Overview of the Command-Line Interface

This chapter provides an overview of how to access the command-line interface (CLI), the different command modes, and the commands that are available in each mode.

You can configure and monitor the through the web interface. You can also use the CLI to perform the configuration and monitoring tasks described in this guide.

Accessing the Command Environment

You can access the CLI through a secure shell (SSH) client or the console port using one of the following machines:

  • Windows PC running Windows 7, 8, and 10.

  • Apple Computer running Mac OS X 10.4 or later

  • PC running Linux

User Accounts and Modes in CLI

Two different types of accounts are available on the CLI:

  • Admin (administrator)

  • Operator (user)

When you power on the appliance for the first time, you are prompted to run the setup utility to configure the appliances. During this setup process, an administrator user account, also known as an Admin account, is created. After you enter the initial configuration information, the appliance automatically reboots and prompts you to enter the username and the password that you specified for the Admin account. You must use this Admin account to log in to the CLI for the first time.

An Admin can create and manage Operator (user) accounts (which have limited privileges and access to the server). An Admin account also provides the functionality that is needed to use the CLI.

To create more users (with admin and operator privileges) with SSH access to the CLI, you must enter the username command in configuration mode (see Command Modes in the CLI, page 1-4).

Table 1-1 lists the command privileges for each type of user account: Admin and Operator (user).

Table 1 Command Privileges
 

User Account

Admin

Operator

(User)

application commands

*

 

backup

*

 

backup-logs

*

 

banner

*

 

clock

*

 

configure terminal

*

 

copy commands

*

 

debug

*

 

delete

*

 

dir

*

 

exit

*

*

forceout

*

 

halt

*

 

lms

*

 

mkdir

*

 

ncs

*

 

nslookup

*

*

ocsp

*

 

patch

*

 

patch install

*

 

patch remove

*

 

ping

*

*

ping6

*

*

reload

*

 

repository

*

 

restore commands

*

 

rmdir

*

 

rsakey

*

 

shell

*

 

show application

*

 

show backup

*

 

show cdp

*

*

show clock

*

*

show cpu

*

*

show disks

*

*

show icmp_status

*

*

show icmp_status

*

*

show interface

*

*

show ip route

*

 

show logging

*

*

show logins

*

*

show memory

*

*

show ntp

*

*

show ports

*

*

show process

*

*

show repository

*

 

show restore

*

 

show running-config

*

 

show startup-config

*

 

show tech-support

*

 

show terminal

*

*

show timezone

*

*

show timezones

*

 

show udi

*

*

show uptime

*

*

show users

*

 

show version

*

*

ssh

*

*

tech

*

 

telnet

*

*

terminal

*

*

traceroute

*

*

undebug

*

 

write

*

 

Logging in to the server places you in operator (user) mode or admin (EXEC) mode, which always requires a username and password for authentication.

You can tell which mode you are in by looking at the prompt. A right angle bracket (>) appears at the end of operator (user) mode prompt; a pound sign (#) appears at the end of admin mode prompt, regardless of the submode.

Command Modes in the CLI

This section describes the command modes supported in .

EXEC Commands

EXEC commands primarily include system-level commands such as show and reload (for example, application installation, application start and stop, copy files and installations, restore backups, and display information).

For detailed information on EXEC commands, see Understanding Command Modes, page 2-5.

EXEC or System-Level Commands

Table 1-2 describes EXEC mode commands.

Table 2 Summary of EXEC Commands

Description

application install

Installs a specific application bundle.

application start

Starts or enables a specific application.

application stop

Stops or disables a specific application.

application upgrade

Upgrades a specific application bundle.

backup

Performs a backup and places the backup in a repository.

backup-logs

Performs a backup of all of the logs on the to a remote location.

banner

Sets messages while logging in to CLI (pre-login).

clock

Sets the system clock on the server.

configure

Enters configuration mode.

copy

Copies any file from a source to a destination.

debug

Displays any errors or events for various command situations; for example, backup and restore, configuration, copy, resource locking, file transfer, and user management.

delete

Deletes a file in the server.

dir

Lists the files in the server.

exit

Disconnects the encrypted session with a remote system. Exits from the current command mode to the previous command mode.

forceout

Forces the logout of all of the sessions of a specific server system user.

halt

Disables or shuts down the server.

lms

Migrates data from LMS server to PI server.

mkdir

Creates a new directory.

ncs

NCS-related commands used to start, stop and back up the server.

nslookup

Queries the IPv4 address or hostname of a remote system.

ocsp

Enables certificate-based authentication for web clients using OCSP responders.

patch

Installs System or Application patch.

ping

Determines the IPv4 network connectivity to a remote system.

ping6

Determines the IPv6 network connectivity to a remote system.

reload

Reboots the server.

restore

Restores a previous backup.

rmdir

Removes an existing directory.

rsakey

Displays a configured RSA key or sets a new RSA public key for user authentication.

show

Provides information about the server.

ssh

Starts an encrypted session with a remote system.

tech

Provides Cisco Technical Assistance Center (TAC) commands.

telnet

Establishes a Telnet connection to a remote system.

terminal length

Sets terminal line parameters.

terminal session-timeout

Sets the inactivity timeout for all terminal sessions.

terminal session-welcome

Sets the welcome message on the system for all terminal sessions.

terminal terminal-type

Specifies the type of terminal connected to the current line of the current session.

traceroute

Traces the route of a remote IP address.

undebug

Disables the output (display of errors or events) of the debug command for various command situations; for example, backup and restore, configuration, copy, resource locking, file transfer, and user management.

write

Erases the startup configuration that forces to run the setup utility and prompt the network configuration, copies the running configuration to the startup configuration, and displays the running configuration on the console.

show Commands

The show commands are used to display the settings and are among the most useful commands. See Table 1-3 for a summary of the show commands. The show commands must be followed by a keyword; for example, show application status. Some show commands require an argument or variable after the keyword to function; for example, show application version.

