Views:

A list of available CLI commands for managing the Virtual Network Sensor.

Connect to VMware ESXi (either directly or through SSH) or VMware vCenter, and open the Virtual Network Sensor. To sign on with the default admin account, type admin for the user name and password.
To view a list of tasks you can perform and enable administrative commands, run the enable command. Enabling administrative commands changes the command prompt from > to #.
To view basic information of the Virtual Network Sensor, such as network settings and service status, run the show command. For a list of available commands, type show ?.
The following tables list out the basic and administrative commands you can use to manage the Virtual Network Sensor.
Important
Important
  • Make sure you disable the Scroll Lock key on your keyboard when using HyperTerminal.
  • Arguments with angle brackets (< >) are required. Arguments with square brackets ([ ]) are optional.

Basic Commands

Command Syntax Description
enable
enable
Enable administrative commands
For details, see Administrative Commands.
exit
exit
Exit the CLI
help
help
Display the CLI syntax
show
show hostname
Show host name information
show interface <interface>
Show network interface information
<interface>: Name of NIC interface (for example, eth0)
show network management
Show network configuration
Note
Note
If the network is configured incorrectly, you can use the configure network primary ipv4.static command to reconfigure the settings.
show ntp
Show NTP information
show proxy
Show proxy information
show sshd
Show SSH status (enabled or disabled)
show system
Show the Company ID and disk information
Note
Note
  • If the head of the command line is #, execute the exit command first.
  • If no Company ID is shown, contact your support provider to obtain a registration token.
show thirdpartylicense
Show 3rd-party license information
show time
Show time and date information
show traffic
Show real time data traffic
show vision-one
Show the Trend Vision One server address and last time data was sent
Run the enable command to enable and perform administrative commands.

Administrative Commands

Command Syntax Description
configure
configure hostname <hostname>
Configure the host name
<hostname>: Host name or FQDN
configure network primary ipv4.static <ip> <submask> <gateway> <dns1> [dns2]
Configure static IPv4 network settings for the primary network interface
<ip>: IPv4 address of the network interface
<submask>: Submask of IPv4
<gateway>: Gateway router address
<dns1>: Primary DNS server address
[dns2]: Secondary DNS server address (optional)
configure network primary ipv4.dhcp
Configure IPv4 network settings to DHCP
configure ntp <ntp_addr>
Configure the NTP server
<ntp_addr>: FQDN or IPv4 address of the NTP server
configure password
Configure the administrator account password
configure proxy delete
Delete proxy settings
Important
Important
Proxy settings are now configured in Network Inventory. For more information, see Configuring Virtual Network Sensor connections.
configure proxy set http <addr>
Configure the proxy server for the Virtual Network Sensor
<addr>: Proxy server address
<ADDRESS>:<PORT>: Proxy server IP address and port
<USER>:<PASSWORD>@<ADDRESS>:<PORT>: Account credentials with the proxy server IP address and port
Important
Important
Proxy settings are now configured in Network Inventory. For more information, see Configuring Virtual Network Sensor connections.
configure ssh enable
Enable the SSH server
configure ssh disable
Disable the SSH server
configure time <HH:MI:SS> [YYYY-MM-DD]
Configure the time and date for the Virtual Network Sensor
<HH:MI:SS>: Time in hour, minute, and second format
[YYYY-MM-DD]: (Optional) Date in year, month, and day format
configure verify dns
Verify DNS server configuration
[domain]: Domain used to verify DNS server (default: www.trendmicro.com)
configure interface <interface_name>
Enter the interface configuration mode to set up a network interface of the Virtual Network Sensor
<interface_name>: Name of the network interface (for example, eth0)
For details about the available commands in the interface configuration mode, see Interface Configuration Mode Commands.
connect
connect
Test connection to Trend Vision One
exit
exit
Exit administrative commands
help
help
Display the CLI syntax
log
log coredump export
Generate a URL to download kernel core dump logs
log export [date_list]
Collect Virtual Network Sensor debugging data for troubleshooting
[date_list]: The log for a specific date list
log list-level
Display the log level of each component
log reset-level
Reset all log levels
log set-level <level> <indexes>
Set specific components to specific log levels
<level>: Target level (debug, info, warn, error, fatal, disable)
<indexes>: Target indexes (found in list-level)
ping
ping <address>
Check the connection to a specific address
Note
Note
Execute ping trendmicro.com to check the external network connection. If the ping fails, check the IP settings and firewall settings.
reboot
reboot
Restart Virtual Network Sensor immediately
register
register [registration_token]
Register Virtual Network Sensor to Trend Vision One
Note
Note
You can execute the register <registration_token> command if your Company ID is empty initially, or the register command if your Company ID is displayed.
shutdown
shutdown
Shut down Virtual Network Sensor immediately
switch-connection-method
switch-connection-method [connection_token]
Restore Virtual Network Sensor connection with Trend Vision One
[connection_token]: The connection token generated in the Trend Vision One console. For more details, see Restoring an unhealthy Virtual Network Sensor connection.
Important
Important
Only use the command to restore a disconnected or unhealthy status. The command fails to execute if the Virtual Network Sensor is able to connect to Trend Vision One.
troubleshoot
troubleshoot
Enable troubleshooting mode
See the Troubleshooting Mode Commands table for a list of available commands.
Run the enable command and then the configure interface command to enter and perform network interface configuration commands.

Network Interface Configuration Mode Commands

Command
Syntax
Description
ip-encap
ip-encap enable <IPv4_address>
Enable Encapsulated Remote Mirroring on a network interface and assign an IPv4 address to the network interface
<IPv4_address>: IPv4 address to be assigned to the network interface
Encapsulated Remote Mirroring allows Virtual Network Sensor to receive network traffic through a supported network interface.
Note
Note
Encapsulated Remote Mirroring is supported on data ports only.
ip-encap disable
Disable Encapsulated Remote Mirroring on the network interface
mtu
mtu <int>
Configure the Maximum Transmission Unit (MTU) for a network interface
<int>: A positive integer greater than 0
Run the enable command and then the troubleshoot command to enter and perform troubleshooting commands.

Troubleshooting Mode Commands

Command
Syntax
Description
network-services
network-services
Access the diagnostics page for network services
See the Network Services Commands table for a list of available commands.
network-traffic
network-traffic
Enable network traffic dump feature
See the Network Traffic Dump Commands table for a list of available commands.
iptuples
iptuples
Lists truncated IP tuple information on the AWS environment
An IP tuple or 5-tuple consists of five fields in the packet; information such as the source IP address, source port, destination IP address, destination port, and transport protocol.

Network Services Commands

Command
Syntax
Description
list
list
Display a list of services with related information
test
test <service>
Perform a test for the specified network service
<service>: The index number of the service you wish to test. Use the list command to retrieve the index number. For example type test 1 to test the service indexed as 1 on the list.
To test all listed services, type test all.

Network Traffic Dump Commands

Command
Syntax
Description
capture
capture <interface_name>
Start capturing network traffic from the specified interface
<interface_name>: The name of the network interface you want to capture traffic from. Can use the following inputs:
  • eth0: Interface Port 0
  • eth1: Interface Port 1
  • any: Capture from all data ports
export
export
Regenerate a URL to export packet capture archive
clean
clean
Delete all recorded packet capture files