Administrative Shell
- Aliaksei Shautsou (Deactivated)
- Youlia Ushakova (Deactivated)
- Gireesh Geetha
In addition to the browser-based interface accessible via HTTP (port 80) and HTTPS (port 443), NetMRI supports a command line interface accessible via SSH (port 22). The Administrative Shell accepts a variety of commands that are useful for troubleshooting and maintenance.
For security purposes, you must access the Administrative Shell using the Secure Shell (SSH) client application on your workstation. By encrypting all session traffic, the SSH client prevents local network users from monitoring your administrative session.
Access Using the Command Line SSH client
Initially connecting to the Administrative Shell using the SSH command line client requires that you supply a username as one of the command line parameters, as shown in this example:
ssh –l admin <system>
where <system> is the hostname or IP address assigned to NetMRI. At that point, you are prompted for the admin account password, which is the same as that used for the browser interface.
Administrative Shell Menu
After a successful login, the shell displays a list of commands.
To do this... | Type this at the command prompt... |
|---|---|
Display the list of commands | ? |
Display a description of a command | <command>? |
View previously executed commands | UP-ARROW or DOWN-ARROW |
Edit a previously executed command | LEFT-ARROW, RIGHT-ARROW, BACKSPACE, DELETE |
Shell Commands
The administrative shell commands are listed in the following subsections. Many of these commands are self-explanatory and are similar to those provided by other network appliances.
acl command
The acl command enables you to restrict users' access to NetMRI to a list of IP addresses or subnets, thereby reducing the likelihood of unauthorized access. By default, the appliance accepts user connections via HTTP (port 80), HTTPS (port 443), SSH (port 22) and SYSLOG (port 514). If an access control list is defined, any or all of these ports can be restricted to a specific list of IP addresses.
The following sub-commands are supported by the acl command:
list lists all ACL entries
flush clears all ACL entries (no access restrictions)
accept accepts connections from a given CIDR block
reject rejects connections from a given CIDR block
commit saves the ACL and makes it active
The accept and reject commands accept the following arguments:
accept <CIDR 22 | 80 | 443 | 514 | ssh | http | https | syslog | amqps |all
reject <CIDR 22 | 80 | 443 | 514 | ssh | http | https | syslog | amqps | all
where <CIDR is formatted as A.B.C.D/NN. For example, the following commands:
flush
accept 192.168.12.0/24
all commit
would allow connections from any host in the specified subnet to any of the access ports supported by NetMRI. If you'd like to exclude specific hosts from a range of addresses, you should use one or more reject commands before the accept command as in the following example:
flushreject 192.168.12.66/32 all
reject 192.168.12.99/32 all
accept 192.168.12.0/24 all commit
If at least one ACL entry is defined, all access attempts other than those specifically listed are rejected; if no ACL entries are defined, all access attempts are accepted.
Typing acl ? at the prompt provides a brief list of all options:
rgrace64-212.inca.infoblox.com> acl ?
ACL Commands
------------
?- display this list
commit - save working ACLs and make active
exit - exit ACL mode
flush - clear all working ACL entries
list - list all working ACL entries
reload - clear working entries and reload from disk
The following commands add or remove entries to the ACL to either allow or reject access from given CIDRs. The order of ACL entries is important, with the first matching
rule from top to bottom used to determine if a given host can access the system.
accept <CIDR> 22|80|443|514|ssh|http|https|syslog|amqps|all
reject <CIDR> 22|80|443|514|ssh|http|https|syslog|amqps|all
delete <CIDR> 22|80|443|514|ssh|http|https|syslog|amqps
where <CIDR> is formatted as A.B.C.D/NN or <IPv6 Address>/<Prefix>
Use "0.0.0.0/0" CIDR to refer to all IPv4 sources, or "::/0" CIDR for all IPv6 sources. The ACL list must be committed to take effect.
archive command
Use the archive command to manually back up the Event Collector index and related system data. The command’s syntax is the following:
archive [ <startDate [ <archiveName ]]
where
<startDate> may be yesterday (default), today or YYYY-MM-DD
<archiveName> names the file
Unlike the command of the same name in the Administrative Shell, this archive command only backs up part of the Event Collector data: at least all data from the start date until the current time. Because data is saved in chunks of about 750MB, an archive may include data from before the start date.
autoupdate command
The autoupdate command is used to upgrade NetMRI software via the Internet, CD or upgrade file provided by Infoblox. See the section Manually Updating NetMRI Software for details. The command’s syntax is
autoupdate <filename> [auto | force-major]
Where:
autocommand-line mode to set AutoUpdate to function automatically without user prompting. This mode does not allow automatic major updating.
