Program to invoke to retrieve data. The journal
        event stream must be generated on standard output.</para>

        <para>Examples:</para>

        <programlisting>--getter='curl "-HAccept: application/vnd.fdo.journal" https://some.host:19531/'</programlisting>

        <programlisting>--getter='wget --header="Accept: application/vnd.fdo.journal" -O- https://some.host:19531/'</programlisting>
        </listitem>
      </varlistentry>
    </variablelist>

    <para>Passive sources can be specified in the following
    ways:</para>

    <variablelist>
      <varlistentry>
        <term><option>--listen-raw=<replaceable>ADDRESS</replaceable></option></term>

        <listitem><para><replaceable>ADDRESS</replaceable> must be an
        address suitable for <option>ListenStream=</option> (cf.
        <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
        <command>systemd-journal-remote</command> will listen on this
        socket for connections. Each connection is expected to be a
        stream of journal events.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--listen-http=<replaceable>ADDRESS</replaceable></option></term>
        <term><option>--listen-https=<replaceable>ADDRESS</replaceable></option></term>

        <listitem><para><replaceable>ADDRESS</replaceable> must be
        either a negative integer, in which case it will be
        interpreted as the (negated) file descriptor number, or an
        address suitable for <option>ListenStream=</option> (c.f.
        <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
        In the first case, matching file descriptor must be inherited
        through
        <varname>$LISTEN_FDS</varname>/<varname>$LISTEN_PID</varname>.
        In the second case, an HTTP or HTTPS server will be spawned on
        this port, respectively for <option>--listen-http</option> and
        <option>--listen-https</option>. Currently, only POST requests
        to <filename>/upload</filename> with <literal>Content-Type:
        application/vnd.fdo.journal</literal> are supported.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>$LISTEN_FDS</varname></term>

        <listitem><para><command>systemd-journal-remote</command>
        supports the
        <varname>$LISTEN_FDS</varname>/<varname>$LISTEN_PID</varname>
        protocol. Open sockets inherited through socket activation
        behave like those opened with <option>--listen-raw=</option>
        described above, unless they are specified as an argument in
        <option>--listen-http=-<replaceable>n</replaceable></option>
        or
        <option>--listen-https=-<replaceable>n</replaceable></option>
        above. In the latter case, an HTTP or HTTPS server will be
        spawned using this descriptor and connections must be made
        over the HTTP protocol.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--key=</option></term>

        <listitem><para>
          Takes a path to a SSL key file in PEM format.
          Defaults to <filename>&CERTIFICATE_ROOT;/private/journal-remote.pem</filename>.
          This option can be used with <option>--listen-https=</option>.
        </para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--cert=</option></term>

        <listitem><para>
          Takes a path to a SSL certificate file in PEM format.
          Defaults to <filename>&CERTIFICATE_ROOT;/certs/journal-remote.pem</filename>.
          This option can be used with <option>--listen-https=</option>.
        </para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--trust=</option></term>

        <listitem><para>
          Takes a path to a SSL CA certificate file in PEM format,
          or <option>all</option>. If <option>all</option> is set,
          then certificate checking will be disabled.
          Defaults to <filename>&CERTIFICATE_ROOT;/ca/trusted.pem</filename>.
          This option can be used with <option>--listen-https=</option>.
        </para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--gnutls-log=</option></term>

        <listitem><para>
          Takes a comma separated list of gnutls logging categories.
          This option can be used with <option>--listen-http=</option> or
          <option>--listen-https=</option>.
        </para></listitem>
      </varlistentry>

    </variablelist>
  </refsect1>

  <refsect1>
    <title>Sinks</title>

    <para>The location of the output journal can be specified
    with <option>-o</option> or <option>--output=</option>.
    </para>

    <variablelist>
      <varlistentry>
        <term><option>--output=<replaceable>FILE</replaceable></option></term>

        <listitem><para>Will write to this journal file. The filename
        must end with <filename>.journal</filename>. The file will be
        created if it does not exist. If necessary (journal file full,
        or corrupted), the file will be renamed following normal
        journald rules and a new journal file will be created in its
        stead.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--output=<replaceable>DIR</replaceable></option></term>

