Command Reference

This appendix contains necessary information on disk space management for all types of Cisco Prime Infrastructure deployments and an alphabetical listing of the commands specific to the Prime Infrastructure. The Prime Infrastructure comprise the following modes:

  • EXEC

    • System-level

    • Show

  • Configuration

    • configuration submode

      Use EXEC mode system-level config or configure command to access configuration mode.

Each of the commands in this appendix is followed by a brief description of its use, command syntax, any command defaults, command modes, usage guidelines, and one or more examples. Throughout this appendix, the Prime Infrastructure server uses the name ncs in place of the Prime Infrastructure server’s hostname.


Note

If an error occurs in any command usage, use the debug command to determine the cause of the error.


EXEC Commands

This section lists each EXEC command and each command page includes a brief description of its use, command syntax, any command defaults, command modes, usage guidelines, and an example of the command and any related commands.

application start

To start the application process, use the application start command in EXEC mode. There is no form of this command.


Note

This command does not work in FIPS release.

application start application-name

Syntax Description

application-name

Name of the predefined application that you want to enable. Up to 255 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Enables an application.

You cannot use this command to start the Prime Infrastructure application. If you use this command to start the application, you can see that the Prime Infrastructure is already running.

Examples

pi-system-168/admin# application start NCS
Starting Prime Infrastructure...
This may take a while (10 minutes or more) ...
Prime Infrastructure started successfully.
Redirecting to /bin/systemctl restart rsyslog.service
Completed in 1029 seconds

application stop

To stop the PI process, use the application stop command in EXEC mode. There is no No form of this command.

application stop application-name

Syntax Description

application-name

Name of the predefined application that you want to disable. Up to 255 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Disables an application.

Examples

pi-system-117/admin# application stop NCS
pi-system/admin# application stop NCS
Stopping Prime Infrastructure...
This may take a few minutes...
Prime Infrastructure successfully shutdown.
Stopping SAM daemon...
Checking for SAM daemon again ...
SAM Daemon not found...
Stopping DA daemon ...
Checking for DA daemon again ...
DA Daemon not found...
Completed shutdown of all services

application upgrade

To upgrade lower version to higher version (supported version), use the application upgrade command in EXEC mode.

application upgrade application-bundle repository-name

Syntax Description

application-bundle

Enter the upgrade bundle name.

remote-repository-name

Remote repository name (up to 80 alphanumeric characters).

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Upgrades an application bundle, and preserves any application configuration data.

If you enter the application upgrade command when another application upgrade operation is in progress, you will see the following warning message:


An existing application install, remove, or upgrade is in progress. Try again shortly.

Caution

Do not enter the backup or restore commands when the upgrade is in progress. This action might cause the database to be corrupted.


Examples

pi-system-196/admin# application upgrade 
PI-Upgrade-36x_37x_to_3.8.0.0.310.tar.gz defaultRepo

backup

Appliance Backup: To perform a backup (including the Prime Infrastructure and Cisco ADE OS data) and place the backup in a repository, use the backup command in EXEC mode.

Application Backup: To perform a backup of only the Prime Infrastructure application data without the Cisco ADE OS data, use the application keyword command.

Command for Appliance Backup:

backup backup-name repository repository-name

Command for Application Backup

backup backup-name repository repository-name application application-name

Syntax Description

backup-name

Name of the backup file. Up to 26 alphanumeric characters is recommended.

repository-name

Name of the location where the files should be backed up to. Up to 80 alphanumeric characters.

application-name

Application name. Up to 255 alphanumeric characters.

Note 

Enter the application name as ‘NCS’ in uppercase.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Performs a backup of the Prime Infrastructure and Cisco ADE OS data and places the backup in a repository.

To perform a backup of only the Prime Infrastructure application data without the Cisco ADE OS data, use the application command.

Examples

pi-system/admin# backup Appliancebkp repository test

DO NOT press ^C while the backup is in progress
Aborting backup with a ^C may terminate the backup operation or the backup file may be corrupted

To restore this backup you will have to enter this password

Password :
Password Again :
  Backup Started at : 11/27/18 19:08:57
  Stage 1 of 7: Database backup ...
  Database size: 7.1G
  -- completed at  11/27/18 19:10:20
  Stage 2 of 7: Database copy ...
  -- completed at  11/27/18 19:10:20
  Stage 3 of 7: Backing up support files ...
  -- completed at  11/27/18 19:10:24
  Stage 4 of 7: Compressing Backup ...
  -- completed at  11/27/18 19:10:46
  Stage 5 of 7: Building backup file ...
  -- completed at  11/27/18 19:11:03
  Stage 6 of 7: Encrypting backup file ...
  -- completed at  11/27/18 19:11:09
  Stage 7 of 7: Transferring backup file ...
  -- completed at 11/27/18 19:11:11
% Backup file created is: Appliancebkp-181127-1908__VER3.8.0.0.310_BKSZ5G_CPU4_MEM3G_RAM11G_SWAP15G_SYS_CK525526487.tar.gpg
Total Backup duration is: 0h:2m:18s
pi-system/admin#

************************************************************************************************************************

Examples

pi-system/admin# backup Applicationbkp repository test application NCS

DO NOT press ^C while the backup is in progress
Aborting backup with a ^C may terminate the backup operation or the backup file may be corrupted

To restore this backup you will have to enter this password

Password :
Password Again :
  Backup Started at : 11/27/18 19:13:33
  Stage 1 of 7: Database backup ...
  Database size: 7.1G
  -- completed at  11/27/18 19:14:17
  Stage 2 of 7: Database copy ...
  -- completed at  11/27/18 19:14:17
  Stage 3 of 7: Backing up support files ...
  -- completed at  11/27/18 19:14:19
  Stage 4 of 7: Compressing Backup ...
  -- completed at  11/27/18 19:14:34
  Stage 5 of 7: Building backup file ...
  -- completed at  11/27/18 19:14:50
  Stage 6 of 7: Encrypting backup file ...
  -- completed at  11/27/18 19:14:55
  Stage 7 of 7: Transferring backup file ...
  -- completed at 11/27/18 19:14:56
% Backup file created is: Applicationbkp-181127-1913__VER3.8.0.0.310_BKSZ5G_CPU4_MEM3G_RAM11G_SWAP15G_APP_CK3453119464.tar.gpg

Total Backup duration is: 0h:1m:26s
pi-system/admin#


***************************************************************************************************************************************

backup-logs

To back up system logs, use the backup-logs command in EXEC mode. There is no no form of this command.

backup-logs backup-name repository repository-name

Syntax Description

backup-name

Name of one or more files to back up. Up to 100 alphanumeric characters.

repository-name

Location where files should be backed up to. Up to 80 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Backs up system logs.

Examples


pi-admin/admin# backup-logs log-backup repository defaultRepo 
% Creating log backup with timestamped filename: log-backup-150621-1618.tar.gz 
  Transferring file ...
  -- complete.
pi-system/admin#

banner

To set up messages while logging (pre-login) in to CLI, use the banner install pre-login command.

banner install pre-login banner-text-filename repository Repository-name

Syntax Description

banner-text-filename

Banner text file name.

repository-name

Repository name.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


admin#  banner install pre-login test.txt repository defaultRepo

change-password

To change the password you use to log in to CLI interface, use the change-password command.

change-password password

Syntax Description

password

New password

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

pi-system/admin# change-password 
Changing password for user admin.
Changing password for admin.
(current) UNIX password: 
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.

clock

To set the system clock, use the clock command in EXEC mode. You cannot remove this function but reset the clock.

clock set [mmm dd hh:mm:ss yyyy]

Syntax Description

mmm

Current month of the year by name. Up to three alphabetic characters. For example, Jan for January.

dd

Current day (by date) of the month. Value = 0 to 31. Up to two numbers.

hh:mm:ss

Current time in hours (24-hour format), minutes, and seconds.

yyyy

Current year (no abbreviation).

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Sets the system clock. You must restart the Prime Infrastructure server after you reset the clock for the change to take effect.

Examples

pi-system-196/admin# clock set Jan 28 04:11:35 2020
pi-system-196/admin# show clock
Tue Jan 28 04:11:38 IST 2020
pi-system-196/admin#

configure

To enter configuration mode, use the configure command in EXEC mode. If the replace option is used with this command, copies a remote configuration to the system which overwrites the existing configuration.

configure terminal

Syntax Description

terminal

Executes configuration commands from the terminal.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Use this command to enter configuration mode. Note that commands in this mode write to the running configuration file as soon as you enter them (press Enter ).

To exit configuration mode and return to EXEC mode, enter end , exit , or pressCtrl-z .

To view the changes that you have made to the configuration, use the show running-config command in EXEC mode.

Examples


ncs/admin# configure
Enter configuration commands, one per line.  End with CNTL/Z.
ncs/admin(config)#

ncs/admin# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
ncs/admin(config)#

copy

To copy any file from a source to a destination, use the copy command in EXEC mode.

Syntax Description

running-config

Represents the current running configuration file.

startup-config

Represents the configuration file used during initialization (startup).

protocol

See Table A-5 for protocol keyword options.

hostname

Hostname of destination.

location

Location of disk:/<dirpath>.

logs

The system log files.

all

Copies all Prime Infrastructure log files from the system to another location. All logs are packaged as ncslogs.tar.gz and transferred to the specified directory on the remote host.

filename

Allows you to copy a single Prime Infrastructure log file and transfer it to the specified directory on the remote host, with its original name.

log_filename

Name of the Prime Infrastructure log file, as displayed by the show logs command (up to 255 characters).

mgmt

Copies the Prime Infrastructure management debug logs and Tomcat logs from the system, bundles them as mgmtlogs.tar.gz, and transfers them to the specified directory on the remote host.

runtime

Copies the Prime Infrastructure runtime debug logs from the system, bundles them as runtimelogs.tar.gz, and transfers them to the specified directory on the remote host.

Command Default

No default behavior or values.

Command Modes

EXEC

Running Configuration

The fundamental function of the copy command allows you to copy a file (such as a system image or configuration file) from one location to another location. The source and destination for the file specified uses the file system, through which you can specify any supported local or remote file location. The file system being used (a local memory source or a remote system) dictates the syntax used in the command.

You can enter on the command line all of the necessary source and destination information and the username and password to use; or, you can enter the copy command and have the server prompt you for any missing information. You can enter up to a maximum of 2048 characters of source and destination URL information on the command line.

The copy command in the copies a configuration (running or startup).

The active configuration stores itself in the RAM. Every configuration command you enter resides in the running configuration. If you reboot your server, you lose the running configuration. If you make changes that you want to save, you must copy the running configuration to a safe location, such as a network server, or save it as the server startup configuration.

You cannot edit a startup configuration directly. All commands that you enter store themselves in the running configuration, which you can copy into the startup configuration.

In other words, when you boot a server, the startup configuration becomes the initial running configuration. As you modify the configuration, the two diverge: the startup configuration remains the same; the running configuration reflects the changes that you have made. If you want to make your changes permanent, you must save the running configuration to the startup configuration using the write memory command. The write memory command makes the current running configuration permanent.


Note

If you do not save the running configuration, you will lose all your configuration changes during the next reboot of the server. You can also save a copy of the running and startup configurations using the following commands, to recover in case of loss of configuration:

copy startup-config location

copy running-config location



Note

The copy command is supported only for the local disk and not for a repository.



Tip

Aliases reduce the amount of typing that you need to do. For example, type copy run start (the abbreviated form of the copy running-config startup-config command).


The entire copying process might take several minutes and differs from protocol to protocol and from network to network.

Use the filename relative to the directory for file transfers.

Possible error is the standard FTP error message.

Table 1. Protocol Prefix Keywords

Keyword

Destination

ftp

URL for FTP network server. The syntax for this alias:

ftp:// location/ directory

sftp

URL for an SFTP network server. The syntax for this alias: sftp://location/directory

SFTP Repositories may require the // between the IP address/FQDN and the physical path on the SFTP store. If you find that you cannot access the SFTP repository with single slashes, add the additional slash and try the operation again. For example: url sftp://server//path

Note 

The remote sftp servers need to be enabled for 'password authentication’ (keyboard-interactive mode does not work for sftp transfers). See the documentation on sshd server used at the remote end, to enable password authentication.

Depending on the SFTP software used with the remote server, you may need to enable "password authentication” instead of "keyboard-interactive mode”. Enabling “password authentication” is required; copy to remote SFTP servers will not work unless it is enabled. For example: With OpenSSH 6.6x, “keyboard-interactive mode” is the default. To enable “password authentication”, edit the OpenSSH sshd_config file to set the PasswordAuthentication parameter to “yes”, as follows: PasswordAuthentication yes.

tftp

URL for a TFTP network server. The syntax for this alias:

tftp:// location/ directory

Examples


ncs/admin# copy run start
Generating configuration...
ncs/admin#

ncs/admin# copy running-config startup-config
Generating configuration...
ncs/admin#

ncs/admin# copy start run
ncs/admin#

ncs/admin# copy startup-config running-config
ncs/admin#

ncs/admin# copy logs disk:/
 Collecting logs...
ncs/admin#

This command is used to copy the certificate from tftp to pnp.

copy tftp://<PI Server IP Address>/server.key disk:/
copy tftp://<PI Server IP Address>/server.crt disk:/
	copy tftp://<PI Server IP Address>/ncs_server_certificate.crt disk:/

debug

To display errors or events for command situations, use the debug command in EXEC mode.

debug{all | application | backup-restore | cdp | config | icmp | copy | locks | logging | snmp | system | transfer | user | utils}

Syntax Description

all

Enables all debugging.

application

Application files.

  • all—Enables all application debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • install—Enables application install debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • operation—Enables application operation debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • uninstall—Enables application uninstall debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

backup-restore

Backs up and restores files.

  • all—Enables all debug output for backup-restore. Set level between 0 and 7, with 0 being severe and 7 being all.

  • backup—Enables backup debug output for backup-restore. Set level between 0 and 7, with 0 being severe and 7 being all.

  • backup-logs—Enables backup-logs debug output for backup-restore. Set level between 0 and 7, with 0 being severe and 7 being all.

  • history—Enables history debug output for backup-restore. Set level between 0 and 7, with 0 being severe and 7 being all.

  • restore—Enables restore debug output for backup-restore. Set level between 0 and 7, with 0 being severe and 7 being all.

cdp

Cisco Discovery Protocol configuration files.

  • all—Enables all Cisco Discovery Protocol configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • config—Enables configuration debug output for Cisco Discovery Protocol. Set level between 0 and 7, with 0 being severe and 7 being all.

  • infra—Enables infrastructure debug output for Cisco Discovery Protocol. Set level between 0 and 7, with 0 being severe and 7 being all.

config

Configuration files.

  • all—Enables all configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • backup—Enables backup configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • clock—Enables clock configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • infra—Enables configuration infrastructure debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • kron—Enables command scheduler configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • network—Enables network configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • repository—Enables repository configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • service—Enables service configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

icmp

Internet Control Message Protocol (ICMP) echo response configuration.

all—Enable all debug output for ICMP echo response configuration. Set level between 0 and 7, with 0 being severe and 7 being all.

copy

Copy commands. Set level between 0 and 7, with 0 being severe and 7 being all.

locks

Resource locking.

  • all—Enables all resource locking debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • file—Enables file locking debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

logging

Logging configuration files.

all—Enables all logging configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

snmp

SNMP configuration files.

all—Enables all SNMP configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

system

System files.

  • all—Enables all system files debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • id—Enables system ID debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • info—Enables system info debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • init—Enables system init debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

transfer

File transfer. Set level between 0 and 7, with 0 being severe and 7 being all.

user

User management.