Table 3 Summary of show Commands
 

Description

application 
(requires keyword)

Displays information about the installed application; for example, status information or version information.

backup (requires keyword)

Displays information about the backup.

banner (requires keyword)

Sets up messages when logging in to CLI.

cdp (requires keyword)

Displays information about the enabled Cisco Discovery Protocol interfaces.

clock

Displays the day, date, time, time zone, and year of the system clock.

cpu

Displays CPU information.

disks

Displays file-system information of the disks.

icmp-status

Displays the Internet Control Message Protocol (ICMP) echo response configuration information.

interface

Displays statistics for all of the interfaces configured on the .

inventory

Displays information about the hardware inventory, including the appliance model and serial number.

ip route

Displays s ip route details of the application.

logging (requires keyword)

Displays the server logging information.

logins (requires keyword)

Displays the login history of the server.

memory

Displays memory usage by all running processes.

ntp

Displays the status of the Network Time Protocol (NTP) servers.

ports

Displays all of the processes listening on the active ports.

process

Displays information about the active processes of the server.

repository (requires keyword)

Displays the file contents of a specific repository.

restore (requires keyword)

Displays the restore history in the .

running-config

Displays the contents of the configuration file that currently runs in the .

startup-config

Displays the contents of the startup configuration in the .

tech-support

Displays system and configuration information that you can provide to the TAC when you report a problem.

terminal

Displays information about the terminal configuration parameter settings for the current terminal line.

timezone

Displays the current time zone in the .

timezones

Displays all of the time zones available for use in the .

udi

Displays information about the unique device identifier (UDI) of the .

uptime

Displays how long the system you are logged in to has been up and running.

users

Displays information about the system users.

version

Displays information about the currently loaded software version, along with hardware and device information.

Configuration Commands

Configuration commands include interface and repository. To access configuration mode, run the configure command in EXEC mode.

Some of the configuration commands require that you enter the configuration submode to complete the configuration.

Table 1-4 describes the configuration commands.

Table 4 Summary of Configuration Commands
 

Description

aaa authentication

Logs in to Prime Infrastructure server remotely.

backup-staging-url

Specifies a Network File System (NFS) temporary space or staging area for the remote directory for backup and restore operations.

cdp holdtime

Specifies the amount of time the receiving device should hold a Cisco Discovery Protocol packet from the server before discarding it.

cdp run

Enables Cisco Discovery Protocol.

cdp timer

Specifies how often the server sends Cisco Discovery Protocol updates.

clock timezone

Sets the time zone for display purposes.

do

Executes an EXEC-level command from configuration mode or any configuration submode.

Note   

To initiate, the do command precedes the EXEC command.

end

Returns to EXEC mode.

exit

Exits configuration mode.

hostname

Sets the hostname of the system.

icmp echo

Configures the ICMP echo requests.

interface

Configures an interface type and enters interface configuration mode.

ipv6 address autoconfig

Enables IPv6 stateless autoconfiguration in interface configuration mode.

ipv6 address dhcp

Enables IPv6 address DHCP in interface configuration mode.

ip address

Sets the IP address and netmask for the Ethernet interface.

Note   

This is an interface configuration command.

ip default-gateway

Defines or sets a default gateway with an IP address.

ip domain-name

Defines a default domain name that a server uses to complete hostnames.

ip name-server

Sets the Domain Name System (DNS) servers for use during a DNS query.

kron occurrence

Schedule one or more Command Scheduler commands to run at a specific date and time or a recurring level.

kron policy-list

Specifies a name for a Command Scheduler policy.

logging

Enables the system to forward logs to a remote system.

logging loglevel

Configures the log level for the logging command.

no

Disables or removes the function associated with the command.

ntp

Synchronizes the software clock through the NTP server for the system.

password-policy

Enables and configures the password policy.

repository

Enters repository submode.

service

Specifies the type of service to manage.

snmp-server community

Sets up the community access string to permit access to the Simple Network Management Protocol (SNMP).

snmp-server contact

Configures the SNMP contact the Management Information Base (MIB) value on the system.

snmp-server host

Sends SNMP traps to a remote system.

snmp-server location

Configures the SNMP location MIB value on the system.

username

Adds a user to the system with a password and a privilege level.

For detailed information on configuration mode and submode commands, see Understanding Command Modes, page 2-5.

CLI Audit

You must have administrator access to execute the configuration commands. Whenever an administrator logs in to configuration mode and executes a command that causes configurational changes in the server, the information related to those changes is logged in the operational logs.

Table 1-5 describes configuration mode commands that generate operational logs.

Table 5 Configuration Mode Commands for the Operation Log
 

Description

clock

Sets the system clock on the server.

ip name-server

Sets the DNS servers for use during a DNS query.

hostname

Sets the hostname of the system.

ip address

Sets the IP address and netmask for the Ethernet interface.

ntp server

Allows synchronization of the software clock by the NTP server for the system.

In addition to configuration mode commands, some commands in EXEC mode generate operational logs.

Table 1-6 describes EXEC mode commands that generate operational logs.

Table 6 EXEC Mode Commands for the Operation Log
 

Description

backup

Performs a backup and places the backup in a repository.

restore

Restores from backup the file contents of a specific repository.

backup-logs

Backs up system logs.