        <listitem><para>Will create journal files underneath directory
        <replaceable>DIR</replaceable>. The directory must exist. If
        necessary (journal files over size, or corrupted), journal
        files will be rotated following normal journald rules. Names
        of files underneath <replaceable>DIR</replaceable> will be
        generated using the rules described below.</para></listitem>
      </varlistentry>
    </variablelist>

    <para>If <option>--output=</option> is not used, the output
    directory <filename>/var/log/journal/remote/</filename> will be
    used.  In case the output file is not specified, journal files
    will be created underneath the selected directory. Files will be
    called
    <filename>remote-<replaceable>hostname</replaceable>.journal</filename>,
    where the <replaceable>hostname</replaceable> part is the
    escaped hostname of the source endpoint of the connection, or the
    numerical address if the hostname cannot be determined.</para>

    <para>In the case that "active" sources are given by the positional
    arguments or <option>--getter=</option> option, the output file name
    must always be given explicitly.</para>
  </refsect1>

  <refsect1>
    <title>Options</title>

    <para>The following options are understood:</para>

    <variablelist>
      <varlistentry>
        <term><option>--split-mode</option></term>

        <listitem><para>One of <constant>none</constant> or
        <constant>host</constant>. For the first, only one output
        journal file is used. For the latter, a separate output file
        is used, based on the hostname of the other endpoint of a
        connection.</para>

        <para>In the case that "active" sources are given by the positional
        arguments or <option>--getter=</option> option, the output file name must
        always be given explicitly and only <constant>none</constant>
        is allowed.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--compress</option> [<replaceable>BOOL</replaceable>]</term>

        <listitem><para>If this is set to <literal>yes</literal> then compress
        the data in the journal using XZ. The default is <literal>yes</literal>.
        </para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--seal</option> [<replaceable>BOOL</replaceable>]</term>

        <listitem><para>If this is set to <literal>yes</literal> then
        periodically sign the data in the journal using Forward Secure Sealing.
        The default is <literal>no</literal>.</para></listitem>
      </varlistentry>

      <xi:include href="standard-options.xml" xpointer="help" />
      <xi:include href="standard-options.xml" xpointer="version" />
    </variablelist>
  </refsect1>

  <refsect1>
    <title>Examples</title>
    <para>Copy local journal events to a different journal directory:
    <programlisting>
journalctl -o export | systemd-journal-remote -o /tmp/dir/foo.journal -
    </programlisting>
    </para>

    <para>Retrieve all available events from a remote
    <citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
    instance and store them in
    <filename>/var/log/journal/remote/remote-some.host.journal</filename>:
    <programlisting>
systemd-journal-remote --url http://some.host:19531/
    </programlisting>
    </para>

    <para>Retrieve current boot events and wait for new events from a remote
    <citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
    instance, and store them in
    <filename>/var/log/journal/remote/remote-some.host.journal</filename>:
    <programlisting>
systemd-journal-remote --url http://some.host:19531/entries?boot&amp;follow
    </programlisting>
    </para>
</refsect1>

