Skip to main content
Use the cockroach statement-diag to manage and download statement diagnostics bundles generated from the or .

Required privileges

Only members of the admin role and users with the VIEWSYSTEMTABLE , which provides read-only access to system tables, can run cockroach statement-diag. By default, the root user belongs to the admin role.

Subcommands

SubcommandUsage
listList available statement diagnostics bundles and outstanding activation requests.
downloadDownload a specified diagnostics bundle into a .zip file.
deleteDelete a statement diagnostics bundle(s).
cancelCancel an outstanding activation request(s).

Synopsis

List available statement diagnostics bundles and outstanding activation requests:
Download a specified diagnostics bundle into a .zip file:
Delete a statement diagnostics bundle:
Delete all statement diagnostics bundles:
Cancel an outstanding activation request:
Cancel all outstanding activation requests:

Flags

General

FlagDescription
--allApply to all bundles or activation requests.

Client connection

FlagDescription
--urlA to use instead of the other arguments. To convert a connection URL to the syntax that works with your client driver, run .

Env Variable: COCKROACH_URL
Default: no URL
--hostThe server host and port number to connect to. This can be the address of any node in the cluster.

Env Variable: COCKROACH_HOST
Default: localhost:26257
--port

-p
The server port to connect to. Note: The port number can also be specified via --host.

Env Variable: COCKROACH_PORT
Default: 26257
--user

-u
The that will own the client session.

Env Variable: COCKROACH_USER
Default: root
--insecureUse an insecure connection.

Env Variable: COCKROACH_INSECURE
Default: false
--cert-principal-mapA comma-separated list of <cert-principal:<db-principal mappings. This allows mapping the principal in a cert to a DB principal such as node or root or any SQL user. This is intended for use in situations where the certificate management system places restrictions on the Subject.CommonName or SubjectAlternateName fields in the certificate (e.g., disallowing a CommonName like node or root). If multiple mappings are provided for the same <cert-principal, the last one specified in the list takes precedence. A principal not specified in the map is passed through as-is via the identity function. A cert is allowed to authenticate a DB principal if the DB principal name is contained in the mapped CommonName or DNS-type SubjectAlternateName fields.
--certs-dirThe path to the containing the CA and client certificates and client key.

Env Variable: COCKROACH_CERTS_DIR
Default: ${HOME}/.cockroach-certs/
See for more details.

Logging

By default, this command logs messages to stderr. This includes events with WARNING and higher. If you need to troubleshoot this command’s behavior, you can .

Examples

Setup

These examples assume you are running and have requested and/or generated statement diagnostics bundles using the or .

Download a statement diagnostics bundle

List statement diagnostics bundles and/or activation requests:
Download a statement diagnostics bundle to bundle.zip:

Delete all statement diagnostics bundles

Delete all statement diagnostics bundles:

Cancel an activation request

List statement diagnostics bundles and/or activation requests:

Delete an activation request

See also