Cisco ISE CLI Commands in EXEC Show Mode

This chapter describes show commands in EXEC mode that are used to display the Cisco ISE settings and are among the most useful commands. Each of the commands in this chapter is followed by a brief description of its use, command syntax, usage guidelines, and one or more examples.


Note

From Cisco ISE Release 3.0 onwards, if there is an escape character required after running certain show commands, press Ctrl+C and then press Q.

show

To show the running system information, use the show command in EXEC mode.

show keyword

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

All show commands require at least one keyword to function.

Example


ise/admin# show application
<name>          <Description>
ise             Cisco Identity Services Engine
ise/admin#

show application

To show installed application packages on the system, use the show application command in EXEC mode.

show application > file-name

show application [status {application_name}]

show application [version {application_name}]

Syntax Description

>

Redirects output to a file.

file-name

Name of the file to store the Cisco ISE application information.

status

Displays the status of the installed application.

version

Displays the application version for an installed application (Cisco ISE).

application_name

Name of the installed application.

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

    |—Output modifier variables for count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

    |—Output modifier variables for last.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

To view the application status and version about installed packages on the system, use the show application commands.

Examples

Example 1


ise/admin# show application
<name>          <Description>
ise             Cisco Identity Services Engine
ise/admin#

Example 2 


ise/admin# show application version ise
Cisco Identity Services Engine
---------------------------------------------
Version      : 1.3.0.672
Build Date   : Thu Jun 19 19:33:17 2014
Install Date : Thu Jun 19 21:06:34 2014
ise/admin#

Example 2


ise/admin# show application version ise
Cisco Identity Services Engine
---------------------------------------------
Version      : 1.4.0.205
Build Date   : Tue Mar  3 05:37:10 2015
Install Date : Tue Mar  3 21:06:34 2015
ise/admin#

Example 3

Cisco ISE includes the status of processes that are optional (persona-based). Processes like pxGrid, Certificate Authority, M&T, and Identity Mapping Services can be in any one of the following states:

  • Running—Cisco ISE services are up and running

  • Not Running—Cisco ISE services are shut down

  • Disabled—Cisco ISE services are disabled 

iseadmin#show application status ise

ISE PROCESS NAME                       STATE            PROCESS ID  
--------------------------------------------------------------------
Database Listener                      not running                  
Application Server                     not running                  
Profiler Database                      not running                  
ISE Indexing Engine                    not running                  
AD Connector                           not running                  
M&T Session Database                   not running                  
M&T Log Processor                      not running                  
Certificate Authority Service          not running                  
EST Service                            not running                  
SXP Engine Service                     disabled                     
TC-NAC Service                         disabled                     
PassiveID WMI Service                  disabled                     
PassiveID Syslog Service               disabled                     
PassiveID API Service                  disabled                     
PassiveID Agent Service                disabled                     
PassiveID Endpoint Service             disabled                     
PassiveID SPAN Service                 disabled                     
DHCP Server (dhcpd)                    disabled                     
DNS Server (named)                     disabled                     
ISE Messaging Service                  not running                  
ISE API Gateway Database Service       not running                  
ISE API Gateway Service                not running                  
ISE EDDA Service                       not running                  
Segmentation Policy Service            disabled                     
REST Auth Service                      disabled                     
SSE Connector                          disabled                     
Hermes (pxGrid Cloud Agent)            disabled                     
McTrust (Meraki Sync Service)          disabled                     
ISE Node Exporter                      not running                  
ISE Prometheus Service                 not running                  
ISE Grafana Service                    not running                  
ISE MNT LogAnalytics Elasticsearch     disabled                     
ISE Logstash Service                   disabled                     
ISE Kibana Service                     disabled

show backup

To display the backup history of the system or the status of the backup, use the show backup command in EXEC mode.

show backup [history | status]

Syntax Description

history

Displays historical information about backups on the system.

progress

Displays the backup status on the system.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

To view the system backup history and status, use the show backup command.

Example 1


ise/admin# Show backup history
Wed Apr 10 02:35:29 EDT 2013: backup mybackup-CFG-130410-0226.tar.gpg to repository myrepository: success
Wed Apr 10 02:40:07 EDT 2013: backup mybackup1-OPS-130410-0239.tar.gpg to repository myrepository: success
ise/admin#

Example 2

ise/admin# show backup status
%% Configuration backup status
%% ----------------------------
%      backup name: mybackup
%       repository: myrepository
%       start date: Wed Apr 10 02:26:04 EDT 2013
%        scheduled: no
%   triggered from: Admin web UI
%             host: ise.cisco.com
%           status: backup mybackup-CFG-130410-0226.tar.gpg to repository myrepository: success
%% Operation backup status
%% ------------------------
%      backup name: mybackup1
%       repository: myrepository
%       start date: Wed Apr 10 02:39:02 EDT 2013
%        scheduled: no
%   triggered from: Admin web UI
%             host: ise.cisco.com
%           status: backup mybackup1-OPS-130410-0239.tar.gpg to repository myrepository: success
ise/admin#

show banner

To display pre-login and post-login banners, use the show banner command in EXEC mode.

show banner [post-login | pre-login]

The banners are configured in the Cisco ISE GUI in the following window:

Administration > System > Admin Access > Settings > Access. The Session tab contains the fields for configuring the pre-login and post-login banners for Cisco ISE CLI and GUI.

Syntax Description

post-login

Displays the post-login information that is configured in the Cisco ISE server for the current CLI session.

pre-login

Displays the pre-login information that is configured in the Cisco ISE server for the current CLI session.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

Use the show banner command in the active SSH sessions. If the active SSH sessions exceed the Maximum Concurrent Sessions that is configured in the Cisco ISE Admin portal, you get the “WARNING: Maximum active SSH sessions reached” message.

show cdp

To display information about all enabled Cisco Discovery Protocol (CDP) interfaces, use the show cdp command in EXEC mode.

show cdp [all | neighbors]

Syntax Description

all

Shows all enabled Cisco Discovery Protocol interfaces.

neighbors

Shows the Cisco Discovery Protocol neighbors.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

To view enabled Cisco Discovery Protocol interfaces and CDP neighbors, use the show cdp command.


