Though spare in appearance, Asset Manager's command-line interface (CLI) is a powerful tool with many of the same capabilities as Asset Manager's GUI. It also provides some functionality not yet available in the GUI. This section introduces the basic CLI syntax and provides the procedures you are most likely to use.
Downloads Asset Manager's current configuration and a running list of all system activity for troubleshooting.
support diagnostics [spool] [db] user@host:path/to/file.zip
(spool and db keywords are optional)
In CLI, enable auditing by entering system audit enable twice.
By running the command twice, you will produce complete audit output and avoid a known error in which some lines of audit output are missing.
To enable NetFlow capture from the command-line interface:
The hardware-id command is useful as it displays the information you'll need to supply Support to generate a license. You can also access your UUID via the GUI.
The certificate license
command in the Asset Manager CLI enables you to activate a license or find out the activation date of your current license. Licenses, however, are more frequently activated via the browser interface.
If a command requires a file upload, you have two choices. You can put the file on an SSH server or you can use an SFTP tool like PSFTP or FileZilla to copy the file to Asset Manager first. If the file is on an SSH server, then you can refer to it with this syntax: userid@sshserver:/path/to/file. For example if the file is on a server named "xenon" and you have an account on xenon with the name "alice" and the file is in your home directory and named "license.p12", you can use "alice@xenon:/home/alice/license.p12". certificate Lumeta install alice@xenon:/home/alice/license.p12 If the file is not on an SSH server, then use SFTP and your Lumeta credentials to copy the file to Asset Manager's /tmp directory. Then you would use this syntax: certificate connections install /tmp/license.p12 |
The following illustrates the syntax to install an Lumeta license via the CLI.
admin
is the username, connections
-command-center:Desktop/
is the location of the license file, and license.p12
is the filename of the license. For example:certificate license install admin@10.9.0.240:Desktop/license.p12
ON CC, SCOUT OR PORTAL
At the CLI command-line prompt , enter connections list to review the list of Scout and Command Center system names.
ON CC:
connections connect portal portal_name_or_ip portal cc_lat cc_long [ cc_label [user@host:path/to/cc_icon/file.png ] ]
connections connect scout scout_name_or_ip
connections delete system name or IP
ON SCOUT:
connections connect command-center cc_name_or_ip { command-center | scout } (where final parameter is the connection initiator)
connections delete system name or IP
ON PORTAL:
When you connect a command center and portal, supply location information for the Command Center and optionally enter a label and icon (avatar).
connections connect command-center cc_name_or_ip { portal | command-center }
(where the final parameter is the connection initiator)
connections delete system name or IP
To upgrade to a new version of Lumeta, or to upgrade your Scouts, use the System Upgrade command, the syntax of which is user@host:path/to/local/file
The system version connections command is especially useful when working with Support to Identify your release.
If a company uses its own certificates, they'll need to make use of the certificate ssl install
command:
certificate ssl install friendlyName admin@10.9.0.240:Desktop/copyCert.pem
To retrieve the full name of a Scout, which is useful if you don't remember the full name, or want to see the IP address of your system, enter . . .
View the Subject, Issuer, Start date, End date, CRL and OCSP URIs and serial numbers for the installed CA and server certificates using these commands:
To run the /api/rest/management/system/diagnostic/export API, use the CLI command: support diagnostics file
This command will return a zip file containing:
Only a superuser can add or remove another user's superuser status. Multiple superusers are allowed. The last one cannot be deleted.
user superuser <userid> [ true | false ]
This command (system configuration export
) exports all configuration data to a remote file. To export the configuration and save the file remotely, run:
system configuration export username@hostname:<path to file>
This command (system configuration import
) imports configuration data from a file you've stored locally. To import configuration from the local system, run:
system configuration import <path to file>
Most symbols can be entered without any special quoting. If you want to include spaces or double quotes as part of a name, however, care must be taken. To use double quotes, enclose the entire string in double quotes and put a backslash in front of each double quote you wish to be part of the name:
To enforce password rules,
system password-controls enable
""zone discoveryspaces <zonename> avoid [ + | - | = ] command-line <cidr> [ <cidr>...]"
"zone discoveryspaces <zonename> avoid [ + | - | = ] remote <user@host:path/to/file>"
+ for adding
- for deleting
= for replacing