  • all—Enables all user management debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

  • password-policy—Enables user management debug output for password-policy. Set level between 0 and 7, with 0 being severe and 7 being all.

utils

Utilities configuration files.

all—Enables all utilities configuration debug output. Set level between 0 and 7, with 0 being severe and 7 being all.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Use the debug command to identify various failures within the Prime Infrastructure server; for example, setup failures or configuration failures.

Examples


ncs/admin# debug all
ncs/admin# mkdir disk:/1
ncs/admin# 6 [15347]: utils: vsh_root_stubs.c[2742] [admin]: mkdir operation success

ncs/admin# rmdir disk:/1
6 [15351]: utils: vsh_root_stubs.c[2601] [admin]: Invoked Remove Directory disk:/1 command
6 [15351]: utils: vsh_root_stubs.c[2663] [admin]: Remove Directory operation success
ncs/admin#

ncs/admin# undebug all
ncs/admin#

delete

To delete a file from the Prime Infrastructure server, use the delete command in EXEC mode. There is no no form of this command.

delete filename [disk:/path]

Syntax Description

filename

Filename.

disk:/path

Location.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

If you attempt to delete the configuration file or image, the system prompts you to confirm the deletion. Also, if you attempt to delete the last valid system image, the system prompts you to confirm the deletion.

Examples


ncs/admin# delete disk:/hs_err_pid19962.log
ncs/admin#

dir

To list a file from the Prime Infrastructure server, use the dir command in EXEC mode. To remove this function, use the no form of this command.

dir [word][recursive]

Syntax Description

word

Directory name. Up to 80 alphanumeric characters. Requires disk:/ preceding the directory name.

recursive

Lists a local directory or filename recursively.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

pi-system/admin# dir
Directory of disk:/
 8957994151 Jan 28 04:11:35 2020 \
pi-system-284-200126-0334__VER3.8.0.0.284_BKSZ24G_CPU4_MEM3G_RAM11G_SWAP15G_APP_CK4209384478.tar.gpg
    2624272 Nov 13 2018 19:02:22  ADElogs.tar.gz
         20 Nov 09 2018 12:37:50  crash
       4096 Nov 14 2018 03:44:47  defaultRepo/
       4096 Nov 09 2018 18:40:04  ftp/
      16384 Nov 09 2018 05:28:27  lost+found/
       4096 Nov 10 2018 02:15:10  sftp/
       4096 Nov 09 2018 12:36:08  ssh/
       4096 Nov 09 2018 12:36:08  telnet/
       4096 Nov 13 2018 21:00:47  tftp/
           Usage for disk: filesystem 
                15534272512 bytes total used
                28416839680 bytes free
                46310408192 bytes available

exit

To close an active terminal session by logging out of the Prime Infrastructure server or to move up one mode level from configuration mode, use the exit command in EXEC mode.

exit

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Use the exit command in EXEC mode to exit an active session (log out of the Prime Infrastructure server) or to move up from configuration mode.

Examples

pi-system/admin# exit
Connection closing...Socket close.
Connection closed by foreign host.
Disconnected from remote host(10.197.71.160:22) at 10:51:43.

forceout

To force users out of an active terminal session by logging them out of the Prime Infrastructure server, use the forceout command in EXEC mode.

forceout username

Syntax Description

username

The name of the user. Up to 31 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


ncs/admin# forceout user1
ncs/admin#

halt

To shut down and power off the system, use the halt command in EXEC mode.

halt

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Before you enter the halt command, ensure that the Prime Infrastructure is not performing any backup, restore, installation, upgrade, or remove operation. If you enter the halt command while the Prime Infrastructure is performing any of these operations, you will get one of the following warning messages:


WARNING: A backup or restore is currently in progress! Continue with halt?

WARNING: An install/upgrade/remove is currently in progress! Continue with halt?

If you get any of these warnings, enter YEs to halt the operation, or enter NO to cancel the halt.

If no processes are running when you use the halt command or if you enter Yes in response to the warning message displayed, the Prime Infrastructure asks you to respond to the following option:


Do you want to save the current configuration ?

Enter YES to save the existing Prime Infrastructure configuration. The Prime Infrastructure displays the following message:


Saved the running configuration to startup successfully

Examples


pi-system/admin# halt
Save the current ADE-OS running configuration? (yes/no) [yes] ? yes
Generating configuration...
Saved the ADE-OS running configuration to startup successfully
Continue with shutdown? [y/n] y
Broadcast message from root (pts/0) (Wed May  5 18:37:02 2010):
The system is going down for system halt NOW!
Server is shutting down...

lms

To migrate data from lms server to PI server, use lms command in EXEC mode.

lms migrate repository repository-name

Syntax Description

repository-name

Name of the PI repository.

Command Default

No default values or behaviour.

Command Modes

EXEC

Examples

pi-cluster-160/admin# lms migrate repository test
Repository name : test
Initiating LMS data restore .  Please wait...
INFO: no staging url defined, using local space.
LMS Migration Normal Flow Started : == true
INFO: Backup Status :  SUCCESS

Enter the password to unlock the zip file : *********
INFO: Password validation successful.
Enter the Cisco Prime Infrastructure Login Username : root
Enter the Cisco Prime Infrastructure Login Password : *********  (here roZes123)
HTTPS port used is 443
Connecting to The Server...
Login success.
Updating the credentials...
The following data types are available in the given exported data.
Choose an option using comma separated values to migrate. 
        1 network
        2 settings
        3 All of the above
        Enter an option or comma-separated options :3
3
Checking for all option ...
Updating the downloading files list ... 
Started downloading the files to import from repository ...

mkdir

To create a new directory on the Prime Infrastructure server, use the mkdir command in EXEC mode.

mkdir directory-name [disk:/path]

Syntax Description

directory-name

The name of the directory to create. Up to 80 alphanumeric characters.

disk:/path

Use disk:/path with the directory name.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Use disk :/path with the directory name; otherwise, an error appears that indicates that the disk :/path must be included.

Examples


ncs/admin# mkdir disk:/test
ncs/admin# dir

Directory of disk:/

       4096 May 06 2010 13:34:49  activemq-data/
       4096 May 06 2010 13:40:59  logs/
      16384 Mar 01 2010 16:07:27  lost+found/
       4096 May 06 2010 13:42:53  target/
       4096 May 07 2010 12:26:04  test/

           Usage for disk: filesystem
                  181067776 bytes total used
                19084521472 bytes free
                20314165248 bytes available
ncs/admin#

ncs run client-auth

You can enable client certificate authentication on your Prime Infrastructure application using ncs run client-auth command.

ncs run client-auth enable

ncs run client-auth disable

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

pi-system-117/admin# ncs run client-auth enable

WARNING :

This feature requires the CA certificate to be installed on the system.
Please use the command 'ncs key importcacert ..." to
import the certificate of the CA used to sign the client certificates.
Ignore this warning if the CA certificate is already installed.

Use the 'disable' option of this command, to disable client authentication,
if not required.

client_auth status : enabled
pi-system-117/admin#

pi-system-117/admin# ncs run client-auth disable
client_auth status : disabled
pi-system-117/admin#

ncs run list

To display the list of commands associated with NCS, use ncs run list command in EXEC mode.

ncs run list

Command Default

No default behavior or arguments

Command Modes

EXEC

Examples

pi-system/admin# ncs run list
commands :
  list - prints this list

  test iops - tests the disk write performance
  reset [db|keys] - reset database and keys to default factory settings

  csrf [disable|enable] - enable or disable CSRF protection
  client-auth [disable|enable] - enable or disable client certificate based authentication
  jms [disable|enable] - enable or disable message bus connectivity (port 61617)

  sshclient-nonfips-ciphers [disable|enable] - enable or disable non fips compliant ciphers for outgoing ssh client connections to devices
  ssh-server-legacy-algorithms [disable|enable] - enable or disable legacy algorithms for SSH service. 
  tls-server-versions <tls_versions> - set the TLS versions to be enabled for TLS service  - TLSv1.2 TLSv1.1 TLSv1
  tls-server-ciphers <tls_cipher_groups> - set the TLS cipher group to be enabled  for TLS service - tls-ecdhe-sha2 tls-ecdhe-sha1 tls-dhe-sha2 tls-dhe-sha1 tls-static-sha2 tls-static-sha1
  livelogs [all|secure|ade|messages] - view live audit logs
  loghistory [all|secure|ade|messages] - view audit logs
  firewall [-block|-unblock|-list] - block and unblock source ip address

ncs run test iops

To test and view details of the input output operations on your Prime Infrastructure, use ncs run test iops command in EXEC mode.

ncs run test iops

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


pi-242/admin# ncs run test iops
Testing disk write speed ...
8388608+0 records in
8388608+0 records out
8589934592 bytes (8.6 GB) copied, 33.4561 s, 257 MB/s

ncs run reset

You can use ncs run reset command to delete all private keys from your Prime Infrastructure server and to clean a corrupted Database. Resetting the DB clears all existing data and replaces it with empty data.

ncs run reset { db | keys }

Syntax Description

db

Resets DB wth empty data.

keys

Deletes all private keys from Prime Infrastructure server.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


pi-system-160/admin# ncs run reset db
 ********************* Warning *********************
This script will delete the existing data in database (network data) and reset
database to default factory settings.
Do you want to proceed [yes/no] [no]? yes
Stopping Prime Infrastructure...
This may take a few minutes...
Prime Infrastructure successfully shutdown.
Stopping SAM daemon...
Checking for SAM daemon again ...
SAM Daemon not found...
Stopping DA daemon ...
Checking for DA daemon again ...
DA Daemon not found...
Completed shutdown of all services
Listener wcstns is down.
Listener already stopped.
Database is already stopped. Cannot stop again.
This script is intended to run database configuration utilities
to provision and create the embedded database
Running database network config assistant tool (netca)...
Running oracle ZIP DB creation script...
configuring Oracle memory size
Running standby database creation script...
currentState is ... 
sid being set wcs
SQL*Plus: Release 12.1.0.2.0 Production on Wed Nov 14 11:25:18 2018
Copyright (c) 1982, 2014, Oracle.  All rights reserved.
Connected to an idle instance.
SQL> ORACLE instance started.
Total System Global Area 2147483648 bytes
Fixed Size                  2926472 bytes
Variable Size            1023412344 bytes
Database Buffers         1107296256 bytes
Redo Buffers               13848576 bytes
Database mounted.
Database opened.
SQL> 
User altered.
SQL> Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> Disconnected from Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 -  \
64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
SQL*Plus: Release 12.1.0.2.0 Production on Wed Nov 14 11:25:52 2018
Copyright (c) 1982, 2014, Oracle.  All rights reserved.
Connected to an idle instance.
SQL> ORACLE instance started.
Total System Global Area 1287651328 bytes
Fixed Size                  2934984 bytes
Variable Size             331351864 bytes
Database Buffers          947912704 bytes
Redo Buffers                5451776 bytes
Database mounted.
Database opened.
SQL> 
User altered.
SQL> Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> Disconnected from Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 -  \
64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
Listener wcstns is up
Database is already stopped. Cannot stop again.
INFO: reset db command executed successfully. Please restore the system data from a \
backup file

Examples

This example shows how to delete all private keys in Prime Infrastructure server:

pi-system-61/admin# ncs run reset keys
This will delete all the private keys and may impact webserver, SSH service etc.
Do you want to proceed [yes/no] [no]? yes

ncs run csrf

The cross-site request forgery check can be disabled (not recommended). The CLI provided only for backward compatibility with API clients which are not programmed for CSRF protection. For CSRF protection, this option should be enabled using the following command.

ncs run csrf enable

To disable, use the following command:

ncs run csrf disable

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


pi-cluster-93/admin# ncs run csrf enable


pi-cluster-93/admin# ncs run csrf disable

ncs run livelogs

You can run ncs run livelogs command to view live audit logs.

ncs run livelogs { all | secure | ade | messages }

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

pi-system-120/admin# ncs run livelogs
***Available filter options to limit logs - all  secure ade messages***
************Press Ctrl+C for stop logging*****************
2018-02-28T01:48:39.407787+05:30 pi-system-120 sshd[10309]: pam_unix(sshd:session): \
session closed for user admin
2018-02-28T01:50:14.109435+05:30 pi-system-120 sshd[32038]:                         \
pam_tally2(sshd:account): option unlock_time=60 allowed in auth phase only
2018-02-28T01:50:14.109456+05:30 pi-system-120 sshd[32038]:                         \
pam_tally2(sshd:account): unknown option: no_reset
2018-02-28T01:50:14.112152+05:30 pi-system-120 sshd[32038]: pam_unix(sshd:session): \
session opened for user admin by (uid=0)
2018-02-28T02:00:57.499844+05:30 pi-system-120 sshd[32038]: pam_unix(sshd:session): \
session closed for user admin
2018-02-28T02:04:28.870085+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-28T02:04:28.976462+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-28T02:21:30.485537+05:30 pi-system-120 sshd[6381]:                          \
pam_tally2(sshd:account): option unlock_time=60 allowed in auth phase only
2018-02-28T02:21:30.485556+05:30 pi-system-120 sshd[6381]:                          \
pam_tally2(sshd:account): unknown option: no_reset
2018-02-28T02:21:30.488589+05:30 pi-system-120 sshd[6381]: pam_unix(sshd:session):  \
session opened for user admin by (uid=0)

2018-02-28T02:25:04.370446+05:30 pi-system-120 debugd[3229]: [7471]:                \
config:network: sysconfig.c[1116] [admin]: Getting ipaddress for eth1
2018-02-28T02:25:04.377607+05:30 pi-system-120 debugd[3229]: [7471]:                \
config:network: syscfg_cli.c[1098] [admin]: No ipaddress for interface eth1
2018-02-28T02:25:04.384642+05:30 pi-system-120 ADEOSShell[7471]: Change Audit       \
Details:SUCCESS:CARS                                                                \
CLI:carsGetIfState::root:/opt/system/bin/carssh:NotFromTerminal:5: 
2018-02-28T02:25:04.384720+05:30 pi-system-120 debugd[3229]: [7471]:                \
config:network: syscfg_cli.c[1105] [admin]: Interface eth1 is down
2018-02-28T02:25:04.384777+05:30 pi-system-120 debugd[3229]: [7471]:                \
config:network: syscfg_cli.c[1011] [admin]: Getting dhcpv6 enabled for eth1
2018-02-28T02:25:04.405866+05:30 pi-system-120 ADEOSShell[7471]: Change Audit       \
Details:SUCCESS:CARS                                                                \
CLI:carsGetNameserver::root:/opt/system/bin/carssh:NotFromTerminal:6: 
2018-02-28T02:25:04.412912+05:30 pi-system-120 ADEOSShell[7471]: Change Audit       \
Details:SUCCESS:CARS                                                                \
CLI:carsGetNameserver::root:/opt/system/bin/carssh:NotFromTerminal:7: 
2018-02-28T02:25:04.420049+05:30 pi-system-120 ADEOSShell[7471]: Change Audit       \
Details:SUCCESS:CARS                                                                \
CLI:carsGetNameserver::root:/opt/system/bin/carssh:NotFromTerminal:8: 
2018-02-28T02:25:04.427224+05:30 pi-system-120 ADEOSShell[7471]: Change Audit       \
Details:SUCCESS:CARS                                                                \
CLI:carsGetGateway::root:/opt/system/bin/carssh:NotFromTerminal:9: 
2018-02-28T02:28:16.411167+05:30 pi-system-120 ADEOSShell[8312]: Change Audit       \
Details:SUCCESS:CARS CLI:run_command::root:/opt/system/bin/carssh:/dev/pts/1:1: 