Note

CDP can be visualized from neighboring IPv4 and IPv6 interfaces

Example 1


ise/admin# show cdp all
CDP protocol is enabled...
        broadcasting interval is every 60 seconds.
        time-to-live of cdp packets is 180 seconds.
        CDP is enabled on port GigabitEthernet0.
ise/admin#

Example 2


ise/admin# show cdp neighbors
CDP Neighbor: 000c297840e5
        Local Interface : GigabitEthernet0
        Device Type     : ISE-1141VM-K9
        Port            : eth0
        Address         : 172.23.90.114
        IPv6 Address    : 2001:420:54ff:4::458:1
CDP Neighbor: isexp-esw5
        Local Interface : GigabitEthernet0
        Device Type     : cisco WS-C3560E-24TD
        Port            : GigabitEthernet0/5
        Address         : 172.23.90.45
       IPv6 Address     : 2001:420:54ff:4::458:5
CDP Neighbor: 000c29e29926
        Local Interface : GigabitEthernet0
        Device Type     : ISE-1141VM-K9
        Port            : eth0
        Address         : 172.23.90.115
       IPv6 Address     : 2001:420:54ff:4::458:2
CDP Neighbor: 000c290fba98
        Local Interface : GigabitEthernet0
        Device Type     : ISE-1141VM-K9
        Port            : eth0
        Address         : 172.23.90.111
       IPv6 Address     : 2001:420:54ff:4::458:3
ise/admin#

show clock

To display the day, month, date, time, time zone, and year of the system software clock, use the show clock command in EXEC mode.

This command has no keywords and arguments.

show clock

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

The show clock output in the following example includes Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), Great Britain, or Zulu time.

Example


ise/admin# show clock
Fri Aug 6 10:46:39 UTC 2010
ise/admin#

show container

To view information about the Threat-Centric NAC adapters, use the show container command in EXEC mode.

The output of this command provides statistical information about the vulnerability assessment scans, when the adapters were created, how long the adapters were running, and their current statuses. You can further view information about each of the adapters in detail based on the container name or ID.

show container tc-nac {adapters | all | inspect {container-id container-id | container-name container-name} | stats {container-id container-id | container-name container-name}} |}

Syntax Description

tc-nac

Displays information about the Threat-Centric NAC adapters.

all

When used with TC NAC, lists all the adapters that are available in Cisco ISE, including the container name and ID.

When used with Wi-Fi Setup, displays the Wi-Fi container setup information.

adapters

Lists the TC NAC adapters that are configured in Cisco ISE. Lists the container ID and name, the time when the adapter was created and how long the adapter has been running, and the current status of the adapter.

inspect{container-id container-id | container-name container-name}

Lists detailed information about the specific adapter.

stats {container-id container-id | container-name container-name}

Provides statistical information about the specific adapter.

>

Redirects output to a file.

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

    |—Output modifier variables for count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

    |—Output modifier variables for last.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.2.0.470

This command was introduced.

3.1

This command no longer includes Wi-Fi configurations.

Usage Guidelines

To view information about the Threat-Centric NAC adapters, use the show container command.

Example 1 


ise/admin# show container tc-nac adapters

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS                                                 NAMES
63b8904f41c6        irf-adapter-nexpose     "/opt/CSCOcpm/vaservi"   19 hours ago        Up 19 hours                                                               nexpose
8389f7e249cf        irf-adapter-tenable     "/opt/CSCOcpm/vaservi"   2 days ago          Up 2 days                                                                 tenable

ise/admin#

Example 2 


ise/admin# show container tc-nac all

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS                                                 NAMES
63b8904f41c6        irf-adapter-nexpose     "/opt/CSCOcpm/vaservi"   19 hours ago        Up 19 hours                                                               nexpose
8389f7e249cf        irf-adapter-tenable     "/opt/CSCOcpm/vaservi"   2 days ago          Up 2 days                                                                 tenable
41921c1539bf        irf-core-engine:2.2.6   "/bin/sh -c 'npm star"   3 days ago          Up 3 days           192.0.2.13:3000->3000/tcp                              irf-core-engine-runtime
c4f6ff3cf628        irf-rabbitmq:2.2.6      "/docker-entrypoint.s"   3 days ago          Up 3 days           4369/tcp, 5671-5672/tcp, 15671-15672/tcp, 25672/tcp   irf-rabbitmq-runtime
e682a5a5ad69        irf-mongo:2.2.6         "/entrypoint.sh mongo"   3 days ago          Up 3 days           27017/tcp                                             irf-mongo-runtime

ise/admin#

Example 3 


ise/admin#  show container tc-nac inspect container-name nexpose
[
{
    "Id": "63b8904f41c6ce2a58660d38eb3500104038e650e4e3365e21e0a536a1ba3044",
    "Created": "2016-09-22T11:38:03.146141316Z",
    "Path": "/opt/CSCOcpm/vaservice/nexposeadapter/bin/nexposeadaptercontrol.sh",
    "Args": [
        "start",
        "http://irf-core-engine-runtime:3000/api/adapter/instance/register",
        "07bc6aee-fb9f-4845-86cb-886c7c095188"
    ],
    "State": {
        "Status": "running",
        "Running": true,
        "Paused": false,
        "Restarting": false,
        "OOMKilled": false,
        "Dead": false,
        "Pid": 23433,
        "ExitCode": 0,
        "Error": "",
        "StartedAt": "2016-09-22T11:38:05.609439645Z",
        "FinishedAt": "0001-01-01T00:00:00Z"
    },
    "Image": "06ba3230bd64872b988f4506e7fffddc8c6374c7ece285555ee1cc57743ea7e0",
    "ResolvConfPath": "/opt/docker/runtime/containers/63b8904f41c6ce2a58660d38eb3500104038e650e4e3365e21e0a536a1ba3044/resolv.conf",
    "HostnamePath": "/opt/docker/runtime/containers/63b8904f41c6ce2a58660d38eb3500104038e650e4e3365e21e0a536a1ba3044/hostname",
    "HostsPath": "/opt/docker/runtime/containers/63b8904f41c6ce2a58660d38eb3500104038e650e4e3365e21e0a536a1ba3044/hosts",
    "LogPath": "/opt/docker/runtime/containers/63b8904f41c6ce2a58660d38eb3500104038e650e4e3365e21e0a536a1ba3044/
               63b8904f41c6ce2a58660d38eb3500104038e650e4e3365e21e0a536a1ba3044-json.log",
    "Name": "/nexpose",
    "RestartCount": 0,
    "Driver": "devicemapper",
    "ExecDriver": "native-0.2",
    "MountLabel": "",
    "ProcessLabel": "",
    "AppArmorProfile": "",
    "ExecIDs": [
        "d76578aa48118167d9d029037fcb2e56aa7dce8672b8991a736617a6d6879750"
    ],
    .
    .
    .
    "NetworkSettings": {
        "Bridge": "",
        "SandboxID": "9873fb92f86e665039a6de15bfe057bc3fd341f7b39acedee57cbd89b3f56ce0",
        "HairpinMode": false,
        "LinkLocalIPv6Address": "",
        "LinkLocalIPv6PrefixLen": 0,
        "Ports": {},
        "SandboxKey": "/var/run/docker/netns/9873fb92f86e",
        "SecondaryIPAddresses": null,
        "SecondaryIPv6Addresses": null,
        "EndpointID": "",
        "Gateway": "",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "IPAddress": "",
        "IPPrefixLen": 0,
        "IPv6Gateway": "",
        "MacAddress": "",
        "Networks": {
            "irf-internal-nw": {
                "EndpointID": "8999c12319144cfd66a4e99be40f7fbc228779e43f2a7f20c48867b8b3ca7a49",
                "Gateway": "169.254.1.1",
                "IPAddress": "169.254.1.6",
                "IPPrefixLen": 24,
                "IPv6Gateway": "",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "MacAddress": "02:42:a9:fe:01:06"
            }
        }
    }
}
]