Example:
autoupdate auto
- f
orce-majorused in an autoupdate auto command to allow automatic updates in all circumstances, including major updates. Example:
autoupdate auto force-major
configure command
Configure is essentially the command line equivalent of the Settings icon –> General Settings –> Security page. The command’s syntax is
configure <setting> [show | reset]
where <setting> is
ssh configures SSH client and servers
http configures HTTP and HTTPS servers
snmp configures SNMP servers
auth configures authentication methods
and reset resets all protocols to the factory defaults.
The configure command supports the following sub-commands:
| Define the external authentication service, if any, that NetMRI uses to authenticate user logins. |
| Install an SSL certificate into the NetMRI system for HTTPS sessions. |
| Define the basic device Discovery device expiration period, which is the time period that elapses before NetMRI automatically re-discovers any given device in its database. The default is seven (7) days; |
| Determines whether the HTTP and HTTPS servers are activated in the NetMRI system. You can also enable or disable individual encryption protocols in the HTTPS suite. By default, NetMRI enables all protocol options. You must restart the services after making any changes, which consists of a full restart of NetMRI. |
| Define the NetMRI management IP address, which is the IP used to communicate with the appliance. Should you change this value, the system will require a restart and your current terminal session will lose connectivity. Exercise caution when using this command. |
| Starts the configuration for standalone NetMRI and Operations Center Controllers and Collectors. During this configuration you specify network name, NetMRI server name, domain name, time server, time zone, NetMRI IP address and subnet mask, and several other basic operating parameters. |
| Enable or disable support for specific SNMP protocol types, define the community string and the SNMP passphrase. |
| Define basic settings for SSH client and NetMRI SSH server, including enabling or disabling of either communications protocol and the type or types of encryption protocols supported by each. Under most circumstances, the defaults should be retained unless organization policy requires specific settings. You must restart the services after making any changes. |
debug command
Enables debugging logs from NetMRI processes to be displayed and compiled into a text file.
Note: Do not run the debug command from your system without instructions from Infoblox Support.
deregister command
Allows the deregistration of a Collector instance or appliance from the NetMRI Operations Center.
Example
netmrivm193> deregister
diagnostic command
Use diagnostic to execute diagnostic scripts provided by Infoblox Technical Support for troubleshooting or customization purposes. If a diagnostic script is required, it is provided by Infoblox as a digitally signed, compressed TAR file to be uploaded to the Administrative Shell directory (placed by the Admin account only in the admin/Backup folder) and executed using the following Admin Shell command:
diagnostic <filename>
where <filename> is the name of the diagnostic script file.
export cert command
Simple command to export the built-in appliance PKCS certificate to a file titled netmri.crt.
netmrivm193> export cert
Certificate has been exported to netmri.crt
netmrivm193>
installhelpfiles command
Use the installhelpfiles command to install custom help information to appear on a specified Issue Details page for a custom issue. Should no custom Issues information be found, the command will terminate with a No issue titles found message. Consult the topic Creating Custom Issue Help files for more information.
license generate command
Use license generate command to obtain a new NetMRI license or modify an existing license on the physical appliance. To use this command on a NetMRI virtual appliance, contact Infoblox Technical Support at the following URL http://support.infoblox.com to generate a license file or to enable this command, so you can generate a license file on your own. You can modify the installed evaluation license file before rebooting the system.
