Cisco Intrusion Prevention System Command Reference for IPS 7.2

Index

A

adding

an entry to the known hosts table 2-159

a public key 2-156

a trusted host 2-163

administrator privileges 1-1

alerts viewing 2-105

anomaly detection file

loading 2-4

saving 2-5

using 2-5

anomaly-detection load

described 2-4

examples 2-4

syntax 2-4

anomaly-detection name described 2-74

anomaly-detection save

described 2-5

examples 2-5

syntax 2-5

application partition reimaging 2-71

applying

immediate updates 2-8

service packs 2-166

signature updates 2-166

attacker IP address removing 2-18

attemptLimit

described 2-6

examples 2-6

related commands 2-7

syntax 2-6

using 2-6

autoupdatenow

described 2-8

using 2-8

B

banner login

described 2-10

examples 2-10

using 2-10

banner message creating 2-10

block requests viewing 2-105

C

capturing live traffic 2-63

changing the password 2-66

clear denied-attackers

described 2-18

examples 2-18, 2-35

syntax 2-18, 2-34

using 2-18, 2-34

clear events

described 2-20

examples 2-20, 2-112

using 2-20, 2-112

clear line

described 2-21

examples 2-21

syntax 2-21

using 2-21

clear os-identification

described 2-23

examples 2-24, 2-25

syntax 2-23

using 2-23, 2-25

clear sdee-subscription

described 2-25

syntax 2-25

CLI

command line editing 1-4

command modes 1-5

default keywords 1-8

error messages A-1

generic commands 1-7

regular expression syntax 1-5

CLI behavior

case sensitivity 1-3

described 1-2

display options 1-4

help 1-3

prompts 1-2

recall 1-3

tab completion 1-3

clock set

described 2-26

examples 2-26

syntax 2-26

using 2-26

closing an active terminal session 2-44

command line editing (table) 1-4

command modes

described 1-5

event action rules configuration 1-5

EXEC 1-5

global configuration 1-5

privileged EXEC 1-5

service mode configuration 1-5

signature definition configuration 1-5

commands

viewing current sensor configuration 2-102

viewing IPS health and security status 2-112

viewing list of most recently used 2-113

configure

described 2-27

examples 2-27

syntax 2-27

using 2-27

copy

described 2-28

examples 2-29

syntax 2-28

using 2-28

copy ad-knowledge-base

described 2-31

examples 2-31

syntax 2-31

using 2-31

copying

configuration files 2-28

iplogs 2-28

copy instance

described 2-33

examples 2-33

syntax 2-33

using 2-33

creating

banner message 2-10

users 2-169

Ctrl-N 1-3

Ctrl-P 1-3

D

default keywords using 1-8

deleting a logical file 2-40

denied attackers removing 2-18

directing output to the serial connection 2-36

displaying

current level of privilege 2-129

historical interface statistics 2-121

interface statistics 2-119

IP log contents 2-47

IP packet route 2-165

known hosts table 2-140

live traffic 2-63

local event log contents 2-105

PEP information 2-125

public RSA keys 2-133, 2-134, 2-136

sensor trusted hosts 2-150

server TLS certificate fingerprint 2-149

specific number of lines on screen 2-161

SSH server host key 2-138

statistics 2-141

system clock 2-100

user information 2-151

version information 2-153

display-serial

described 2-36

examples 2-36

using 2-36

downgrade

described 2-37

examples 2-37

related commands 2-38

E

end

described 2-39

examples 2-39

entering

global configuration 2-27

service configuration mode 2-74

erase

described 2-40

examples 2-40

syntax 2-40

erase ad-knowledge-base

described 2-41

examples 2-41

syntax 2-41

using 2-41

erase license-key

described 2-43

examples 2-43

using 2-43

error events viewing 2-105

error messages

described A-1

validation A-5

event-action-rules name described 2-74

event log viewing contents of 2-105

events

clearing 2-20

deleting 2-20

Event Store clearing events 2-20, 2-112

exit

described 2-44

examples 2-44

using 2-44

exiting

configuration mode 2-39, 2-44

submodes 2-39

F

files

anomaly detection

loading 2-4

saving 2-5

G

generating

server host key 2-158

X.509 certificate 2-162

generic commands 1-7

H

help

question mark 1-3

using 1-3

I

initializing the sensor 2-78

iplog

described 2-45

examples 2-46

related commands 2-46

syntax 2-45

using 2-45

iplog-status

described 2-47

examples 2-48

syntax 2-47

using 2-47

IP packet display route 2-165

K

keywords

default 1-8

no 1-8

L

limitations for concurrent CLI sessions 1-1

list component-configurations

described 2-49

examples 2-49

using 2-49

locking user accounts 2-6

M

modifying

privilege level 2-70

terminal properties for a login session 2-161

monitoring viewer privileges 1-2

more exclude

described 2-56

examples 2-56

related commands 2-60

syntax 2-56

using 2-56

more include

described 2-61

related commands 2-62

N

network connectivity testing for 2-68

O

operator privileges 1-2

output

clearing current line 1-4

displaying 1-4

setting number of lines to display 2-161

P

packet

described 2-63

examples 2-64

related commands 2-65

syntax 2-63

using 2-64

password

changing 2-66

described 2-66

examples 2-67

related commands 2-67