  <refsect1>
    <title>See Also</title>
    <para>
      <citerefentry><refentrytitle>systemd-journal-upload</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd-journal-gatewayd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
      <citerefentry><refentrytitle>journal-remote.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
    </para>
  </refsect1>
</refentry>
Commit	Line	Data
3802a3d3	1	<?xml version='1.0'?> <!--- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil --->
fdfccdbc	2	<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3db93b3f YW	3	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
	4	<!ENTITY % entities SYSTEM "custom-entities.ent" >
	5	%entities;
	6	]>
fdfccdbc ZJS	7
fdfccdbc ZJS	8	<!--
572eb058 ZJS	9	SPDX-License-Identifier: LGPL-2.1+
572eb058 ZJS	10
b975b0d5	11	This file is part of systemd.
fdfccdbc	12
b975b0d5	13	Copyright 2012 Zbigniew Jędrzejewski-Szmek
fdfccdbc	14
b975b0d5 ZJS	15	systemd is free software; you can redistribute it and/or modify it
	16	under the terms of the GNU Lesser General Public License as published by
	17	the Free Software Foundation; either version 2.1 of the License, or
	18	(at your option) any later version.
fdfccdbc	19
b975b0d5 ZJS	20	systemd is distributed in the hope that it will be useful, but
	21	WITHOUT ANY WARRANTY; without even the implied warranty of
	22	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	23	Lesser General Public License for more details.
fdfccdbc	24
b975b0d5 ZJS	25	You should have received a copy of the GNU Lesser General Public License
b975b0d5 ZJS	26	along with systemd; If not, see <http://www.gnu.org/licenses/>.
fdfccdbc ZJS	27	-->
fdfccdbc ZJS	28
0e8415f2 ZJS	29	<refentry id="systemd-journal-remote" conditional='HAVE_MICROHTTPD'
0e8415f2 ZJS	30	xmlns:xi="http://www.w3.org/2001/XInclude">
fdfccdbc ZJS	31
	32	<refentryinfo>
	33	<title>systemd-journal-remote</title>
	34	<productname>systemd</productname>
	35
	36	<authorgroup>
	37	<author>
	38	<contrib>Developer</contrib>
	39	<firstname>Zbigniew</firstname>
	40	<surname>Jędrzejewski-Szmek</surname>
	41	<email>zbyszek@in.waw.pl</email>
	42	</author>
	43	</authorgroup>
	44	</refentryinfo>
	45
	46	<refmeta>
	47	<refentrytitle>systemd-journal-remote</refentrytitle>
	48	<manvolnum>8</manvolnum>
	49	</refmeta>
	50
	51	<refnamediv>
	52	<refname>systemd-journal-remote</refname>
330427e2	53	<refpurpose>Receive journal messages over the network</refpurpose>
fdfccdbc ZJS	54	</refnamediv>
	55
	56	<refsynopsisdiv>
	57	<cmdsynopsis>
	58	<command>systemd-journal-remote</command>
	59	<arg choice="opt" rep="repeat">OPTIONS</arg>
330427e2	60	<arg choice="opt" rep="norepeat">-o/--output=<replaceable>DIR</replaceable>\|<replaceable>FILE</replaceable></arg>
fdfccdbc ZJS	61	<arg choice="opt" rep="repeat">SOURCES</arg>
	62	</cmdsynopsis>
	63	</refsynopsisdiv>
	64
	65	<refsect1>
	66	<title>Description</title>
	67
	68	<para>
	69	<filename>systemd-journal-remote</filename> is a command to
	70	receive serialized journal events and store them to the journal.
a8ca4722	71	Input streams are in the
28a0ad81	72	<ulink url="https://www.freedesktop.org/wiki/Software/systemd/export">
fdfccdbc ZJS	73	Journal Export Format
	74	</ulink>,
	75	i.e. like the output from
a8ca4722 ZJS	76	<command>journalctl --output=export</command>. For transport over
	77	the network, this serialized stream is usually carried over an
	78	HTTPS connection.
fdfccdbc ZJS	79	</para>
	80	</refsect1>
	81
	82	<refsect1>
	83	<title>Sources</title>
	84
	85	<para>
	86	Sources can be either "active"
	87	(<command>systemd-journal-remote</command> requests and pulls
	88	the data), or "passive"
	89	(<command>systemd-journal-remote</command> waits for a
dca348bc	90	connection and then receives events pushed by the other side).
fdfccdbc ZJS	91	</para>
	92
	93	<para>
	94	<command>systemd-journal-remote</command> can read more than one
	95	event stream at a time. They will be interleaved in the output
	96	file. In case of "active" connections, each "source" is one