You can choose to deploy the NetMRI appliance as a standalone appliance or the Operations Center. When you configure a standalone appliance, you can convert it to the Operations Center mode. Once you configure an appliance as the Operation Center, you cannot revert it to the standalone mode. You can choose to install the following license types: Full NetMRI, ACM (Automation Change Management), SPM2 (Switch Port Manager), or Keep existing. In addition, you can modify the device limit and license expiration date. The device limit indicates the number of devices the appliance is licensed to manage.
Note: The NetMRI NT-1400 appliance is licensed as standalone even if the OC license is applied. For information about the NetMRI NT-1400 appliance, see Operations Center Appliances and Requirements.
Example 1 Sample output when you continue to use an existing license
netmrivm193> licenseUsage: license show|log|generate|<LicenseFile>
netmrivm193> license generateDo you want to start license generate now? (y/n) [n]: yCurrent License:
License Type: Full NetMRI (Customer)License Source: N/ACustomer Name: FULLNMController role: StandaloneDevice Limit: 1000
Maintenance Expiration: 2020-03-09
Modules Info:
Full NetMRI: on, Expired: Never
Automation Change Manager: off, Expired: Expired
Switch Port Management: off, Expired: Expired
NetMRI without SPM: off, Expired: Expired
IPAM Insight (Discovery): off, Expired: Expired
Network Automation: off, Expired: Expired
Security Device Controller: off, Expired: Expired
Customer Name [FULLNM]:
Choose your controller role
1. Standalone2. OC
Enter choice [1]:1
Choose license
1. Full NetMRI2. ACM3. SPM24. Keep existing
Enter choice [4]: 4INFO: No specific platform file found for this model (Unknown). Using defaults.
Device Limit [1000]:
Maintenance expiration date [2020-03-09]:No changes in license are made
Example 2 Sample output when you run this command on a NetMRI virtual appliance
SA193> license generate*** This option is disabled for Virtual Appliances. Please contact Customer Support to enable it or to generate a license file
Example 3 Sample output when you have configured an Operations Center environment
netmrivm193> license generateDo you want to start license generate now? (y/n) [n]: yCurrent License:License Type: Full NetMRI (Customer)License Source: N/ACustomer Name: FULLNMController role: OCDevice Limit: 1000Maintenance Expiration: 2020-02-20Modules Info:Full NetMRI: on, Expired: NeverAutomation Change Manager: off, Expired: ExpiredSwitch Port Management: off, Expired: ExpiredNetMRI without SPM: off, Expired: ExpiredIPAM Insight (Discovery): off, Expired: ExpiredNetwork Automation: off, Expired: ExpiredSecurity Device Controller: off, Expired: Expired
Customer Name [FULLNM]:The Choose your controller role option will not be available when you have configured OCs.
Please ensure OC and collectors have the same license type and device limit on OC matches the sum of device limits on collectors
Choose license
1. Full NetMRI2. ACM3. SPM24. Keep existing
Enter choice [4]:INFO: No specific platform file found for this model (Unknown). Using defaults.
Device Limit [1000]:
Maintenance expiration date [2020-02-20]:No changes in license are made
Example 4 Sample output when you modify an existing license to SPM2 license
netmrivm193> license generateDo you want to start license generate now? (y/n) [n]: yCurrent License:
License Type: Full NetMRI (Customer)License Source: N/ACustomer Name: FULLNMController role: StandaloneDevice Limit: 1000Maintenance Expiration: 2020-05-20Modules Info:Full NetMRI: on, Expired: NeverAutomation Change Manager: off, Expired: ExpiredSwitch Port Management: off, Expired: ExpiredNetMRI without SPM: off, Expired: ExpiredIPAM Insight (Discovery): off, Expired: ExpiredNetwork Automation: off, Expired: ExpiredSecurity Device Controller: off, Expired: Expired
Customer Name [FULLNM]: Name
Choose your controller role
1. Standalone2. OC
Enter choice [1]:
Choose license
1. Full NetMRI2. ACM3. SPM24. Keep existing
Enter choice [4]: 3INFO: No specific platform file found for this model (Unknown). Using defaults.
