Skip to content

Setup OneImporter

The OneImporter provides ready-to-use data import integrations for specific product solutions, cloud platforms and technologies.

Execution variants and prerequisites

An OneImporter instance can be executed as a systemd service or as a docker container:

Please note that all operating specific importer (host, process, file and folder structure) running in a container, if you use docker or docker compose variant!

Supported operating systems

The following operating systems are supported:

  • Ubuntu
  • Red Hat
  • SUSE (SLES, openSUSE, openSUSE Leap, openSUSE Tumbleweed)
  • Oracle Linux
  • Debian
  • Fedora
  • CentOS and CentOS Stream
  • Rocky Linux
  • Clear Linux OS
  • Alpine Linux
  • Linux Mint
  • Windows 10 and 11
  • Windows Server

Installation, startup & shutdown

All necessary steps to install, run, terminate the OneImporter are supported by a wizard in the web interface.

It is only necessary to select your desired configurations in the first step and the wizard then displays all necessary calls including the call parameters. The calls can be executed in a command line of the operating system. All that is required is authorization to execute Docker Containers or Node.js applications.

Figure: Command line wizard for install, startup, validate and shutdown OneImporter instances

Following configuration parameter can be used to startup the OneImporter:

Parameter Description
Operating System Operating system on which the OneImporter is to run
Variant Execution variant for the OneImporter (Docker oder operating system process).
CA validation The Certificate Authority check can be disabled if self-generated SSL certificates are used in the server.
Debug mode Extends the output of debug information.
Supported importer Specification of the executable importer types to restrict their execution for IT security reasons.

Table: OneImporter configuration parameter

Optional parameters

With the following optional parameters you can influence the execution behavior and the server activation of the OneImporter.

Environment variables

Name Description
ONE_IMPORTER_USER User with which the OneImporter is executed as a service. By default, OneImporter runs as root user.
Attention: Please note that changing the user and group assignment will limit the execution permissions and therefore possibly the scope of the inventory by OneImporter.
ONE_IMPORTER_GROUP Group with which the OneImporter is executed as a service. By default, OneImporter runs as root group.
https_proxy / http_proxy / no_proxy
The communication from OneImporter to the platform should be done via the specified proxy (see configuration details). Please note: When changing the environment variables it is necessary to restart the OneImporter with the or startup.bat command.
ONE_IMPORTER_API_TOKEN Automated authorization and activation of the OneImporter instance. Should be used if new host or container instances are always continuously created and discarded as part of DevOps pipelines.

Table: Optional environment variable parameters for OneImporter execution

Infrastructure-as-Code configuration (IaC)

For the inventory of assets and configurations, customer-specific OneImporter or OneGate configurations are necessary. recommends creating the configurations via the user interface.

Alternatively, there are two ways to influence or extend the importer configuration on the OneImporter or OneGate side:

  1. Only credential extension: The authorisation data is stored locally on the OneImporter or OneGate and extends an existing importer configuration on the server with the authorisation information (credentials). The server has full access to the configuration, but not the authorisation. Changes to the configuration can be made on the server side and do not require a restart of the OneImporter or OneGate.
  2. Complete configuration: The complete importer configuration is on the OneImporter or OneGate hosts. The server instance does not have access to this configuration. The importer configuration must always be changed locally and the OneImporter or OneGate must be restarted!

The configuration file can be found in the following directory:

# Folder structure of the configuration file
{install directory}/conf/{variant}/{environment ID}/importer.conf.json

# Example folder and file 

Please use the user interface to create the Importer Configuration, which is offered as JSON format with the button "Infrastructure as Code configuration".

Figure: Infrastructure as code wizzard

The following configuration shows an example of how to set up the credentials and importer configurations:

  "credentialsForServerConfigurations": { // set or override credentials for server configurations. Usefull to store crendentials only on local machine
    "66698d8e-8dca-4ad3-a177-b06703747b50": { // Configuration ID (Available from GUI)
      "username": "localUsername", // set a username
      "password": "localPassword" // set a password
    "c8133ba6-d8b2-4bbb-a6a0-2bde848ee760": { // another configuration ID (Available from GUI)
      "username": "localUsername", // set a username
      "password": "localPassword" // set a password
  "localImporterConfigurations": [ // Complete OneImporter module configurations for execution
    // Example for SSL-Importer configuration:
    { // Available from GUI
      "active": true,
      "scheduleTime": "*/5 * * * *", // every 5 minutes
      "name": " domain certificates",
      "entity": "ssl-certificate",
      "domains": [
      "instanceModification": [],
      "moduleType": "importer-ssl"
    {...} // Available from GUI

Configuration: Example configuration to set credentials and complete importer configuration

The necessary ID for the extension of the credentials can be found in the Importer configuration display in the user interface. To set up a complete Importer configuration, please also use the Importer configuration display in the user interface as a kind of wizard. You can set up the configuration and then copy the JSON section from the user interface without having to save it.

Security features

The following functions ensure that the OneImporter runs in compliance with IT security requirements:

  • The OneImporter can optionally be instructed at startup to only establish connections with the platform that have a known Certificate Authority (CA) (no self-generated SSL certificates).
  • Communication always starts from the OneImporter to the platform.
  • The OneImporter is automatically restarted when the host is restarted or the process is terminated.
  • The OneImporter continuously sends HeartBeat calls to the platform (15 seconds) to implement changes to the importer configurations.
  • The OneImporter makes the last 1,000 lines of the OneImporter log file available to the platform so that users can debug failed executions of Importer configurations.
  • The execution of Importer modules in OneImporter (e.g. file importer) can be configured when OneImporter is started and thus prevented at runtime.
  • A OneImporter only receives Importer configurations from the Server for execution if the OneImporter has been authorized on the server side.
  • The OneImporter can be deactivated or activated on the server side at any time. Deactivation stops the execution of all assigned Importer configurations.
  • The Importer configurations can be deactivated and activated on the server side. Deactivation stops the execution of these specific Importer Configurations.
  • Use local importer configuration to prevent the use of credentials in the server instance.