b8bde116	97	stream, and in case of "passive" connections, each connection can
fdfccdbc ZJS	98	result in a separate stream. Sockets can be configured in
	99	"accept" mode (i.e. only one connection), or "listen" mode (i.e.
	100	multiple connections, each resulting in a stream).
	101	</para>
	102
	103	<para>
	104	When there are no more connections, and no more can be created
	105	(there are no listening sockets), then
	106	<command>systemd-journal-remote</command> will exit.
	107	</para>
	108
	109	<para>Active sources can be specified in the following
	110	ways:</para>
	111
	112	<variablelist>
	113	<varlistentry>
c298b083 YW	114	<term><arg choice="opt" rep="repeat">SOURCES</arg></term>
c298b083 YW	115
fdfccdbc ZJS	116	<listitem><para>When <option>-</option> is given as a
	117	positional argument, events will be read from standard input.
	118	Other positional arguments will be treated as filenames
	119	to open and read from.</para></listitem>
	120	</varlistentry>
	121
	122	<varlistentry>
	123	<term><option>--url=<replaceable>ADDRESS</replaceable></option></term>
	124
	125	<listitem><para>With the
	126	<option>--url=<replaceable>ADDRESS</replaceable></option> option,
	127	events will be retrieved using HTTP from
	128	<replaceable>ADDRESS</replaceable>. This URL should refer to the
	129	root of a remote
	130	<citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
de87760f YW	131	instance, e.g. http://some.host:19531/ or
de87760f YW	132	https://some.host:19531/.</para></listitem>
fdfccdbc	133	</varlistentry>
c298b083 YW	134
	135	<varlistentry>
	136	<term><option>--getter='<replaceable>PROG</replaceable> <arg choice="opt" rep="repeat">OPTIONS</arg>'</option></term>
	137
	138	<listitem><para>Program to invoke to retrieve data. The journal
	139	event stream must be generated on standard output.</para>
	140
	141	<para>Examples:</para>
	142
	143	<programlisting>--getter='curl "-HAccept: application/vnd.fdo.journal" https://some.host:19531/'</programlisting>
	144
	145	<programlisting>--getter='wget --header="Accept: application/vnd.fdo.journal" -O- https://some.host:19531/'</programlisting>
	146	</listitem>
	147	</varlistentry>
fdfccdbc ZJS	148	</variablelist>
	149
	150	<para>Passive sources can be specified in the following
	151	ways:</para>
	152
	153	<variablelist>
	154	<varlistentry>
	155	<term><option>--listen-raw=<replaceable>ADDRESS</replaceable></option></term>
	156
cc64d017	157	<listitem><para><replaceable>ADDRESS</replaceable> must be an
dca348bc	158	address suitable for <option>ListenStream=</option> (cf.
fdfccdbc ZJS	159	<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
	160	<command>systemd-journal-remote</command> will listen on this
	161	socket for connections. Each connection is expected to be a
	162	stream of journal events.</para>
	163	</listitem>
	164	</varlistentry>
	165
cc64d017 ZJS	166	<varlistentry>
	167	<term><option>--listen-http=<replaceable>ADDRESS</replaceable></option></term>
	168	<term><option>--listen-https=<replaceable>ADDRESS</replaceable></option></term>
	169
8a8d55f2 ZJS	170	<listitem><para><replaceable>ADDRESS</replaceable> must be
	171	either a negative integer, in which case it will be
	172	interpreted as the (negated) file descriptor number, or an
cc64d017 ZJS	173	address suitable for <option>ListenStream=</option> (c.f.
cc64d017 ZJS	174	<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
8a8d55f2 ZJS	175	In the first case, matching file descriptor must be inherited
	176	through
	177	<varname>$LISTEN_FDS</varname>/<varname>$LISTEN_PID</varname>.
	178	In the second case, an HTTP or HTTPS server will be spawned on
	179	this port, respectively for <option>--listen-http</option> and
ff9b60f3	180	<option>--listen-https</option>. Currently, only POST requests
8a8d55f2 ZJS	181	to <filename>/upload</filename> with <literal>Content-Type:
8a8d55f2 ZJS	182	application/vnd.fdo.journal</literal> are supported.</para>
cc64d017 ZJS	183	</listitem>
	184	</varlistentry>
	185
fdfccdbc ZJS	186	<varlistentry>
