Skip to content

Setup OneImporter & OneGate

The OneImporter & OneGate provides ready-to-use data import integrations for specific product solutions, hyperscalers and technologies.

Execution variants and prerequisites

An OneImporter & OneGate instance can be executed as a systemd service or as a docker container:

Please note that all operating specific importer (host, process, file and folder structure) running in a container, if you use docker or docker compose variant!

!!! warning 'Unique OS machine identifier'

Each host operating system has a unique **Machine ID**, which the OneImporter & OneGate  & OneGate uses for the individual storage of host information. By cloning virtual machines, for example, this is adopted 1:1. This means that all cloned hosts store their host information in the same configuration. To avoid this, you must ensure that the host ID is unique!

Supported operating systems

The following operating systems are supported:

  • Ubuntu
  • Red Hat
  • SUSE (SLES, openSUSE, openSUSE Leap, openSUSE Tumbleweed)
  • Oracle Linux
  • Debian
  • Fedora
  • CentOS and CentOS Stream
  • Rocky Linux
  • Clear Linux OS
  • Alpine Linux
  • Linux Mint
  • Windows 10 and 11
  • Windows Server

Installation, startup & shutdown

All necessary steps to install, run, terminate the OneImporter & OneGate & OneGate are supported by a wizard in the web interface.

It is only necessary to select your desired configurations in the first step and the wizard then displays all necessary calls including the call parameters. The calls can be executed in a command line of the operating system. All that is required is authorization to execute Docker Containers or Node.js applications.

Figure: Command line wizard for install, startup, validate and shutdown OneImporter & OneGate & OneGate instances

Following configuration parameter can be used to startup the OneImporter & OneGate & OneGate:

Parameter Description
Operating System Operating system on which the OneImporter & OneGate & OneGate is to run
Variant Execution variant for the OneImporter & OneGate (Docker oder operating system process).
CA validation The Certificate Authority check can be disabled if self-generated SSL certificates are used in the server.
Debug mode Extends the output of debug information.
Supported importer Specification of the executable importer types to restrict their execution for IT security reasons.

Table: OneImporter & OneGate configuration parameter

Optional parameters

With the following optional parameters you can influence the execution behavior and the server activation of the OneImporter & OneGate.

Environment variables

Name Description
ONE_IMPORTER_USER User with which the OneImporter & OneGate is executed as a service. By default, OneImporter & OneGate runs as root user.
Attention: Please note that changing the user and group assignment will limit the execution permissions and therefore possibly the scope of the inventory by OneImporter & OneGate.
ONE_IMPORTER_GROUP Group with which the OneImporter & OneGate is executed as a service. By default, OneImporter & OneGate runs as root group.
https_proxy / http_proxy / no_proxy
The communication from OneImporter & OneGate to the platform should be done via the specified proxy (see configuration details). Please note: When changing the environment variables it is necessary to restart the OneImporter & OneGate with the or startup.bat command.
ONE_IMPORTER_API_TOKEN Automated authorization and activation of the OneImporter & OneGate instance. Should be used if new host or container instances are always continuously created and discarded as part of DevOps pipelines.

Table: Optional environment variable parameters for OneImporter & OneGate execution

Infrastructure-as-Code configuration (IaC)

For the inventory of assets and configurations, customer-specific OneImporter & OneGate or OneGate configurations are necessary. recommends creating the configurations via the user interface.

Alternatively, there are two ways to influence or extend the importer configuration on the OneImporter & OneGate or OneGate side:

  1. Only credential extension: The authorisation data is stored locally on the OneImporter & OneGate or OneGate and extends an existing importer configuration on the server with the authorisation information (credentials). The server has full access to the configuration, but not the authorisation. Changes to the configuration can be made on the server side and do not require a restart of the OneImporter & OneGate or OneGate.
  2. Complete configuration: The complete importer configuration is on the OneImporter & OneGate or OneGate hosts. The server instance does not have access to this configuration. The importer configuration must always be changed locally and the OneImporter & OneGate or OneGate must be restarted!

The configuration file can be found in the following directory:

# Folder structure of the configuration file
{install directory}/conf/{variant}/{environment ID}/importer.conf.json

# Example folder and file 

Please use the user interface to create the Importer Configuration, which is offered as JSON format with the button "Infrastructure as Code configuration".

Figure: Infrastructure as code wizzard

The following configuration shows an example of how to set up the credentials and importer configurations:

  "credentialsForServerConfigurations": { // set or override credentials for server configurations. Usefull to store crendentials only on local machine
    "66698d8e-8dca-4ad3-a177-b06703747b50": { // Configuration ID (Available from GUI)
      "username": "localUsername", // set a username
      "password": "localPassword" // set a password
    "c8133ba6-d8b2-4bbb-a6a0-2bde848ee760": { // another configuration ID (Available from GUI)
      "username": "localUsername", // set a username
      "password": "localPassword" // set a password
  "localImporterConfigurations": [ // Complete OneImporter & OneGate module configurations for execution
    // Example for SSL-Importer configuration:
    { // Available from GUI
      "active": true,
      "scheduleTime": "*/5 * * * *", // every 5 minutes
      "name": " domain certificates",
      "entity": "ssl-certificate",
      "domains": [
      "instanceModification": [],
      "moduleType": "importer-ssl"
    {...} // Available from GUI

Configuration: Example configuration to set credentials and complete importer configuration

The necessary ID for the extension of the credentials can be found in the Importer configuration display in the user interface. To set up a complete Importer configuration, please also use the Importer configuration display in the user interface as a kind of wizard. You can set up the configuration and then copy the JSON section from the user interface without having to save it.

Security features

The following functions ensure that the OneImporter & OneGate runs in compliance with IT security requirements:

  • The OneImporter & OneGate can optionally be instructed at startup to only establish connections with the platform that have a known Certificate Authority (CA) (no self-generated SSL certificates).
  • Communication always starts from the OneImporter & OneGate to the platform.
  • The OneImporter & OneGate is automatically restarted when the host is restarted or the process is terminated.
  • The OneImporter & OneGate continuously sends HeartBeat calls to the platform (15 seconds) to implement changes to the importer configurations.
  • The OneImporter & OneGate makes the last 1,000 lines of the OneImporter & OneGate log file available to the platform so that users can debug failed executions of Importer configurations.
  • The execution of Importer modules in OneImporter & OneGate (e.g. file importer) can be configured when OneImporter & OneGate is started and thus prevented at runtime.
  • A OneImporter & OneGate only receives Importer configurations from the Server for execution if the OneImporter & OneGate has been authorized on the server side.
  • The OneImporter & OneGate can be deactivated or activated on the server side at any time. Deactivation stops the execution of all assigned Importer configurations.
  • The Importer configurations can be deactivated and activated on the server side. Deactivation stops the execution of these specific Importer Configurations.
  • Use local importer configuration to prevent the use of credentials in the server instance.