The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Parameters |
Description |
---|---|
account-name |
The name of an administrator account |
This command allows you to delete the IP address for a DNS server.
Parameters |
Description |
---|---|
ip-address |
The IP address of the DNS server that you want to delete. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, this command causes a temporary loss of network connectivity. |
This command deletes a DSCP port tag.
Parameters |
Description |
---|---|
[port-tag] |
Represents a DSCP port tag, which is a string that is mapped to a TCP or UDP port to identify the application that uses the port. This value is for the portTag field displayed when you use the command show dscp defaults. The set of port tags is predefined. |
After you delete an enabled port tag, DSCP marking on that port tag stops. You can recreate a deleted port tag when you use the set dscp marking command; enter the name of the port tag that you previously deleted.
Tip | Use the command show dscp defaults to list the configured port tags |
Administrator (admin:)
This command allows you to delete IPsec policies and associations.
delete ipsec policy{ALL| policy-name}
association policy-name {ALL| association-name}
Parameters |
Description |
---|---|
policy-name |
An IPsec policy. |
association-name |
An IPsec association |
Parameters |
Description |
---|---|
process-id |
The process ID number. |
force |
(Optional) Tells the process to stop. |
terminate |
(Optional) Tells the operating system to terminate the process. |
crash |
(Optional) Crashes the process and produces a crash dump. |
Use the force option only if the command alone does not delete the process and use the terminate option only if force does not delete the process.
This command checks the /usr directory tree to see whether any files or directories have been added, removed, or changed in size since the last fresh installation or upgrade and displays the results.
Parameters |
Description |
---|---|
[detection-size-kb] |
Specifies the minimum file size change that is required for the command to display the file as changed. Default value: 100 KB. |
The command notifies you about a possible impact to system performance and asks you whether you want to continue. The display includes both deleted and new files.
Caution | This command can affect system performance. We recommend that you use the command during off-peak hours. |
file delete {activelog|inactivelog|install} directory/filename [detail] [noconfirm]
Parameters |
Description |
---|---|
activelog |
A log on the active side. |
inactivelog |
A log on the inactive side. |
install |
An installation log. |
directory/filename |
The path and filename of the files to delete. You can use the wildcard character (*) for "filename". |
detail |
(Optional) Shows a listing of deleted files with the date and time. |
noconfirm |
(Optional) Deletes files without asking you to confirm each deletion. |
Caution | You cannot recover a deleted file except possibly by using the Disaster Recovery System. |
You get prompted for confirmation after entering the command. You cannot delete directories or files that are in use.
The following example deletes the install log:
file delete install install.log
This command dumps the contents of a file to the screen, a page at a time.
file dump {activelog |inactivelog |install } directory/filename [detail] [hex] [recent] [regexpexpression]
Parameters |
Description |
---|---|
activelog |
A log on the active side. |
inactivelog |
A log on the inactive side. |
install |
An installation log |
directory/filename |
The path and "filename" of the file to dump. You can use the wildcard character (*) for filename as long as it resolves to one file. |
detail |
(Optional) Displays listing with the date and time. |
hex |
(Optional) Displays output in hexadecimal. |
recent |
(Optional) Displays the most recently modified file in the directory. |
regexp expression |
(Optional) Displays only the lines in the file that match the regular expression |
This command dumps contents of file _cdrIndex.idx:
file dump activelog cm/cdr/_cdrIndex.idx
file get {activelog |inactivelog |install|partBsalog|salog } directory/filename [reltime|abstime] [match][recurs]
Parameters |
Description |
---|---|
activelog |
A log on the active side. |
inactivelog |
A log on the inactive side. |
install |
An installation log. |
partBsalog |
The partBsalog log directory. |
salog |
The salog log directory. |
directory/filename |
the path to the files to delete. You can use the wildcard character (*) for filename as long as it resolves to one file. |
abstime |
(Optional) The absolute time period, specified as hh:mm:MM/DD/YY hh:mm:MM/DD/YY. |
reltime |
(Optional) The relative time period, specified as months|weeks| days| hours| minutes value. |
match |
(Optional) Match a particular string in the filename, specified as string value. |
recurs |
(Optional) Get all files, including subdirectories. |
After the command identifies the specified files, you are prompted to enter an SFTP host, username, and password.
This command gets all files in the activelog operating system directory that match the string plat:
file get activelog platform match plat
This command gets all operating system log files for a particular time period:
file get activelog platform/log abstime 18:00:9/27/2005 18:00:9/28/2005
This command lists the log files in an available log directory.
file list {activelog|inactivelog|install|partBsalog|salog} directory/filename[page|detail|reverse] [date | size]
Parameters |
Description |
---|---|
activelog |
A log on the active side. |
inactivelog |
A log on the inactive side. |
install |
An installation log. |
partBsalog |
The partBsalog log directory. |
salog |
The salog log directory. |
directory |
The path to the directory to list. You can use a wildcard character (*) for directory as long as it resolves to one directory. |
page |
(Optional) Shows the output one screen at a time. |
detail |
(Optional) Shows a detailed listing with date and time. |
reverse |
(Optional) Reverse the sort direction. |
date |
(Optional) Sorts by date. |
size |
(Optional) Sorts by file size. |
This example lists operating system log files with details:
file list activelog platform/log page detail
This example lists directories created for Emergency Responder logs:
file list activelog er/logs
This example lists Emergency Responder logs in a specified directory by size:
file list activelog er/logs size
This command searches the content of a log and displays the matching lines a page at a time.
file search{ activelog | inactivelog |install } directory/filename reg-exp [abstime hh:mm:ss mm/dd/yyyy hh:mm:ss mm/dd/yyyy] [ignorecase] [reltime {days | hours | minutes} timevalue]
Parameters |
Description |
---|---|
activelog |
A log on the active side. |
inactivelog |
A log on the inactive side. |
install |
An installation log. |
directory/filename |
The path to the files to search. You can use the wildcard character (*) to represent all or part of the filename. |
reg-exp |
A regular expression. |
abstime |
(Optional) The files to search based on file creation time. Enter a start time and an end time. |
days|hours|minutes |
(Optional) The file age is in days, hours, or minutes. |
ignorecase |
(Optional) Ignores case when searching |
reltime |
(Optional) The files to search based on file creation time. Enter the age of files to search. |
hh:mm:ss mm/dd/yyyy |
(Optional) An absolute time, in the format hours:minutes:seconds month/day/year. |
timevalue |
(Optional) The age of files to search. The unit of this value is specified with the {days | hours | minutes} option. |
Write the search term in the form of a regular expression, which is a special text string for describing a search pattern.
If the search term is found in only one file, the filename appears at the top of the output. If the search term is found in multiple files, each line of the output begins with the filename in which the matching line was found.
file search activelog platform/log/platform.log Err[a-z] ignorecase
file tail {activelog |inactivelog |install } directory/filename[detail] [hex] [lines]
Parameters |
Description |
---|---|
activelog |
A log on the active side. |
inactivelog |
A log on the inactive side. |
install |
An installation log. |
directory/filename |
The path to the file to tail. You can use the wildcard character (*) for filename as long as it resolves to one file. |
detail |
(Optional) Long listing with date and time |
hex |
(Optional) Hexadecimal listing |
lines |
(Optional) Number of lines to display |
This example tails the operating system CLI log file:
file tail activelog platform/log/cli00001.log
file view {activelog|inactivelog|install|system-management-log}directory/filename
Parameters |
Description |
---|---|
activelog |
A log on the active side. |
inactivelog |
A log on the inactive side. |
install |
An installation log. |
system-management-log |
The contents of the Integrated Management Logs (IML). |
directory/filename |
The path to the file to view. You can use the wildcard character (*) for filename as long as it resolves to one file. |
Caution | Do not use this command to view binary files because this can corrupt the terminal session. |
This example displays the install log:
file view install install.log
This example displays a particular CDR file:
file view activelog er/logs/CERAdmin01.log
Parameters |
Description |
---|---|
sql_statement |
The SQL command to run. |
This example runs an SQL command:
run sql select * from cerserver
Parameters |
Description |
---|---|
name |
The username for the new account. |
After you enter the username, the system prompts you to enter the privilege level and password for the new account.