Example 4 


ise/admin#  show container tc-nac stats container-name nexpose

CONTAINER           CPU %               MEM USAGE / LIMIT     MEM %               NET I/O               BLOCK I/O
nexpose             0.07%               327.9 MB / 12.43 GB   2.64%               4.501 MB / 2.446 MB   106.4 MB / 21.27 MB

show cpu

To display CPU information, use the show cpu command in EXEC mode.

To show a summary of CPU usage per Cisco ISE component, use the show cpu usage command in EXEC mode. The output of this command provides a snapshot of CPU usage at the moment the command is run.

show cpu > file-name

show cpu statistics

show cpu usage

Syntax Description

>

Redirects output to a file.

file-name

Name of the file to redirect.

statistics

Displays CPU statistics.

cpu usage

Displays the CPU usage per component for an installed application (Cisco ISE).

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

    |—Output modifier variables for count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

    |—Output modifier variables for last.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.1.0.474

This command was introduced.

Usage Guidelines

To view CPU information and its statistics, use the show cpu command.

Example 1 


ise/admin# show cpu
processor: 0
model : Intel(R) Xeon(R) CPU           E5320 @ 1.86GHz
speed(MHz): 1861.914
cache size: 4096 KB
ise/admin#

Example 2 


ise/admin# show cpu statistics
user time:             265175
kernel time:           166835
idle time:            5356204
i/o wait time:         162676
irq time:                4055
ise/admin#

Example 3


ise/admin# show cpu usage

ISE Function                         % CPU Usage           CPU Time     Number of threads
---------------------------------------------------------------------------------------------
Profiler Database                         0.01              1:26.27               3 
M&T Session Database                      0.01              1:23.06              18 
Certificate Authority Service             0.04              6:57.38              31 
M&T Log Processor                         0.09             15:44.23              60 
ISE Indexing Engine                       0.12             21:34.76              75 
Database Listener                         0.01              0:53.18               2 
Database Server                           0.36             62:48.64              64 processes 
Admin Webapp                              0.04              6:46.68              53
Profiler                                  0.00              0:02.94              26
NSF Persistence Layer                     0.05              8:09.70              46
Guest Services                            0.00              0:00.32               5
Syslog Processor                          0.00              0:12.79               3
Quartz Scheduler                          0.05              9:08.80              29
RMI Services                              0.00              0:05.98              10
Message Queue                             0.00              0:43.99               4
BYOD Services                             0.00              0:00.00               1
Admin Process JVM Threads                 0.19             32:50.67              10
Miscellaneous services                    0.17             30:30.47             3557
Identity Mapping Service                   N/A
SXP Engine Service                         N/A
Threat Centric NAC Docker Service          N/A
Threat Centric NAC MongoDB Container       N/A
Threat Centric NAC RabbitMQ Container      N/A
Threat Centric NAC Core Engine Container   N/A
Vulnerability Assessment Database          N/A
Vulnerability Assessment Service           N/A

show crypto

To display information about the public keys and authorized keys for the logged in administrators and users, use the show crypto command.

show crypto authorized_keys

show crypto host-keys

show crypto key

Syntax Description

authorized_keys

Displays authorized keys information for the user who is logged in currently.

host_keys

Displays host keys for the user who is logged in currently.

key

Displays key information for the user who is logged in currently.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

To view authorized keys and keys for currently logged in users, use the show crypto command.


Remember

The show crypto authorized keys command shows all authorized keys in an encrypted format.

You can delete individual key or all keys using the crypto key [ delete {hash | authorized_keys | rsa}] command.

When deleting an individual key using the hash value, if the last key is remaining, a warning is displayed. If the last key is deleted, a new key should be imported in the same session, or the administrator must login to the console to import a new key.

When deleting all authorized keys, a new key should be imported in the same session, or the administrator must login to the console to import a new key.

Example 1 

ise/iseadmin#show crypto authorized_keys 
Authorized keys for iseadmin
ssh-rsa in netadmin@cjb

Example 2 

ise/iseadmin#show crypto key 
iseadmin public key: ssh-rsa in iseadmin@ise-1

show disks

To display the disks file-system information, use the show disks command in EXEC mode.

show disks

Syntax Description

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

    |—Output modifier variables for count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

    |—Output modifier variables for last.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.2

The filename variable is no longer supported.

Usage Guidelines

Only platforms that have a disk file system support the show disks command.

