Command line

The command line for invoking kdb+ has the form:

q [file] [-b] [-c r c] [-C r c] [-e 0|1] [-E 0|1|2] [-g 0|1] [-l] [-L][-o N] 
    [-p [rp,]port|servicename|host:port|host:servicename] 
    [-P N] [-q] [-r :H:P] [-s N] [-t N] [-T N] [-u 1] [-u|U F] [-w N] [-W N] 
    [-z 0|1]

.z.x (argv), .z.X (raw command line)

 -b blocked                 -q quiet mode
 -c console size            -r replicate
 -C HTTP size               -s slaves
 -e error traps             -t timer ticks
 -E TLS Server Mode         -T timeout
 -g garbage collection      -u disable syscmds
 -l log updates             -u usr-pwd local
 -L log sync                -U usr-pwd
 -o UTC offset              -w memory
 -p listening port          -W start week
 -p multithread port        -z date format
 -P display precision        


This is either the script to load (*.q, *.k, *.s), or a file or a directory.

$q sp.q
KDB+ 3.5t 2017.02.28 Copyright (C) 1993-2017 Kx Systems
m32/ 4()core 8192MB sjt mint.local NONEXPIRE
(`s#+(,`color)!,`s#`blue`green`red)!+(,`qty)!,900 1000 1200
+`s`p`qty!(`s$`s1`s1`s1`s2`s3`s4;`p$`p1`p4`p6`p2`p2`p4;300 200 100 400 200 300)

-b (blocked)

Syntax: -b

Block client write-access to a kdb+ database.

~/q$ q -b
q)aa:([]bb:til 4)
q)\p 5001

and in another task

q)h:hopen 5001
q)h"count aa"

Use \_ to check if client write-access is blocked:

~/q$ q -b

-c (console size)

Syntax: -c r c

Set console maximum rows and columns, default 25 80.

\c system command for detail

-C (HTTP size)

Syntax: -C r c

Set HTTP display maximum rows and columns.

\C system command for detail

-e (error traps)

Syntax: -e [0|1|2]

Sets error-trapping mode. The default is 0 (off).

\e system command for detail

-E (TLS Server Mode)

Syntax: -E x (since V3.4)

x mode
0 plain
1 plain & TLS
2 TLS only

Knowledge Base: SSL/TLS

-g (garbage collection)

Syntax: -g [0|1]

Sets garbage-collection mode:

  • 0 for deferred (default)
  • 1 for immediate

\g system command for detail

-l (log updates)

Syntax: -l

Log updates to filesystem
Knowledge Base: Logging

-L (log sync)

Syntax: -L

As -l, but sync logging
Knowledge Base: Logging

-o (UTC offset)

Syntax: -o N

Sets local time offset as N hours from UTC, or minutes if abs[N]>23 (Affects .z.Z)

\o system command for detail

-p (listening port)

Syntax: -p [rp,][hostname:][portnumber|servicename]

Kdb+ will listen to portnumber or the port number of servicename on all interfaces, or on hostname only if specified. The port must be available and the process must have permission for the port.

The default is 0 (no listening port).

Optional parameter rp allows multiple sockets (kdb+ processes) to listen on the same IP address and port combination. The kernel then load-balances incoming connections across the processes. (Since V3.5.)

\p system command for detail

-P (display precision)

Syntax: -P N

Display precision for floating-point numbers, i.e. the number of digits shown.

\P system command for detail

-q (quiet mode)

Syntax: -q

Quiet, i.e. no startup banner text or session prompts. Typically used where no console is required.

~/q$ q
KDB+ 3.5t 2017.02.28 Copyright (C) 1993-2017 Kx Systems

and with -q

~/q$ q -q

.z.q (quiet mode)

-r (replicate)

Syntax: -r :host:port[:user[:password]]

Replicate from :host:port.

\r system command

-s (slaves)

Syntax: -s N

Number of slave threads or processes available for parallel processing.

\s system command for detail

-t (timer ticks)

Syntax: -t N

Period in milliseconds between timer ticks. Default is 0, for no timer.

\t system command for detail

-T (timeout)

Syntax: -T N

Timeout in seconds for client queries, i.e. maximum time a client call will execute. Default is 0, for no timeout.

\T system command for detail

-u (disable syscmds)

Syntax: -u 1

Disables system commands from a remote (signals 'access). As such, this includes disabling exit via "\\" from a remote.

Weak protection

This option offers only a simple protection against “wrong” queries.

For example, setting a system command in .z.ts and starting the timer still works. The right system command could for example expose a terminal, so the user running the database could be fully impersonated and compromised from then on.

-u (usr-pwd local)

Syntax: -u file

Sets a password file; no access above start directory

The password file is a text file with one credential on each line. (No trailing blank line/s.)


The password can be plain text, or an MD5 hash of the password.

q)raze string md5 "this is my password"

-U (usr-pwd)

Syntax: -U file

As -u, but without access restrictions.

-w (memory)

Syntax: -w N

Workspace limit in MB for the heap per thread. Default is 0: no limit.

\w system command for detail
Reference: .Q.w

Other ways to limit resources

On Linux systems, administrators might prefer cgroups as a way of limiting resources.

On Unix systems, memory usage can be constrained using ulimit, e.g.

 $ ulimit -v 262144 
limits virtual address space to 256MB.

-W (start week)

Syntax: -W N

Set the start-of-week offset, where 0 is Saturday. The default is 2, i.e Monday.

\W system command for detail

-z (date format)

Syntax: -z [0|1]

Set the format for "D"$ date parsing: 0 for mm/dd/yyyy and 1 for dd/mm/yyyy.

\z system command