This command is used to enable the user account if the account is disabled due to the password inactivity feature.
Password inactivity period is the number of days of inactivity after a password has expired before the account is disabled.
After entering this command, the user account is enabled with current system settings.The system settings are Password min days, Password Max days, Password inactivity period.
Parameters |
Description |
---|---|
userid |
The name of the user account. |
This example runs a set account enable command:
set account enable test
Enabling the account 'test' with current settings....
.....
Successfully enabled account 'test'
This command disables accountlocking for the current administrator accounts.
Parameters |
Description |
---|---|
disable |
Disable account locking. |
This command enables accountlocking for the current administrator accounts.
Parameters |
Description |
---|---|
enable |
Enable account locking. |
This command configures the unlock time for Emergency Responder OS administrator accounts in seconds.
Acceptable values should be equal to or greater than 300 seconds, but less than 3600 seconds (60 mins).
Parameters |
Description |
---|---|
seconds |
The unlocktime in seconds. |
This command deletes the certificate test.pem for the unit IPsec.
Parameters |
Description |
---|---|
unit |
The name of the trust category. |
name |
The certificate file name. |
set cert delete ipsec test.pem
This command imports the certificate for a specific unit | trust.
Parameters |
Description |
---|---|
unit name |
The name of the unit or trust. |
The following example runs a set cert import command:
set cert import trust tomcat
Successfully regenerated certificate for tomcat.
Please restart services related to tomcat for the new certificate to become active.
Parameters |
Description |
---|---|
Name |
The name of the unit. |
This example runs a set cert regen command:
set cert regen tomcat
Successfully regenerated certificate for tomcat.
Please restart services related to tomcat for the new certificate to become active.
For the current CLI session, this command turns automatic pagination on or off.
Parameters |
Description |
---|---|
on |
Turns pagination on. |
off |
Turns pagination off. |
admin:set cli pagination off Automatic pagination is turned off
This command sets the time, in minutes, after which an active CLI session times out and disconnects.
Parameters |
Description |
---|---|
minutes |
|
Be aware that the new session timeout value becomes effective immediately for a new CLI session; however, active sessions retain their original timeout value. Also the show cli session timeout command reflects the new value, even if the current session does not use that value.
Note | This setting gets preserved through a software upgrade and does not get reset to the default value. |
Administrator (admin:)
This command changes the CLI command prompt so that it displays how many CLI commands have executed.
Parameters |
Description |
---|---|
enable |
Turns on command count. |
disable |
Turns off command count. |
Parameters |
Description |
---|---|
name |
Specifies the unit on which the certificate is generated. |
Successfully regenerated certificate for tomcat.
Please restart services related to tomcat for the new certificate to become active.
Parameters |
Description |
---|---|
HH:mm:ss |
Represents the time format (24 hours format). |
MM/DD/YY |
Represents the date format. This date format is also accepted: MM/DD/YYYY. |
To set date and time to 2:10:33 p.m. February 13, 2008:
set date 14:10:33:02/13/08
This command enables or disables DSCP marking on outgoing TCP or UDP packets. You can enable or disable DSCP on a single port tag, or on all port tags at once.
Parameters |
Description |
---|---|
all |
Disables all DSCP port tags. |
port_tag |
Represents a DSCP port tag, which is a string that is mapped to a TCP or UDP port to identify the application that uses the port. This value is for the portTag field displayed when you use the command show dscp defaults. The set of port tags is predefined. |
Administrator (admin:)
This command sets the factory default DSCP settings for all of the port tags.
Administrator (admin:)
This command removes all non-default DSCP settings. The command show dscp defaults displays the factory default DSCP settings.
This command sets DSCP markings on port tags by using well-known DSCP classes and numeric values.
Parameters |
Description |
---|---|
port_tag |
Represents a DSCP port tag, which is a string that is mapped to a TCP or UDP port to identify the application that uses the port. This value is for the portTag field displayed when you use the command show dscp defaults. |
value |
A DSCP value. You can enter the name of a well-known DSCP class or a numeric value in decimal or hexadecimal format. Precede hexadecimal values with 0x or 0X. |
Administrator (admin:)
Class Selector: values CS0, CS1, CS2, CS3, CS5, CS6, CS7 The class selector (CS) values correspond to IP Precedence values and are fully compatible with IP Precedence.
Expedited Forwarding: value EF EF PHB is ideally suited for applications such as VoIP that require low bandwidth, guaranteed bandwidth, low delay, and low jitter.
Best Effort: value BE Also called default PHB, this value essentially specifies that a packet be marked with 0x00, which gets the traditional best-effort service from the network router.
Assured Forwarding: values AF11, AF12, AF13, AF21, AF22, AF23, AF41, AF42, AF43 There are four types of Assured Forwarding classes, each of which has three drop precedence values. These precedence values define the order in which a packet is dropped (if needed) due to network congestion. For example, packets in AF13 class are dropped before packets in the AF12 class.
This command allows you to set IPSec policies and associations.
policy {ALL | policy-name}
association policy-name {ALL | association-name}
Parameters |
Description |
---|---|
policy-name |
An IPSec policy. |
association-name |
An IPSec association. |
Parameters |
Description |
---|---|
enable |
Turns on logging. |
disable |
Turns off logging. |
This command configures the cluster publisher hostname. Changing the hostname is possible only from the subscriber in a server group. This is supported when migrating from MCS to VMware platforms, but not in any other scenarios.
A temporary loss of network connectivity occurs while the network is being restarted with the new configuration.
Parameters |
Description |
---|---|
name |
The hostname to be assigned. |
This command configures the cluster publisher IP address.
A temporary loss of network connectivity occurs while the network is being restarted with the new configuration.
Parameters |
Description |
---|---|
ip addr |
Specifies the ip address of the network cluster. |
This command enables or disables DHCP for Ethernet interface 0. You cannot configure Ethernet interface 1.
set network dhcp eth0{enable| disable}{node_ip| net_mask| gateway_ip}
Parameters |
Description |
---|---|
eth0 |
Specifies Ethernet interface 0. |
enable |
This enables DHCP. |
disable |
This disables DHCP. |
node_ip |
The new static IP address for the server. |
net_mask |
The subnet mask for the server. |
gateway_ip |
The IP address of the default gateway. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, this command causes the system to restart. We recommend that you restart all nodes whenever any IP address gets changed. |
This command sets the IP address for the primary or secondary DNS server.
Parameters |
Description |
---|---|
ip-address |
The IP address of the primary or secondary DNS server. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, this command causes a temporary loss of network connectivity. If you change the IP address of the DNS server, you must restart Cisco Tomcat. For more information, see utils service. |
set network dns options [timeout seconds] [attempts number] [rotate]
Parameters |
Description |
---|---|
timeout |
Sets the DNS request timeout. |
seconds |
The DNS timeout period, in seconds. |
attempts |
Sets the number of times to attempt a DNS request before quitting. |
number |
Specifies the number of attempts. |
rotate |
Causes the system to rotate among the configured DNS servers, distributing the load. |
Parameters |
Description |
---|---|
domain-name |
The system domain that you want to assign. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, this command causes a temporary loss of network connectivity. |
Parameters |
Description |
---|---|
enable |
Enables network fault tolerance. |
disable |
Disables network fault tolerance. |
This command enables you to configure the IP address of the network gateway.