Example


ise/admin# show disks
Internal filesystems:
/ : 5% used ( 24124436 of 540283556)
/storedconfig : 7% used ( 5693 of 93327)
/tmp : 2% used ( 35960 of 1976268)
/boot : 4% used ( 17049 of 489992)
/dev/shm : 0% used ( 0 of 1943756)
  all internal filesystems have sufficient free space
ise/admin#

Note

In Cisco ISE 3.0, the localdisk partition is allocated dynamically.

show esr status

To show the Embedded Services Router status, use the show esr status command in EXEC mode.

show esr status

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

3.2

This command was introduced.

Usage Guidelines

The comand show esr status replaces the command service esr status that was used in Cisco ISE Release 3.1 and earlier releases.

Examples

ise49/admin# show esr status
% ESR 5921 is enabled on eth1
ise49/admin# show esr status
% ESR 5921 is disabled

show icmp-status

To display the Internet Control Message Protocol (ICMP) echo response configuration information, use the show icmp_status command in EXEC mode.

show icmp_status | save file_name

Syntax Description

| save

Redirects output to a file.

file-name

Name of the file to redirect.

|

Output modifier commands:

  • begin —Matched pattern. Supports up to 80 alphanumeric characters.

  • count —Count the number of lines in the output. Add number after the word count.

    • |—Output modifier commands for count.

  • end —End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude —Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include —Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

    • |—Output modifier commands for last.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.2

To redirect the command output to a file, you must use | save file_name instead of > file-name .

Usage Guidelines

To view the Internet Control Message Protocol (ICMP) echo response configuration information, use the show icmp_status command.

Example 1


ise/admin# show icmp_status
icmp echo response is turned on
ise/admin#

Example 2


ise/admin# show icmp_status
icmp echo response is turned off
ise/admin#

show interface

To display the usability status of interfaces configured for IP, use the show interface command in EXEC mode.

show interface | save file_name

show interface GigabitEthernet {0-3}

Syntax Description

| save

Redirects output to a file.

file-name

Name of the file to redirect interface information.

GigabitEthernet

Shows the specific Gigabit Ethernet interface information.

0-3

Gigabit Ethernet number that may be one of the fallowing: 0. 1, 2, 3.

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.2

To redirect the command output to a file, you must use | save file_name instead of > file-name .

Usage Guidelines

In the show interface GigabitEthernet 0 output, you can find that the interface has three IPv6 addresses. The first internet address (starting with 3ffe) is the result of using stateless autoconfiguration. For this to work, you need to have IPv6 route advertisement enabled on that subnet. The next address (starting with fe80) is a link local address that does not have any scope outside the host. You always see a link local address regardless of the IPv6 autoconfiguration or DHCPv6 configuration. The last address (starting with 2001) is the result obtained from a IPv6 DHCP server.

Example 1


ise/admin# show interface
eth0      Link encap:Ethernet  HWaddr 00:0C:29:6A:88:C4
          inet addr:172.23.90.113  Bcast:172.23.90.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe6a:88c4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48536 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14152 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:6507290 (6.2 MiB)  TX bytes:12443568 (11.8 MiB)
          Interrupt:59 Base address:0x2000
lo        Link encap:Local Loopback
          inet addr:192.0.2.13  Mask:192.0.2.11
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1195025 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1195025 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:649425800 (619.3 MiB)  TX bytes:649425800 (619.3 MiB)
sit0      Link encap:IPv6-in-IPv4
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
ise/admin#

Example 2


ise/admin# show interface GigabitEthernet 0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:AF:DA:05
          inet addr:172.23.90.116  Bcast:172.23.90.255  Mask:255.255.255.0
          inet6 addr: 3ffe:302:11:2:20c:29ff:feaf:da05/64 Scope:Global
          inet6 addr: fe80::20c:29ff:feaf:da05/64 Scope:Link
          inet6 addr: 2001:558:ff10:870:8000:29ff:fe36:200/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:77848 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23131 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10699801 (10.2 MiB)  TX bytes:3448374 (3.2 MiB)
          Interrupt:59 Base address:0x2000
ise/admin#

show inventory

To display information about the hardware inventory, including the Cisco ISE appliance model and serial number, use the show inventory command in EXEC mode.

show inventory | save file_name

Syntax Description

| save

Redirects output to a file.

file-name

Name of the file to redirect hardware inventory information.

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.2

To redirect the command output to a file, you must use | save file_name instead of > file-name .

Usage Guidelines

To view the Cisco ISE appliance information, use the show inventory command.

Example

ise/admin# show inventory
inventory
NAME: "ISE-VM-K9 chassis", DESCR: "ISE-VM-K9 chassis"
PID: ISE-VM-K9, VID: V01, SN: H8JESGOFHGG

Manufacturer: VMware, Inc.
Product Name: VMware7,1
Total RAM Memory: 16211484 kB
CPU Core Count: 4
CPU 0: Model Info: Intel(R) Xeon(R) Platinum 8280 CPU @ 2.70GHz
CPU 1: Model Info: Intel(R) Xeon(R) Platinum 8280 CPU @ 2.70GHz
CPU 2: Model Info: Intel(R) Xeon(R) Platinum 8280 CPU @ 2.70GHz
CPU 3: Model Info: Intel(R) Xeon(R) Platinum 8280 CPU @ 2.70GHz
Hard Disk Count(*): 1
Disk 0: Device Name: /dev/sda:
Disk 0: Capacity: 300GiB
NIC Count: 1
NIC 0: Device Name: eth0:
NIC 0: HW Address: 00:50:56:bx:aa:bx
NIC 0: Driver Descr: VMware vmxnet3 virtual NIC driver

(*) Hard Disk Count may be Logical.

show ip

To display the IP route information, use the show ip command in EXEC mode.

show ip route

Syntax Description

route

Displays IP route information.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

This command displays the IP routing table.

Example

ise/iseadmin#show ip route 
 
Destination          Gateway              Iface               
-----------          -------              -----               
default              10.1.100.1           eth0                
10.1.100.0/24        0.0.0.0              eth0                
169.254.2.0/24       0.0.0.0              cni-podman1         
169.254.4.0/24       0.0.0.0              cni-podman2

show ipv6 route

To display the IPv6 route information, use the show ipv6 route command in EXEC mode.

show ipv6 route

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

This command displays the IPv6 routing table.