	187	<term><varname>$LISTEN_FDS</varname></term>
	188
	189	<listitem><para><command>systemd-journal-remote</command>
	190	supports the
	191	<varname>$LISTEN_FDS</varname>/<varname>$LISTEN_PID</varname>
8a8d55f2 ZJS	192	protocol. Open sockets inherited through socket activation
	193	behave like those opened with <option>--listen-raw=</option>
	194	described above, unless they are specified as an argument in
	195	<option>--listen-http=-<replaceable>n</replaceable></option>
	196	or
	197	<option>--listen-https=-<replaceable>n</replaceable></option>
b8bde116	198	above. In the latter case, an HTTP or HTTPS server will be
8a8d55f2 ZJS	199	spawned using this descriptor and connections must be made
8a8d55f2 ZJS	200	over the HTTP protocol.</para>
fdfccdbc ZJS	201	</listitem>
	202	</varlistentry>
	203
3db93b3f YW	204	<varlistentry>
	205	<term><option>--key=</option></term>
	206
	207	<listitem><para>
	208	Takes a path to a SSL key file in PEM format.
	209	Defaults to <filename>&CERTIFICATE_ROOT;/private/journal-remote.pem</filename>.
	210	This option can be used with <option>--listen-https=</option>.
	211	</para></listitem>
	212	</varlistentry>
	213
	214	<varlistentry>
	215	<term><option>--cert=</option></term>
	216
	217	<listitem><para>
	218	Takes a path to a SSL certificate file in PEM format.
	219	Defaults to <filename>&CERTIFICATE_ROOT;/certs/journal-remote.pem</filename>.
	220	This option can be used with <option>--listen-https=</option>.
	221	</para></listitem>
	222	</varlistentry>
	223
	224	<varlistentry>
	225	<term><option>--trust=</option></term>
	226
	227	<listitem><para>
	228	Takes a path to a SSL CA certificate file in PEM format,
	229	or <option>all</option>. If <option>all</option> is set,
	230	then certificate checking will be disabled.
	231	Defaults to <filename>&CERTIFICATE_ROOT;/ca/trusted.pem</filename>.
	232	This option can be used with <option>--listen-https=</option>.
	233	</para></listitem>
	234	</varlistentry>
	235
	236	<varlistentry>
	237	<term><option>--gnutls-log=</option></term>
	238
	239	<listitem><para>
	240	Takes a comma separated list of gnutls logging categories.
	241	This option can be used with <option>--listen-http=</option> or
	242	<option>--listen-https=</option>.
	243	</para></listitem>
	244	</varlistentry>
	245
fdfccdbc ZJS	246	</variablelist>
	247	</refsect1>
	248
	249	<refsect1>
	250	<title>Sinks</title>
	251
	252	<para>The location of the output journal can be specified
e64aae43	253	with <option>-o</option> or <option>--output=</option>.
fdfccdbc ZJS	254	</para>
	255
	256	<variablelist>
	257	<varlistentry>
	258	<term><option>--output=<replaceable>FILE</replaceable></option></term>
	259
a8ca4722 ZJS	260	<listitem><para>Will write to this journal file. The filename
	261	must end with <filename>.journal</filename>. The file will be
	262	created if it does not exist. If necessary (journal file full,
	263	or corrupted), the file will be renamed following normal
dca348bc JE	264	journald rules and a new journal file will be created in its
dca348bc JE	265	stead.</para></listitem>
fdfccdbc ZJS	266	</varlistentry>
	267
	268	<varlistentry>
	269	<term><option>--output=<replaceable>DIR</replaceable></option></term>
	270
	271	<listitem><para>Will create journal files underneath directory
b8bde116 JE	272	<replaceable>DIR</replaceable>. The directory must exist. If
b8bde116 JE	273	necessary (journal files over size, or corrupted), journal
fdfccdbc ZJS	274	files will be rotated following normal journald rules. Names
	275	of files underneath <replaceable>DIR</replaceable> will be
	276	generated using the rules described below.</para></listitem>
	277	</varlistentry>
	278	</variablelist>
	279
a8ca4722 ZJS	280	<para>If <option>--output=</option> is not used, the output
	281	directory <filename>/var/log/journal/remote/</filename> will be
	282	used. In case the output file is not specified, journal files
	283	will be created underneath the selected directory. Files will be
	284	called