Parameters |
Description |
---|---|
ip-address |
The IP address of the network gateway that you want to assign. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, this command causes the system to restart. |
This command allows an administrator to set the network host name, change the IP address of the node, and restart the system.
Before attempting this command, the administrator should have a valid DRF backup.
Parameters |
Description |
||
---|---|---|---|
hostname |
Represents the new network hostname of the system.
|
Administrator (admin:)
The system asks whether you want to continue to execute this command.
Caution | If you continue, this command causes the system to restart. |
admin:set network hostname WARNING: Changing this setting will invalidate software license on this server. The license will have to be re-hosted. Continue(y/n): Continue (y/n)?y ctrl-c: To quit the input. *** W A R N I N G *** Do not close this window without first canceling the command. This command will automatically restart system services. The command should not be issued during normal operating hours. ======================================================= Note: Please verify that the new hostname is a unique name across the cluster and, if DNS services are utilized, any DNS configuration is completed before proceeding. ======================================================= Security Warning : This operation will regenerate all CUCM Certificates including any third party signed Certificates that have been uploaded. Enter the hostname:: app-lfwelty5 Would you like to change the network ip address at this time [yes]:: Warning: Do not close this window until command finishes. ctrl-c: To quit the input. *** W A R N I N G *** ======================================================= Note: Please verify that the new ip address is unique across the cluster. ======================================================= Enter the ip address:: 106.1.34.154 Enter the ip subnet mask:: 255.0.0.0 Enter the ip address of the gateway:: 106.1.1.1 Hostname: app-lfwelty5 IP Address: 106.1.34.154 IP Subnet Mask: 255.0.0.0 Gateway: 106.1.1.1 Do you want to continue [yes/no]? yes ...
Note | The administrator can change both the hostname and IP address by responding yes. To change just the hostname, respond no. |
This command sets the IP address for Ethernet interface 0. You cannot configure Ethernet interface 1.
Parameters |
Description |
---|---|
eth0 |
Specifies Ethernet interface 0. |
ip-address |
The IP address that you want assign. |
ip-mask |
The IP mask that you want to assign. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, this command causes the system to restart. |
Parameters |
Description |
---|---|
ip_conntrack_max |
Specifies the value for ip_conntrack_max. |
Parameters |
Description |
||
---|---|---|---|
mtu_max |
Specifies the maximum MTU value.
|
The system asks whether you want to continue to execute this command.
Caution | If you continue, the system temporarily loses network connectivity. |
admin:set network mtu 576 *** W A R N I N G *** This will cause the system to temporarily lose network connectivity Do you want to continue? Enter "yes" to continue or any other key to abort yes executing...
This command sets the properties of the Ethernet interface 0. You cannot configure Ethernet interface 1.
set network nic eth0{auto{ en | dis}} {speed | {10 | 100} } {duplex| {half | full}}
Parameters |
Description |
---|---|
eth0 |
Specifies Ethernet interface 0. |
auto |
Specifies whether auto negotiation gets enabled or disabled. |
speed |
Specifies the speed of the Ethernet connection: 10 or 100 Mbps. |
duplex |
Specifies half-duplex or full-duplex. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, this command causes a temporary loss of network connections while the NIC gets reset. |
Note | You can enable only one active NIC at a time. |
This command adds a noquery option to /etc/config file.
Parameters |
Description |
---|---|
enable |
Enables Path MTU Discovery. |
disable |
Disables Path MTU Discovery. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, the system temporarily loses network connectivity. |
This example runs the set network pmtud command.
admin:set network pmtud enable *** W A R N I N G *** This will cause the system to temporarily lose network connectivity Do you want to continue? Enter "yes" to continue or any other key to abort yes executing... admin:
This command configures the specified Ethernet port to use a specified static IP address.
Caution | Only use this command option if you cannot restore network connectivity using any other set network commands. This command deletes all previous network settings for the specified network interface, including network fault tolerance. After running this command, you must restore your previous network configuration manually. |
Caution | The server temporarily loses network connectivity when you use this command. |
Parameters |
Description |
---|---|
eth0 |
Specifies Ethernet interface 0. |
ip-address |
Specifies the IP address. |
network-mask |
Specifies the subnet mask. |
gateway |
Specifies the IP address of the default gateway. |
This command sets the status of Ethernet 0 to up or down. You cannot configure Ethernet interface 1.
Parameters |
Description |
---|---|
eth0 |
Specifies Ethernet interface 0. |
up |
Sets the status of Ethernet interface 0 to up. |
down |
Sets the status of Ethernet interface 0 to down. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, the system temporarily loses network connectivity. |
This command allows you to change the administrator password.
Parameters |
Description |
---|---|
admin |
Administrator. |
security |
Security. |
The system prompts you for the old and new passwords.
The password must contain at least six characters, and the system checks it for strength.
Servers in a cluster use the security password to authenticate communication between servers. You must reset the cluster after you change the security password.
Change the security password on the publisher server and then reboot the server.
Change the security password on all the subscriber servers to the same password that you created on the publisher server and restart the subscriber server to propagate the password change.
Note | We recommend that you restart each server after the password is changed on that server. |
Caution | Failure to reboot the servers causes system service problems and problems with the Emergency Responder Administration on the subscriber servers. |
This command modifies the value of minimum password age for OS admin accounts in days.
Acceptable values should be equal to or greater than 0 days but less or equal to 10 days.
Parameters |
Description |
---|---|
days |
The minimum password age in days. |
This command modifies the value of maximum password age for Emergency Responder OS administration accounts in days.
Acceptable values should be equal to or greater than 10 days but less than 3650 days (10 years).
Parameters |
Description |
---|---|
days |
The maximum password age in days. |
This command disables password complexity. Changes take effect only at the next password change.
When disabled, the password created or changed after executing the command is no longer strong. The password does not need uppercase, lowercase, digit and special characters.
This command enables password complexity rules for the type of characters in a password.
This command modifies the value of minimum password length for Unified CM OS accounts.
Parameters |
Description |
---|---|
length |
The minimum password length. |
Acceptable values should be equal to or greater than 6. Use this command only after enabling the character complexity of passwords.
This command enables or disables the password expiry maximum age settings for Cisco Unified Operating System Administrator accounts.
Parameters |
Description |
---|---|
enable |
Turns on password expiry maximum age settings for Cisco Unified Operating System administrator accounts. The set password expiry enable command sets the value of maximum password age to 3650 days (10 yrs) for Cisco Unified Operating System Administrator accounts. |
disable |
Turns off password expiry maximum age settings for Cisco Unified Operating System administrator accounts. The set password expiry disable command results in Cisco Unified Operating System Administrator accounts never expiring. |
This command enables minimum password expiry for OS accounts.
This command sets the value of minimum password age to 1 day (24 hrs) for OS administration accounts.
This command is used to disable minimum password aging for OS accounts.
This means passwords for OS admin accounts can be changed at any interval.
This command disables password expiry for a particular OS account.
Parameters |
Description |
---|---|
userid |
The name of account for which to disable maximum password age settings. |
This command enables maximum password expiry for a particular OS account.
Parameters |
Description |
---|---|
userid |
The name of account for which to enable maximum password age settings. |
This command disables minimum password age settings for a particular OS account.