Example 1 


ise/admin# show ipv6 route
Destination     								Gateway         								Iface
-----------													-------																	------

2001:DB8:cc00:1::/64    2001:DB8:cc00:1::1      eth0
ff02::1:2/128         		ff02::1:2     										eth0
ise/admin#

Example 2


ise/admin# show ipv6 route
Destination     								Gateway         								Iface
-----------													-------																	------
2001:db8::/64 										::																						eth0
2015:db8::/64											::																						eth3
2020:db8::/64										 2001:db8::5													eth0
default																	2001:db8::5													eth0
ise/admin#

show logging

To display the state of system logging (syslog) and the contents of the standard system logging buffer, use the show logging command in EXEC mode.

show logging | save file_name

show logging application application-logfile-name

show logging container tc-nac {container-id container-id [log-name name-of-log-file tail] | container-name container-name}

show logging internal

show logging system system-logfile-name

Syntax Description

| save

Redirects output to a file.

file-name

Name of the file to redirect system logging information.

application

Displays application logs.

application-logfile-name

Name of the application log file.

container tc-nac

Displays the Threat Centric-NAC containers.
container-id container-id [log-name name-of-log-file tail]

Displays the log files related to the specified container (TC-NAC adapter).
container-name container-name

Displays the log files related to the specified container (TC-NAC adapter).

internal

Displays the syslog configuration.

system

Displays the list of log files in the logging system.

system-logfile-name

Name of the system log file.

system-file-name

Name of the system log file name.

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

2.7

The display environment changed to the Unix less command.

3.2

To redirect the command output to a file, you must use | save file_name instead of > file-name .

Usage Guidelines

This command displays the state of syslog error and event logging, including host addresses, and for which, logging destinations (console, monitor, buffer, or host) logging is enabled. When you run this command, the content is opened in the Unix less evironment. Typing "H" displays the search and movement commands.

Example 1 

ise/admin# show logging system
          0 Feb 25 2013 15:57:43  tallylog
       1781 Feb 26 2013 02:01:02  maillog
       4690 Feb 26 2013 02:40:01  cron
          0 Feb 25 2013 15:56:54  spooler
          0 Feb 25 2013 16:10:03  boot.log
          0 Feb 25 2013 16:00:03  btmp
      38784 Feb 26 2013 02:19:48  wtmp
      16032 Feb 26 2013 02:19:47  faillog
      32947 Feb 26 2013 00:38:02  dmesg
      63738 Feb 26 2013 02:19:49  messages
     146292 Feb 26 2013 02:19:48  lastlog
      13877 Feb 26 2013 01:48:32  rpmpkgs
     129371 Feb 26 2013 02:40:22  secure
      27521 Feb 25 2013 16:10:02  anaconda.syslog
     345031 Feb 25 2013 16:10:02  anaconda.log
          0 Jul 28 2011 00:56:37  mail/statistics
    1272479 Feb 26 2013 02:42:52  ade/ADE.log
     567306 Feb 26 2013 02:40:22  audit/audit.log
      24928 Feb 26 2013 02:40:01  sa/sa26
          0 Feb 25 2013 16:01:40  pm/suspend.log
ise/admin#

Example 2

To view application log files on Cisco ISE nodes, use the following command: 


ise/admin# show logging application 
       61 Oct 07 2016 03:02:43  dbalert.log
       4569 Oct 07 2016 03:21:18  ad_agent.log
          0 Oct 07 2016 03:13:18  ise-elasticsearch_index_indexing_slowlog.log
          0 Oct 07 2016 03:02:59  edf.log
        124 Oct 07 2016 03:21:59  diagnostics.log
       8182 Oct 07 2016 03:26:45  caservice.log
        426 Oct 07 2016 03:19:17  redis.log
       1056 Oct 07 2016 03:13:07  caservice_bootstrap.log
      49637 Oct 07 2016 03:27:40  passiveid-mgmt.log
          0 Oct 07 2016 03:02:59  passiveid.log
          0 Oct 07 2016 03:13:18  ise-elasticsearch_index_search_slowlog.log
      14152 Oct 07 2016 03:26:03  collector.log
          0 Oct 07 2016 03:02:59  idc-endpoint.log
        134 Oct 07 2016 03:22:34  ocsp.log
          0 Oct 07 2016 03:02:59  dbconn.log
          0 Oct 07 2016 03:02:59  idc-kerberos.log
     100958 Oct 07 2016 03:24:43  crypto.log
          0 Oct 07 2016 03:02:59  idc-syslog.log
          0 Oct 07 2016 03:02:59  replication.log.2016-10-04.1
      10394 Oct 07 2016 03:24:01  guest.log
          0 Oct 07 2016 03:02:59  guest.log.2016-10-07.1
          0 Oct 07 2016 03:02:59  vcs.log.2016-10-04.1
     288624 Oct 07 2016 03:27:25  ise-psc.log
ise/admin#

show logins

To display the state of system logins, use the show logins command in EXEC mode.

show logins cli

Syntax Description

cli

Lists the cli login history.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

Requires the cli keyword; otherwise, an error occurs.

Example


ise/admin# show logins cli
admin    pts/0        10.77.137.60     Fri Aug 6 09:45   still logged in
admin    pts/0        10.77.137.60     Fri Aug 6 08:56 - 09:30  (00:33)
admin    pts/0        10.77.137.60     Fri Aug 6 07:17 - 08:43  (01:26)
reboot   system boot  2.6.18-164.el5PA Thu Aug 5 18:17          (17:49)
admin    tty1                          Thu Aug 5 18:15 - down   (00:00)
reboot   system boot  2.6.18-164.el5PA Thu Aug 5 18:09          (00:06)
setup    tty1                          Thu Aug 5 17:43 - 18:07  (00:24)
reboot   system boot  2.6.18-164.el5PA Thu Aug 5 16:05          (02:02)
wtmp begins Thu Aug 5 16:05:36 2010
ise/admin#

show memory

To display the memory usage of all running processes, use the show memory command in EXEC mode.

This command has no keywords and arguments.

show memory

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

To view used memory, use the show memory command.