Device Limit [1000]:
Maintenance expiration date [2020-05-20]:Apply license changes? (y/n) [n]: YApplying license...INFO: No specific platform file found for this model (Unknown). Using defaults.Setting up CAM moduleslicense is applied+++ NetMRI is being restarted ...
result of initial stop '/usr/bin/nohup: ignoring inputsystemctl stop skipjack.servicesystemctl stop httpd.service'result of stop kill 'systemctl stop skipjack.servicesystemctl stop httpd.service'netmrivm193>
License generation FULLNM to SPM
license show command
The license show command displays your current NetMRI license configuration. You can also view your license features, controller mode, expiration date, and license type information.
netmrivm193> license showLicense Type: Full NetMRI (Customer)License Source: N/ACustomer Name: FULLNMController role: StandaloneDevice Limit: 1000Maintenance Expiration: 2020-03-09Modules Info:Full NetMRI: on, Expired: NeverAutomation Change Manager: off, Expired: ExpiredSwitch Port Management: off, Expired: ExpiredNetMRI without SPM: off, Expired: ExpiredIPAM Insight (Discovery): off, Expired: ExpiredNetwork Automation: off, Expired: ExpiredSecurity Device Controller: off, Expired: Expired
license log command
The license log command displays the license information and timestamps for all your NetMRI license activities. The following example shows sample output from the License Log command:
2017-08-01 23:41:49 [info] License Type: Full NetMRI (Temporary)2017-08-01 23:41:49 [info] License Source: set temp_license2017-08-01 23:41:49 [info] Customer Name: FULLNM2017-08-01 23:41:49 [info] Controller role: Standalone2017-08-01 23:41:49 [info] Device Limit: 10002017-08-01 23:41:49 [info] Maintenance Expiration: 2020-08-202017-08-01 23:41:49 [info] Modules Info:2017-08-01 23:41:49 [info] Full NetMRI: on, Expired: Never2017-08-01 23:41:49 [info] Automation Change Manager: on, Expired: 2017-10-272017-08-01 23:41:49 [info] Switch Port Management: on, Expired: 2017-10-272017-08-01 23:41:49 [info] NetMRI without SPM: off, Expired: Expired2017-08-01 23:41:49 [info] IPAM Insight (Discovery): off, Expired: Expired2017-08-01 23:41:49 [info] Network Automation: off, Expired: Expired
2017-08-02 22:17:38 [info] License Type: Full NetMRI (Customer)2017-08-02 22:17:38 [info] License Source: N/A2017-08-02 22:17:38 [info] Customer Name: FULLNM2017-08-02 22:17:38 [info] Controller role: Standalone2017-08-02 22:17:38 [info] Device Limit: 10002017-08-02 22:17:38 [info] Maintenance Expiration: 2020-07-202017-08-02 22:17:38 [info] Modules Info:2017-08-02 22:17:38 [info] Full NetMRI: on, Expired: Never2017-08-02 22:17:38 [info] Automation Change Manager: off, Expired: Expired2017-08-02 22:17:38 [info] Switch Port Management: off, Expired: Expired2017-08-02 22:17:38 [info] NetMRI without SPM: off, Expired: Expired2017-08-02 22:17:38 [info] IPAM Insight (Discovery): off, Expired: Expired2017-08-02 22:17:38 [info] Network Automation: off, Expired: Expired2017-08-02 22:17:38 [info] Security Device Controller: off, Expired: Expired
maintenance command
Note Do not run the maintenance command from your system without instructions from Infoblox Support.
Use the maintenance command to manually execute the NetMRI database maintenance process. Normally, database maintenance is performed weekly to archive the network database and fix any problems in the database.
provisiondisk command
Initialize and provision a new hard disk as an extension to the NetMRI system /var partition, to provide more space for key NetMRI support files including the database, automation scripts, SNMP MIBs and other system elements residing in the /var partition. This command cannot be used in disks for the NetMRI operating system or for any disks already used by the system, and no other partition besides /var can be provisioned. Attach the new disk drive to the system and enter provisiondisk in the Admin Shell. The operating system will detect the new disk and step through the process of disk initialization and setup.
recalculate-spm command
A command to allow re-population of all Switch Port Manager data tables with information from one day to 30 days in the past. The function is similar to selecting a date for re-populating a single SPM table from the calendar selector in the top left corner of the UI, but the recalculate-spm command repopulates the entire set of SPM tables.