2018-02-28T02:21:25.649026+05:30 pi-system-120 sshd[6381]: Operating in CiscoSSL    \
Common Criteria mode
2018-02-28T02:21:25.654950+05:30 pi-system-120 sshd[6381]: FIPS mode initialized
2018-02-28T02:21:25.806409+05:30 pi-system-120 sshd[6381]: Outbound-ReKey for       \
10.77.144.125:16285 [preauth]
2018-02-28T02:21:25.889051+05:30 pi-system-120 sshd[6381]: Inbound-ReKey for        \
10.77.144.125:16285 [preauth]
2018-02-28T02:21:30.487757+05:30 pi-system-120 sshd[6381]: Accepted password for    \
admin from 10.77.144.125 port 16285 ssh2
2018-02-28T02:21:30.490420+05:30 pi-system-120 sshd[6390]: Inbound-ReKey for        \
10.77.144.125:16285
2018-02-28T02:21:30.490437+05:30 pi-system-120 sshd[6390]: Outbound-ReKey for       \
10.77.144.125:16285
2018-02-28T02:21:32.124237+05:30 pi-system-120 rsyslogd: [origin                    \
software="rsyslogd" swVersion="5.8.10" x-pid="3216"                                 \
x-info="http://www.rsyslog.com ] rsyslogd was HUPed
2018-02-28T02:25:04.601075+05:30 pi-system-120 rsyslogd-2177: imuxsock begins to    \
drop messages from pid 3229 due to rate-limiting
2018-02-28T02:25:30.938945+05:30 pi-system-120 rsyslogd-2177: imuxsock lost 463     \
messages from pid 3229 due to rate-limiting
^CERROR: cmd '/opt/CSCOlumos/bin/run_command.sh livelogs' failed
pi-system-120/admin#

ncs run loghistory

You can run ncs run loghistory command to view a list of audit logs.

ncs run loghistory { all | secure | ade | messages }

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

pi-system-120/admin# ncs run loghistory
***Available filter options to limit logs - all  secure ade messages***
::::::::::::::
/var/log/secure
::::::::::::::
2018-02-25T04:22:03.091312+05:30 pi-system-120 passwd: pam_unix(passwd:chauthtok):  \
password changed for scpuser
2018-02-25T05:47:52.693460+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T05:47:52.746896+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T07:48:08.551061+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T07:48:08.607276+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T09:48:29.616066+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T09:48:29.675890+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T11:48:49.792055+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T11:48:49.845594+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T13:49:13.712070+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T13:49:13.764692+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T15:49:28.165108+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T15:49:28.231362+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T17:49:46.089296+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T17:49:46.143475+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T19:50:06.775083+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T19:50:06.828332+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T21:50:33.338183+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T21:50:33.393056+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-25T23:50:59.225069+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-25T23:50:59.278849+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-26T01:51:23.433628+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
opened for user oracle by (uid=0)
2018-02-26T01:52:00.541797+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
closed for user oracle
2018-02-26T01:52:00.582068+05:30 pi-system-120 su: pam_unix(su:session): session    \
opened for user oracle by (uid=0)
2018-02-26T01:52:00.635314+05:30 pi-system-120 su: pam_unix(su:session): session    \
closed for user oracle
2018-02-26T03:30:00.737839+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
opened for user oracle by (uid=0)
2018-02-26T03:30:01.308384+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
closed for user oracle
2018-02-26T03:30:01.318405+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
opened for user oracle by (uid=0)
2018-02-26T03:30:01.373111+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
closed for user oracle
2018-02-26T03:30:01.411957+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
opened for user oracle by (uid=0)
2018-02-26T03:30:03.176254+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
closed for user oracle
2018-02-26T03:30:03.196829+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
opened for user oracle by (uid=0)
2018-02-26T03:30:03.252549+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
closed for user oracle
2018-02-26T03:30:06.105604+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
opened for user oracle by (uid=0)
2018-02-26T03:30:07.126919+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
closed for user oracle
2018-02-26T03:30:07.131747+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
opened for user oracle by (uid=0)
2018-02-26T03:30:14.916295+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
closed for user oracle
2018-02-26T03:30:14.923602+05:30 pi-system-120 su: pam_unix(su-l:session): session  \
opened for user oracle by (uid=0)
pi-system-120/admin#

ncs run ssh-server-legacy-algorithms

You can enable or disable ssh server legacy algorithms using ncs run ssh-server-legacy-algorithms command in EXEC mode.

ncs run ssh-server-legacy-algorithms { enable | disable }

Syntax Description

enable

Enables ssh server legacy algorithms.

disable

Disables ssh server legacy algorithms.

Command Default

Default mode is enable.

EXEC

Examples

pi-system-90/admin#  ncs run ssh-server-legacy-algorithms enable
 
Enabling legacy algorithms for SSH service...
KexAlgorithms  : diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group18-sha512,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
MACs           : hmac-sha2-512,hmac-sha2-256,hmac-sha1
Ciphers        : aes128-gcm@openssh.com,aes128-ctr,chacha20-poly1305@openssh.com,aes256-ctr,aes256-gcm@openssh.com,aes192-ctr,3des-cbc,aes128-cbc,aes256-cbc
 
Restarting sshd (via systemctl): 

ncs run tls-server-versions

To set the TLS (Transport Layer Security) version, use ncs run tls-server-versions command in EXEC mode.

ncs run tls-server-version <TLS version>

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

The following example illustrates the use of the ncs run set-tls-versionscommand:

pi-system-168/admin# ncs run tls-server-versions TLSv1 TLSv1.1 TLSv1.2
Enabled TLS version are - TLSv1,TLSv1.1,TLSv1.2
Restart is required for the changes to take effect
pi-system-168/admin#

Warning

Running this command requires an immediate software restart. It is suggested you perform a failover and failback so that changes are reflected in both primary and secondary servers.

ncs start

To start the Prime Infrastructure server, use the ncs start command.

ncs start [verbose]

Syntax Description

verbose

Displays the detailed messages during the start process.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

To see the messages in the console, use the ncs start verbose command.

Examples

This example shows how to start the server:

Examples


pi-common-133/admin# ncs start verbose

Starting Prime Infrastructure...

Reporting Server Heap size = 4096m
XMP Server Heap size = 6656m
Starting Health Monitor
 
Starting Health Monitor as a primary
Checking for Port 8082 availability... OK
CERT MATCHED :
Updating web server configuration file ...
Starting Health Montior Web Server...
Health Monitor Web Server Started.
Setting UID to 499:110
UID set to 499:110
Starting Health Monitor Server...
Health Monitor Server Started.
Database server started for instance : wcs

Processing Service Name: Database
Database is already running.

Processing Service Name: FTP Service

Processing Service Name: TFTP Service

Processing Service Name: Matlab
FTP Service is disabled.

Processing Service Name: Matlab1
Starting Remoting Service: Matlab Server

Processing Service Name: Matlab2

Processing Service Name: NMS Server
Starting Remoting Service: Matlab Server Instance 1
Starting Remoting Service: Matlab Server Instance 2
Checking /tmp/remoting_launchout_Matlab1.lock...
Checking /tmp/remoting_launchout_Matlab.lock...
Checking /tmp/remoting_launchout_Matlab2.lock...
Executing startRemoting for Matlab2 ...
Executing startRemoting for Matlab1 ...
Executing startRemoting for Matlab ...
DEPENDENCY CHECK: Database
DB scheme update process starting..
DB scheme update process finished.
Starting NMS Server
Started TFTP Service
/opt/CSCOlumos/classloader-conf:/opt/CSCOlumos/lib/xmp/XMPClassLoader-11.0.1.jar
 
Checking for running servers.
  Checking if DECAP is running.
  00:00 DECAP is not running.
00:00 Check complete. No servers running.
Unable to initialize com.mathworks.mwswing.MJStartup
Matlab pid = 9696
system property before init instance: null
Starting Remoting Instance: Matlab Server
Checking for Port 10555 availability... OK
Starting Remoting Service Web Server Matlab Server...
Warning: MATLAB does not support bit depths less than or equal to 8.
Figure windows may not be usable
Warning: latest version of matlab app-defaults file not found.
Contact your system administrator to have this file installed
Warning: Duplicate directory name: /opt/CSCOlumos/matlab/toolbox/compiler. 
Remoting Service Web Server Matlab Server Started.
Starting Remoting Service Matlab Server...
Remoting 'Matlab Server' started successfully.
Unable to initialize com.mathworks.mwswing.MJStartup
Matlab1 pid = 9692
system property before init instance: null
Starting Remoting Instance: Matlab Server Instance 1
Checking for Port 10755 availability... OK
Starting Remoting Service Web Server Matlab Server Instance 1...
Warning: MATLAB does not support bit depths less than or equal to 8.
Figure windows may not be usable
Warning: latest version of matlab app-defaults file not found.
Contact your system administrator to have this file installed
Warning: Duplicate directory name: /opt/CSCOlumos/matlab/toolbox/compiler. 
Remoting Service Web Server Matlab Server Instance 1 Started.
Starting Remoting Service Matlab Server Instance 1...
  00:09 DECAP setup complete.
Started executing compliance_db_set_up.sh Input = checkAndCreatePariTableOnSID
Remoting 'Matlab Server Instance 1' started successfully.
No Pari table creation needed on SID wcs
Setting/Clearing remote database parameters
Done waiting DB initialization
_outputHdlr check:log4j:WARN No appenders could be found for logger                 \
(com.cisco.ciscossl.provider.ciscojce.CiscoJCENativeCrypto).
Starting SAM daemon...
Done.
Done. Setting/Clearing remote database parameters
Starting DA daemon...
Starting Server ... 
DASH_HOME = /opt/CSCOlumos/compliance
NCCMHOME = /opt/CSCOlumos/compliance
Asia/Kolkata
Starting NCCM server with Java memory 1024
Unable to initialize com.mathworks.mwswing.MJStartup
Matlab2 pid = 9693
system property before init instance: null
Starting Remoting Instance: Matlab Server Instance 2
Checking for Port 10756 availability... OK
Starting Remoting Service Web Server Matlab Server Instance 2...
Warning: MATLAB does not support bit depths less than or equal to 8.
Figure windows may not be usable
Warning: latest version of matlab app-defaults file not found.
Contact your system administrator to have this file installed
Warning: Duplicate directory name: /opt/CSCOlumos/matlab/toolbox/compiler. 
Remoting Service Web Server Matlab Server Instance 2 Started.
Starting Remoting Service Matlab Server Instance 2...
Remoting 'Matlab Server Instance 2' started successfully.
Creating Application Context
Attempt 1: checking /opt/CSCOlumos/logs/remotingMatlab1-0-0.log and                 \
/opt/CSCOlumos/logs/remoting_launchout_Matlab1.log whether Remoting Service Web     \
Server Matlab.* Started.
Detected: /opt/CSCOlumos/logs/remotingMatlab1-0-0.log:02/28/18 01:21:27.147 INFO    \
[system] [main] Remoting Service Web Server Matlab Server Instance 1 Started.
/opt/CSCOlumos/logs/remoting_launchout_Matlab1.log:Remoting Service Web Server      \
Matlab Server Instance 1 Started.
Completed launchout Matlab1 as 9692
Attempt 1: checking /opt/CSCOlumos/logs/remotingMatlab-0-0.log and                  \
/opt/CSCOlumos/logs/remoting_launchout_Matlab.log whether Remoting Service Web      \
Server Matlab.* Started.
Detected: /opt/CSCOlumos/logs/remotingMatlab-0-0.log:02/28/18 01:21:21.247 INFO     \
[system] [main] Remoting Service Web Server Matlab Server Started.
/opt/CSCOlumos/logs/remoting_launchout_Matlab.log:Remoting Service Web Server       \
Matlab Server Started.
Completed launchout Matlab as 9696
Attempt 1: checking /opt/CSCOlumos/logs/remotingMatlab2-0-0.log and                 \
/opt/CSCOlumos/logs/remoting_launchout_Matlab2.log whether Remoting Service Web     \
Server Matlab.* Started.
Detected: /opt/CSCOlumos/logs/remotingMatlab2-0-0.log:02/28/18 01:21:37.344 INFO    \
[system] [main] Remoting Service Web Server Matlab Server Instance 2 Started.
/opt/CSCOlumos/logs/remoting_launchout_Matlab2.log:Remoting Service Web Server      \
Matlab Server Instance 2 Started.
Completed launchout Matlab2 as 9693
Starting servlet container.
NMS Server started successfully

Processing Service Name: Compliance engine
Compliance Engine is enabled in this server 
Compliance engine is already running.
Invoked post init hook - com.cisco.ifm.telemetry.config.UpdateProxyInitHook@5d67dec7

Prime Infrastructure started successfully.
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
Completed in 577 seconds
pi-common-133/admin#

Examples

pi-system-120/admin# ncs start
Starting Prime Infrastructure...
This may take a while (10 minutes or more) ...
_outputHdlr check:log4j:WARN No appenders could be found for logger                 \
(com.cisco.ciscossl.provider.ciscojce.CiscoJCENativeCrypto).
Prime Infrastructure started successfully.
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
Completed in 490 seconds
pi-system-120/admin#

ncs status

To display the Prime Infrastructure server status, use the ncs status command in EXEC mode.

ncs status

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

This example shows how to display the status of the server:


pi-system-117/admin# ncs status
Health Monitor Server is running. ( [Role] Primary [State] HA not Configured )
Database server is running
FTP Service is running
TFTP Service is running
Matlab Server is running
Matlab Server Instance 1 is running
NMS Server is running.
Coral Service is running.
WSA Service is running.
SAM Daemon is running ...
DA Daemon is running ...

ncs stop

To stop the Prime Infrastructure server, use the ncs stop command in EXEC mode. To see the detailed messages, use the ncs stop verbose command.

ncs stop [verbose]

Syntax Description

verbose

Displays the detailed messages during the stop process.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

To see the detailed messages, use the ncs stop verbose command.

Examples

This example shows how to stop the Prime Infrastructure server:

pi-system-120/admin# ncs stop
Stopping Prime Infrastructure...
This may take a few minutes...
Database is not running.
FTP Service is not running.
TFTP Service is not running.
Matlab is not running.
Matlab1 is not running.
Matlab2 is not running.
Matlab3 is not running.
NMS Server is not running!.
Compliance engine is not running!.
Prime Infrastructure successfully shutdown.
log4j:WARN No appenders could be found for logger                                   \
(com.cisco.ciscossl.provider.ciscojce.CiscoJCENativeCrypto).
log4j:WARN Please initialize the log4j system properly.
Stopping SAM daemon...
Checking for SAM daemon again ...
SAM Daemon not found...
Stopping DA daemon ...
Checking for DA daemon again ...
DA Daemon not found...
Compliance engine stopped
Completed shutdown of all services
pi-system-120/admin#

Examples

pi-common-133/admin# ncs stop verbose
Stopping Prime Infrastructure...