Example


ise/admin# show memory 
total memory: 4394380 kB
free memory: 206060 kB
cached: 1111752 kB
swap-cached: 9072 kB

output of free command:
total used free shared buffers cached
Mem: 4394380 4188576 205804 0 147504 1111748
-/+ buffers/cache: 2929324 1465056
Swap: 8185108 192728 7992380 
ise/admin#

show ntp

To show the status of the Network Translation Protocol (NTP) associations, use the show ntp command in EXEC mode.

This command has no keywords and arguments.

show ntp

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

To view the Network Translation Protocol (NTP) associations, use the show ntp command.

Example

ise-az2/iseadmin#show ntp
Configured NTP Servers:
	 xx.x.xxx.x
	 0.north-america.pool.ntp.org
	 1.north-america.pool.ntp.org
Reference ID    : 62BFD502 (mail.example.com)
Stratum         : 2
Ref time (UTC)  : Thu May 19 15:49:40 2022
System time     : 0.000000384 seconds fast of NTP time
Last offset     : -0.000422698 seconds
RMS offset      : 0.000422698 seconds
Frequency       : 7.323 ppm slow
Residual freq   : +2.728 ppm
Skew            : 0.352 ppm
Root delay      : 0.090078361 seconds
Root dispersion : 0.002209879 seconds
Update interval : 2.1 seconds
Leap status     : Normal

210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^? ns-dmz.demo.local             0   7     0     -     +0ns[   +0ns] +/-    0ns
^+ lofn.fancube.com              2   6    17    45  +5381us[+4959us] +/-   67ms
^* mail.intrax.com               1   6    17    44  -3730us[-4153us] +/-   47ms

M indicates the mode of the source.
^ server, = peer, # local reference clock.

S indicates the state of the sources.
* Current time source, + Candidate, x False ticker, ? Connectivity lost, ~ Too much variability

Warning: Output results may conflict during periods of changing synchronization.

show ports

To display information about all processes listening on active ports, use the show ports command in EXEC mode.

show ports | save file_name

Syntax Description

| save

Redirects output to a file.

file-name

Name of the file to redirect.

\

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

    |—Output modifier variables for count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

    |—Output modifier variables for last.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.2

To redirect the command output to a file, you must use | save file_name instead of > file-name .

Usage Guidelines

When you run the show ports command, the port must have an associated active session.

Example


ise/admin# show ports
Process : java (22648)
     tcp: 0.0.0.0:9024, 192.0.2.13:2020, 0.0.0.0:9060, 0.0.0.0:37252, 192.0.2.13:8
005, 0.0.0.0:9990, 0.0.0.0:8009, 0.0.0.0:8905, 0.0.0.0:5514, 0.0.0.0:1099, 0.0.0
.0:61616, 0.0.0.0:80, 192.0.2.13:8888, 0.0.0.0:9080, 0.0.0.0:62424, 0.0.0.0:8443,
 0.0.0.0:443, 0.0.0.0:8444
     udp: 172.21.79.91:1812, 172.21.79.91:1813, 172.21.79.91:1700, 0.0.0.0:48425,
172.21.79.91:8905, 172.21.79.91:3799, 0.0.0.0:54104, 172.21.79.91:57696, 172.2,
1.79.91:1645, 172.21.79.91:1646
Process : timestenrepd (21516)
     tcp: 192.0.2.13:56513, 0.0.0.0:51312
Process : timestensubd (21421)
     tcp: 192.0.2.13:50598
Process : rpc.statd (3042)
     tcp: 0.0.0.0:680
     udp: 0.0.0.0:674, 0.0.0.0:677
Process : ttcserver (21425)
     tcp: 0.0.0.0:53385, 192.0.2.13:49293
Process : timestensubd (21420)
     tcp: 192.0.2.13:51370
Process : redis-server (21535)
     tcp: 0.0.0.0:6379
Process : portmap (2999)
     tcp: 0.0.0.0:111
     udp: 0.0.0.0:111
Process : Decap_main (22728)
--More--

show process

To display information about active processes, use the show process command in EXEC mode.

show process | save file_name

Syntax Description

| save

Redirects output to a file.

file-name

Name of the file to redirect.

|

(Optional). Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.2

To redirect the command output to a file, you must use | save file_name instead of > file-name .

Usage Guidelines

Table 1. Show Process Field Descriptions

Field

Description

USER

Logged-in user.

PID

Process ID.

TIME

The time the command was last used.

TT

Terminal that controls the process.

COMMAND

Type of process or command used.

Example


ise/admin# show process
USER       PID     TIME TT       COMMAND
root         1 00:00:02 ?        init
root         2 00:00:00 ?        migration/0
root         3 00:00:00 ?        ksoftirqd/0
root         4 00:00:00 ?        watchdog/0
root         5 00:00:00 ?        events/0
root         6 00:00:00 ?        khelper
root         7 00:00:00 ?        kthread
root        10 00:00:01 ?        kblockd/0
root        11 00:00:00 ?        kacpid
root       170 00:00:00 ?        cqueue/0
root       173 00:00:00 ?        khubd
root       175 00:00:00 ?        kseriod
root       239 00:00:32 ?        kswapd0
root       240 00:00:00 ?        aio/0
root       458 00:00:00 ?        kpsmoused
root       488 00:00:00 ?        mpt_poll_0
root       489 00:00:00 ?        scsi_eh_0
root       492 00:00:00 ?        ata/0
root       493 00:00:00 ?        ata_aux
root       500 00:00:00 ?        kstriped
root       509 00:00:07 ?        kjournald
root       536 00:00:00 ?        kauditd
root       569 00:00:00 ?        udevd
root      1663 00:00:00 ?        kmpathd/0
root      1664 00:00:00 ?        kmpath_handlerd
root      1691 00:00:00 ?        kjournald
root      1693 00:00:00 ?        kjournald
root      1695 00:00:00 ?        kjournald
root      1697 00:00:00 ?        kjournald
root      2284 00:00:00 ?        auditd
root      2286 00:00:00 ?        audispd
root      2318 00:00:10 ?        debugd
rpc       2350 00:00:00 ?        portmap
root      2381 00:00:00 ?        rpciod/0
--More--
ise/admin#

show repository

To display the file contents of the repository, use the show repository command in EXEC mode.

show repository repository-name

Syntax Description

repository-name

Name of the repository whose contents you want to view. Supports up to 30 alphanumeric characters.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

To view the contents of the repository, use the show repository command.