Note: Do not run the recalculate-spm command from your system without instructions from Infoblox Support.
corp100_west> recalculate-spm
Enter time period in days for SPM generation ( should be between 1 and 30 ): 1
corp100_west>
refreshgroups command
Note: Do not run the refreshgroups command from your system without instructions from Infoblox Support.
Refreshgroups directs NetMRI to rebuild all defined Interface Groups and Device Groups in the local appliance. The refreshed groups data appears in the NetMRI UI after a few moments.
Example
netmrivm193> refreshgroups
Requesting regeneration of 22 device groups...
App Servers...request sent.
App Servers w/o SNMP...request sent.
Development Lab Network...request sent.
IT Services...request sent.
IT Services w/o SNMP...request sent.
NAME ONLY...request sent.
Network Low-Level...request sent.
Network Management...request sent.
Network Pending...request sent.
Network w/o SNMP...request sent.
NIOS...request sent.
Optimizers...request sent.
Routing...request sent.
Security...request sent.
Switching...request sent.
UNKNOWN...request sent.
Video...request sent.
Voice...request sent.
Wireless...request sent.
Workstations...request sent.
Workstations w/o SNMP...request sent.
Requesting regeneration of 4 interface groups...
Active Router Interfaces...request sent.
Admin Down...request sent.
Switch Ports...request sent.
Trunk Ports...request sent.
Depending on the size of the network, it may take a few minutes for the results to be reflected in the user interface. On an OC, it will take an extra minute or so as the calculations are done on the collectors and transferred up to the OC.
rdtclient command
Note: Do not run the rdtclient command in your system before obtaining instructions from Infoblox Support.
Use rdtclient to diagnose issues from any NetMRI Operations Center or standalone NetMRI appliance. The RDT (remote diagnostic tool) automates complex troubleshooting procedures through the use of the following:
- Opening a NetMRI support case with Infoblox;
- Receipt of a token from Infoblox Support;
- Entry of this token into NetMRI through the rdtclient command, which triggers an automated action process;
- The action process collects the logs generated from the automated procedure and sends those logs to Infoblox through a temporary SSH encrypted tunnel.
The benefit from using rdtclient is that the NetMRI admin avoids being tied to troubleshooting tasks and can pursue normal activities while NetMRI executes the remote diagnostic. All communications, including possible support engineer interaction with the system, are carried out with strict security and procedural limitations.
Before using rdtclient, establish a support case with Infoblox Support and receive the token string file and further instructions on command execution, including the action argument.
Example
netmrivm193> rdtclient
Usage: rdtclient [options] ([action] | [action] [token] )
-V, --version
-h, --help
-v, --verbose
-q, --quiet
Action can be in one of three categories: Registration, Tunnel Control, and Remote Transfers
Tunnel Control: (None enabled until after registration)
Remote Transfers/Actions: (None enabled until after registration)
Registration: (register)
Some of the above Actions require a token, provided by Infoblox:
(None enabled until after registration)
removedsb command
Note: Avoid running the removedsb command in your system before obtaining instructions from Infoblox Support.
Use removedsb to delete database archive files from the default directory /var/local/netmri/dsb in the local NetMRI appliance. This is generally a housekeeping command, but exercise caution when deleting database files.
remoteCopy command
Use remoteCopy to send files to another host system from the local NetMRI appliance.
Example
netmrivm193> remoteCopy
Enter filename: netmri122.dat
Enter destination host: SC-L-RGRACE3
Enter destination directory: \dev\local\data\
Enter username: rgrace
Warning: Permanently added '10.120.32.193' (RSA) to the list of known hosts.