Status:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
ServerStartupStatus:Creating
Starting servlet container.
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
ServerStartupStatus:Starting
NMS Server started successfully

Processing Service Name: Compliance engine
In startService - serviceType:
In startService - serviceName:Compliance engine

Processing Service Name: WSA Service
In startService - serviceType:processScript
In startService - serviceName:WSA Service
Starting the script....wsa_admin.sh
Completed the script....wsa_admin.sh start & Exit value : 0
Invoked post init hook - com.cisco.ifm.telemetry.config.UpdateProxyInitHook@5db6148e
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
ServerStartupStatus:Invoked
Processing post upgrade hook -                                                      \
com.cisco.xmp.data.contributions.SecurityContributionsPostUpgradeHook@2a85fe24
ServerStartupStatus:Processing
Processing post upgrade hook -                                                      \
com.cisco.ifm.grouping.service.portgrouping.PortGroupHierarchyChangeUpgradeHook@43f8\
0236
ServerStartupStatus:Processing
Started
ServerStartupStatus:Started
19:45 Server started.
Done
Stopping NMS Server
Stopping XMP .Stopping SAM daemon...
Checking for SAM daemon again ...
Found SAM daemon ...
Stopping SAM daemon ...
Stopping DA daemon ...
Checking for DA daemon again ...
Found DA daemon ...
Stopping DA daemon ...
NMS Server successfully shutdown.
Shutting down database server ...
Database Instance Name = wcs
Database 'wcs' Role = PRIMARY
Listener is not running.
Database server is not running.
Stopped FTP Service
Stopped TFTP Service
Stopping remoting: Matlab Server
Remoting 'Matlab Server' stopped successfully.
Stopping remoting: Matlab Server Instance 1
Remoting 'Matlab Server Instance 1' stopped successfully.
NMS Server is not running!.
Stopping Tomcat...
Tomcat Stopped.

Prime Infrastructure successfully shutdown.

Stopping SAM daemon...
Checking for SAM daemon again ...
SAM Daemon not found...
Stopping DA daemon ...
Checking for DA daemon again ...
DA Daemon not found...
Completed shutdown of all services

ncs run tls-server-ciphers

You can enable a TLS cipher group using ncs run tls-server-ciphers command in EXEC mode.

ncs run tls-server-ciphers { tls-ecdhe-sha2 | tls-ecdhe-sha1 | tls-dhe-sha2 | tls-dhe-sha1 | tls-static-sha2 | tls-static-sha1}

Syntax Description

tls-ecdhe-sha2

Refers to tls cipher group, ecdhe sha2

tls-ecdhe-sha1

Refers to tls cipher group, ecdhe sha1

tls-dhe-sha2

Refers to tls cipher group, dhe sha2

tls-dhe-sha1

Refers to tls cipher group, dhe sha1

tls-static-sha2

Refers to tls cipher group, static sha2

tls-static-sha1

Refers to tls cipher group, static sha1

Command Default

The default cipher group is tls-ecdhe-sha2

EXEC

Examples

pi/admin# ncs run tls-server-ciphers tls-ecdhe-sha1

Enabled TLS cipher groups are - tls-ecdhe-sha1

Restart is required for the changes to take effect

ncs password ftpuser

To change the FTP username and password, use the ncs password ftpuser command in EXEC mode.


Note

The value for ftpuser in the above command should always be set to ftp-user.

After you enable the ftp-user, you can FTP files to and from the /localdisk/ftp folder on standalone or, if configured, High Availability primary servers only. You cannot use change directory (cd) or list directory (ls) functionality with ftp-user.

ncs passwod ftpuser ftp-user password password

Syntax Description

ftp-user

The FTP user name

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

This example shows how to change the FTP username and password:


pi-system-65/admin# ncs password ftpuser ftp-user password Password123
Updating FTP password
Saving FTP account password in credential store
Synching FTP account passwd to database store - location-ftp-user
Synching FTP account password to system store
Completed FTP password update
pi-system-65/admin#
 

ncs password root password

To change the root password, use the ncs password root password command in EXEC mode.

ncs password root password userpassword

Syntax Description

userpassword

Password for the root user.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Prime Infrastructure

This example shows how to migrate archived files to server:


pi-systems/admin# ncs password root password Userpassword
Password updated for web root user
pi-systems/admin#

ncs ha authkey

To enter the authentication key for high availability (HA), use the ncs ha authkey command in EXEC mode.

ncs ha authkey authorization key

Syntax Description

authorization key

The authorization key for high availability. Up to 81 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

The ncs ha authkey command changes the authorization for the health monitor.

Examples

This example shows how to set up the authorization key for high availability:

pi-system/admin#ncs ha authkey cisco123
Going to update primary authentication key
Successfully updated primary authentication key
Successfully intimated  Primary updated  authentication key to Secondary Server
pi-system/admin#

ncs ha remove

To remove the high availability configuration settings from Prime Infrastructure, use the ncs ha remove command in EXEC mode.

ncs ha remove

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

The ncs ha remove command removes the high availability configuration settings from Prime Infrastructure. If you enter this command, you will see the following confirmation message:

High availability configuration will be removed.
Do you wish to continue? (Y/N)

Examples



pi-system/admin# ncs ha remove
High availability configuration will be removed
Do you wish to continue? (y/N)  y

Removing primary configuration will remove all database information
Primary is attempting to remove high availability configuration from both primary    \
and secondary
Successfully removed high availability configuration
pi-system/admin# 

ncs ha status

To display the current status of high availability (HA), use the ncs ha status command in EXEC mode.

ncs ha status

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Displays the current status of HA.

If you enter the ncs ha status command when HA is not configured, you will see the following response:

[State] Stand Alone

Examples



pi-system/admin# ncs ha status
[Role] Primary [State] HA not Configured
pi-systems/admin#

In Primary server:



pi-system/admin# ncs ha status
[Role] Primary [Secondary Server] 10.197.71.162(10.197.71.162) [State] Primary       
Active [Failover Type] Automatic
pi-system/admin#

In Secondary server:



pi-system/admin# ncs ha status
[Role] Secondary [Primary Server] pi-system-161(10.197.71.161) [State] Secondary     
Syncing [Failover Type] Automatic
pi-system/admin#

ncs key genkey

To generate a new RSA key and self-signed certificate, use the ncs key genkey command. You can use this command in the following ways:

ncs key genkey -newdn -csr csrfilename repository repositoryname

Syntax Description

genkey

Generates a new RSA key and self-signed certificate. You can use the following options with this command:

-csr: Generate Certificate Signing Request(CSR) file

-newdn: Generate new RSA key and self-signed certificate with domain information

<cr>: Carriage return.

-newdn

Generates a new RSA key and self-signed cert with domain information. You can use the following options with this command:

-csr: Generate Certificate Signing Request(CSR) file

<cr>: Carriage return.

-csr

Generates new CSR certificate file. You can use the following option with this command:

<WORD>: Type in certificate file name (Max Size - 80)

csrfilename

CSR filename.

repository

Repository command. This option is available when you use the -csr option.

repositoryname

Location where the files should be backed up to. Up to 80 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

This example shows how to generate new rsa key and certificate files in the Prime Infrastructure server:

pi-cluster-88/admin# ncs key genkey -newdn -csr test.csr repository defaultRepo

Changes will take affect on the next server restart
  Enter the fully qualified domain name of the server !!!!: pi-cluster-88.cisco.com
  Enter the name of your organization unit !!!!!!!!!!!!!!!: cisco      
  Enter the name of your organization !!!!!!!!!!!!!!!!!!!!: hcl          
  Enter the name of your city or locality !!!!!!!!!!!!!!!!: chennai
  Enter the name of your state or province !!!!!!!!!!!!!!!: tn  
  Enter the two letter code for your country !!!!!!!!!!!!!: US
    Specify subject alternate names. 
    If none specified, CN will be used.
  Use comma seperated list - DNS:<name>,IP:<address> !!!!!:                         \
DNS:pi-cluster-88.cisco.com,IP:10.126.168.88

  Specify the public key algorithm [rsa/ec] !!!!!!!!!!!!!!: rsa
  Specify the RSA key size [2048/4096/8192] !!!!!!!!!!!!!!: 4096
  Specify the signature algorithm [sha256/sha512] !!!!!!!!: sha256

Key and CSR/Certificate will be generated with following details
  Subject                :                                                          \
/C=US/ST=tn/L=chennai/O=hcl/OU=cisco/CN=pi-cluster-88.cisco.com
  Subject Alternate Name : DNS:pi-cluster-88.cisco.com,IP:10.126.168.88
  Public Key Alg         : rsa, 4096
  Signature Alg          : sha256

Continue [yes] : yes
Generating...
Completed generating new key...Changes will take affect on the next server restart
Note: You can provide comma separated list of FQDN and IP of PI servers where you want to import the same certificate received from CA.
To import same CA in other server, you need to import the key from the server where you generate CSR and them import the CA certiifcates.

Note

You will get csr file generated in location where repository is pointing. Use that csr file get CA certificate or signed certificate from any CA agent.


ncs key importkey

To apply an RSA key and signed certificate to the Prime Infrastructure, use the ncs key importkey command in EXEC mode.

To export key:

ncs key exportkey key-filename cert-filename repository repositoryname

To import key:

ncs key importkey key-filename cert-filename repository repositoryname

Syntax Description

key-filename

RSA private key file name.

cert-filename

Certificate file name.

repository

Repository command

repositoryname

The repository name configured in the Prime Infrastructure where the key-file and cert-file is hosted.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

This example shows how to apply the new RSA key and certificate files to the server.

ncs key exportkey private.key server.cer repository defaultRepo


ncs key importkey keyfile certfile repository ncs-sftp-repo

Note

After applying this command, enter the ncs stop and ncs start command to restart the server to make the changes take effect.


ncs key importsignedcert

To apply an RSA key and signed certificate, use the ncs key importsignedcert command EXEC mode.

ncs key importsignedcert signed-cert-filename repository repositoryname

Syntax Description

signed-cert-filename

Signed certificate filename.

repository

Repository command

repositoryname

The repository name configured in Prime Infrastructure where the key-file and cert-file is hosted.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

This example shows how to apply signed certificate files to the Prime Infrastructure server:


>	ncs key importsingedcert signed-certfile repository ncs-sftp-repo

Note

After applying this command, enter the ncs stop and the ncs start command to restart the Prime Infrastructure server to make changes take effect.


ncs certvalidation certificate-check

To enable or disable certificate validation, use ncs certvalidation certificate-check command in EXEC mode.

ncs certvalidation certificate-check { disable | enable | trust-on-first-use } trustzone trustzone_name

Syntax Description

disable

Disable certificate validation

enable

Enable certificate validation

trust-on-first-use

Trust and pin the host certificate on first use

trustzone_name

Name of the trustzone

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


pi-system/admin# ncs certvalidation certificate-check trust-on-first-use trustzone system


ncs certvalidation certificate-check enable trustzone system

ncs certvalidation custom-ocsp-responder

To configure a custom OCSP responder, use ncs certvalidation custom-ocsp-responder command in EXEC mode.

ncs certvalidation custom-ocsp-responder { clear url | disable | enable | set url }

Syntax Description

clear

Clear OCSP responder URL

disable

Disable custom OCSP responder

enable

Enable custom OCSP responder

set

Set OCSP responder URL

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

pi-system/admin# ncs certvalidation custom-ocsp-responder enable 
pi-system/admin# ncs certvalidation custom-ocsp-responder set url1 http://10.104.119.201
pi-system/admin# ncs certvalidation custom-ocsp-responder clear url1
pi-system/admin# ncs certvalidation custom-ocsp-responder disable

ncs certvalidation revocation-check

To enable or disable revocation check using OCSP or CRL, use ncs certvalidation revocation-check command in EXEC mode.

ncs certvalidation revocation-check { disable | enable } trustzone { devicemgmt | pubnet | system | user }

Syntax Description

disable

Disable certificate revocation

enable

Enable certificate revocation

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

pi-system/admin# ncs certvalidation revocation-check enable trustzone system 
pi-system/admin#

ncs certvalidation tofu-certs

To view and delete certificates trusted on first use, use ncs certvalidation tofu-certs command in EXEC mode.

ncs certvalidation tofu-certs { listcerts | deletecert host host_name }

Syntax Description

deletecert

Delete a trust-on-first-use cert for a host

listcerts

List certificates trusted on first use

trust-on-first-use

Trust and pin the host certificate on first use

trustzone_name

Name of the trustzone

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example 1: listcert

pi-system/admin# ncs certvalidation tofu-certs listcerts 
Host certificate are automatically added to this list on first connection, if
trust-on-first-use is configured - ncs certvalidation certificate-check ...
host=10.197.71.121_8082; subject= /C=US/ST=CA/L=SJ/O=Cisco Systems/OU=Prime Infra/CN=pi-system-121
pi-system/admin#

Example 2: deletecerts

pi-system/admin# ncs certvalidation tofu-certs deletecert host 10.197.71.121_8082
Deleted entry for 10.197.71.121_8082
pi-system/admin#

ncs certvalidation trusted-ca-store

To configure a trusted CA certificate store, use ncs certvalidation trusted-ca-store command in EXEC mode.

ncs certvalidation trusted-ca-store { auto-ca-update { enable | disable truststore truststore_name } | deletecacert alias { alias_name truststore truststore_name { devicemgmt | pubnet | system | user } } | importcacert alias alias_name repository repository_name truststore truststore_name | listcacerts truststore trustsore_name }

Syntax Description

auto-ca-update

Auto update list of trusted CA certs during software update

deletecacert

Enable certificate validation

importcacert

Import a certificate to the trust store

listcacerts

List all trusted CA certificates

truststore_name

Name of the truststore

devicemgmt

Trust store used for validating cert from managed devices

pubnet

Trust store used for validating cert from public internet

system

Trust store used for validating cert from other peer systems

user

Trust store used for validating cert for user login

Command Default

No default behavior or values.

Command Modes

Configuration

Examples

Example 1: auto-ca-upadate

pi-system/admin# ncs certvalidation trusted-ca-store auto-ca-update enable truststore system 
pi-system/admin# ncs certvalidation trusted-ca-store auto-ca-update disable truststore system 
pi-system/admin# 

Example 2: deletecacert

pi-system/admin# ncs certvalidation trusted-ca-store deletecacert alias quovadisroot truststore system 
Deleted CA certificate from trust store. Changes will take affect on the next server restart
pi-system/admin#

Example 3: importcacert

pi-system/admin# ncs certvalidation trusted-ca-store importcacert alias ALIAS repository defaultRepo prime.cer truststore system
Imported CA certificate to trust store. Changes will take affect on the next server restart
pi-system/admin#

Example 3: listcacert

pi-system/admin# ncs certvalidation trusted-ca-store listcacerts truststore pubnet
ciscoeccrootca, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): 52:EC:7D:BB:5C:65:11:DD:C1:C5:46:DB:BC:29:49:B5:AB:E9:D0:EE
ciscorootcam2, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): 93:3D:63:3A:4E:84:0D:A4:C2:8E:89:5D:90:0F:D3:11:88:86:F7:A3
ciscorootca2048, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): DE:99:0C:ED:99:E0:43:1F:60:ED:C3:93:7E:7C:D5:BF:0E:D9:E5:FA
ciscorootcam1, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): 45:AD:6B:B4:99:01:1B:B4:E8:4E:84:31:6A:81:C2:7D:89:EE:5C:E7
quovadisrootca2, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): CA:3A:FB:CF:12:40:36:4B:44:B2:16:20:88:80:48:39:19:93:7C:F7
ciscorootca2099, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): AC:1E:DE:2E:1C:97:0F:ED:3E:E8:5F:8C:3A:CF:E2:BA:C0:4A:13:76
ciscolicensingrootca, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): 5C:A9:5F:B6:E2:98:0E:C1:5A:FB:68:1B:BB:7E:62:B5:AD:3F:A8:B8
verisignclass3publicprimarycertificationauthorityg5, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): 4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5
ciscorxcr2, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): 2C:8A:FF:CE:96:64:30:BA:04:C0:4F:81:DD:4B:49:C7:1B:5B:81:A0
digicertglobalrootca, Nov 28, 2018, trustedCertEntry, 
Certificate fingerprint (SHA1): A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36
pi-system/admin#

ncs cleanup

To clean up the following data,below datafree up and reclaim the disk space, use the ncs cleanup command in EXEC mode.