	285	<filename>remote-<replaceable>hostname</replaceable>.journal</filename>,
cbfaff65	286	where the <replaceable>hostname</replaceable> part is the
a8ca4722 ZJS	287	escaped hostname of the source endpoint of the connection, or the
	288	numerical address if the hostname cannot be determined.</para>
	289
c298b083 YW	290	<para>In the case that "active" sources are given by the positional
	291	arguments or <option>--getter=</option> option, the output file name
	292	must always be given explicitly.</para>
fdfccdbc ZJS	293	</refsect1>
	294
	295	<refsect1>
	296	<title>Options</title>
	297
	298	<para>The following options are understood:</para>
	299
	300	<variablelist>
8201af08 ZJS	301	<varlistentry>
	302	<term><option>--split-mode</option></term>
	303
	304	<listitem><para>One of <constant>none</constant> or
	305	<constant>host</constant>. For the first, only one output
	306	journal file is used. For the latter, a separate output file
	307	is used, based on the hostname of the other endpoint of a
	308	connection.</para>
	309
e64aae43 YW	310	<para>In the case that "active" sources are given by the positional
e64aae43 YW	311	arguments or <option>--getter=</option> option, the output file name must
8201af08 ZJS	312	always be given explicitly and only <constant>none</constant>
	313	is allowed.</para></listitem>
	314	</varlistentry>
	315
fdfccdbc	316	<varlistentry>
6f157e4e	317	<term><option>--compress</option> [<replaceable>BOOL</replaceable>]</term>
fdfccdbc	318
6f157e4e DD	319	<listitem><para>If this is set to <literal>yes</literal> then compress
	320	the data in the journal using XZ. The default is <literal>yes</literal>.
	321	</para></listitem>
fdfccdbc ZJS	322	</varlistentry>
	323
	324	<varlistentry>
6f157e4e	325	<term><option>--seal</option> [<replaceable>BOOL</replaceable>]</term>
fdfccdbc	326
6f157e4e DD	327	<listitem><para>If this is set to <literal>yes</literal> then
	328	periodically sign the data in the journal using Forward Secure Sealing.
	329	The default is <literal>no</literal>.</para></listitem>
fdfccdbc ZJS	330	</varlistentry>
fdfccdbc ZJS	331
0e8415f2 ZJS	332	<xi:include href="standard-options.xml" xpointer="help" />
0e8415f2 ZJS	333	<xi:include href="standard-options.xml" xpointer="version" />
fdfccdbc ZJS	334	</variablelist>
	335	</refsect1>
	336
	337	<refsect1>
	338	<title>Examples</title>
	339	<para>Copy local journal events to a different journal directory:
	340	<programlisting>
c298b083	341	journalctl -o export \| systemd-journal-remote -o /tmp/dir/foo.journal -
fdfccdbc ZJS	342	</programlisting>
	343	</para>
	344
e6b6225e	345	<para>Retrieve all available events from a remote
fdfccdbc ZJS	346	<citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
fdfccdbc ZJS	347	instance and store them in
e6b6225e	348	<filename>/var/log/journal/remote/remote-some.host.journal</filename>:
fdfccdbc ZJS	349	<programlisting>
	350	systemd-journal-remote --url http://some.host:19531/
	351	</programlisting>
	352	</para>
e6b6225e YW	353
	354	<para>Retrieve current boot events and wait for new events from a remote
	355	<citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
	356	instance, and store them in
	357	<filename>/var/log/journal/remote/remote-some.host.journal</filename>:
	358	<programlisting>
	359	systemd-journal-remote --url http://some.host:19531/entries?boot&follow
	360	</programlisting>
	361	</para>
	362	</refsect1>
fdfccdbc ZJS	363
	364	<refsect1>
	365	<title>See Also</title>
	366	<para>
330427e2	367	<citerefentry><refentrytitle>systemd-journal-upload</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
fdfccdbc ZJS	368	<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
fdfccdbc ZJS	369	<citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
330427e2	370	<citerefentry><refentrytitle>systemd-journal-gatewayd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
eaa5251d	371	<citerefentry><refentrytitle>journal-remote.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
fdfccdbc ZJS	372	</para>
	373	</refsect1>
	374	</refentry>