Parameters |
Description |
---|---|
userid |
The account for which to disable minimum password age settings. |
This command enables minimum password age for a particular OS account.
Parameters |
Description |
---|---|
userid |
The account for which to enable minimum password age settings. |
This command sets the number of passwords to maintain in history.
Parameters |
Description |
---|---|
number |
The number of passwords to maintain in history. |
This command disables the password inactivity for the OS accounts.
This command enables the password inactivity for the OS accounts with the default value set as 10 days.
This command sets the password inactivity for the OS accounts with the configured value.
Parameters |
Description |
---|---|
days |
The number of days for which to set inactivity. Acceptable values are 1 to 99 days. |
This example runs the set password user admin command:
set password user admin Please enter the old password :******** Please enter the new password:******** re-enter new password to confirm:********
This example runs the set password user security command:
set password user security Please enter the password:******** re-enter the password to confirm: ********
This command sets the upper limit for concurrent sessions.
Parameters |
Description |
---|---|
maxlimit |
This command sets the upper limit for concurrent sessions. Acceptable values are 1 - 100. If no upper limit is entered, the default value of 10 is assigned to sshd_config param. |
[value] |
Acceptable values are 1 - 100. |
Administrator (admin:)
Parameters |
Description |
---|---|
hostname |
The SMTP server name. |
Enter enough characters to uniquely identify the new time zone. Be aware that the time zone name is case-sensitive.
Note | You must restart the system after you change the time zone. |
Parameters |
Description |
---|---|
timezone |
The new timezone. |
This example sets the time zone to Pacific time:
set timezone Pac
set trace{enable Error| enable Special| enable State_Transition| enable Significant| enable Entry_exit| enable Arbitrary| enable Detailed| disable} tname
Parameters |
Description |
---|---|
tname |
The task for which you want to enable or disable traces. |
enable Error |
Sets task trace settings to the error level. |
enable Special |
Sets task trace settings to the special level. |
enable State_Transition |
Sets task trace settings to the state transition level. |
enable Significant |
Sets task trace settings to the significant level. |
enable Entry_exit |
Sets task trace settings to the entry_exit level. |
enable Arbitrary |
Sets task trace settings to the arbitrary level. |
enable Detailed |
Sets task trace settings to the detailed level. |
disable |
Disables the task trace settings. |
This command sets the web security certificate information for the operating system.
set web-security orgunit orgname locality state [country] [alternate-host-name]
When you set an alternate-host-name parameter with the set web-security command, self-signed certificates for Tomcat contains the Subject Alternate Name extension with the alternate host name specified. CSR for Emergency Responder contains Subject Alternate Name Extension with the alternate host name included in the CSR.
Parameters |
Description |
---|---|
orgunit |
The organizational unit. |
orgname |
The organizational name. |
locality |
The organization location. |
state |
The organization state. |
country represents |
The organization country. |
alternate-host-name |
(Optional) Specifies an alternate name for the host when you generate a web-server (Tomcat) certificate. |
This command sets the time, in minutes, that can elapse before a web application, such as Cisco emergency responder, times out and logs off the user.
For the new webapp session timeout setting to become effective, you must restart the Cisco Tomcat service. Until you restart the Cisco Tomcat service, the show webapp session timeout command reflects the new values, but system continues to use and reflect the old values. This command prompts you to restart the service.
Caution | Restarting the Cisco Tomcat service ends all active sessions and can affect system performance. Cisco recommends that you only execute this command during off-peak traffic hours. |
Note | This setting gets preserved through a software upgrade and does not get reset to the default value. |
Parameters |
Description |
---|---|
minutes |
|
Administrator (admin:)
This command sets the working directory for active, inactive, and installation logs.
Parameters |
Description |
---|---|
activelog |
Sets the working directory for active logs. |
inactivelog |
Sets the working directory for inactive logs. |
install |
Sets the working directory for installation logs. |
directory |
The current working directory. |
This command lists current administrator accounts, except the master administrator account.
This command displays certificate contents and certificate trust lists.
Command |
Result |
---|---|
show cert list {own | trust} |
This command displays certificate trust lists. |
show cert own filename |
This command displays certificate contents. |
show cert trust filename |
This command displays certificate contents. |
Parameters |
Description |
---|---|
filename |
The name of the certificate file. |
own |
Specifies owned certificates. |
trust |
Specifies trusted certificates. |
list |
Specifies a certificate trust list. |
This command displays own certificate trust lists:
show cert list own
This command displays the status of the automatic CLI pagination.
The following example runs the show cli pagination command:
admin: show cli paginationAutomatic Pagination: Off.
This command displays the CLI session timeout value, which is the amount of time, in minutes, that can elapse before a CLI session times out and disconnects.
Administrator (admin:)
This example runs a show csr list command:
show csr list own
tomcat/tomcat.csr
Vipr-QuetzalCoatl/Vipr-QuetzalCoatl.csr
This command displays the contents of the Certificate Trust List (CTL) file on the server, and it notifies you if the CTL is not valid.
This command displays information about disk usage on the server.
show diskusage activelog {activelog| common| inactivelog| install| tmp} filename filename {directory | sort}
Parameters |
Description |
---|---|
activelog |
Displays disk usage information about the activelog directory. |
common |
Displays disk usage information about the common directory. |
inactivelog |
Displays disk usage information about the inactivelog directory. |
install |
Displays disk usage information about the install directory. |
tmp |
Displays disk usage information about the tmp directory. |
filename filename |
(Optional)Saves the output to a file specified by a filename. These files are stored in the platform/cli directory. To view saved files, use the file view activelog command. |
directory |
(Optional)Displays only the directory sizes. |
sort |
(Optional)Sorts the output based on file size. File sizes are displayed in 1024-byte blocks. |
This command displays the current DSCP traffic markings on all the ports. It displays the DSCP markings in decimal and hexidecimal. If the value corresponds to a class then it displays the correct class. If the value does not correspond to a class, then it displays N/A.
Administrator (admin:)
This command displays the default factory DSCP settings. These values take effect if the set dscp defaults command is executed.
Administrator (admin:)
This command displays the current DSCP traffic markings for a particular DSCP value.
Parameters |
Description |
---|---|
value |
DSCP value. You can enter the name of a well-known DSCP class, or a numeric value in decimal or hexadecimal format. Precede hexadecimal values with 0x or 0X. |
Class Selector: values CSO, CS1, CS2, CS3, CS5, CS6 CS7 The class selector (CS) values correspond to IP Precedence values and are fully compatible with IP Precedence.
Expedited Forwarding: value EF EF PHB is ideally suited for applications such as VoIP that require low bandwidth, guaranteed bandwidth, low delay, and low jitter.
Best Effort: value BE Also called default PHB, this value essentially specifies that a packet be marked with 0x00, which gets the traditional best-effort service from the network router.
Assured Forwarding: values AF11, AF12, AF13, AF21, AF22, AF23, AF41, AF42, AF43 There are four types of Assured Forwarding classes, each of which has three drop precedence values. These precedence values define the order in which a packet is dropped (if needed) due to network congestion. For example, packets in AF13 class are dropped before packets in the AF12 class.
Administrator (admin:)
This command displays the current DSCP traffic markings.
Parameters |
Description |
---|---|
enabled |
Filters the output to show only DSCP traffic markings that are enabled. If you do not specify a status, this filter is the default option. |
disabled |
Filters the output to show only DSCP traffic markings that are disabled. |
Administrator (admin:)
This command displays information about the server hardware.