  • Files under /opt/backup

  • *.m-n.logs, *.n.logs, *.log.n log files under /opt/CSCOlumos/logs

  • Regular files under /localdisk

  • .hprof file under opt/CSCOlumos/crash

  • Matlab*.log under /opt/tmp/

  • .trm and .trc files under /opt/oracle/base/diag/rdbms/*/*/trace

  • Older expired Archive logs and backup set under /opt/oracle/base/fast_recovery_area/WCS

ncs cleanup

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

When Prime Infrastructure does not have enough disk space, an alarm is raised to free up and reclaim the disk space. If you enter the ncs cleanup command, you will see the following confirmation message:
Do you want to delete all the files in the local disk partition? (Y/N)

Examples


pi-system-117/admin# ncs cleanup
Starting Cleanup: Wed Feb 28 01:50:44 IST 2019
===================================================
{Wed Aug 12 01:50:47 IST 2019} Removing all files in backup staging directory
{Wed Aug 12 01:50:47 IST 2019} Removing all Matlab core related files
 {Wed Aug 12 01:50:47 IST 2019} Removing all older log files
 {Wed Aug 12 01:50:47 IST 2019} Cleaning older archive logs
 {Wed Aug 12 01:51:03 IST 2019} Cleaning database backup and all archive logs
 {Wed Aug 12 01:51:03 IST 2019} Cleaning older database trace files
 {Wed Aug 12 01:51:03 IST 2019} Removing all user local disk files
 {Wed Aug 12 01:51:03 IST 2019} Cleaning database
{Wed Aug 12 01:51:05 IST 2019} Stopping server
 {Wed Aug 12 01:52:05 IST 2019} Not all server processes stop. Attempting to stop \ remaining
 {Wed Aug 12 01:52:05 IST 2019} Stopping database
 {Wed Aug 12 01:52:07 IST 2019} Starting database
 {Wed Aug 12 01:52:20 IST 2019} Starting database clean
 {Wed Aug 12 01:58:50 IST 2019} Completed database clean
 {Wed Aug 12 01:58:50 IST 2019} Stopping database
 {Wed Aug 12 01:59:14 IST 2019} Starting server
===================================================
 Completed Cleanup
 Start Time: Mon Aug 28 01:50:44 IST 2019
Completed Time: Mon Aug 28 02:07:07 IST 2019
pi-system-117/admin#

nslookup

To look up the hostname of a remote system on the Prime Infrastructure server, use the nslookup command in EXEC mode.

nslookup word

Syntax Description

word

IPv4 address or hostname of a remote system. Up to 63 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


ncs/admin# nslookup 209.165.200.225
Trying "209.165.200.225.in-addr.arpa"
Received 127 bytes from 172.16.168.183#53 in 1 ms
Trying "209.165.200.225.in-addr.arpa"
Host 209.165.200.225.in-addr.arpa. not found: 3(NXDOMAIN)
Received 127 bytes from 172.16.168.183#53 in 1 ms

ncs/admin#

ncs/admin# nslookup 209.165.200.225
Trying "225.200.165.209.in-addr.arpa"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65283
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;225.200.165.209.in-addr.arpa.  IN      PTR

;; ANSWER SECTION:
225.200.165.209.in-addr.arpa. 86400 IN  PTR     209-165-200-225.got.net.

;; AUTHORITY SECTION:
192.168.209.in-addr.arpa. 86400 IN      NS      ns1.got.net.
192.168.209.in-addr.arpa. 86400 IN      NS      ns2.got.net.

Received 119 bytes from 172.16.168.183#53 in 28 ms

ncs/admin#

ocsp

Online Certificate Status Protocol (OCSP) enables certificate-based authentication for web clients using OCSP responders. Typically, the OCSP responder’s URL is read from the certificate’s Authority Information Access (AIA). As a failover mechanism, you can configure the same URL on the Prime Infrastructure server as well. You can enable or disable a custom OCSP responder, and set or remove OCSP responder URLs, using ocsp responder command in EXEC mode.

ocsp responder { remove | set | show }

Syntax Description

clear

Clear OCSP responder URL

custom

Enable or disable custom OCSP responder

set

Set OCSP responder URL.

Command Default

No default behaviour.

Command Modes

EXEC

Examples


ncs/admin# ocsp responder
ncs/admin# ocsp responder custom enable

ncs/admin# ocsp responder set url1 <WORD>
<WORD>  Enter ocsp url (Max Size - 1024)

ncs/admin# ocsp responder clear url1

ping

To diagnose the basic IPv4 network connectivity to a remote system, use the ping command in EXEC mode.

ping {ip-address | hostname} [Dfdf][packetsizepacketsize][pingcountpingcount]

Syntax Description

ip-address

IP address of the system to ping. Up to 32 alphanumeric characters.

hostname

Hostname of the system to ping. Up to 32 alphanumeric characters.

df

Specification for packet fragmentation.

df

Specifies the value as 1 to prohibit packet fragmentation, or 2 to fragment the packets locally, or 3 to not set df.

packetsize

Size of the ping packet.

packetsize

Specifies the size of the ping packet; the value can be between 0 and 65507.

pingcount

Number of ping echo requests.

pingcount

Specifies the number of ping echo requests; the value can be between 1 and 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

The ping command sends an echo request packet to an address, then awaits a reply. The ping output can help you evaluate path-to-host reliability, delays over the path, and whether you can reach a host.

Examples


ncs/admin# ping 172.16.0.1 df 2 packetsize 10 pingcount 2
PING 172.16.0.1 (172.16.0.1) 10(38) bytes of data.
18 bytes from 172.16.0.1: icmp_seq=0 ttl=40 time=306 ms
18 bytes from 172.16.0.1: icmp_seq=1 ttl=40 time=300 ms

--- 172.16.0.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 300.302/303.557/306.812/3.255 ms, pipe 2
ncs/admin#

ping6

To diagnose the basic IPv6 network connectivity to a remote system, use the ping6 command in EXEC mode.

ping6 {ip-address | hostname} [GigabitEthernetpacketsizepacketsize][pingcountpingcount]

Syntax Description

ip-address

IP address of the system to ping. Up to 64 alphanumeric characters.

hostname

Hostname of the system to ping. Up to 64 alphanumeric characters.

GigabitEthernet

Selects the ethernet interface.

packetsize

Size of the ping packet.

packetsize

Specifies the size of the ping packet; the value can be between 0 and 65507.

pingcount

Number of ping echo requests.

pingcount

Specifies the number of ping echo requests; the value can be between 1 and 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

The IPv6 ping6 command sends an echo request packet to an address, then awaits a reply. The ping output can help you evaluate path-to-host reliability, delays over the path, and whether you can reach a host.

The IPv6 ping6 command is similar to the existing IPv4 ping command that does not support the IPv4 ping fragmentation (df in IPv4) options, but allows an optional specification of an interface. The interface option is primarily useful for pinning with link-local addresses that are interface-specific. The packetsize and pingcount options work identically the same as they do with the IPv4 command.

Examples


ncs/admin# ping6 3ffe:302:11:2:20c:29ff:feaf:da05
PING 3ffe:302:11:2:20c:29ff:feaf:da05(3ffe:302:11:2:20c:29ff:feaf:da05) from 3ffe:302:11:2:20c:29ff:feaf:da05 eth0: 56 data bytes
64 bytes from 3ffe:302:11:2:20c:29ff:feaf:da05: icmp_seq=0 ttl=64 time=0.599 ms
64 bytes from 3ffe:302:11:2:20c:29ff:feaf:da05: icmp_seq=1 ttl=64 time=0.150 ms
64 bytes from 3ffe:302:11:2:20c:29ff:feaf:da05: icmp_seq=2 ttl=64 time=0.070 ms
64 bytes from 3ffe:302:11:2:20c:29ff:feaf:da05: icmp_seq=3 ttl=64 time=0.065 ms

--- 3ffe:302:11:2:20c:29ff:feaf:da05 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3118ms
rtt min/avg/max/mdev = 0.065/0.221/0.599/0.220 ms, pipe 2

ncs/admin#

ncs/admin# ping6 3ffe:302:11:2:20c:29ff:feaf:da05 GigabitEthernet 0 packetsize 10 pingcount 2
PING 3ffe:302:11:2:20c:29ff:feaf:da05(3ffe:302:11:2:20c:29ff:feaf:da05) from 3ffe:302:11:2:20c:29ff:feaf:da05 eth0: 10 data bytes
18 bytes from 3ffe:302:11:2:20c:29ff:feaf:da05: icmp_seq=0 ttl=64 time=0.073 ms
18 bytes from 3ffe:302:11:2:20c:29ff:feaf:da05: icmp_seq=1 ttl=64 time=0.073 ms

--- 3ffe:302:11:2:20c:29ff:feaf:da05 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1040ms
rtt min/avg/max/mdev = 0.073/0.073/0.073/0.000 ms, pipe 2

ncs/admin#

reload

To reload the Prime Infrastructure operating system, use the reload command in EXEC mode.

reload

Syntax Description

This command has no arguments or keywords.

Command Default

The command has no default behavior or values.

Command Modes

EXEC

Usage Guidelines

The reload command reboots the system. Use the reload command after you enter configuration information into a file and save the running-configuration to the persistent startup-configuration on the CLI and save any settings in the web Administration user interface session.

Before you enter the reload command, ensure that the Prime Infrastructure is not performing any backup, restore, installation, upgrade, or remove operation. If the Prime Infrastructure performs any of these operations and you enter the reload command, you will notice any of the following warning messages:


WARNING: A backup or restore is currently in progress! Continue with reload?

WARNING: An install/upgrade/remove is currently in progress! Continue with reload?

If you get any of these warnings, enter YES to halt the operation, or enter NO to cancel the halt.

If no processes are running when you use the reload command or you enter YES in response to the warning message displayed, the Prime Infrastructure asks you to respond to the following option:


Do you want to save the current configuration ?

Enter YES to save the existing Prime Infrastructure configuration. The Prime Infrastructure displays the following message:


Saved the running configuration to startup successfully

Examples


ncs/admin# reload
Do you want to save the current configuration ? (yes/no) [yes] ? yes
Generating configuration...
Saved the running configuration to startup successfully
Continue with reboot? [y/n] y

Broadcast message from root (pts/0) (Fri Aug  7 13:26:46 2010):

The system is going down for reboot NOW!

ncs/admin#

restore

To perform a restore of a previous backup, use the restore command in EXEC mode.

Application Backup Restore:

Use the following command to restore data related only to Prime Infrastructure application:

restore filename repository repository-name application application-name

Application Backup Restore

Use the following command to restore data related to the Prime Infrastructure application and Cisco ADE OS:

restore filename repository repository-name

Syntax Description

filename

Name of the backed-up file that resides in the repository. Up to 120 alphanumeric characters.

Note 

You must add the .tar.gpg extension after the filename (for example, myfile.tar.gpg).

repository

The repository keyword.

repository-name

Name of the repository you want to restore from backup.

application

The application keyword.

application-name

The name of the application data to be restored. Up to 255 alphanumeric characters.

Note 

Enter the application name as ‘PI’ in upper case.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

A restore operation restores data related to the Prime Infrastructure as well as the Cisco ADE OS. To perform a restore of a previous backup of the application data of the Prime Infrastructure only, add the application command to the restore command in EXEC mode.

When you use these two commands in the Prime Infrastructure, the Prime Infrastructure server restarts automatically.

Examples

pi-system-120/admin# restore pi-system-173-190908-0334__VER3.7.0.0.159_BKSZ26G_CPU4_MEM3G_RAM11G_SWAP15G_APP_CK218281319.tar.gpg repository defaultRepo application NCS
* NOTE *
If the system console is disconnected or got cleared on session timeout
run 'show restore log' to see the output of the last restore session.
 
Restore will restart the application services. Continue? (yes/no) [yes] ?
 
DO NOT press ^C while the restoration is in progress
Aborting restore with a ^C may leave the system in a unrecoverable state
 
Enter the backup password, if your backup is password protected. Otherwise, press Enter to continue the data restoration.
 
Password :
Initiating restore.  Please wait...
  Restore Started at 08/09/19 22:59:05
  Stage 1 of 9: Transferring backup file ...                      
  -- completed at 08/09/19 22:59:15
  Stage 2 of 9: Decrypting backup file ...                        
  -- completed at  08/09/19 23:02:24
  Stage 3 of 9: Unpacking backup file ...                         
  -- completed at  08/09/19 23:02:25
  Stopping PI server ...                                            
  Stage 4 of 9: Decompressing backup ...                            
  -- completed at  08/09/19 23:18:58
  Stage 5 of 9: Restoring Support Files ...                          
  -- completed at  08/09/19 23:19:07
  Stage 6 of 9: Restoring Database Files ...                        
   -- completed at  08/09/19 23:19:43
  Stage 7 of 9: Recovering Database ...                             
  -- completed at  08/09/19 23:28:42
  Stage 8 of 9: Updating Database Schema ...
    This could take long time based on the existing data size.
                  Stage 1 of 5: Pre Migration Schema Upgrade ...                             
                                        -- completed at: 2019-08-09 23:32:46.091, Time Taken : 0 hr, 4 min, 1 sec
                  Stage 2 of 5: Schema Upgrade ...                             
                                        -- completed at: 2019-08-09 23:53:56.668, Time Taken : 0 hr, 21 min, 9 sec
                  Stage 3 of 5: Post Migration Schema Upgrade ...                             
                                        -- completed at: 2019-08-09 23:54:17.489, Time Taken : 0 hr, 0 min, 19 sec
                  Stage 4 of 5: Enabling DB Constraints ...                             
                                        -- completed at: 2019-08-09 23:54:53.179, Time Taken : 0 hr, 0 min, 34 sec
                  Stage 5 of 5: Finishing Up ...                              
                                        -- completed at: 2019-08-09 23:55:12.431, Time Taken : 0 hr, 0 min, 18 sec
  -- completed at  08/09/19 23:55:43
  Stage 9 of 9: Re-enabling Database Settings ...                           
   -- completed at  08/10/19 00:24:32
   Total Restore duration is: 01h:25m:27s
INFO: Restore completed successfully.
 
Starting Prime Infrastructure...
 
This may take a while (10 minutes or more) ...
 
Prime Infrastructure started successfully.
 
Redirecting to /bin/systemctl restart rsyslog.service
Completed in 1207 seconds

rmdir

To remove an existing directory, use the rmdir command in EXEC mode.

rmdir word

Syntax Description

word

Directory name. Up to 80 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


ncs/admin# mkdir disk:/test
ncs/admin# dir

Directory of disk:/

       4096 May 06 2010 13:34:49  activemq-data/
       4096 May 06 2010 13:40:59  logs/
      16384 Mar 01 2010 16:07:27  lost+found/
       4096 May 06 2010 13:42:53  target/
       4096 May 07 2010 12:26:04  test/

           Usage for disk: filesystem
                  181067776 bytes total used
                19084521472 bytes free
                20314165248 bytes available
ncs/admin#

ncs/admin# rmdir disk:/test
ncs/admin# dir

Directory of disk:/

       4096 May 06 2010 13:34:49  activemq-data/
       4096 May 06 2010 13:40:59  logs/
      16384 Mar 01 2010 16:07:27  lost+found/
       4096 May 06 2010 13:42:53  target/

           Usage for disk: filesystem
                  181063680 bytes total used
                19084525568 bytes free
                20314165248 bytes available
ncs/admin#

rsakey

To display a configured RSA key or to set a new RSA public key for user authentication, use rsakey command in EXEC mode. You can also use it to remove a configured RSA key.

rsakey { remove | set | show }

Syntax Description

remove

Remove RSA public key for user authentication.

set

Set RSA public key for user authentication.

show

Show RSA public key for user authentication.