NetworkAutomation rgrace
ALL UNAUTHORIZED ACCESS TO THIS SYSTEM WILL BE PROSECUTED TO THE MAXIMUM EXTENT ALLOWED BY APPLICABLE LAWS.
rgrace@10.120.32.193's password: ********
netmri122.dat 100% 704 221.7KB/s 00:00
removemib command
Use removemib to delete vendor SNMP MIB files from the MIB library in NetMRI. The removemib command automatically points to a location in the system, that contains all MIBs installed by admins into NetMRI. (For a list of installed MIBs, you can go to Settings icon –> Setup –> MIB Management.) Removemib is limited to MIBs that are installed by admins of the system; MIBs that are bundled with NetMRI cannot be deleted using this command. You should also know the file name for the MIB before deleting it. Files of this type are placed into the /var/local/netmri/dsb/mibmanager/source directory. If no MIB files are located in this folder, you will not be able to remove any other MIB files.
Example
netmrivm193> removemib A3Com-products-rev2-MIB
repair command
Use Repair to fix tables in the database that were corrupted by an improper shutdown. The repair command runs automatically during startup, but is provided here for troubleshooting purposes.
reset command
Use the reset command with due caution; changes imposed by resetting parts of the NetMRI system may result in loss of data that you do not intend to lose. Read this entire topic before proceeding.
The reset command has the following sub-commands:
system resets NetMRI to the factory default state, erasing all network database information, network database archive files, custom issue help files, ACL settings, user accounts, etc. After a reset system, reconfigure NetMRI using instructions in the "NetMRI and Operations Center Deployment Guide" (available in the "Other information" section of the online help).
reset admin resets the administrator password to admin.
If the administrator password has been forgotten, neither the Administrative Shell nor the browser interface can be accessed. In this case, contact Infoblox Support for further assistance. If desired, the unit can still be manually reset from the console interface using the following steps:
- Attach a keyboard and monitor to the appliance or connect through a terminal session to the serial port.
- Log in using the username reset (no password is needed for that account, which can only perform a reset).
- Confirm the reset.
| Resets the current NetMRI instance's installed licenses. Reset all_licenses does not reset the NetMRI database, which allows portability of data from one product to another (from a virtual appliance to a physical appliance, for example). |
| Resets the assigned CLI credentials to every discovered device, forcing NetMRI to re-guess CLI credentials. |
|
|
| Resets the assigned SNMP credentials to every discovered device, forcing NetMRI to reguess SNMP credentials. |
| Resets the NetMRI system in its entirety to factory defaults. Should you previously have run the |
| Resets all Automation Change Manager registration settings for the current NetMRI instance. |
| Clears any existing tunnel client configuration in an Operations Center collector system. This command is present in all NetMRI standalone appliances but can be ignored if the appliance is not acting as a collector. This process is included in a reset system, but can be run manually if a new key pair is needed for the tunnel client, or if the tunnel client must be re-registered with another Operations Center Controller. |
| (Only available on Operations Center servers) Clears all VPN tunnel configuration information, including all keying material and client configurations. When run, any existing client configuration is invalidated. You must then run |
| Displays the software version of the current NetMRI instance; |
| Displays statistics about virtual memory usage, including operating system memory, interrupts, paging and disk I/O. |
restore command
The restore command restores a sequence of archive files in the order given. The command’s syntax is:
restore <archiveFile1 [ <archiveFile2 ... ]
Because the archive command backs up only part of the data (see description above), you may need to restore multiple daily backup files to reconstruct a complete data set. Thus, the restore command enables you to specify multiple archive files (if you restored just the last file, you would reconstruct data for the last day or last 750MB, whichever is greater). As shown above, wildcards can be used to specify multiple archive files. If you list files separately, enter the oldest file first, then enter the rest in chronological order.
Note: Restoring archives overwrites current data. Example: on December 15 you restore archives through December 1. Data for December 2 through 14 would be lost.
rm command
Use rm to delete files and file directories on the NetMRI file system. As with any command involving modification of files, exercise caution when using the rm command.
sandbox command
For more information, see Using the NetMRI Sandbox .
set temp_license command
You can set up and install a single 60-day evaluation license for any of the following NetMRI product licenses:
- Automation Change Manager
- Full NetMRI
- Add Switch Port Manager
- Add Security Device Controller
The appliance limits set temp_license to a single 60-day license. If you wish to extend the operation of a particular license, a new license must be purchased from Infoblox Customer Service.