Parameters |
Description |
---|---|
fans |
Displays information gathered by fan probes. |
power-supply |
Displays information gathered by power supply probes. |
temperatures |
Displays information gathered by temperature probes. |
This command displays the following information about the platform hardware.
This command displays the following information about the platform hardware:
This command displays information about IPsec policies and associations.
Command |
Result |
---|---|
show ipsec information policy_group| policy_name |
This command displays detailed information about the specified ipsec policy. |
show ipsec policy_group |
This command displays all the ipsec policy group on the node. |
show ipsec policy_namepolicy_group |
This command displays the list of ipsec policy names that exist in the specified policy group. |
show ipsec status |
|
Parameters |
Description |
---|---|
information |
Displays the association details and status for the policy. |
status |
Displays the status of all IPsec tunnels that are defined in the system. |
policy_group |
The name of a specific IPsec policy. |
This example displays IPsec policies:
show ipsec policy
Parameters |
Description |
---|---|
number |
The number of most recent logins to display. The default is 20. |
Parameters |
Description |
---|---|
ALL |
Displays information about all installed memory modules. |
module_number |
Specifies the memory module to display. |
count |
(Optional)Displays the number of memory modules on the system. |
module |
(Optional)Displays detailed information about each memory module. |
size |
(Optional)Displays the total amount of memory. |
This command displays information about the current account.
Command |
Result |
---|---|
show networkall [detail] |
This command shows network information for listening and non-listening sockets. |
show networketh0 [detail] |
This command shows network information for ethernet 0. |
show networkfailover [detail] [page] |
This command shows Network Fault Tolerance information. |
show networkroute [detail] |
This command shows network routing information. |
show network status [detail] [listen] [process] [all] [nodns] [search stext] |
This command shows active internet connections. |
show network ip_conntrack |
This command shows ip_conntrack usage information. |
show network max_ip_conntrack |
This command shows max_ip_conntrack information. |
show network dhcp eth0 status |
This command shows DHCP status information. |
show network cluster |
This command lists nodes in the network cluster. |
show network ipprefs{all |enabled| public |
This command shows the list of ports that have been requested to be opened or translated in the firewall. |
show network ntp |
|
show network failover[detail][page] |
This command shows Network Fault Tolerance information. |
show network ipv6{route| settngs} |
This command shows IPv6 network routes and network settings. |
Parameters |
Description |
---|---|
eth0 |
Specifies Ethernet 0. |
failover |
Specifies Network Fault Tolerance information. |
route |
Specifies network routing information. |
status |
Specifies active Internet connections. |
ip_conntrack |
Specifies ip_conntrack usage information. |
max_ip_conntrack |
Specifies max_ip_conntrack information. |
dhcp eth0 status |
Displays DHCP status information. |
all |
Specifies all basic network information. |
options |
(Optional)Displays additional information. |
detail |
(Optional)Displays more detailed additional information. |
page |
(Optional)Displays information one page at a time. |
listen |
(Optional)Displays only listening sockets. |
process |
(Optional)Displays the process ID and name of the program to which each socket belongs. |
all |
(Optional)Displays both listening and nonlistening sockets. |
nodns |
(Optional)Displays numerical addresses without any DNS information. |
search stext |
(Optional)Searches for the stext in the output. |
The eth0 parameter displays Ethernet port 0 settings, including DHCP and DNS configurations and options.
This example displays active Internet connections:
show network status
This command lists nodes in the network cluster.
Administrator (admin:)
This command displays the list of ports that have been requested to be opened or translated in the firewall.
Parameters |
Description |
---|---|
all |
Displays all incoming ports that may be used on the product. |
enabled |
Displays all incoming ports that are currently opened. |
public |
Displays all incoming ports that are currently opened for any remote client. |
The following example shows show the network ipprefs command:
admin:show network ipprefs public Application IPProtocol PortValue Type XlatedPort Status Description ----------- ---------- ---------- ---------- ---------- -------- ------------ sshd tcp 22 public - enabled sftp and ssh access tomcat tcp 8443 translated 443 enabled secure web access tomcat tcp 8080 translated 80 enabled web access clm udp 8500 public - enabled cluster manager clm tcp 8500 public - enabled cluster manager ntpd udp 123 public - enabled network time sync snmpdm udp 161 public - enabled SNMP ccm tcp 2000 public - enabled SCCP-SIG ctftp udp 6969 translated 69 enabled TFTP access to CUCM TFTP Server ctftp tcp 6970 public - enabled HTTP access to CUCM TFTP Server admin:
This command adds a noquery option to /etc/config file.
Command |
Result |
---|---|
show open files [all] [process processID] [regexp reg_exp] |
This command shows open files on the system. |
show open ports [all] [regexp reg_exp] |
This command shows all open ports on the system. |
Parameters |
Description |
---|---|
files |
displays open files on the system. |
ports |
displays open ports on the system. |
all |
(Optional)Displays all open files or ports. |
process |
(Optional)Displays open files that belong to the specified process. |
processID |
(Optional)Specifies a process. |
regexp |
(Optional)Displays open files or ports that match the specified regular expression. |
reg_exp |
(Optional)A regular expression. |
This command displays the name and version for installed packages.
Parameters |
Description |
---|---|
active |
Specifies active packages. |
inactive |
Specifies inactive packages. |
name |
The package name. To display all active or inactive packages, use the wildcard character (*). |
page |
(Optional)Displays the output one page at a time. |
This command displays the configured password expiration parameters.
This command displays the configured password expiration parameters.
This command displays the configured password expiration parameters for a particular OS user.
This command displays the configured password expiration parameters for a particular OS user.
This command displays the number of passwords that are maintained in the history for OS admin accounts.
This command displays the status of the password inactivity for OS accounts.
Password inactivity is the number of days of inactivity after a password has expired before the account is disabled.
show password inactivity Password Inactivity: Enabled and is currently set to 10 days
This command displays information about processes running on the system.
Command |
Result |
---|---|
show processlist [file filename] [detail] |
This command displays a list of all the processes and critical information about each process and visually indicates the child-parent relationships between the processes. |
show processload [cont] [clear] [noidle] [num number] [thread] [cpu | memory| time] [page] |
This command displays the current load on the system. |
show process name process [file filename] |
This command displays the details of processes that share the same name and indicates their parent-child relationship. |
show process open-fd process-id [, process-id2] |
This command lists the open file descriptors for a comma-separated list of process IDs. |
show process search regexp [file filename] |
This command searches for the pattern that the regular expression regexp specifies in the output of the operating system-specific process listing. |
show process using-most cpu [number] [file filename] |
This command displays a list of the most CPU-intensive processes. |
show process using-most memory [number] [file filename] |
This command displays a list of the most memory-intensive processes. |
show process pid pid[file filename] |
This command displays a list of PIDs. |
show process user username [file filename] |
This command retrieves details of processes that share the user name and displays parent-child relationship. |
show process using most |
This command lists the most intensive processes. |
Parameters |
Description |
---|---|
list |
displays a list of all the processes and critical information about each process, and visually indicates the child-parent relationships between the processes. |
load |
displays the current load on the system. |
name |
displays the details of processes that share the same name and indicates their parent-child relationship. |
open-fd |
lists the open file descriptors for a comma-separated list of process IDs. |
search |
searches for the pattern specified by the regular expression regexp in the output of the operating system-specific process listing. |
using-most cpu |
displays a list of the most CPU-intensive processes. |
using-most memory |
displays a list of the most memory-intensive processes. |
filefilename |
(Optional)Outputs the results to the file specified by the filename. |
detail |
(Optional)Displays the detailed output. |
cont |
(Optional)Repeats the command continuously. |
clear |
(Optional)Clears the screen before displaying output. |
noidle |
(Optional)Ignores the idle/zombie processes. |
num number |
(Optional)Displays the number of processes specified by number. The default number of processes is 10. Set number to all to display all processes. |
thread |
(Optional)Displays threads. |
[cpu | memory | time] |
(Optional)Sorts output by CPU usage, memory usage, or time usage. The default is to sort by CPU usage. |
page |
(Optional)Displays the output in pages. |
process |
(Optional)Specifies the name of a process. |
process-id |
(Optional)Specifies the process ID number of a process. |
regexp |
(Optional)A regular expression. |
number |
(Optional)The number of processes to display. The default is 5. |
pid |
Specifies the process ID number of a process. |
username |
Specifies the username. |
This command shows the upper limit for concurrent SSH sessions.