Command Default

No default behaviour.

Command Modes

EXEC

Examples


ncs/admin# rsakey
ncs/admin# rsakey show
No RSA key configured for user 'admin'


ncs/admin# rsakey remove
No RSA key configured for user 'admin


ncs/admin# rsakey set <WORD>
<WORD>  Filename of RSA public key (Max Size - 256)

show

To show the running system information, use the show command in EXEC mode. The show commands are used to display the Prime Infrastructure settings and are among the most useful commands.

The commands in Table A-6 require the show command to be followed by a keyword; for example, show application status . Some show commands require an argument or variable after the keyword to function; for example, show application version .

For detailed information on all of the Prime Infrastructure show commands, see show Commands, page A-61.

show keyword

Syntax Description

Table 2. Summary of show Commands

Command(1)

Description

application

(requires keyword)(2)

Displays information about the installed application; for example, status or version.

backup

(requires keyword)

Displays information about the backup.

cdp

(requires keyword)

Displays information about the enabled Cisco Discovery Protocol interfaces.

clock

Displays the day, date, time, time zone, and year of the system clock.

cpu

Displays CPU information.

disks

Displays file-system information of the disks.

interface

Displays statistics for all of the interfaces configured on the Cisco ADE OS.

logging

(requires keyword)

Displays system logging information.

logins

(requires keyword)

Displays login history.

memory

Displays memory usage by all running processes.

ntp

Displays the status of the Network Time Protocol (NTP).

ports

Displays all of the processes listening on the active ports.

process

Displays information about the active processes of the Prime Infrastructure server.

repository

(requires keyword)

Displays the file contents of a specific repository.

restore

(requires keyword)

Displays restore history on the Prime Infrastructure server.

running-config

Displays the contents of the currently running configuration file on the Prime Infrastructure server.

startup-config

Displays the contents of the startup configuration on the Prime Infrastructure server.

tech-support

Displays system and configuration information that you can provide to the TAC when you report a problem.

terminal

Displays information about the terminal configuration parameter settings for the current terminal line.

timezone

Displays the time zone of the Prime Infrastructure server.

timezones

Displays all of the time zones available for use on the Prime Infrastructure server.

udi

Displays information about the unique device identifier (UDI) of the Prime Infrastructure.

uptime

Displays how long the system you are logged in to has been up and running.

users

Displays information for currently logged in users.

version

Displays information about the installed application version.

12
1 (1) The commands in this table require that the show command precedes a keyword; for example, show application.
2 (2) Some show commands require an argument or variable after the keyword to function; for example, show application version. This show command displays the version of the application installed on the system (see show application, page A-61 ).

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

All show commands require at least one keyword to function.

Examples


pi-system-117/admin# show application 
name         Description 
NCS             Cisco Prime Infrastructure
pi-system-117/admin#

Examples

pi-system-226/admin# show version 
Cisco Application Deployment Engine OS Release: 4.1
ADE-OS Build Version: 4.1.0.001
ADE-OS System Architecture: x86_64
Copyright (c) 2009-2020 by Cisco Systems, Inc.
All rights reserved.
Hostname: pi-system-226

Version information of installed applications
---------------------------------------------
Cisco Prime Infrastructure
********************************************************
Version : 3.8.0 [FIPS not Enabled]
Build : 3.8.0.0.310
pi-system-226/admin# 

ssh

To start an encrypted session with a remote system, use the ssh command in EXEC mode.


Note

An Admin or Operator (user) can use this command (see Table 1-1).


ssh [ip-address | hostname] usernameport[number]version[1|2] delete hostkeyword

Syntax Description

ip-address

IP address of the remote system. Up to 64 alphanumeric characters.

hostname

Hostname of the remote system. Up to 64 alphanumeric characters.

username

Username of the user logging in through SSH.

port [number]

(Optional) Indicates the port number of the remote host. From 0 to 65,535. Default 22.

version [1 | 2]

(Optional) Indicates the version number. Default 2.

delete hostkey

Deletes the SSH fingerprint of a specific host.

word

IPv4 address or hostname of a remote system. Up to 64 alphanumeric characters.

Command Default

Disabled.

Command Modes

EXEC (Admin or Operator).

Usage Guidelines

The ssh command enables a system to make a secure, encrypted connection to another remote system or server. This connection provides functionality similar to that of an outbound Telnet connection except that the connection is encrypted. With authentication and encryption, the SSH client allows for secure communication over an insecure network.

Examples


ncs/admin# ssh ncs1 admin
admin@ncs1's password:
Last login: Wed Jul 11 05:53:20 2008 from ncs.cisco.com

ncs1/admin#

ncs/admin# ssh delete host ncs
ncs/admin#

tech dumptcp

To dump a Transmission Control Protocol (TCP) package to the console, use the tech dumptcp command in EXEC mode.

tech dumptcp gigabit-ethernet

Syntax Description

gigabit-ethernet

Gigabit Ethernet interface number 0 to 1.

Command Default

Disabled.

Command Modes

EXEC

Examples


ncs/admin# tech dumptcp 0
140816:141088(272) ack 1921 win 14144
08:26:12.034630 IP NCS.cisco.com.ssh > dhcp-64-102-82-153.cisco.com.2221: P 141088:141248(160) ack 1921 win 14144
08:26:12.034635 IP dhcp-64-102-82-153.cisco.com.2221 > NCS.cisco.com.ssh: . ack 139632 win 64656
08:26:12.034677 IP NCS.cisco.com.ssh > dhcp-64-102-82-153.cisco.com.2221: P 141248:141520(272) ack 1921 win 14144
08:26:12.034713 IP NCS.cisco.com.ssh > dhcp-64-102-82-153.cisco.com.2221: P 141520:141680(160) ack 1921 win 14144
08:26:12.034754 IP NCS.cisco.com.ssh > dhcp-64-102-82-153.cisco.com.2221: P 141680:141952(272) ack 1921 win 14144
08:26:12.034756 IP dhcp-64-102-82-153.cisco.com.2221 > NCS.cisco.com.ssh: . ack 140064 win 65520
08:26:12.034796 IP NCS.cisco.com.ssh > dhcp-64-102-82-153.cisco.com.2221: P 141952:142112(160) ack 1921 win 14144
1000 packets captured
1000 packets received by filter
0 packets dropped by kernel
ncs/admin#

telnet

To log in to a host that supports Telnet, use the telnet command in operator (user) or EXEC mode.

telnet [ip-address | hostname] port number

Syntax Description

ip-address

IP address of the remote system. Up to 64 alphanumeric characters.

hostname

Hostname of the remote system. Up to 64 alphanumeric characters.

port number

(Optional) Indicates the port number of the remote host. From 0 to 65,535.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


ncs/admin# telnet 172.16.0.11 port 23
ncs.cisco.com login: admin
password:
Last login: Mon Jul  2 08:45:24 on ttyS0
ncs/admin#

terminal length

To set the number of lines on the current terminal screen for the current session, use the terminal length command in EXEC mode.

terminal length integer

Syntax Description

integer

Number of lines on the screen. Contains between 0 to 511 lines, inclusive. A value of zero (0) disables pausing between screens of output.

Command Default

24 lines.

Command Modes

EXEC

Usage Guidelines

The system uses the length value to determine when to pause during multiple-screen output.

Examples


ncs/admin# terminal length 0
ncs/admin#

terminal session-timeout

To set the inactivity timeout for all sessions, use the terminal session-timeout command in EXEC mode.

terminal session-timeout minutes

Syntax Description

minutes

Sets the number of minutes for the inactivity timeout. From 0 to 525,600. Zero (0) disables the timeout.

Command Default

30 minutes.

Command Modes

EXEC

Usage Guidelines

Setting the terminal session-timeout command to zero (0) results in no timeout being set.

Examples


ncs/admin# terminal session-timeout 40
ncs/admin#

terminal session-welcome

To set a welcome message on the system for all users who log in to the system, use the terminal session-welcome command in EXEC mode.

terminal session-welcome string

Syntax Description

string

Welcome message. Up to 2,023 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Specify a message using up to 2048 characters.

Examples


ncs/admin# terminal session-welcome Welcome
ncs/admin#

terminal terminal-type

To specify the type of terminal connected to the current line for the current session, use the terminal terminal-type command in EXEC mode.

terminal terminal-type type

Syntax Description

type

Defines the terminal name and type, and permits terminal negotiation by hosts that provide that type of service. Up to 80 alphanumeric characters.

Command Default

VT100.

Command Modes

EXEC

Usage Guidelines

Indicate the terminal type if it is different from the default of VT100.

Examples


ncs/admin# terminal terminal-type vt220
ncs/admin#

traceroute

To discover the routes that packets take when traveling to their destination address, use the traceroute command in EXEC mode.

traceroute [ip-address | hostname]

Syntax Description

ip-address

IP address of the remote system. Up to 32 alphanumeric characters.

hostname

Hostname of the remote system. Up to 32 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


ncs/admin# traceroute 172.16.0.11
traceroute to 172.16.0.11 (172.16.0.11), 30 hops max, 38 byte packets
 1  172.16.0.11 0.067 ms  0.036 ms  0.032 ms

ncs/admin#

undebug

To disable debugging functions, use the undebug command in EXEC mode.

undebug {all | application | backup-restore | cdp | config | copy | icmp | locks | logging | snmp | system | transfer | user | utils}

Syntax Description

all

Disables all debugging.

application

Application files.

  • all—Disables all application debug output.

  • install—Disables application install debug output.

  • operation—Disables application operation debug output.

  • uninstall—Disables application uninstall debug output.

backup-restore

Backs up and restores files.

  • all—Disables all debug output for backup-restore.

  • backup—Disables backup debug output for backup-restore.

  • backup-logs—Disables backup-logs debug output for backup-restore.

  • history—Disables history debug output for backup-restore.

  • restore—Disables restore debug output for backup-restore.

cdp

Cisco Discovery Protocol configuration files.

  • all—Disables all Cisco Discovery Protocol configuration debug output.

  • config—Disables configuration debug output for Cisco Discovery Protocol.

  • infra—Disables infrastructure debug output for Cisco Discovery Protocol.

config

Configuration files.

  • all—Disables all configuration debug output.

  • backup—Disables backup configuration debug output.

  • clock—Disables clock configuration debug output.

  • infra—Disables configuration infrastructure debug output.

  • kron—Disables command scheduler configuration debug output.

  • network—Disables network configuration debug output.

  • repository—Disables repository configuration debug output.

  • service—Disables service configuration debug output.

copy

Copy commands.

icmp

ICMP echo response configuration.

all—Disable all debug output for ICMP echo response configuration. Set level between 0 and 7, with 0 being severe and 7 being all.

locks

Resource locking.

  • all—Disables all resource locking debug output.

  • file—Disables file locking debug output.

logging

Logging configuration files.

all—Disables all debug output for logging configuration.

snmp

SNMP configuration files.

all—Disables all debug output for SNMP configuration.

system

System files.

  • all—Disables all system files debug output.

  • id—Disables system ID debug output.

  • info—Disables system info debug output.

  • init—Disables system init debug output.

transfer

File transfer.

user

User management.

  • all—Disables all user management debug output.

  • password-policy—Disables user management debug output for password-policy.

utils

Utilities configuration files.

all—Disables all utilities configuration debug output.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


ncs/admin# undebug all
ncs/admin#

write

To copy, display, or erase Prime Infrastructure server configurations, use the write command with the appropriate argument in EXEC mode.

write {erase | memory | terminal}

Syntax Description

erase

Erases the startup configuration. This command is disabled by default.

memory

Copies the running configuration to the startup configuration.

terminal

Copies the running configuration to console.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

The following is an example of the write command with the erase keyword:


Note

write erase command functionality is disabled from Cisco Prime Infrastructure Release 2.0 and later. If you try to write erase, then the following warning message is displayed.

pi-system/admin# write erase
% Warning: 'write erase' functionality has been disabled by application: NCS
pi-system/admin#

show Commands

This section lists Prime Infrastructure show commands. Each command includes a brief description of its use, any command defaults, command modes, usage guidelines, an example of the command syntax and any related commands.

show application

To show application information of the installed application packages on the system, use the show application command in EXEC mode.

show application [status | version [ app_name]]

Syntax Description

status

Displays the status of the installed application.

version

Displays the application version for an installed application—the Prime Infrastructure.

app_name

Name of the installed application.

Table 3. Output Modifier Variables for Count or Last

|

Output modifier variables:

  • begin—Matched pattern. Up to 80 alphanumeric characters.

  • count—Counts the number of lines in the output. Add number after the word count.

    |—Output modifier variables.

  • end—Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude—Excludes lines that match. Up to 80 alphanumeric characters.

  • include—Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

    |—Output modifier variables (see Table A-8 ).

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example 1


pi-system/admin# show application
<name>          <Description>
NCS             Cisco Prime Infrastructure
pi-system/admin#

show backup history

To display the backup history of the system, use the show backup history command in EXEC mode.

show backup history

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example 1

pi-system-168/admin# show restore log
Started at : Thu Aug  1 14:48:08 2019
Initiating restore.  Please wait...
  Restore Started at 08/01/19 14:48:08
  Stage 1 of 9: Transferring backup file ...
  -- completed at 08/01/19 14:48:56
  Stage 2 of 9: Decrypting backup file ...
  -- completed at  08/01/19 14:50:16
  Stage 3 of 9: Unpacking backup file ...
  -- completed at  08/01/19 14:50:19
  Stopping PI server ...
  Stage 4 of 9: Decompressing backup ...
  -- completed at  08/01/19 14:52:12
  Stage 5 of 9: Restoring Support Files ...
  -- completed at  08/01/19 14:52:21
  Stage 6 of 9: Restoring Database Files ...
   -- completed at  08/01/19 14:53:04
  Stage 7 of 9: Recovering Database ...
  -- completed at  08/01/19 15:21:01
  Stage 8 of 9: Updating Database Schema ...
    This could take long time based on the existing data size.
  -- completed at  08/01/19 16:10:50
  Stage 9 of 9: Re-enabling Database Settings ...
   -- completed at  08/01/19 16:49:13
   Total Restore duration is: 02h:01m:05s
INFO: Restore completed successfully.
 
Starting Prime Infrastructure...
 
This may take a while (10 minutes or more) ...
 
Prime Infrastructure started successfully.
 
