Virtual Network Sensor CLI commands | Trend Micro Service Central

Views:

A list of available CLI commands for managing the Virtual Network Sensor.

Connect to VMware ESXi (either directly or through SSH) or VMware vCenter, and open the Virtual Network Sensor. To sign on with the default admin account, type admin for the user name and password.

To view a list of tasks you can perform and enable administrative commands, run the enable command. Enabling administrative commands changes the command prompt from > to #.

To view basic information of the Virtual Network Sensor, such as network settings and service status, run the show command. For a list of available commands, type show ?.

The following tables list out the basic and administrative commands you can use to manage the Virtual Network Sensor.

Important

Make sure you disable the Scroll Lock key on your keyboard when using HyperTerminal.
Arguments with angle brackets (< >) are required. Arguments with square brackets ([ ]) are optional.

Basic Commands

Command Syntax Description

enable

Enable administrative commands

For details, see Administrative Commands.

exit

Exit the CLI

help

Display the CLI syntax

show

show hostname

Show host name information

show interface <interface>

Show network interface information

<interface>: Name of NIC interface (for example, eth0)

show network management

Show network configuration

Note

If the network is configured incorrectly, you can use the configure network primary ipv4.static command to reconfigure the settings.

show ntp

Show NTP information

show proxy

Show proxy information

show sshd

Show SSH status (enabled or disabled)

show system

Show the Company ID and disk information

Note

If the head of the command line is #, execute the exit command first.
If no Company ID is shown, contact your support provider to obtain a registration token.

show thirdpartylicense

Show 3rd-party license information

show time

Show time and date information

show traffic

Show real time data traffic

show vision-one

Show the Trend Vision One server address and last time data was sent

Run the enable command to enable and perform administrative commands.

Administrative Commands

Command Syntax Description

configure

configure hostname <hostname>

Configure the host name

<hostname>: Host name or FQDN

configure network primary ipv4.static <ip>
                                 <submask> <gateway> <dns1> [dns2]

Configure static IPv4 network settings for the primary network interface

<ip>: IPv4 address of the network interface

<submask>: Submask of IPv4

<gateway>: Gateway router address

<dns1>: Primary DNS server address

[dns2]: Secondary DNS server address (optional)

configure network primary ipv4.dhcp

Configure IPv4 network settings to DHCP

configure ntp <ntp_addr>

Configure the NTP server

<ntp_addr>: FQDN or IPv4 address of the NTP server

configure password

Configure the administrator account password

configure proxy delete

Delete proxy settings

configure proxy set http <addr>

Configure the proxy server for the Virtual Network Sensor

<addr>: Proxy server address

<ADDRESS>:<PORT>: Proxy server IP address and port

<USER>:<PASSWORD>@<ADDRESS>:<PORT>: Account credentials with the proxy server IP address and port

configure ssh enable

Enable the SSH server

configure ssh disable

Disable the SSH server

configure time <HH:MI:SS> [YYYY-MM-DD]

Configure the time and date for the Virtual Network Sensor

<HH:MI:SS>: Time in hour, minute, and second format

[YYYY-MM-DD]: (Optional) Date in year, month, and day format

configure verify dns

Verify DNS server configuration

[domain]: Domain used to verify DNS server (default: www.trendmicro.com)

configure interface <interface_name>

Enter the interface configuration mode to set up a network interface of the Virtual Network Sensor

<interface_name>: Name of the network interface (for example, eth0)

For details about the available commands in the interface configuration mode, see Interface Configuration Mode Commands.

connect

Test connection to Trend Vision One

exit

Exit administrative commands

help

Display the CLI syntax

log

log coredump export

Generate a URL to download kernel core dump logs

log export [date_list]

Collect Virtual Network Sensor debugging data for troubleshooting

[date_list]: The log for a specific date list

log list-level

Display the log level of each component

log reset-level

Reset all log levels

log set-level <level> <indexes>

Set specific components to specific log levels

<level>: Target level (debug, info, warn, error, fatal, disable)

<indexes>: Target indexes (found in list-level)

ping

ping <address>

Check the connection to a specific address

Note

Execute ping trendmicro.com to check the external network connection. If the ping fails, check the IP settings and firewall settings.

reboot

Restart Virtual Network Sensor immediately

register

register [registration_token]

Note

You can execute the register <registration_token> command if your Company ID is empty initially, or the register command if your Company ID is displayed.

shutdown

Shut down Virtual Network Sensor immediately

troubleshoot

Enable troubleshooting mode

See the Troubleshooting Mode Commands table for a list of available commands.

Run the enable command and then the configure interface command to enter and perform network interface configuration commands.

Network Interface Configuration Mode Commands

Command

Syntax

Description

ip-encap

ip-encap enable <IPv4_address>

Enable Encapsulated Remote Mirroring on a network interface and assign an IPv4 address to the network interface

<IPv4_address>: IPv4 address to be assigned to the network interface

Encapsulated Remote Mirroring allows Virtual Network Sensor to receive network traffic through a supported network interface.

Note

Encapsulated Remote Mirroring is supported on data ports only.

ip-encap disable

Disable Encapsulated Remote Mirroring on the network interface

mtu

mtu <int>

Configure the Maximum Transmission Unit (MTU) for a network interface

<int>: A positive integer greater than 0

Run the enable command and then the troubleshoot command to enter and perform troubleshooting commands.

Troubleshooting Mode Commands

Command	Syntax	Description
`network-services`	`network-services`	Access the diagnostics page for network services See the Network Services Commands table for a list of available commands.
`network-traffic`	`network-traffic`	Enable network traffic dump feature See the Network Traffic Dump Commands table for a list of available commands.
`iptuples`	`iptuples`	Lists truncated IP tuple information on the AWS environment An IP tuple or 5-tuple consists of five fields in the packet; information such as the source IP address, source port, destination IP address, destination port, and transport protocol.

Network Services Commands

Command	Syntax	Description
`list`	`list`	Display a list of services with related information
`test`	`test <service>`	Perform a test for the specified network service `<service>`: The index number of the service you wish to test. Use the `list` command to retrieve the index number. For example type `test 1` to test the service indexed as 1 on the list. To test all listed services, type `test all`.

Network Traffic Dump Commands

Command	Syntax	Description
`capture`	`capture <interface_name>`	Start capturing network traffic from the specified interface `<interface_name>`: The name of the network interface you want to capture traffic from. Can use the following inputs: `eth0`: Interface Port 0 `eth1`: Interface Port 1 `any`: Capture from all data ports
`export`	`export`	Regenerate a URL to export packet capture archive
`clean`	`clean`	Delete all recorded packet capture files