Administrator (admin:)
Parameters |
Description |
---|---|
kilo |
Displays statistics in kilobytes. |
detail |
Displays detailed statistics on every available device on the system and overrides the kilo option. |
page |
Displays one page at a time. |
file filename |
Outputs the information to a file. |
platform/cli/filename.txt.The filename cannot contain the "." character.
This command displays the following basic platform status:
This command displays the combined output of all show tech commands.
Parameters |
Description |
---|---|
page |
Displays one page at a time. |
filefilename |
Outputs the information to a file. |
platform/cli/filename.txt.The file name cannot contain the "." character.
Parameters |
Description |
---|---|
dump |
Creates a CSV file of the entire database. |
sessions |
Redirects the session and SQL information of the present session IDs to a file. |
Command |
Result |
---|---|
show tech network |
|
show tech network [page] [file filename] |
This command displays network tech information for a page. |
show tech network all [page] [search text] [file filename] |
This command displays all network tech information. |
show tech network hosts [page] [search text] [file filename] |
This command displays information about hosts configuration. |
show tech network interfaces [page] [search text] [file filename] |
This command displays information about the network interfaces. |
show tech network resolv [page] [search text] [file filename] |
This command displays information about hostname resolution. |
show tech network routes [page] [search text] [file filename] |
This command displays information about network routes. |
show tech network sockets {numeric} |
This command displays the list of open sockets. |
Parameters |
Description |
---|---|
all |
displays all network technical information. |
hosts |
displays information about hosts configuration. |
interfaces |
displays information about the network interfaces. |
resolv |
displays information about hostname resolution. |
routes |
displays information about network routes. |
sockets |
displays the list of open sockets. |
page |
(Optional)Displays one page at a time. |
search text |
(Optional)Searches the output for the string specified by text. The search is not case sensitive. |
file filename |
(Optional)Outputs the information to a file. |
numeric |
(Optional)Displays the numerical addresses of the ports instead of determining symbolic hosts. It is equivalent to running the Linux netstat [-n] shell command. |
The file option saves the information to platform/cli/filename.txt. The file name cannot contain the "." character.
This command displays all preferences files for Emergency Responder and its database.
This information is written to a file, which can be viewed subsequently using the file view CLI.
show tech runtime {all | cpu| disk| env| memory} [page] [file filename]
Parameters |
Description |
---|---|
all |
Displays all runtime information. |
cpu |
Displays CPU usage information at the time the command is run. |
disk |
Displays system disk usage information. |
env |
Displays environment variables. |
memory |
Displays memory usage information. |
page |
Displays one page at a time. |
file filename |
Outputs the information to a file. |
platform/cli/filename.txt.The file name cannot contain the "." character.
This command displays the name of all tables in the sysmaster database.
show tech system {all| bus| hardware| host| kernel| software| tools} [page] [file filename]
Parameters |
Description |
---|---|
all |
Displays all of the system information. |
bus |
Displays information about the data buses on the server. |
hardware |
Displays information about the server hardware. |
host |
Displays information about the server. |
kernel |
Lists the installed kernel modules. |
software |
Displays information about the installed software versions. |
tools |
Displays information about the software tools on the server. |
page |
Displays one page at a time. |
file filename |
Outputs the information to a file. |
platform/cli/filename.txt. The file name cannot contain the "." character.
This command displays the contents of the specified database table.
Parameters |
Description |
---|---|
table_name |
The name of the table to display. |
page |
Displays the output one page at a time. |
csv |
Sends the output to a comma separated values file. |
This command displays the version of the installed components.
Parameters |
Description |
---|---|
page |
Displays the output one page at a time. |
show timezone{config| list [page] }
Parameters |
Description |
---|---|
config |
Displays the current time zone settings. |
list |
Displays the available time zones. |
page |
Displays the output one page at a time. |
This command displays trace information for a particular task.
Parameters |
Description |
---|---|
task_name |
The name of the task for which you want to display the trace information. |
If you do not enter any parameters, the command returns a list of available tasks.
This example displays trace information for CDP.
show trace cdps
This command shows the current status of the USB-connected APC smart-UPS device and starts the monitoring service if not already started.
This command only can provide a complete status on 7835-H2 and 7825-H2 servers.
This command displays the software version on the active or inactive partition.
Parameters |
Description |
---|---|
active |
Displays the version running on the active partition. |
inactive |
Displays the version on the inactive partition. |
This command displays the webapp session timeout value, which is the amount of time, in minutes, that can elapse before a web application times out and logs off the user.
Administrator (admin:)
This command displays the contents of the current web-security certificate.
This command retrieves the current working directory for activelog, inactivelog, install, and TFTP.
Administrator (admin:)
This command allows you to disable IPsec policies and associations.
Command |
Result |
---|---|
unset ipsec policy {ALL | policy-name} |
|
unset ipsec association policy-name {ALL | association-name} |
|
Parameters |
Description |
---|---|
policy-name |
The name of an IPsec policy. |
association-name |
The name of an IPsec association. |
Parameters |
Description |
---|---|
timeout |
Sets the wait time before the system considers a DNS query failed to the default. |
attempts |
Sets the number of DNS attempts to make before failing to the default. |
rotate |
Sets the method for selecting a name server to the default. This affects how loads are distributed across name servers. |
The system asks whether you want to continue to execute this command.
Caution | If you continue, the system temporarily loses network connectivity. |
This command unsets the domain name and restarts the server.
This command starts, stops, and provides the status of the system auditing service.
Parameters |
Description |
---|---|
enable |
Enables the collection of audit logs. When enabled, the system monitors and records user actions as well as Linux events such as the creation and removal of users, as well as the editing and deleting of files. |
disable |
Disables the collection of audit logs. |
status |
Displays the status of audit log collection. Cisco recommends that you retrieve the audit log by using the Real-Time Monitoring Tool, but you can also retrieve it by using the CLI. |
Administrator (admin:)
After the service has been enabled, it monitors and logs activity on the system. Be aware that the system auditing service logs a lot of information. Care must be taken not to overfill the disk.
This command generates a backtrace for the specified core file, a thread list, and the current value of all CPU registers.
Parameters |
Description |
---|---|
core file name |
Specifies the name of a core file. |
The command creates a file of the same name as the core file, with a .txt extension, in the same directory as the core file. This command works only on the active partition.
This command creates reports about the server in the platform or log directory.
Parameters |
Description |
---|---|
hardware |
Creates a system report containing disk array, remote console, diagnostic, and environmental data. |
platform |
Collects all of the platform configuration files into a TAR file. |
csa |
Collects all the files required for CSA diagnostics and assembles them into a single CSA diagnostics file. You can retrieve this file by using the file get command. |
You are prompted to continue after you enter the command.