Completed in 1477 seconds
Finished at : Thu Aug  1 17:14:13 2019

Examples

Example 2

pi-system-284/admin# show backup history
Sat Jan 25 03:59:28 IST 2020: backup pi-system-284-200125-0334__VER3.8.0.0.310_BKSZ25G_CPU4_MEM3G_RAM11G_SWAP15G_APP_CK2130717572.tar.gpg to repository defaultRepo: success
Sun Jan 26 04:06:54 IST 2020: backup pi-system-284-200126-0334__VER3.8.0.0.310_BKSZ24G_CPU4_MEM3G_RAM11G_SWAP15G_APP_CK4209384478.tar.gpg to repository defaultRepo: success
Mon Jan 27 03:58:16 IST 2020: backup pi-system-284-200127-0334__VER3.8.0.0.310_BKSZ24G_CPU4_MEM3G_RAM11G_SWAP15G_APP_CK482645775.tar.gpg to repository defaultRepo: success
Tue Jan 28 03:56:13 IST 2020: backup pi-system-284-200128-0334__VER3.8.0.0.310_BKSZ25G_CPU4_MEM3G_RAM11G_SWAP15G_APP_CK599302789.tar.gpg to repository defaultRepo: success

show banner pre-login

To display the banner that you installed, use the show banner pre-login command in EXEC mode.

show banner pre-login

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example


pi-system/admin# show banner pre-login
Banner-Test
pi-system/admin#

show cdp

To display information about the enabled Cisco Discovery Protocol interfaces, use the show cdp command in EXEC mode.

show cdp {all | neighbors}

Syntax Description

all

Shows all of the enabled Cisco Discovery Protocol interfaces.

neighbors

Shows the Cisco Discovery Protocol neighbors.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example 1


ncs/admin# show cdp all
CDP protocol is enabled ...
        broadcasting interval is every 60 seconds.
        time-to-live of cdp packets is 180 seconds.

        CDP is enabled on port GigabitEthernet0.
ncs/admin#

Example 2


ncs/admin# show cdp neighbors
CDP Neighbor : 000c297840e5
        Local Interface    : GigabitEthernet0
        Device Type        : L-NCS-1.0-50
        Port               : eth0
        Address            : 172.23.90.114

CDP Neighbor : isexp-esw5
        Local Interface    : GigabitEthernet0
        Device Type        : cisco WS-C3560E-24TD
        Port               : GigabitEthernet0/5
        Address            : 172.23.90.45

CDP Neighbor : 000c29e29926
        Local Interface    : GigabitEthernet0
        Device Type        : L-NCS-1.0-50
        Port               : eth0
        Address            : 172.23.90.115

CDP Neighbor : 000c290fba98
        Local Interface    : GigabitEthernet0
        Device Type        : L-NCS-1.0-50
        Port               : eth0
        Address            : 172.23.90.111

ncs/admin#

show clock

To display the day, month, date, time, time zone, and year of the system software clock, use the show clock command in EXEC mode.

show clock

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


pi-system-196/admin# show clock
Tue Jan 28 04:11:38 IST 2020

Note

The show clock output in the previous example includes Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), Great Britain, or Zulu time (see Tables A-16, A-17, and A-18 on pages A-84 and A-85 for sample time zones).


show cpu

To display CPU information, use the show cpu command in EXEC mode.

show cpu [ statistics] [|] [|]

Syntax Description

statistics

Displays CPU statistics.

|

Output modifier variables:

  • begin—Matched pattern. Up to 80 alphanumeric characters.

  • count—Counts the number of lines in the output. Add number after the word count.

    |—Output modifier variables (see Table A-9 ).

  • end—Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude—Excludes lines that match. Up to 80 alphanumeric characters.

  • include—Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

    |—Output modifier variables (see Table A-9 ).

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example 1


ncs/admin# show cpu

processor : 0
model     : Intel(R) Xeon(R) CPU           E5320  @ 1.86GHz
speed(MHz): 1861.914
cache size: 4096 KB

ncs/admin#

Example 2


ncs/admin# show cpu statistics
user time:             265175
kernel time:           166835
idle time:            5356204
i/o wait time:         162676
irq time:                4055

ncs/admin#

show disks

To display the disks file-system information, use the show disks command in EXEC mode.

show disks [|] [|]

Syntax Description

|

Output modifier variables:

  • begin—Matched pattern. Up to 80 alphanumeric characters.

  • count—Counts the number of lines in the output. Add number after the word count.

    |—Output modifier variables (see Table A-10 ).

  • end—Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude—Excludes lines that match. Up to 80 alphanumeric characters.

  • include—Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

    |—Output modifier variables (see Table A-10 ).

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Only platforms that have a disk file system support the show disks command.

Examples


ncs/admin# show disks

temp. space 2% used (17828 of 988116)
disk: 3% used (143280 of 5944440)

Internal filesystems:
  all internal filesystems have sufficient free space

ncs/admin#

show icmp_status

To display the Internet Control Message Protocol echo response configuration information, use the show icmp_status command in EXEC mode.

show icmp_status { > file | |}

Syntax Description

>

Output direction.

file

Name of file to redirect standard output (stdout).

|

Output modifier commands:

  • begin —Matched pattern. Up to 80 alphanumeric characters.

  • count —Counts the number of lines in the output. Add number after the word count.

  • end —Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude —Excludes lines that match. Up to 80 alphanumeric characters.

  • include —Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example 1


ncs/admin# show icmp_status
icmp echo response is turned on
ncs/admin#

Example 2


ncs/admin# show icmp_status
icmp echo response is turned off
ncs/admin#

show ip route

To display details the ip route details of the application, use show ip route command in EXEC mode.

show ip route {| |}

Syntax Description

>

Output redirection

|

Output modifiers

Command Default

No default behaviour.

Command Modes

EXEC

Examples


ncs/admin# show ip route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.126.168.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         10.126.168.1    0.0.0.0         UG    0      0        0 eth0
Kernel IPv6 routing table
Destination                                 Next Hop                                Flags Metric Ref    Use Iface
2001::/64                                   ::                                      UA    256    0        0 eth0    
fe80::/64                                   ::                                      U     256    0        0 eth0    
::/0                                        fe80::217:dfff:fe29:9800                UGDA  1024   18       0 eth0    
::1/128                                     ::                                      U     0      10127       1 lo      
2001::20c:29ff:fe6c:8f28/128                ::                                      U     0      0        1 lo      
2001::813d:2d75:7d6:564f/128                ::                                      U     0      37       1 lo      
2001::d992:4889:c9e1:f238/128               ::                                      U     0      0        1 lo      
fe80::20c:29ff:fe6c:8f28/128                ::                                      U     0      3        1 lo      
ff00::/8

show interface

To display the usability status of interfaces configured for IP, use the show interface command in EXEC mode.

show interface [ GigabitEthernet] |

Syntax Description

GigabitEthernet

Shows the Gigabit Ethernet interface. Either 0 or 1.

|

Output modifier variables:

  • begin—Matched pattern. Up to 80 alphanumeric characters.

  • count—Counts the number of lines in the interface. Add number after the word count.

  • end—Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude—Excludse lines that match. Up to 80 alphanumeric characters.

  • include—Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

In the show interface GigabitEthernet 0 output, you can find that the interface has three IPv6 addresses. The first internet address (starting with 3ffe) is the result of using stateless autoconfiguration. For this to work, you need to have IPv6 route advertisement enabled on that subnet. The next address (starting with fe80) is a link local address that does not have any scope outside the host. You always see a link local address regardless of the IPv6 autoconfiguration or DHCPv6 configuration. The last address (starting with 2001) is the result obtained from an IPv6 DHCP server.

Examples

Example 1


ncs/admin# show interface
eth0      Link encap:Ethernet  HWaddr 00:0C:29:6A:88:C4
          inet addr:172.23.90.113  Bcast:172.23.90.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe6a:88c4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48536 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14152 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:6507290 (6.2 MiB)  TX bytes:12443568 (11.8 MiB)
          Interrupt:59 Base address:0x2000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1195025 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1195025 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:649425800 (619.3 MiB)  TX bytes:649425800 (619.3 MiB)

sit0      Link encap:IPv6-in-IPv4
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

ncs/admin#

Example 2


ncs/admin# show interface GigabitEthernet 0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:AF:DA:05
          inet addr:172.23.90.116  Bcast:172.23.90.255  Mask:255.255.255.0
          inet6 addr: 3ffe:302:11:2:20c:29ff:feaf:da05/64 Scope:Global
          inet6 addr: fe80::20c:29ff:feaf:da05/64 Scope:Link
          inet6 addr: 2001:558:ff10:870:8000:29ff:fe36:200/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:77848 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23131 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10699801 (10.2 MiB)  TX bytes:3448374 (3.2 MiB)
          Interrupt:59 Base address:0x2000

show inventory

To display information about the hardware inventory, including the Prime Infrastructure appliance model and serial number, use the show inventory command in EXEC mode.

show inventory |

Syntax Description

|

Output modifier variables:

  • begin—Matched pattern. Up to 80 alphanumeric characters.

  • count—Counts the number of lines in the interface. Add number after the word count.

  • end—Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude—Excludse lines that match. Up to 80 alphanumeric characters.

  • include—Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


pi-system/admin# show inventory

NAME: "Cisco-VM chassis", DESCR: "Cisco-VM chassis"
PID: Cisco-VM-SPID     , VID: V01 , SN: GITQA6QC26B
Total RAM Memory: 12167972 kB
CPU Core Count: 4
CPU 0: Model Info: Intel(R) Xeon(R) CPU E5-4640 0 @ 2.40GHz
CPU 1: Model Info: Intel(R) Xeon(R) CPU E5-4640 0 @ 2.40GHz
CPU 2: Model Info: Intel(R) Xeon(R) CPU E5-4640 0 @ 2.40GHz
CPU 3: Model Info: Intel(R) Xeon(R) CPU E5-4640 0 @ 2.40GHz
Hard Disk Count(*): 1
Disk 0: Device Name: /dev/sda
Disk 0: Capacity: 322.10 GB
Disk 0: Geometry: 255 heads 63 sectors/track 39162 cylinders
NIC Count: 1
NIC 0: Device Name: eth0
NIC 0: HW Address: 00:0C:29:11:51:83
NIC 0: Driver Descr: e1000: eth0: e1000_probe: Intel(R) PRO/1000 Network Connection

(*) Hard Disk Count may be Logical.
pi-system-61/admin#

show logging

To display the state of system logging (syslog) and the contents of the standard system logging buffer, use the show logging command in EXEC mode.

show logging {application [ application-name]} {internal} {system} |

Syntax Description

application

Displays application logs.

application-name

Application name. Up to 255 alphanumeric characters.

  • tail—Tail system syslog messages.

  • count—Tail last count messages. From 0 to 4,294,967,295.

    |—Output modifier variables (see below).

internal

Displays the syslogs configuration.

system

Displays the system syslogs.

|

Output modifier variables:

  • begin—Matched pattern. Up to 80 alphanumeric characters.

  • count—Counts the number of lines in the interface. Add number after the word count.

  • end—Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude—Excludes lines that match. Up to 80 alphanumeric characters.

  • include—Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

This command displays the state of syslog error and event logging, including host addresses, and for which, logging destinations (console, monitor, buffer, or host) logging is enabled.

Examples

Example 1


ncs/admin# show logging system
ADEOS Platform log:
-----------------

Aug  5 10:44:32 localhost debugd[1943]: [16618]: config:network: main.c[252] [setup]: Setup is complete
Aug  5 10:45:02 localhost debugd[1943]: [17291]: application:install cars_install.c[242] [setup]: Install initiated with bundle - ncs.tar.gz,
repo - SystemDefaultPkgRepos
Aug  5 10:45:02 localhost debugd[1943]: [17291]: application:install cars_install.c[256] [setup]: Stage area - /storeddata/Installing/.1281030
302
Aug  5 10:45:02 localhost debugd[1943]: [17291]: application:install cars_install.c[260] [setup]: Getting bundle to local machine
Aug  5 10:45:03 localhost debugd[1943]: [17291]: transfer: cars_xfer.c[58] [setup]: local copy in of ncs.tar.gz requested
Aug  5 10:45:46 localhost debugd[1943]: [17291]: application:install cars_install.c[269] [setup]: Got bundle at - /storeddata/Installing/.1281
030302/ncs.tar.gz
Aug  5 10:45:46 localhost debugd[1943]: [17291]: application:install cars_install.c[279] [setup]: Unbundling package ncs.tar.gz
Aug  5 10:47:06 localhost debugd[1943]: [17291]: application:install cars_install.c[291] [setup]: Unbundling done. Verifying input parameters.
..
Aug  5 10:47:06 localhost debugd[1943]: [17291]: application:install cars_install.c[313] [setup]: Manifest file is at - /storeddata/Installing
/.1281030302/manifest.xml
Aug  5 10:47:07 localhost debugd[1943]: [17291]: application:install cars_install.c[323] [setup]: Manifest file appname - ncs
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install cars_install.c[386] [setup]: Manifest file pkgtype - CARS
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install cars_install.c[398] [setup]: Verify dependency list -
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install cars_install.c[410] [setup]: Verify app license -
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install cars_install.c[420] [setup]: Verify app RPM's
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install cars_install.c[428] [setup]: No of RPM's - 9
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install cars_install.c[439] [setup]: Disk - 50
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[325] [setup]: Disk requested = 51200 KB
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[345] [setup]: More disk found Free = 40550400, req_disk = 51200
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install cars_install.c[450] [setup]: Mem requested by app - 100
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[369] [setup]: Mem requested = 102400
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[384] [setup]: Found MemFree = MemFree:         13028 kB
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[390] [setup]: Found MemFree value = 13028
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[393] [setup]: Found Inactive = Inactive:       948148 kB
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[399] [setup]: Found Inactive MemFree value = 948148
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[409] [setup]: Sufficient mem found
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install ci_util.c[415] [setup]: Done checking memory...
Aug  5 10:47:09 localhost debugd[1943]: [17291]: application:install cars_install.c[461] [setup]: Verifying RPM's...
--More--
(press Spacebar to continue)

Example 2


ncs/admin# show logging internal

log server:          localhost
Global loglevel:     6
Status:              Enabled
ncs/admin#

Example 3


ncs/admin# show logging internal

log server:          localhost
Global loglevel:     6
Status:              Disabled
ncs/admin#

show logins

To display the state of system logins, use the show logins command in EXEC mode.

show logins cli

Syntax Description

cli

Lists the cli login history.

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

Requires the cli keyword; otherwise, an error occurs.

Examples


ncs/admin# show logins cli
root     pts/2        10.126.184.230   Fri Aug  9 14:50   still logged in   
admin    pts/3        10.126.184.230   Thu Aug  1 14:41 - 10:25 (3+19:44)   
admin    pts/3        10.126.184.230   Thu Aug  1 12:59 - 13:10  (00:10)    
admin    pts/2        10.126.184.230   Wed Jul 31 19:33 - 10:25 (4+14:51)   
admin    tty1                          Tue Jul 30 20:16 - 08:18  (12:01)    
reboot   system boot  3.10.0-957.21.3. Wed Jul 31 01:01 - 20:17 (12+19:15)  
setup    tty1                          Thu Jul 25 00:59 - 19:31 (5+18:31)   
reboot   system boot  3.10.0-957.21.3. Wed Jul 24 17:48 - 19:31 (6+01:42)   

wtmp begins Wed Jul 24 17:48:44 2019

show memory

To display the memory usage of all of the running processes, use the show memory command in EXEC mode.

show memory

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


ncs/admin# show memory
total memory:    1035164 kB
free memory:       27128 kB
cached:           358888 kB
swap-cached:      142164 kB

ncs/admin#

show netstat

To display statistics about your network connection, use show netstat command in EXEC mode.

show netstat{ > | | }

Syntax Description

>

Output redirection.

|

Output modifiers.

Command Default

No default behavior.