Automation Change Manager may be licensed without the use of full NetMRI.
Example
LosAngeles> set temp_license
1. Add Switch Port Manager license
2. Add Automation Change Manager license
3. Add NetMRI license
4. Add Security Device Controller license 1. Add Switch Port Manager license
Select license (1-4) or q to quit: 2
This action will generate a temporary 60-day Automation Change Manager license.
Are you sure you want to do this? (y or n): y
Automation Change Manager temporary license installed.
Expiration: 2017-10-27
Temporary license installed.
Example
LosAngeles> set temp_license 2. Add Automation Change Manager license 4. Add NetMRI license Select license (1-4) or q to quit: 3 This action will generate a temporary 60-day MODULE_FULL license.
Are you sure you want to do this? (y or n):
show command
The show command displays information about specified NetMRI components.
RG_Standalone> show Show Commands:
acl | disk |
| severs | updatelog |
certificate | dsb | license | settings | version |
date | ethernet | load | stats | virtual |
dbprocs | id | memory | tech | |
diagnosticlog | idmethods | process | tunclient | |
discovery | interfaces | route | updatehistory |
This command supports the following sub-commands:
| Displays the internal ACL filter list automatically generated by the NetMRI appliance (this is a security measure to protect the NetMRI system; |
| Displays the currently installed NetMRI HTTPS certificate |
| Shows the current system date and time; |
| Shows the complete lists of system tasks tied to database management in the system, Process ID, User, database being modified, and other information; |
| Executes a diagnostic script in NetMRI to perform a check on the system; |
| Lists the complete table of the discovery database for the current NetMRI system; |
| Shows the complete disk partition configuration for the current NetMRI appliance; |
| Shows the complete Ethernet port configuration for the current NetMRI appliance; |
| Lists the current appliance's serial number; |
| Show the system settings for device identification methods during Discovery, including Vendor (1), Model (2), OS Version (3) or Device Type (4). entering a number from 1-4 displays a table of a category of network device identity properties currently defined in NetMRI; |
| Displays the complete list of physical and virtual interfaces built into or bound to the current NetMRI instance; |
| Displays a quick assessment of the current system load and throughput. May be useful in troubleshooting; |
| Shows the current licensing status for the NetMRI instance; also displays the current Platform Device Limit, License Device Limit and Effective Device Limit for all licenses installed in the system. Warning alerts also appear if any license limits are overridden for any cause. |
| Provides a listing of memory usage for the current NetMRI instance; |
| Lists all the computing processes running in the current NetMRI instance; |
| Displays the routing table for the current appliance (see the Sandbox command topic for more information); |
| Separately lists the server processes running in NetMRI, the amount of CPU cycles and memory each occupies and other information; |
| Lists the key configuration settings for the current NetMRI instance, including the management and scan port IPs and assigned names |
| Displays basic system statistics including the current date, average CPU usage, average level of free memory and the disk usage by the current system; |
| Displays a broad overview of information about the current NetMRI instance for use by technical support, including the system timestamp, discovery settings, network connections, port configuration and other elements; |
| Displays Collector VPN settings and connection status to the Operations Center Controller; |
| Displays Operations Center Controller's VPN settings and lists attached Controllers (applies only to OC Controllers); |
| Lists the brief version of the update history for the current NetMRI instance; |
| Lists the verbose information about the current NetMRI instance's history of system software updates; |
| Displays NetMRI version, serial number, network name and server name; |
| Displays information about the appliance's virtual memory usage (swap file partitions, etc.) including memory, processes, interrupts, paging and block I/O. Similar to the Unix vmstat command. |
show license command
The show license command displays your current NetMRI license configuration. You can also view your license features, license type, expiration date, and license ID information.