After creating a report, to get the report use the command file get activelog platform/log/filename, where filename is the report filename that is displayed after the command completes.
Collects all log files needed for database troubleshooting.
admin:utils create report database Created /var/log/active/cm/log/informix/[hostname]_db_report_Oct_27_11_13_10 for log collection... Collecting database logs, please be patient... Collecting message logs (ccm.log) and assert failure files (af files)... Collecting ris and ats files... Collecting DB Replication logs... Collecting DB install logs... Collecting dblrpc and dbmon logs... Collecting CDR information... COMPLETED! Database report created successfully... To retrieve the [hostname]_db_report_Oct_27_11_13_10.tar, use CLI command: file get activelog cm/log/informix/[hostname]_db_report_Oct_27_11_13_10.tar To delete the [hostname]_db_report_Oct_27_11_13_10.tar, use CLI command: file delete activelog cm/log/informix/[hostname]_db_report_Oct_27_11_13_10.tar
This command drops the Informix syscdr database on any server in the cluster.
You should run this command only if database replication reset or cluster reset fails and replication cannot be restarted.
Command privilege level: 0
Allowed during upgrade: No
Applies to: Unified Communications Manager, IM and Presence service on Unified Communications Manager, Cisco Unity Connection.
This command displays the status of database replication. Use this command only on the first publisher server of a cluster.
This command stops the automatic setup of database replication. Run this command on subscriber and publisher servers before executing the CLI command utils dbreplication reset or utils dbreblication clusterreset. You can run this command on the subscriber servers simultaneously, before you run it on the publisher server.
Parameters |
Description |
---|---|
nodename |
Specifies the name of the node on which to stop the automatic setup of database replication. |
all |
Stops database replication on all nodes. |
Command privilege level: 0
Allowed during upgrade: No
You must restart the Emergency Responder Subscriber node from CUOS Administration or using the CLI command utils system restart after executing utils dbreplication reset command. See help utils dbreplication reset CLI command for more details.
This command enables you to diagnose and attempt to automatically fix system problems.
utils diagnose {fix| list| module| test| version} [module_name]
Parameters |
Description |
---|---|
fix |
Runs all diagnostic commands and attempts to fix problems. |
list |
Lists all available diagnostic commands. |
module |
Runs a single diagnostic command or group of commands and attempts to fix problems. |
test |
Runs all diagnostic commands but does not attempt to fix problems. |
version |
Displays the diagnostic framework version. |
module_name |
The name of a diagnostics module. |
This command enables you to run all diagnostic commands but does not attempt to fix any problems.
utils diagnose test
This command starts a backup job and stores the resulting tar file on a remote server.
utils disaster_recovery backup network [featurelist] [path] [servername] [username]
Parameters |
Description |
---|---|
featurelist |
Specifies the list of features to back up, separated by commas. |
path |
Represents the location of the backup files on the remote server. |
servername |
Represents the IP address or host name of the server where you stored the backup files. |
username |
Represents the username that is needed to log in to the remote server. |
Note | The system prompts you to enter the password for the account on the remote server. |
The system prompts you to confirm that you want to cancel the backup job.
utils disaster_recovery device add network device_name path server_name/ip_address username [Number_of_backups]
Parameters |
Description |
---|---|
device_name |
The name of the backup device to be added. |
path |
The path to retrieve backup device from this location. |
server_name/ip_address |
The hostname or IP address of the server where the backup file needs to be stored. |
username |
the user ID to connect to remote machine |
Number_of_backups |
(Optional)The number of backups to store on Network Directory(default 2). |
Use the following example when running the utils disaster_recovery device add network command:
utils disaster_recovery device add network networkDevice /root 10.77.31.116 root 3
Parameters |
Description |
---|---|
device_name |
The name of the device to be deleted. |
* |
Deletes all the existing devices except for the ones associated to a schedule. |
This command shows the device name, device type, and device path for all the backup devices.
The following example shows how to run this command:
utils disaster_recovery device list sftpdevice NETWORK 10.77.31.116 : /root tapedevice TAPE /dev/nst0 localdevice LOCAL /common/drfbackup
estimate_tar_size help:
This command provides the estimated size of last successful backup from SFTP/Local device.
Parameters |
Description |
---|---|
Name of the tar |
This will give the tar file name through which the size can be estimated. |
admin:utils disaster_recovery estimate_tar_size CER Estimated tar size successfully: Estimated size of backup for selected feature(s) is 42.52 MB.
This command shows the history of a previous backup or restore
Parameters |
Description |
---|---|
operation |
The name of an operation such as backup or restore. |
The following example shows how to run this command:
utils disaster_recovery history backup Tar Filename: Backup Device: Completed On: Result: Backup Type: Features Backed Up: 2009-10-30-14-53-32.tar TAPE Fri Oct 30 14:55:31 CDT 2009 ERROR MANUAL 2009-12-10-10-30-17.tar TAPE Thu Dec 10 10:35:22 CST 2009 SUCCESS MANUAL CDR_CAR,CCM
This command enables and disables detailed JSch logging.
drfCliCommand: JSch detailed logging enabled. Restart DRS Master and Local Agent in this machine for the changes to take effect.
drfCliCommand: JSch detailed logging disabled. Restart DRS Master and Local Agent in this machine for the changes to take effect. JSch logs deleted successfully.
utils disaster_recovery schedule add schedulename devicename featurelist datetime frequency
Parameters |
Description |
---|---|
schedulename |
The name of the scheduler. |
devicename |
The name of the device for which scheduling is done. |
featurelist |
The comma-separated feature list to back up. |
datetime |
The date when the scheduler is set. The format is (yyyy/mm/dd-hh:mm) 24-hr clock. |
frequency |
The frequency at which the scheduler is set to receive a backup. For example: ONCE, DAILY, WEEKLY and MONTHLY . |
The following example show how to run this command:
utils disaster_recovery schedule add schedulename devicename featurelist datetime frequency Schedule has been saved successfully.
Parameters |
Description |
---|---|
schedulename |
The name of the schedule that needs to be deleted. |
* |
Deletes all of the existing schedules. |
The following example shows how this command is run:
utils disaster_recovery schedule delete schedule1| Schedules deleted successfully.
Parameters |
Description |
---|---|
schedulename |
The name of the schedule that needs to be disabled. |
The following example shows how to run this command:
utils disaster_recovery schedule disable schedule1 Schedule disabled successfully.
Parameters |
Description |
---|---|
schedulename |
The name of the schedule that needs to be enabled. |
The following example shows how to run this command:
utils disaster_recovery schedule enable schedule1 Schedule enabled successfully.
This command starts a restore job and takes the backup tar file from a remote server.
utils disaster_recovery restore network restore_server tarfilename path servername username
Parameters |
Description |
---|---|
restore_server |
Specifies the hostname of the server that you want to restore. |
tarfilename |
Specifies the name of the file to restore. |
path |
Represents the location of the backup files on the remote server. |
servername |
Represents the IP address or host name of the server where you stored the backup files. |
username |
Represents the username that is needed to log in to the remote server. |
Note | The system prompts you to enter the password for the account on the remote server. |
This command displays information about the backup files that are stored on a tape.
Parameters |
Description |
---|---|
tapeid |
Represents the ID of an available tape device. |
This command displays information about the backup files that are stored on a remote server.
utils disaster_recovery show_backupfiles network path servername username
Parameters |
Description |
---|---|
path |
Represents the location of the backup files on the remote server. |
servername |
The IP address or host name of the server where you stored the backup files. |
username |
The username that is needed to log in to the remote server. |
This command displays the registered features and components on the specified server.
