NSX CLI Guide

Malware Prevention Service VM

Associated Commands:

CLI Description	Command
Clear all configured logging-servers Clear all logging server configuration.	clear logging-servers
Copy a local file to remote file Copy a local file to a remote destination.	copy file <existing-file-arg> url <scp-file-url-arg>
Copy a remote file to the local file store Copy a remote file to the local file store. If no destination file is specified, the copied file has the same file name as the source file. You can use the `file` argument to specify a different destination file name. To specify IPv6 remote addresses, url server should be enclosed between square brackets.	copy url <url> [file <filename>]
Copy a remote https url file with same filename Copy a remote https url file to local file using same filename.	copy url <url> thumbprint <thumbprint> [file <filename>]
Delete core dump files in the system Delete core dump files in the system.	del core-dump [all\|<core-dump-file-arg>]
Delete local file Delete a local file.	del file <existing-file-or-pattern-arg>
Delete logging-server Delete the specified logging server configuration. You can use the `get logging-servers` command to display the current logging server configuration.	del logging-server <hostname-or-ip-address[:port]> proto <proto> level <level> [facility <facility>] [messageid <messageid>] [structured-data <structured-data>]
Exit the CLI Exit the VRF context mode if you are in it. Otherwise, exit the CLI.	exit
Show system ARP or neighbour address table Display the ARP or neighbour address table.	get arp-table
Show status to display datetime stamp Show status to display datetime stamp in command output.	get cli-output datetime
Show status to display commad deprecate warning Show status to display deprecate warning in command output.	get cli-output deprecate-warning
Display commands history Display the commands history in command output. To show all command history set size to 0. Note:Outputs command history from version 3.2.0 and above.	get command history
List core dump files in the system Display information about the core dump files in the system.	get core-dumps
List docker containers in the system List all the docker containers in the system (equivalent of 'docker ps -a').	get docker-containers
List docker images in the system List docker images in the system (equivalent of 'docker images').	get docker-images
List file in the filestore Display information about the specified file in the filestore.	get file <existing-file-arg>
Display file thumbprint Display the file thumbprint.	get file <existing-file-arg> thumbprint
List files in the filestore Display information about the files in the filestore.	get files
Show log file contents Display the contents of the specified log file.	get log-file <log-file-arg>
Show log file contents Display the last 10 lines of the specified log file and all new messages that are written to the log file.	get log-file <log-file-arg> follow
Display the list of logs files Display the list of logs files	get log-file list
Display all configured logging servers Display logging server configuration.	get logging-servers
Display process monitor Display information about processes that are running. The display is updated every few seconds.	get processes monitor
Display service properties for nsx-lastline-rapid Display information about the nsx-lastline-rapid service.	get service nsx-lastline-rapid
Get the log level of nsx-lastline-rapid Get nsx-lastline-rapid log level	get service nsx-lastline-rapid logging-level
Display service properties for Security Hub Display information about the SecurityHub service.	get service security-hub
Get the log level of EPSEC Library Get EPSEC Library log level	get service security-hub epsec logging-level
Get configured SecurityHub feature details Get configured SecurityHub feature details	get service security-hub feature
Get the log level of security-hub Get security-hub log level	get service security-hub logging-level
Show active network connections Display active network connections.	get sockets
Save support bundle in filestore Save the contents of the tech support bundle. Specify the `file` argument to save the bundle to a file with the specified file name in the file store. NSX Manager support bundles are .tar archives, NSX Edge support bundles are .tgz archives. This support bundle does not contain core or audit log files. To include those files, specify the `all` argument. To remove core dump files after collected in support bundle, specify optional argument `remove-core-files` along with `all` argument. Core files contain system information and all information stored in memory at the time of the dump (this may include confidential, sensitive or personal information such as passwords and encryption keys, if they are being processed in memory at that time). If you choose to send the support bundle to VMware, it will be processed in accordance with VMware's standard processes and policies, to provide you with support, fix problems and improve the product and services. Specify the `log-age` argument to include log files with modified times not past the age limit in days. Specify the `eal4-audit` argument to collect pre-defined selective log files modified in last 4 hours. Note: `all, log-age, remove-core-files` arguments are not allowed along with `eal4-audit` argument.	get support-bundle [file <filename> [[log-age <no-of-days>] [all [remove-core-file]]] \| [eal4-audit]]
Display CLI command help information Display CLI command help information.	help
List available commands This command lists all available commands.	list
nslookup Get DNS lookup information. Note that when run on an NSX Manager, the responding server is reported as 127.0.0.1 instead of the configured name server.	nslookup <hostname-or-ip-address>
Ping host Ping a host or IP address. Use Control-C to stop the command. Optionally use the `repeat` argument to specify how many packets to transmit.	ping <hostname-or-ip-address> [repeat <number>]
Restart service nsx-lastline-rapid Restart the nsx-lastline-rapid service.	restart service nsx-lastline-rapid
Restart service Security Hub Restart the Security Hub service.	restart service security-hub
Set status to display datetime stamp Set status to display datetime stamp in command output.	set cli-output datetime <datetime-arg>
Set status to display commad deprecate warning Set status to display deprecate warning in command output.	set cli-output deprecate-warning <deprecate-warn-arg>
Set commands history size Set command history size.	set history limit <history-size>
Set logging-server Configure a logging server. The logging system uses the facility codes defined in RFC 5424. Facility local7 is used for audit messages, and local6 is used for non-audit messages.	set logging-server <hostname-or-ip-address[:port]> proto <proto> level <level> [facility <facility>] [messageid <messageid>] [serverca <filename>] [clientca <filename>] [certificate <filename>] [key <filename>] [structured-data <structured-data>]
Set the log level of nsx-lastline-rapid Dynamically set nsx-lastline-rapid log level	set service nsx-lastline-rapid logging-level <rapid-logging-level-arg>
Set the log level of EPSEC Library Dynamically set EPSEC Library log level	set service security-hub epsec logging-level <epsec-lib-logging-level-arg>
Enable/Disable SecurityHub Fileless feature and sub-features Enable/Disable SecurityHub Fileless feature and sub-features	set service security-hub fileless <fileless-feature-subtype-arg> <feature-operation-arg> vms <feature-target-arg>
Set the log level of security-hub Dynamically set security-hub log level	set service security-hub logging-level <security-hub-logging-level-arg>
Start service nsx-lastline-rapid Start the nsx-lastline-rapid service.	start service nsx-lastline-rapid
Start service Security Hub Start the Security Hub service.	start service security-hub
Stop service nsx-lastline-rapid Stop the nsx-lastline-rapid service.	stop service nsx-lastline-rapid
Stop service Security Hub Stop the Security Hub service.	stop service security-hub
traceroute Trace the route to the specified IPv4 address or host.	traceroute <hostname-or-ip-address>
Verify all configured logging servers Verify iptables rules for all logging servers and update if needed	verify logging-servers