netmrivm193> show license
License Information:--------------------------------Serial Number: VM-94AD-61B27License ID: VM-94AD-61B27-20170308-0124361License Expires: NeverLicense Type: CustomerMode: standaloneMaintenance Expires: 2020-03-09Licensed Device Limit: 1,000
License Features:
Switch Port Manager Support: off
Switch Port Manager Expiration: N/A
Automation Change Manager Support: off
Automation Change Manager Expiration: N/A
NetMRI Support: on
NetMRI Expiration: Never
Security Device Controller Support: off
Security Device Controller Expiration: N/A
show route command
You can use the show route command to display the routing table for the current appliance:
rgrace64-212.inca.infoblox.com> show route Kernel IP routing table
|
|
|
|
|
|
|
| ||||||
|
|
|
|
|
|
|
| ||||||
|
|
|
|
|
|
|
| ||||||
|
|
|
|
|
|
|
| ||||||
|
|
|
|
|
|
|
| ||||||
|
|
|
|
|
|
|
| ||||||
| |||||||||||||
|
|
|
|
|
|
| |||||||
|
|
|
|
|
|
| |||||||
|
|
|
|
|
|
| |||||||
|
|
|
|
|
|
| |||||||
|
|
|
|
|
|
| |||||||
|
|
|
|
|
|
| |||||||
snmpwalk command
Obtain a tree of information from a network device, using automatic SNMP GETNEXT commands. In NetMRI’s administrative shell version of the snmpwalk command, you can specify the SNMP version, the community string, and the desired Root Object ID (OID). The command’s syntax is:
snmpwalk 22
The command prompts for further information before executing (if only one network view exists in the NetMRI appliance, you will not be prompted to enter that value):
NetManager_West> snmpwalk 220.10.10.5
Enter Network View: West-Lab
Enter SNMP hostname or IP address []: 220.10.10.5
Enter SNMP version [2c]:
Enter SNMP community string [public]:
Enter Root OID to start walk [system]: 1.3
Use legacy snmpwalk tool [n]:
+++ Executing snmpwalk ...
#######################################################################
# Generated by NetMRI Administrator SNMP Walk
# SerialNo : VM-C64E-FA34C
# SNMP Host: 220.10.10.5
# SNMP Root: 1.3
# StartTime: Wed Apr 20 15:02:16 EDT 2011
#######################################################################
2011-04-20 15:02:33 [warn] snmpwalk: No response from remote host '220.10.10.5'
#######################################################################
# EndTime: Wed Apr 20 15:02:33 EDT 2011
#######################################################################
+++ Results stored in snmpwalk-220-10-10-5.txt
Use SCP to connect to the NetMRI appliance to obtain the file.
ssh-key commands
ssh-key create
ssh-key delete
ssh-key export
NetMRI provides support for outside SCP applications to use SSH keys in lieu of passwords. You can manage SSH keys through a series of admin shell commands (ssh-keycreate, ssh-keyexport, and ssh-keydelete). You create SSH keys with a variety of key types and bit sizes using the ssh-keycreate command:
rgrace-dev> ssh-key create
Specify the type of key to create. The possible values are 'dsa' or 'rsa' for protocol version 2.
1. dsa
2. rsa
Enter choice [2]:
Specify the number of bits in the key to create. For RSA keys, the minimum size is 768 bits and the default is 2048 bits. Generally, 2048 bits is considered sufficient. DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
1. 768
2. 1024
3. 2048
4. 4096
Enter choice [3]:
Selected Options:
Key Type : rsa
Bits : 2048
Create SSH keys using these options? (y or n):y
Successfully created SSH keys.
After creating SSH keys, you can enable the Use SSH Keys option in the Archive Database, Scheduled Archive and Remote Config Archive feature pages (available under Settings icon –> Database Settings).
When enabled, the SSH public key needs to be installed on the remote SCP servers for operations to be successful. To do so, you export the SSH public key from NetMRI in a variety of formats using the admin shell command ssh-key export. In an OC environment, SSH keys are created only on the Operations Center Controller; in that case, operations that use SSH keys only run on the Controller and not on the Collectors.