|
|
|
|
|
 |
NoteYou must configure system configurations, such
as network settings, through the DLP VA command line interface.
You cannot configure system configurations using Linux commands.
If you do, settings will not be saved in the configuration file
and the agent will not be able to register with the server.
|
|
CLI Command
|
Description
|
Notes
|
|---|---|---|
|
admin log config backup ftp [host] [user]
[password] [path]
|
Configures FTP as a backup destination for
the log file.
|
host: type FTP server IP address
user:
type the user name. For a domain account, type '/' instead of '\'
(such as trend/test)
password: if there is no password, type
"none" (case sensitive)
path: type the relative path on the
FTP server. DLP does not support the following special characters:
~`!* and white space
|
|
admin log config backup local
|
Configures local as a backup destination
for the log file.
|
|
|
admin log config backup smb [host] [user] [password]
[path]
|
Configures the Server Message Block (SMB)
as a backup destination for the log file.
|
host: type smb/samba server IP address
user:
type the user name. For a domain account, type '/' instead of '\'
(such as trend/test)
password: if there is no password, type
"none" (case sensitive)
path: type the relative path on the
smb/samba server. DLP does not support the following special characters:
~`!* and white space
|
|
admin log config purge [days]
|
Sets the maximum number of days to save
the backup incident logs after a purge. Valid values are 0 to 180. After
exceeding the time limit, the logs are cleaned up.
|
This parameter must be an integer. If set
to 0, all incident logs in the database are deleted.
|
|
admin log config purge [days]
|
Sets the maximum number of days to save
the backup incident logs after a purge. Valid values are 0 to 180. After
exceeding the time limit, the logs are cleaned up.
|
This parameter must be an integer. If set
to 0, all incident logs in the database are deleted.
|
|
admin log config schedule [none/ day mon
week]
|
Sets the schedule for automatically running
the log purge.
|
|
|
admin log config show
|
Shows the log configuration parameters.
|
|
|
admin log delback [file name]
|
Deletes the backup log file.
|
You can use the CLI (log show backup) to
check the backup files, which are located at /backup/violationlogs
|
|
admin log purge
|
Purges incident logs in the database.
|
DLP may take more time to purge log files
depending on the number of log files to purge. The purge is not finished
until the command prompt returns. You must wait until the purge
is complete.
|
|
admin log restore [file name]
|
Restores the backup log and forensic data
to the DLP server database.
|
You can use the CLI (log show backup) to
check the backup files, which are located at /backup/violationlogs
|
|
admin db backup [db name] [destination] [option]
…
|
db_backup.sh – backs up the database.
|
|
|
admin db checkconf [configuration file] [option]
…
|
admin_checkconf.sh – performs an integrity
check on the database.
|
|
|
admin db checksize [db file] [option] …
|
admin_checksize.sh – used to verify the
amount of disk space allocated to the database.
|
|
|
admin db clean [db file] [option] …
|
Performs VACUUM (on the database.)
|
|
|
admin db reindex [db file] [option] …
|
admin_reindex.sh – re-indexes the database.
|
|
|
admin db restore [source] [db name] [option]
…
|
db_restore.sh – restores the database from
the backup file.
|
|
|
capture interface [interface value] [option
1] [option 2] [option 3] …
|
tcpdump – Captures network traffic passing through
the interfaces on the system.
|
Suggested Options: Src IP Dst IP Protocol
Interface Port Packet Count Output Location Leverages v3.1’s GUI to
manage the dump files used by FTP to transport. Have a maximum hard
limit to prevent dump files from taking over the disk.
|
|
config.properties
|
Specifies parameters for cleaning and backing
up logs.
|
|
|
configure date
|
Specifies parameters for cleaning and backing
up logs.
|
|
|
configure DLP network
|
Configures the IP and firewall settings.
|
|
|
configure dns
|
Configures the dns settings.
|
|
|
configure hostname
|
Configures the hostname or FQDN.
|
|
|
configure interface
|
Configures the interface.
|
|
|
configure password enable
|
Changes the enable user's password.
|
|
|
configure route
|
Adds, deletes, or sets a default route.
|
|
|
configure timezone
|
Allows you to change the time zone to the
chosen region.
|
|
|
dg_import.sh [file name]
|
Imports Data Loss Prevention files that
are over 200MB.
|
|
|
enable
|
Command to enable mode.
|
|
|
enable shell
|
Launches the Native OS shell.
|
|
|
exit
|
Exits the session.
|
|
|
ftp (support same OS format and syntax)
|
ftp – Helpful when you need to transfer
files to a remote system via FTP.
|
|
|
help
|
Displays an overview of the CLI syntax.
