NDR Sensor CLI
Sensor Management
Associated Commands:
| CLI Description | Command |
|---|---|
Clear/Delete all management interfaces in the systemClears/Delete all management interfaces in the system. This only empties the management interface list and does not affect the underlying network interface. |
clear management-interfaces
|
Clear SSH service start on bootConfigure the SSH service to not start on boot. |
clear service ssh start-on-boot
|
Clear/Delete all sniffing interfaces in the systemClears/Delete all sniffing interfaces in the system. No packets will be captured after clearing the sniffing interfaces. This only empties the sniffing interface list and does not affect the underlying network interface. |
clear sniffing-interfaces
|
Clear SSH Root login propertyDisable SSH Root login property |
clear ssh root-login
|
Delete a management interface from the systemDelete a set management interface from the system. This only removes the interface from the management interface list, and does not delete the network interface from the system. |
del management-interface <management-interface-arg>
|
Delete a sniffing interface from the systemDelete a set sniffing interface from the system. This only removes the interface from the sniffing interface list, and does not delete the network interface from the system. Once removed from configuration, the sniffing on the interface will stop. |
del sniffing-interface <sniffing-interface-arg>
|
Delete the IP address associated with the sniffing interface in the systemDelete the IP address associated with the sniffing interface in the system. |
del sniffing-interface-ip <sniffing-interface-arg>
|
Delete SSH service known hostDelete the specified host entry from the SSH known hosts file. |
del ssh-known-host <hostname-or-ip-address-optional-port-arg>
|
List home networks in the systemList all the home networks in the system. |
get home-networks
|
List management interfaces in the systemList all the network management interfaces in the system. |
get management-interfaces
|
List all details specific to the sensor.List all details specific to the sensor. |
get sensor details
|
Display service propertiesDisplay information about the specified service. |
get service <service-name-arg>
|
Display service propertiesDisplay information about all services. |
get services
|
List sniffing interfaces in the systemList all the network sniffing interfaces in the system. |
get sniffing-interfaces
|
Register sensor with Security Services Platform (SSP)Register sensor with Security Services Platform (SSP). |
register sensor registration-manifest <registration-manifest-arg> sensor-name <sensor-name-arg>
|
Reset registration on sensor.Register sensor with SSP portal |
reset registration
|
Restart serviceRestart the specified service. |
restart service <restartable-service-name-arg>
|
Set management interfaces in the systemSet a specific management interface in the system. Once set, this interface can be used for managing the sensor. At least one management interface has to be set before configuring sniffing-interfaces. |
set management-interface <available-for-management-interface-arg>
|
Set SSH service start on bootConfigure the SSH service to start on boot. |
set service ssh start-on-boot
|
Set sniffing interfaces in the systemSet a specific sniffing interface in the system. Once set, the network traffic from the sniffing interface will be captured to identify and alert on potential security threats and malicious activity. |
set sniffing-interface <available-for-sniffing-interface-arg> [mode <sniffing-mode-arg> mtu <sniffing-mtu-arg>]
|
Set sniffing interface IP address in the systemSet an IP address for an existing sniffing interface in the system. The IP address will enable the sniffing interface to just respond to basic ARP requests for both modes - NATIVE and COMPAT. Setting up of the IP address is required to do Encapsulated Remote Mirroring. IPv6 based functionality is not supported in this release. |
set sniffing-interface-ip <sniffing-interface-arg> ip <sniffing-cidr46-notation>
|
Set SSH Root login propertyEnable SSH Root login property |
set ssh root-login
|
Start serviceStart the specified service. |
start service <start-stoppable-service-name-arg>
|
Stop serviceStop the specified service. |
stop service <service name> [force]
|
Total commands: 24