Total commands: 51

NSX CLI Guide

Malware Prevention Service VM

Associated Commands:

Clear all configured logging-servers

Copy a local file to remote file

Copy a remote file to the local file store

Copy a remote https url file with same filename

Delete core dump files in the system

Delete local file

Delete logging-server

Exit the CLI

Show system ARP or neighbour address table

Show status to display datetime stamp

Show status to display commad deprecate warning

Display commands history

List core dump files in the system

List docker containers in the system

List docker images in the system

List file in the filestore

Display file thumbprint

List files in the filestore

Show log file contents

Show log file contents

Display the list of logs files

Display all configured logging servers

Display process monitor

Display service properties for nsx-lastline-rapid

Get the log level of nsx-lastline-rapid

Display service properties for Security Hub

Get the log level of EPSEC Library

Get configured SecurityHub feature details

Get the log level of security-hub

Show active network connections

Save support bundle in filestore

Display CLI command help information

List available commands

nslookup

Ping host

Restart service nsx-lastline-rapid

Restart service Security Hub

Set status to display datetime stamp

Set status to display commad deprecate warning

Set commands history size

Set logging-server

Set the log level of nsx-lastline-rapid

Set the log level of EPSEC Library

Enable/Disable SecurityHub Fileless feature and sub-features

Set the log level of security-hub

Start service nsx-lastline-rapid

Start service Security Hub

Stop service nsx-lastline-rapid

Stop service Security Hub

traceroute

Verify all configured logging servers