|
|
|
history
|
Displays the current session's command line history.
|
|
|
Logout
|
Logs out of the current CLI session.
|
|
|
ping [ip address[] [fqdn]
|
ping – Helpful when checking if a remote machine
is reachable or not. Also uses ICMP messages.
|
|
|
reboot
|
Reboots the server.
|
|
|
rescue
|
Rescue the system and software. Sets DLPback
to the factory defaults.
|
|
|
resolve
|
Resolves an IP address on the network.
|
|
|
scp (support same OS format and syntax)
|
scp – Helpful when you need to transfer
files to a remote system via Secure Copy.
|
|
|
setupEnv.sh
|
Sets up a proper shell environment.
|
|
|
show arp [ip address / hostname]
|
arp – obtains arp table values for troubleshooting.
|
|
|
show boot message
|
dmesg - displays the kernel debug messages.
|
|
|
show capture [file name]
|
Shows the directory where dump files are
stored.
|
|
|
show connections
|
Displays network connections.
|
|
|
show conntrack
|
cat /proc/net/sockstat - displays the used
socket information.
|
|
|
show conntrack expect
|
cat /proc/net/ip_conntrack_expect - displays
the FW expect connection tables (root access required).
|
|
|
show database backup
|
Shows database backup files.
|
|
|
show date
|
Shows current date and time.
|
|
|
show disk partition [optional partition]
|
df – Displays the disk space usage of the
different partitions on the system.
|
|
|
show disk space [optional directory or file
name]
|
du – Estimates the disk space usage of each
file recursively for the directories.
|
|
|
show file [option] …
|
lsof – List all the files open on the system.
|
Need to get the list of popular options
used with this command.
|
|
show firewall filter
|
uses the iptables –t filter –L -v
|
|
|
show firewall nat
|
iptables - displays the firewall rules if
any (needs root equivalence).
|
uses the iptables –t nat-L –v
|
|
show hostname
|
Displays the hostname.
|
|
|
show ip [options]
|
Displays the DNS or IP settings.
|
|
|
show log backup
|
Displays log files to be backed up on the
local file system.
Normally, log files are located at /backup/violationlogs
|
|
|
show module
|
lsmod – displays the kernel modules loaded.
|
|
|
show process [optional name/ID with wildcard support]
|
ps – Lists the active processes running
on the system. Helpful when checking which processes are running
and their statuses.
|
|
|
show process library [active process name/id]
|
ltrace – Attaches to an active process and
prints out the dynamic library calls it is using during its run
time.
|
|
|
show process stack [active process name/id]
|
pstack – Attaches to an active process and
prints out an execution stack trace.
|
Just use the ID instead of the process name.
|
|
show process top
|
top – Lists the top processes running on
a system at any specific time.
|
|
|
show process trace [active process name/id]
|
strace – Attaches to an active process and
prints out the system calls it’s using during its run time.
|
|
|
show resource [process name/id]
|
plimit – Sets or gets the resource limits
of a running process.
|
|
|
show statistic [interval]
|
vmstat – Reports information about processes,
memory paging blocks, I/O traps, and CPU activity.
|
|
|
show statistic block_io
|
||
|
show statistic cpu
|
||
|
show statistic ethernet [Ethernet interface]
[all] [n] [a]
|
netstat – Shows network statistics of the
system.
|
n – not to resolve IP address to hostnames.
a
– displays all sockets: listening and nonlistening.
all –
displays all Ethernet interfaces.
default – displays packet information.
|
|
show statistic IO [interval]
|
iostat – Reports the I/O performance of
the system.
|
|
|
show statistic memory
|
||
|
show statistic paging
|
||
|
show statistic process
|
||
|
show statistic traps
|
||
|
show system
|
sysctl – displays the kernel parameters.
|
|
|
show timezone
|
Displays the current time zone.
|
|
|
show uptime
|
Displays how long the system has been running.
|
|
|
show version
|
Command to list the version of the appliance software
– includes both the DLPserver version and the OS version.
|
|
|
shutdown
|
Shuts down the server.
|
|
|
stop process [process id] [core]
|
kill – Used force-kill a process. Helpful
in situations where you want to force-generate a core file from
a process.
|
If stop process is used without options
- just kill the process using -9. If stop process is used with options
[core] they will generate the core using -6. You must add the file management
to allow Trend Micro to transfer the core file out.
|
|
tftp (support same OS format and syntax)
|
tftp – Helpful when you need to transfer
files to a remote system via TFTP.
|
|
|
traceroute [ip address] [fqdn]
|
traceroute – tracks where the packet is
dropped on the network using ICMP messages.
|