Example


ise/admin# show repository myrepository
back1.tar.gpg
back2.tar.gpg
ise/admin#

Note
If you have enabled PKI authentication for an SFTP repository, you must generate the public key for the repository from the ISE CLI in addition to generating it from the ISE GUI. When the SFTP repository is configured from the ISE GUI, the public key on Cisco ISE is generated only for the root user and not for the admin user (user with which all commands can be run from the CLI). Follow these steps to verify and configure the public key from the ISE CLI:
  1. Verify whether the crypto key is yet generated or not. If the output for the following command is empty it means that the crypto key is not generated.
     ise24/admin# show crypto key

  2. Hence from the CLI EXEC mode generate the key using the command: crypto key generate rsa passphrase <secretkey>.

  3. From the following we can now confirm that the crypto key is generated successfully:
     ise24/admin# show crypto key
admin public key: ssh-rsa SHA256:eEziR/ARPyFo1WptgI+y5WNjGIrgfPmEpEswVY7Qjb0 admin@ise24

  4. After this, the admin needs to export the public key for 'admin’ user using the command:crypto key export <sample-name> repository <another-repository-name>.

  5. Now open the file saved to the <another-repository-name> and add it to /home/<username>/.ssh/authorized_keys folder in the SFTP server.

show restore

To display the restore history and the status of restore, use the show restore command in EXEC mode.

show restore {history | status}

Syntax Description

history

Displays the restore history on the system.

status

Displays the status of restore on the system.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

Example


ise/admin# show restore history
Wed Apr 10 03:32:24 PDT 2013: restore mybackup-CFG-130410-0228.tar.gpg from repository myrepository: success
Wed Apr 10 03:45:19 PDT 2013: restore mybackup1-OPS-130410-0302.tar.gpg from repository myrepository: success
ise/admin#
ise/admin# show restore status
%% Configuration restore status
%% ----------------------------
%  No data found. Try 'show restore history' or ISE operation audit report
%% Operation restore status
%% ------------------------
%  No data found. Try 'show restore history' or ISE operation audit report
ise/admin#

show running-config

To display the contents of the currently running configuration file or the configuration, use the show running-config command in EXEC mode.

This command has no keywords and arguments.

show running-config

Command Default

None

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

The show running-config command displays all of the running configuration information.

Example

ise/iseadmin#show running-config ?
Possible completions:
  cdp               CDP Configuration parameters
  clock             Configure timezone
  conn-limit        Configure a TCP connection limit from source IP
  hostname          Configure hostname
  icmp              Configure icmp echo requests
  identity-store    Configure identity store for CLI users
  interface         Configure interface
  ip                Configure IP features
  ipv6              Configure IPv6 features
  kron              Configure command scheduler
  logging           Configure system logging
  ntp               Specify NTP configuration
  password-policy   Password Policy Configuration
  rate-limit        Configure a TCP/UDP/ICMP packet rate limit from source IP
  repository        Configure Repository
  service           
  snmp-server       Configure snmp server
  synflood-limit    Average number of TCP SYN packets per second allowed
  username          User creation
  |                 Output modifiers
  <cr>              
ise/iseadmin#show running-config

show snmp-server engineid

To display the default or configured engine ID, use the show snmp -server engineid command in EXEC mode. This command displays the identification of the local SNMP engine and all remote engines that have been configured on the device.

show snmp -server engineid

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.1

The command was updated from show snmp engineid to show snmp-server engineid .

Example


ise/admin# show snmp-server engineid
Local SNMP EngineID: 0x1234567

ise/admin#

show snmp-server user

To display a list of defined snmp users, use the show snmp-server user command in EXEC mode.

show snmp-server user

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.1

The command was updated from show snmp user to show snmp-server user.

Example


ise/admin# show snmp-server user
User: snmp3
  EngineID: 80001f88044b4951504a375248374c55
  Auth Protocol: sha
  Priv Protocol: aes-128

ise/admin#

show tech-support

To display technical support information, including e-mail, use the show tech-support command in EXEC mode.

show tech-support > file-name

show tech-support file file-name

Syntax Description

>

Redirects output to a file.

file

Saves any technical support data as a file in the local disk.

file-name

Filename to save technical support data. Supports up to 80 alphanumeric characters.

Command Default

Passwords and other security information do not appear in the output.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

The show tech-support command is useful for collecting a large amount of information about the Cisco ISE server for troubleshooting purposes. You can then provide output to technical support representatives when reporting a problem.

Example


ise/admin# show tech-support
*****************************************
Displaying ISE version ...
*****************************************
Cisco Identity Services Engine
---------------------------------------------
Version      : 1.3.0.862
Build Date   : Tue Oct 14 19:02:08 2014
Install Date : Wed Oct 15 09:08:53 2014


*****************************************
Displaying Clock ...
*****************************************
Tue Oct 21 11:24:08 IST 2014

*****************************************
Displaying UDI ...
*****************************************
ISE-VM-K9

*****************************************
Displaying ISE application status ....
*****************************************
ISE PROCESS NAME                       STATE            PROCESS ID
--More--
(press Spacebar to continue)
ise/admin#

Example


ise/admin# show tech-support
*****************************************
Displaying ISE version ...
*****************************************
Cisco Identity Services Engine
---------------------------------------------
Version      : 1.4.0.205
Build Date   : Tue 03 Mar 2015 05:37:10 AM UTC
Install Date : Tue 03 Mar 2015 08:25:37 PM UTC


*****************************************
Displaying Clock ...
*****************************************
Mon Mar 16 03:51:35 UTC 2015

*****************************************
Displaying UDI ...
*****************************************
ISE-VM-K9

*****************************************
Displaying ISE application status ....
*****************************************
ISE PROCESS NAME                       STATE            PROCESS ID
--More--
(press Spacebar to continue)
ise/admin#

show terminal

To obtain information about the terminal configuration parameter settings, use the show terminal command in EXEC mode.

This command has no keywords and arguments.

show terminal

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

The following table describes the fields of the show terminal output.

Table 2. Show Terminal Field Descriptions

Field

Description

TTY: /dev/pts/0

Displays standard output to type of terminal.

Type: “vt100“

Type of current terminal used.

