Table Of Contents
IDS Version 4.0 Command Line Interface
CLI Modes
Tips for Using the CLI
User Roles
IDS Version 4.0 Command Line Interface
The command line interface (CLI) for IDS version 4.0 is the user interface that enables you to access the sensor through Telnet, SSH, and serial interface connections.
Refer to the following topics for more information on using the CLI for version 4.0.
•
CLI Modes
•Tips for Using the CLI
•User Roles
CLI Modes
The CLI for IDS version 4.0 supports the following command modes. Each mode provides access to a subset of commands.
Note In the following mode descriptions, where the prompt includes sensor, sensor is the name assigned to the device you are logging in to.
•Privileged Exec—Exec mode is the first level of the CLI. You enter Exec mode by logging in to the CLI. Exec mode is denoted by the prompt sensor#.
•Global Configuration—Configuration mode is the second level of the CLI. You enter Configuration mode by first logging in to the CLI and then typing configure terminal. Configuration mode is denoted by the prompt sensor(config)#.
•Interface Command-Control Configuration—Interface Command-Control Configuration mode is a third-level CLI mode. You enter Interface Command-Control Configuration mode by first entering Global Configuration mode and then typing interface command-control. Interface Command-Control Configuration mode is denoted by the prompt sensor(config-if)#.
•Interface Group Configuration—Interface Group Configuration is a third-level CLI mode. You enter Interface Group Configuration mode by first entering Global Configuration mode and then typing interface group <number>, where <number> is the group number. Config interface group mode is denoted by the prompt sensor(config-ifg)#.
•Interface Sensing Configuration—Interface Sensing Configuration is a third-level CLI mode. You enter Interface Sensing Configuration mode by first entering Global Configuration mode and then typing interface sensing <name>, where <name> is the logical interface name. Interface Sensing Configuration mode is denoted by the prompt sensor(config-ifs)#.
•Service—Service mode is a generic command mode. You enter Service mode by first entering Global Configuration mode and then typing service <serviceName>, where <serviceName> identifies the actual service you are trying to access, such as Host. Service mode is denoted by the prompt sensor(config-<serviceName>)#.
•Virtual Sensor Configuration—Virtual Sensor Configuration is a third-level CLI mode. You enter Virtual Sensor Configuration mode by typing service virtual sensor-configuration followed by the logical virtual sensor configuration name. Currently, the only allowed name is virtualSensor. Virtual Sensor Configuration mode is denoted by the prompt sensor(config-vsc)#.
•Alarm Channel Configuration—Alarm Channel Configuration is a third-level CLI mode. You enter Alarm Channel Configuration mode by typing service alarm-channel-configuration followed by the logical alarm channel configuration name. The only allowed name is virtualAlarm. Alarm Channel Configuration mode is denoted by the prompt sensor(config-acc)#.
•Tune Micro Engines—Tune Micro Engines is a fourth-level CLI mode. You enter Tune Micro Engines mode by first entering Virtual Sensor Configuration mode and then typing tune-micro-engines. Tune Micro Engines mode is denoted by the prompt sensor(config-vsc-virtualSensor)#.
•Tune Alarm Channel—Tune Alarm Channel is a fourth-level CLI mode. You enter Tune Alarm Channel mode by first entering Alarm Channel Configuration mode and then typing tune-alarm-channel. Tune Alarm Channel mode is denoted by the prompt sensor(config-acc-virtualAlarm)#.
Tips for Using the CLI
Refer to the following tips when using the CLI for IDS version 4.0.
Prompts
•You cannot change the prompt displayed for the CLI commands.
•User interactive prompts occur when the system displays a question and waits for user input. The default input is displayed inside brackets [ ]. To accept the default input, press Enter.
Help
•To display the help for a command, type ? after the command. You can also type ? after an incomplete token to view the valid tokens that will complete the command. Refer to the following examples to compare the two outputs.
sensor#configure ?
terminal Configure from the terminal
sensor# configure
sensor(config)#ip n?
name-server nat
sensor(config)# ip n
Note If you type a space between the incomplete token and the ?, as in ip n ?, the system returns the error % Ambiguous command: ip n.
•Only commands available in the current mode are displayed by help.
Tab Completion
•If you are unsure of the complete syntax for a command, you can type a portion of the command and press Tab to complete the command.
•If multiple commands match for tab completion, nothing is displayed, the terminal repeats the current line you entered.
•Only commands available in the current mode are displayed by tab complete and help.
Recall
•To recall the commands entered in a mode, use the Up Arrow or Down Arrow keys or press the Control key (Ctrl) simultaneously with the p key (Ctrl-p) or n (Ctrl-n) key.
Note Help and tab complete requests are not reported in the recall list.
•A blank prompt indicates the end of the recall list.
Case Sensitivity
•The CLI is not case sensitive, but it does echo back the text in the same case you typed it. For example, if you type:
sensor#CONF and press Tab, the sensor will display:
sensor#CONFigure
Display Options
•—More— is an interactive prompt that indicates that the terminal output exceeds the allotted display space. To display the remaining output, press the Spacebar to display the next page of output or press the Enter to display the output one line at a time.
•To clear the current line contents and return to a blank command line, press the Control key (Ctrl) simultaneously with the c key (Ctrl-c) or press the q key.
Keywords
•In general, use the no form of a command to disable a feature or function. Use the command without the keyword no to enable a disabled feature or function. For example, the command shutdown disables an interface, the command no shutdown enables the interface. Refer to the individual commands for a complete description of what the no form of that command does.
•Configuration commands that specify a default value in the configuration files, such as service and tune-micro-engines, can have a default form. The default form of a command returns the command setting to the default value.
User Roles
The CLI for IDS version 4.0 supports three user roles: Administrator, Operator, and Viewer. The privilege levels for each role are different; therefore, the menus and available commands vary for each role.
•Administrators—This user role has the highest level of privileges. Administrators have unrestricted view access and can perform the following functions:
–Add users and assign passwords.
–Enable and disable control of physical interfaces and interface groups.
–Assign physical sensing interfaces to interface groups.
–Modify the list of hosts allowed to connect to the sensor as configuring or viewing agents.
–Modify sensor address configuration.
–Tune signatures.
–Assign virtual sensor configuration to interface groups.
–Manage routers.
•Operators—This user role has the second highest level of privileges. Operators have unrestricted view access and can perform the following functions:
–Modify their passwords.
–Tune signatures.
–Manage routers.
•Viewers—This user role has the lowest level of privileges. Viewers can view configuration and event data and can perform the following function:
–Modify their passwords.
Tip Monitoring applications, such as the IDS Event Viewer, only require viewer access to the sensor. You can use the CLI to setup a user account with viewer privileges and then configure IDS Event Viewer to use this account to connect to the sensor.
Feedback