Views:

Use the available remote shell commands to investigate Mac endpoints.

Note
Note
When specifying a file location, be aware that UNC paths are not supported.
Command
Description
Syntax
Example
Supported on
cat
Output the content of the selected file (max size 1MB)
cat <file_location>
  • To output the content of the example.txt file located in the current directory (/Users/admin/Downloads):
    Downloads>cat example.txt
  • To output the content of the example.txt file located in the /tmp directory:
    Downloads>cat /tmp/example.txt
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
cd
Change the current working directory
cd [path]
Note
Note
For the <path>, specify the absolute or relative path.
cd /Users
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
clear
Clear screen
clear
clear
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
cp
Copy a file or directory to specific destination
cp <source_object> <destination_object> [--force]
  • To copy the Finances directory in the current directory /Users/admin/Downloads to /tmp and overwrite the existing directory:
    Downloads>cp Finances /tmp --force
  • To copy the example.txt file in the directory /var to /tmp and overwrite the existing example.txt file:
    Downloads>cp /var/example.txt /tmp --force
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
env
List environment variables
env
env
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
fileinfo
List detailed file properties
fileinfo <file_location_and_extension>
  • To list the file properties of the example.txt file in the current directory /Users/admin/Downloads :
    Downloads>fileinfo example.txt
  • To list the file properties of the example.txt file located in the /tmp directory:
    Downloads>fileinfo /tmp/example.txt
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
get
Collect a specific file and upload to Trend Vision One
Maximum file size: 4 GB
get <file_location_and_extension>
  • To collect the file example.txt file in the current directory /Users/admin/Downloads :
    Downloads>get example.txt
  • To collect the file example.txt file located in the /tmp directory:
    Downloads>get /tmp/example.txt
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
help
Display help information
help
help
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
ipconfig
Display network configuration information
ipconfig
ipconfig
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
kill
Terminate a running process
kill <PID>
kill 1234
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
ls
List contents of the directory
ls [path]
Note
Note
For the <path>, specify the absolute or relative path.
ls
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
memdump
Create a process memory dump available as an encrypted archive from the Trend Vision One console
memdump --pid <pid>
memdump --pid 1234
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
mkdir
Create a new directory
mkdir <path>
  • To create the Finances directory in the current directory /Users/admin/Downloads :
    Downloads>mkdir Finances
  • To create the Finances directory in the /tmp directory:
    Downloads>mkdir /tmp/Finances
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
mv
Move a file or directory to specific destination
mv <source_object> <destination_object> [--force]
  • To move the Finances directory in the current directory /Users/admin/Downloads to /tmp and overwrite the existing directory:
    Downloads>mv Finances /tmp --force
  • To move the example.txt file in the directory /var to /tmp and overwrite the existing example.txt file:
    Downloads>mv /var/example.txt /tmp --force
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
netstat
List network statistics and active connections
netstat
netstat
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
ps
List running process information
ps
ps
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
pwd
Display current directory
pwd
pwd
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
rm
Delete a file or directory (and all sub-directories)
rm <source_object> [--force]
  • To delete the Finances directory in the current directory /Users/admin/Downloads :
    Downloads>rm Finances
  • To delete the example.txt file in the directory /var :
    Downloads>rm /var/example.txt
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
run
Execute a previously uploaded script
run <script_name_and_extension> [arguments]
run demo.sh 1 "22 33" 44
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
service list
List service information
service list
service list
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
systeminfo
List system information
systeminfo
systeminfo
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
taskstatus
List status of response tasks created in the current session
taskstatus [--id=<task_id>]
<task_id>: Optional parameter to specify the identifier of the response task.
taskstatus [--id=RM-20241207-00025]
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
user info
List account properties
user info <username>
user info john_doe
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
user list
List local user accounts
user list
user list
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)
zip
Compress a file or directory in a zip archive and optionally encrypt the archive with a password
zip <source_object1> [<source_object2...> <source_objectn>] <destination_object> [--password <password>] [--force]
  • To zip the contents of the Finances directory in the current directory /Users/admin/Downloads to /tmp/directoryArchive.zip , set password to "P@ssw0rd" and overwrite the existing file:
    Downloads>zip Finances /tmp/directoryArchive.zip --password P@ssw0rd --force
  • To zip the example.txt file in the directory /var to /tmp/exampleArchive.zip and overwrite the existing file:
    Downloads>zip /var/example.txt /tmp/exampleArchive.zip --force
  • XDR Endpoint Sensor
  • Deep Security Agent (managed by Trend Cloud One - Endpoint & Workload Security)