Length: 27 lines

Length of the terminal display.

Width: 80 columns

Width of the terminal display, in character columns.

Session Timeout: 30 minutes

Length of time, in minutes, for a session, after which the connection closes.

Example


ise/admin# show terminal
TTY: /dev/pts/0 Type: "vt100"
Length: 27 lines, Width: 80 columns
Session Timeout: 30 minutes
ise/admin#

show timezone

To display the time zone as set on the system, use the show timezone command in EXEC mode.

This command has no keywords and arguments.

show timezone

This command has no keywords and arguments.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

Example


ise/admin# show timezone
UTC
ise/admin#

show timezones

To obtain a list of time zones from which you can select, use the show timezones command in EXEC mode.

This command has no keywords and arguments.

show timezones

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

See the clock timezone section, for examples of the time zones available for the Cisco ISE server.

Example


ise/admin# show timezones
Africa/Cairo
Africa/Banjul
Africa/Nouakchott
Africa/Gaborone
Africa/Bangui
Africa/Malabo
Africa/Lusaka
Africa/Conakry
Africa/Freetown
Africa/Bamako
--More--
(press Spacebar to continue)
ise/admin#

show udi

To display information about the Unique Device Identifier (UDI) of the Cisco ISE appliance, use the show udi command in EXEC mode.

This command has no keywords and arguments.

show udi

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

Example 1 


ise/admin# show udi
SPID: ISE-3415-K9
VPID: V01
Serial: LAB12345678
ise/admin#

Example 2

The following output appears when you run the show udi command on VMware servers. 


ise/admin# show udi
SPID: ISE-VM-K9
VPID: V01
Serial: 5C79C84ML9H
ise/admin#

show uptime

To display the length of time, the Cisco ISE server has been up since the last reboot, use the show uptime command in EXEC mode.

show uptime > file-name

Syntax Description

>

Redirects output to a file.

file-name

Name of the file to redirect.

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

Use this show uptime to check for how long the Cisco ISE server has been up since the last reboot.

Example


ise/admin# show uptime
16:49:35 up 6 days,  2:49,  1 user, load average: 1.51, 0.79, 0.81

show users

To display the list of users logged in to the Cisco ISE server, use the show users command in EXEC mode.

show users > file-name

Syntax Description

>

Redirects output to a file.

file-name

Name of the file to redirect.

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

Usage Guidelines

Use this show users command to check the list of users logged into the Cisco ISE server.

Example


ise/admin# show users
USERNAME         ROLE   HOST                     TTY      LOGIN DATETIME
admin            Admin  10.77.202.52             pts/0    Tue Feb 26 20:36:41 2013
-------------------
DETACHED SESSIONS:
-------------------
USERNAME             ROLE                 STARTDATE
% No disonnected user sessions present
ise/admin#

show version

To display information about the software version of the system and software installation information, use the show version command in EXEC mode.

show version > file-name

show version history


Note

You must type the show version history command fully. Short form is not supported for this command.

Syntax Description

>

Redirects output to a file.

file-name

Name of the file to redirect.

history

Shows software version history information.

|

Output modifier variables:

  • begin—Matched pattern. Supports up to 80 alphanumeric characters.

  • count—Count the number of lines in the output. Add number after the word count.

  • end—End with line that matches. Supports up to 80 alphanumeric characters.

  • exclude—Exclude lines that match. Supports up to 80 alphanumeric characters.

  • include—Include lines that match. Supports up to 80 alphanumeric characters.

  • last—Display last few lines of output. Add number after the word last. Supports up to 80 lines to display. Default 10.

Command Default

No default behavior or values.

Command Modes

EXEC

Command History

Release

Modification

2.0.0.306

This command was introduced.

3.4

This command was modified to include hotpatch information.

Usage Guidelines

This command displays version information about the Cisco ADE-OS software running in the Cisco ISE server, and also displays the Cisco ISE version.

Example 1

ise/admin# show version

Cisco Application Deployment Engine OS Release: 3.0
ADE-OS Build Version: 3.0.3.030
ADE-OS System Architecture: x86_64

Copyright (c) 2005-2014 by Cisco Systems, Inc.
All rights reserved.
Hostname: docs-ise-23-lnx


Version information of installed applications
---------------------------------------------

Cisco Identity Services Engine
---------------------------------------------
Version      : 2.3.0.297
Build Date   : Mon Jul 24 18:51:29 2017
Install Date : Wed Jul 26 13:59:41 2017

ise/admin#

ise/admin# show version

Cisco Application Deployment Engine OS Release: 3.4
ADE-OS Build Version: 3.0.4.061
ADE-OS System Architecture: x86_64

Copyright (c) 2005-2023 by Cisco Systems, Inc.
All rights reserved.
Hostname: docs-ise-34-lnx


Version information of installed applications
---------------------------------------------

Cisco Identity Services Engine
---------------------------------------------
Version      : 3.4.0.226
Build Date   : Mon Oct  9 18:51:29 2023
Install Date : Mon Oct 16 13:59:41 2023

Cisco Identity Services Engine Patch
---------------------------------------------
Version      : 1
Install Date : Mon Oct 16 20:23:39 2023

Cisco Identity Services Engine HotPatch
---------------------------------------------
Version      : ise-apply-hotpatch-SPA.tar.gz 
Install Date : Mon Oct 23 14:15:25 2023

ise/admin#

Example 2

ise/admin# show version history
---------------------------------------------
Install Date: Mon Sep 04 19:02:13 UTC 2023
Application: ise
Version: 3.4.0.226
Install type: Application Install
Bundle filename: ise.tar.gz
Repository: SystemDefaultPkgRepos
--------------------------------------------
Install Date: Mon Dec  4 13:07:07 UTC 2023
Application: ise
Version: 2
Install type: Patch Install
Bundle filename: ise-patchbundle-3.4.0.226-Patch2-23120209.SPA.x86_64.tar.gz
Repository: local
--------------------------------------------
Install Date: Tue Dec  5 12:01:20 UTC 2023
Application: Apply_CSCwc74531_3.1.x_hotpatch
Version: 1
Install type: Application Install
Bundle filename: ise-apply-CSCwc74531_Universal_Hotpatch-SPA.tar.gz
Repository: test

ise/admin#