Command Modes

EXEC

Examples


ncs/admin# show netstat
TCP Listeners ------------------------------------------------------------
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 0.0.0.0:65000               0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:39949               0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      
tcp        0      0 127.0.0.1:2000              0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:6100                0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:2012                0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:2013                0.0.0.0:*                   LISTEN      
tcp        0      0 :::61603                    :::*                        LISTEN      
tcp        0      0 :::10755                    :::*                        LISTEN      
tcp        0      0 :::61604                    :::*                        LISTEN      
tcp        0      0 :::31204                    :::*                        LISTEN      
tcp        0      0 :::9992                     :::*                        LISTEN      
tcp        0      0 :::65000                    :::*                        LISTEN      
tcp        0      0 :::8009                     :::*                        LISTEN      
tcp        0      0 :::5001                     :::*                        LISTEN      
tcp        0      0 :::1199                     :::*                        LISTEN      
tcp        0      0 :::111                      :::*                        LISTEN      
tcp        0      0 :::80                       :::*                        LISTEN      
tcp        0      0 :::35088                    :::*                        LISTEN      
tcp        0      0 :::21648                    :::*                        LISTEN      
tcp        0      0 :::16113                    :::*                        LISTEN      
tcp        0      0 :::2001                     :::*                        LISTEN      
tcp        0      0 :::61617                    :::*                        LISTEN      
tcp        0      0 :::1522                     :::*                        LISTEN      
tcp        0      0 :::8082                     :::*                        LISTEN      
tcp        0      0 :::6100                     :::*                        LISTEN      
tcp        0      0 :::21                       :::*                        LISTEN      
tcp        0      0 :::22                       :::*                        LISTEN      
tcp        0      0 :::48504                    :::*                        LISTEN      
tcp        0      0 :::443                      :::*                        LISTEN      
tcp        0      0 :::10555                    :::*                        LISTEN      

TCP Connections ----------------------------------------------------------
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 10.126.168.61:22            10.65.57.243:55027          ESTABLISHED 

show ntp

To show the status of the NTP associations, use the show ntp command in EXEC mode.

show ntp

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC ncs/admin# show ntp pi-system-241/admin# show ntp NTP Server 1 : 10.81.254.202 NTP Server 2 : 10.64.58.50 synchronised to NTP server (10.81.254.202) at stratum 2 time correct to within 173 ms polling server every 1024 s remote refid st t when poll reach delay offset jitter ======================================================================= === ==== *10.81.254.202 .GPS. 1 u 255 1024 377 272.081 1.756 1.850 +10.64.58.50 10.67.68.33 2 u 27 1024 377 0.388 -0.936 1.904 Warning: Output results may conflict during periods of changing synchronization.

show ports

To display information about all of the processes listening on active ports, use the show ports command in EXEC mode.

show ports [|] [|]

Syntax Description

|

Output modifier variables:

  • begin—Matched pattern. Up to 80 alphanumeric characters.

  • count—Counts the number of lines in the interface. Add number after the word count.

    |—Output modifier variables (see Table A-12 ).

  • end—Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude—Excludes lines that match. Up to 80 alphanumeric characters.

  • include—Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

    |—Output modifier variables (see Table A-12 ).

Command Default

No default behavior or values.

Command Modes

EXEC

Usage Guidelines

When you run the show ports command, the port must have an associated active session.

Examples


ncs/admin# show ports
Process : timestensubd (21372)
     tcp: 127.0.0.1:11298
Process : timestenorad (21609)
     tcp: 127.0.0.1:51715
     udp: ::1:28314, ::1:59055, ::1:45113, ::1:49082, ::1:64737, ::1:62570, ::1:19577, ::1:29821
Process : ttcserver (21382)
     tcp: 127.0.0.1:16612, 0.0.0.0:53385
Process : timestenrepd (21579)
     tcp: 127.0.0.1:62504, 0.0.0.0:18047
     udp: ::1:51436
Process : timestend (21365)
     tcp: 0.0.0.0:53384
Process : rpc.statd (2387)
     tcp: 0.0.0.0:873
     udp: 0.0.0.0:867, 0.0.0.0:870
Process : timestensubd (21373)
     tcp: 127.0.0.1:43407
Process : portmap (2350)
     tcp: 0.0.0.0:111
     udp: 0.0.0.0:111
Process : Decap_main (21468)
     tcp: 0.0.0.0:2000
     udp: 0.0.0.0:9993
Process : timestensubd (21369)
     tcp: 127.0.0.1:37648
Process : timestensubd (21374)
     tcp: 127.0.0.1:64211
Process : sshd (2734)
     tcp: 172.23.90.113:22
Process : java (21432)
     tcp: 127.0.0.1:8888, :::2080, :::2020, ::ffff:127.0.0.1:8005, :::8009, :::8905, :::8010, :::2090, :::1099, :::9999, :::61616, :::8080, ::
:80, :::60628, :::8443, :::443
     udp: 0.0.0.0:1812, 0.0.0.0:1813, 0.0.0.0:1700, 0.0.0.0:10414, 0.0.0.0:3799, 0.0.0.0:1645, 0.0.0.0:1646, :::8905, :::8906
Process : monit (21531)
     tcp: 127.0.0.1:2812
Process : java (21524)
     tcp: :::62627
Process : java (21494)
     tcp: ::ffff:127.0.0.1:20515
     udp: 0.0.0.0:20514
Process : tnslsnr (21096)
     tcp: :::1521
Process : ora_d000_ncs1 (21222)
     tcp: :::26456
     udp: ::1:63198
Process : ntpd (2715)
     udp: 172.23.90.113:123, 127.0.0.1:123, 0.0.0.0:123, ::1:123, fe80::20c:29ff:fe6a:123, :::123
Process : ora_pmon_ncs1 (21190)
     udp: ::1:51994
Process : ora_mmon_ncs1 (21218)
     udp: :::38941
Process : ora_s000_ncs1 (21224)
     udp: ::1:49864

ncs/admin#

show process

To display information about active processes, use the show process command in the EXEC mode.

show process |

Syntax Description

|

(Optional) Output modifier variables:

  • begin—Matched pattern. Up to 80 alphanumeric characters.

  • count—Counst the number of lines in the interface. Add number after the word count.

  • end—Ends with line that matches. Up to 80 alphanumeric characters.

  • exclude—Excludes lines that match. Up to 80 alphanumeric characters.

  • include—Includes lines that match. Up to 80 alphanumeric characters.

  • last—Displays last few lines of output. Add number after the word last. Up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


/admin# show process
USER       PID     TIME TT       COMMAND
root         1 00:00:02 ?        init
root         2 00:00:00 ?        migration/0
root         3 00:00:00 ?        ksoftirqd/0
root         4 00:00:00 ?        watchdog/0
root         5 00:00:00 ?        events/0
root         6 00:00:00 ?        khelper
root         7 00:00:00 ?        kthread
root        10 00:00:01 ?        kblockd/0
root        11 00:00:00 ?        kacpid
root       170 00:00:00 ?        cqueue/0
root       173 00:00:00 ?        khubd
root       175 00:00:00 ?        kseriod
root       239 00:00:32 ?        kswapd0
root       240 00:00:00 ?        aio/0
root       458 00:00:00 ?        kpsmoused
root       488 00:00:00 ?        mpt_poll_0
root       489 00:00:00 ?        scsi_eh_0
root       492 00:00:00 ?        ata/0
root       493 00:00:00 ?        ata_aux
root       500 00:00:00 ?        kstriped
root       509 00:00:07 ?        kjournald
root       536 00:00:00 ?        kauditd
root       569 00:00:00 ?        udevd
root      1663 00:00:00 ?        kmpathd/0
root      1664 00:00:00 ?        kmpath_handlerd
root      1691 00:00:00 ?        kjournald
root      1693 00:00:00 ?        kjournald
root      1695 00:00:00 ?        kjournald
root      1697 00:00:00 ?        kjournald
root      2284 00:00:00 ?        auditd
root      2286 00:00:00 ?        audispd
root      2318 00:00:10 ?        debugd
rpc       2350 00:00:00 ?        portmap
root      2381 00:00:00 ?        rpciod/0

pi-admin/admin#
Table 4. Show Process Field Descriptions

Field

Description

USER

Logged-in user.

PID

Process ID.

TIME

The time that the command was last used.

TT

Terminal that controls the process.

COMMAND

Type of process or command used.

show repository

To display the file contents of the repository, use the show repository command in EXEC mode.

show repository repository-name

Syntax Description

repository-name

Name of the repository whose contents you want to view. Up to 30 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

show restore

To display the restore history, use the show restore command in EXEC mode.

show restore {history}

Syntax Description

history

Displays the restore history.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

pi-system-284/admin# show restore history
Fri Jan 24 18:35:37 IST 2020: restore pi-system-173-190908-
0334__VER3.8.0.0.310_BKSZ26G_CPU4_MEM3G_RAM11G_SWAP15G_APP_CK218281319.tar.gpg from repository 
test: success
pi-system-284/admin#

show restore log

To display the last restore operation in the case of Auto logout console, use the show restore log command in EXEC mode. You can run this command even while performing a restore operation and a successful restore operation.

show restore log

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example 1


pi-system/admin# show restore log
Started at : Thu Aug  1 14:48:08 2019
Initiating restore.  Please wait...
  Restore Started at 08/01/19 14:48:08
  Stage 1 of 9: Transferring backup file ...
  -- completed at 08/01/19 14:48:56
  Stage 2 of 9: Decrypting backup file ...
  -- completed at  08/01/19 14:50:16
  Stage 3 of 9: Unpacking backup file ...
  -- completed at  08/01/19 14:50:19
  Stopping PI server ...
  Stage 4 of 9: Decompressing backup ...
  -- completed at  08/01/19 14:52:12
  Stage 5 of 9: Restoring Support Files ...
  -- completed at  08/01/19 14:52:21
  Stage 6 of 9: Restoring Database Files ...
   -- completed at  08/01/19 14:53:04
  Stage 7 of 9: Recovering Database ...
  -- completed at  08/01/19 15:21:01
  Stage 8 of 9: Updating Database Schema ...
    This could take long time based on the existing data size.
  -- completed at  08/01/19 16:10:50
  Stage 9 of 9: Re-enabling Database Settings ...
   -- completed at  08/01/19 16:49:13
   Total Restore duration is: 02h:01m:05s
INFO: Restore completed successfully.

Starting Prime Infrastructure...

This may take a while (10 minutes or more) ...

Prime Infrastructure started successfully.

Completed in 1477 seconds
Finished at : Thu Aug  1 17:14:13 2019

show running-config

To display the contents of the currently running configuration file or the configuration, use the show running-config command in EXEC mode.

showrunning-config

Syntax Description

This command has no arguments or keywords.

Command Default

The show running-config command displays all of the configuration information.

Command Modes

EXEC

Examples


ncs/admin# show running-config
Generating configuration...
!
hostname ncs
!
ip domain-name cisco.com
!
interface GigabitEthernet 0
  ip address 172.23.90.113 255.255.255.0
  ipv6 address autoconfig
!
ip name-server 172.16.168.183
!
ip default-gateway 172.23.90.1
!
clock timezone UTC
!
ntp server time.nist.gov
!
username admin password hash $1$JbbHvKVG$xMZ/XL4tH15Knf.FfcZZr. role admin
!
service sshd
!
password-policy
  lower-case-required
  upper-case-required
  digit-required
  no-username
  disable-cisco-passwords
  min-password-length 6
!
logging localhost
logging loglevel 6
!
cdp timer 60
cdp holdtime 180
cdp run GigabitEthernet 0
!
icmp echo on
!

ncs/admin#

show startup-config

To display the contents of the startup configuration file or the configuration, use the show startup-config command in EXEC mode.

showstartup-config

Syntax Description

This command has no arguments or keywords.

Command Default

The show startup-config command displays all of the startup configuration information.

Command Modes

EXEC

Examples


ncs/admin# show startup-config
!
hostname ncs
!
ip domain-name cisco.com
!
interface GigabitEthernet 0
  ip address 172.23.90.113 255.255.255.0
  ipv6 address autoconfig
!
ip name-server 172.16.168.183
!
ip default-gateway 172.23.90.1
!
clock timezone UTC
!
ntp server time.nist.gov
!
username admin password hash $1$JbbHvKVG$xMZ/XL4tH15Knf.FfcZZr. role admin
!
service sshd
!
password-policy
  lower-case-required
  upper-case-required
  digit-required
  no-username
  disable-cisco-passwords
  min-password-length 6
!
logging localhost
logging loglevel 6
!
cdp timer 60
cdp holdtime 180
cdp run GigabitEthernet 0
!
icmp echo on
!
ncs/admin#

show security-status

To display the security-related configuration information, use the show security-status command in EXEC mode.

show security-status

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples

Example

pi-system/admin# show security-status 

Open TCP Ports  : 21 22 80 443 1522 8078 8080 8082 8087 9992 20828 61617
Open UDP Ports  : 69 162 514 9991

FIPS Mode       : disabled
SSH Legacy
Algorithms      : enabled

TFTP Service    : enabled
FTP Service     : enabled

JMS port(61617) : enabled
Root Access     : enabled

Certificate validation settings for pubnet
Cert check      : enabled
OCSP check      : disabled
Auto CA update  : enabled

Certificate validation settings for system
Cert check      : trust-on-first-use
OCSP check      : disabled
Auto CA update  : disabled

Certificate validation settings for devicemgmt
Cert check      : enabled
OCSP check      : disabled
Auto CA update  : enabled

Certificate validation settings for user
Cert check      : enabled
OCSP check      : disabled
Auto CA update  : disabled

Algorithm settings enabled for SSH service
KexAlgorithms   : diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-s
ha2-nistp256,diffie-hellman-group18-sha512,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman
-group-exchange-sha1,diffie-hellman-group1-sha1
MACs            : hmac-sha2-512,hmac-sha2-256,hmac-sha1
Ciphers         : aes128-gcm@openssh.com,aes128-ctr,chacha20-poly1305@openssh.com,aes256-ctr,aes256-gcm@openssh.com,aes192
-ctr,3des-cbc,aes128-cbc,aes256-cbc

TLS versions    : TLSv1.2
TLS ciphers     : tls-ecdhe-sha1

Note : Shows currently configured values
Changes made after last system start if any,
will be effective after next restart

show tech-support

To display technical support information, including email, use the show tech-support command in EXEC mode.

show tech-support file [ word]

Syntax Description

file

Saves any technical support data as a file in the local disk.

word

Filename to save. Up to 80 alphanumeric characters.

Command Default

Passwords and other security information do not appear in the output.

Command Modes

EXEC

Usage Guidelines

The show tech-support command is useful for collecting a large amount of information about your Prime Infrastructure server for troubleshooting purposes. You can then provide output to technical support representatives when reporting a problem.

Examples


ncs/admin# show tech-support
###################################################
Application Deployment Engine(ADE) - 2.0.0.568
Technical Support Debug Info follows...
###################################################


*****************************************
Checking dmidecode Serial Number(s)
*****************************************
  None
 VMware-56 4d 14 cb 54 3d 44 5d-49 ee c4 ad a5 6a 88 c4

*****************************************
Displaying System Uptime...
*****************************************
 12:54:34 up 18:37,  1 user,  load average: 0.14, 0.13, 0.12

*****************************************
Display Memory Usage(KB)
*****************************************
             total       used       free     shared    buffers     cached
Mem:       1035164    1006180      28984          0      10784     345464
-/+ buffers/cache:     649932     385232
Swap:      2040244     572700    1467544

*****************************************
Displaying Processes(ax --forest)...
*****************************************
  PID TTY      STAT   TIME COMMAND
    1 ?        Ss     0:02 init [3]
    2 ?        S<     0:00 [migration/0]
    3 ?        SN     0:00 [ksoftirqd/0]
    4 ?        S<     0:00 [watchdog/0]
    5 ?        S<     0:00 [events/0]
--More--
(press Spacebar to continue)

ncs/admin#

show terminal

To obtain information about the terminal configuration parameter settings, use the show terminal command in EXEC mode.

show terminal

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

EXEC

Examples


ncs/admin#