syntax 2-66

updating 2-66

using 2-66

ping

described 2-68

examples 2-68

syntax 2-68

using 2-68

platforms concurrent CLI sessions 1-1

privilege

described 2-70

examples 2-70

modifying 2-70

related commands 2-70

syntax 2-70

prompts default input 1-2

R

recall

help and tab completion 1-3

using 1-3

recover

described 2-71

examples 2-71

syntax 2-71

using 2-71

regular expression syntax

described 1-5

table 1-6

removing

service packs 2-37

signature updates 2-37

rename ad-knowledge-base

described 2-72

examples 2-72

syntax 2-72

using 2-72

reset

described 2-73

examples 2-73

syntax 2-73

using 2-73

route displaying IP packet 2-165

S

service

analysis-engine 2-74

anomaly-detection name 2-74

authentication 2-74

described 2-74

event-action-rules name 2-74

examples 2-76

external-product-interface 2-74

host 2-74

interface 2-74

logger 2-74

network-access 2-74

notification 2-74

privileges 1-2

role 1-2

signature-definition name 2-74

ssh-known-hosts 2-74

syntax 2-74

trusted-certificate 2-74

using 1-2, 2-76

web-server 2-74

setting the system clock 2-26

setup

clock setting parameters (table) 2-80

described 2-78

examples 2-80

using 2-79

show begin

described 2-98

examples 2-98

syntax 2-98

using 2-98

show clock

authoritative flags 2-100

described 2-100

examples 2-100

syntax 2-100

using 2-100

show configuration

described 2-102

examples 2-102

show events

described 2-105

examples 2-106

syntax 2-105

using 2-106

show exclude

described 2-108

examples 2-108

related commands 2-111

syntax 2-108

using 2-108

show health

described 2-112

show history

described 2-113

examples 2-113

using 2-113

show include

described 2-114

examples 2-114

related commands 2-114

using 2-114

show inspection-load

described 2-116

examples 2-116

using 2-116

show interfaces

described 2-119

examples 2-120

syntax 2-119

using 2-119

show interfaces-historical

examples 2-122

using 2-121

show interfaces-history

described 2-121

examples 2-123

syntax 2-121

show inventory

described 2-125

examples 2-125

using 2-125

show privilege

described 2-129

examples 2-129

related commands 2-129

using 2-129

show settings

described 2-130

examples 2-130

syntax 2-130

show ssh authorized-keys

described 2-133, 2-134, 2-136

examples 2-133, 2-134, 2-136

related commands 2-133, 2-135, 2-137

syntax 2-136

using 2-133, 2-134, 2-136

show ssh host-keys

described 2-140

examples 2-140

related commands 2-140

syntax 2-140

using 2-140

show ssh server-key

described 2-138

examples 2-138

related commands 2-139

show statistics

described 2-141

syntax 2-141

show tech-support

examples 2-148

syntax 2-147

using 2-148

varlog files 2-148

show tls fingerprint

described 2-149

examples 2-149

related commands 2-149

show tls trusted-hosts

described 2-150

examples 2-150

related commands 2-150

syntax 2-150

using 2-150

show users

described 2-151

examples 2-151

related commands 2-152

syntax 2-151

using 2-151

show version

described 2-153

examples 2-153

using 2-153

signature-definition name described 2-74

ssh authorized-key

described 2-156

examples 2-156

related commands 2-157

syntax 2-156

using 2-156

ssh generate-key

described 2-158

examples 2-158

related commands 2-158

using 2-158

ssh host-key

described 2-159

examples 2-160

related commands 2-160

syntax 2-159

using 2-159

starting IP logging 2-45

statistics

clearing 2-141

viewing 2-141

status events viewing 2-105

syntax case sensitivity 1-3

System Configuration Dialog 2-79

system viewing status 2-147

T

tab completion using 1-3

tech support

viewing

control transaction responses 2-147

current configuration information 2-147

debug logs 2-147

version 2-147

terminal

described 2-161

examples 2-161

syntax 2-161

using 2-161

terminating a CLI session 2-21

tls generate-key

described 2-162

examples 2-162

related commands 2-162

tls trusted-host

described 2-163

examples 2-163

related commands 2-164

syntax 2-163

using 2-163

trace

described 2-165

examples 2-165

using 2-165

U

unlocking user accounts 2-168

unlock user

described 2-168

examples 2-168

related commands 2-168

syntax 2-168

using 2-168

updating the password 2-66

upgrade

described 2-166

examples 2-8, 2-167

syntax 2-166

using 2-166

upgrading the system 2-166

username

described 2-169

examples 2-169

related commands 2-170

syntax 2-169

using 2-169

user roles

administrator 1-1

operator 1-1

service 1-1

viewer 1-1

using

anomaly detection file 2-5

banner login 2-10

clear denied-attackers 2-18, 2-34

clear os-identification 2-23, 2-25

copy ad-knowledge-base 2-31

copy instance 2-33

erase ad-knowledge-base 2-41

erase license-key 2-43

list component-configurations 2-49

rename ad-knowledge-base 2-72

show inspection-load 2-116

V

validation error messages described A-5

viewer privileges 1-2

viewing

alerts 2-105

block requests 2-105

error events 2-105

IPS processes 2-153

operating system 2-153

signature packages 2-153

status events 2-105