Parameters |
Description |
---|---|
hostname |
The server that you want to display registration information. |
This command displays the status of the current backup or restore job.
Parameters |
Description |
---|---|
operation |
The name of the ongoing operation: backup or restore. |
The file I/O reporting service provides a kernel-based daemon for collecting file I/O per process.
Command |
Result |
---|---|
utils fior |
This command allows you to monitor the I/O on the server. The File I/O Reporting service provides a kernel-base daemon for collecting file I/O per process. |
utils fior disable |
|
utils fior enable |
|
utils fior list [start=date-time] [stop=date-time] |
This command displays a list of the I/O events for all processes. |
utils fiorstart |
|
utils fior status |
|
utils fior stop |
|
utils fior top number [read | write | read-rate | write-rate] [start=date-time] [stop=date-time] |
This command displays a list of I/O statistics for I/O bound processes at the time that you run this command. |
Parameters |
Description |
---|---|
disable |
Prevents the file I/O reporting service from starting automatically when the machine boots. This command does not stop the service without a reboot. Use the stop option to stop the service immediately. |
enable |
Enables the file I/O reporting service to start automatically when the machine boots. This command does not start the service without a reboot. Use the start option to start the service immediately. |
list |
This command displays a list of file I/O events, in chronological order, from oldest to newest. |
start |
Starts a previously stopped file I/O reporting service. The service remains in a started state until it is manually stopped or the machine is rebooted. |
status |
Displays the status of the file I/O reporting service. |
stop |
Stops the file I/O reporting service. The service remains in a stopped state until it is manually started or the machine is rebooted. |
top |
Displays a list of top processes that create file I/O. This list can be sorted by the total number of bytes read, the total number of bytes written, the rate of bytes read, or the rate of bytes written. |
start |
Specifies a starting date and time. |
stop |
Specifies a stopping date and time. |
date-time |
Specifies a date and time, in any of the following formats: H:M, H:M:S a, H:M, a, H:M:S Y-m-d, H:M, Y-m-d, H:M:S. |
number |
Specifies how many of the top processes to list. |
[read | write | read-rate | write-rate] |
Specifies the metric used to sort the list of the top processes. |
Command |
Result |
---|---|
utils firewall {enable |disable[time]} |
This commands enables and disables firewall. |
utils firewall list |
This commands displays the current configuration of the firewall. |
utils firewall status |
This command displays the current status of the IPv4 firewall. |
Parameters |
Description |
---|---|
disable |
Disables the firewall. |
time |
|
list |
The current firewall configuration. |
status |
The status of the firewall. |
When the firewall is disabled, you must enter the URL of the Cisco Unified Communications Manager server in the following format to log into the web interface:
https://server:8443/
where server is the server name or IP address of the server.
This command enables and disables IPv4 firewall.
Parameters |
Description |
---|---|
enable |
Turns on the IPv4 firewall. |
disable |
Turns off the IPv4 firewall. If you do not enter the time parameter, this command disables the firewall for 5 minutes. |
[time] |
|
Administrator (admin:)
This command turns IPv4 firewall debugging on or off. If you do not enter a time parameter, this command turns on debugging for 5 minutes.
Parameters |
Description |
---|---|
off |
Enables the collection of audit logs. When enabled, the system monitors and records user actions as well as Linux events such as the creation and removal of users, as well as the editing and deleting of files. |
[time] |
(Optional) Disables the collection of audit logs. |
Administrator (admin:)
This command displays the current configuration of the IPv4 firewall.
Administrator (admin:)
This command displays the current status of the IPv4 firewall.
Administrator (admin:)
This command imports all configuration settings found on the platformConfig.xml file and then reboots the system.
This command displays the iostat output for the given number of iterations and interval.
Parameters |
Description |
---|---|
interval |
The value in seconds between two iostat readings (mandatory if you specify the number of iterations). |
interations |
The number of iostat iterations to be performed (mandatory if you specify an interval). |
filename |
Redirects the output to a file. |
This command enables I/O throttling enhancements. When enabled, I/O throttling enhancements lower the impact of upgrades on an active system.
This could adversely affect the system during upgrades.
This command displays the status of I/O throttling enhancements.
This command lists, sets, or deletes Address Resolution Protocol (ARP) table entries.
Command |
Result |
---|---|
utils network arplist [host host] [page] [numeric] |
This command lists the contents of the Address Resolution Protocol table. |
utils network arpset {host} {address} |
This command sets an entry in the Address Resolution Protocol table. |
utils network arpdelete host |
This command deletes an entry in the Address Resolution Protocol table. |
Parameters |
Description |
---|---|
list |
Lists the contents of the address resolution protocol table. |
set |
sets an entry in the address resolution protocol table. |
delete |
deletes an entry in the address resolution table. |
host |
represents the host name or IP address of the host to add or delete to the table. |
address |
represents the MAC address of the host to be added. Enter the MAC address in the following format: XX:XX:XX:XX:XX:XX. |
page |
Displays the output one page at a time. |
numeric |
Displays hosts as dotted IP addresses. |
This command captures IP packets on the specified Ethernet interface.
utils network capture eth0 [page] [numeric] [file fname] [count num] [size bytes] [src addr] [dest addr] [port num]
Parameters |
Description |
---|---|
eth0 |
Specifies Ethernet interface 0. |
page |
(Optional)Displays the output one page at a time. When you use the page or file options, the complete capture of all requested packets must occur before the command completes. |
numeric |
(Optional)Displays hosts as dotted IP addresses. |
file fname |
(Optional)Outputs the information to a file. The file option saves the information to platform/cli/fname.cap. The filename cannot contain the "." character. |
count num |
(Optional)Sets a count of the number of packets to capture. For screen output, the maximum count equals 1000 and, for file output, the maximum count equals 10,000. |
size bytes |
(Optional)Sets the number of bytes of the packet to capture. For screen output, the maximum number of bytes equals 128, for file output, the maximum of bytes can be any number or ALL. |
src addr |
(Optional)Specifies the source address of the packet as a host name or IPV4 address. |
dest addr |
(Optional)Specifies the destination address of the packet as a host name or IPV4 address. |
port num |
(Optional)Specifies the port number of the packet, either source or destination. |
This command verifies the server's network connection to the publisher server. It is only valid on a subscriber server.
This command verifies the node network connection to the first node in the cluster. It is for Cisco Emergency Responder Subscriber only.
utils network connectivity output
This command resolves a host name to an address or an address to a host name.
utils network host hostname [server server-name] [page] [detail] [srv]
Parameters |
Description |
---|---|
hostname |
The host name or IP address that you want to resolve. |
server-name |
(Optional)Specifies an alternate domain name server. |
page |
(Optional)Displays the output one screen at a time. |
detail |
(Optional)Displays a detailed listing. |
srv |
(Optional)Displays DNS SRV records. |
Parameters |
Description |
---|---|
destination |
The hostname or IP address of the server that you want to ping. |
count |
(Option)Specifies the number of times to ping the external server. The default count equals 4. |
This command traces IP packets that are sent to a remote destination.
Parameters |
Description |
---|---|
destination |
The hostname or IP address of the server to which you want to send a trace. |
norestart results in the NTP service not being restarted after adding the servers.
Note | If the norestart option is used, an explicit restart of the NTP service is required for the changes to take effect. |
Adding servers with incorrect command line parameters
-------------------------------------------------------------- admin:utils ntp server add s1 s2 s3 s4 s5 s6 s7 s8 Incorrect number of parameters entered for add usage: utils ntp server add s1 [s2 s3 s4 s5] [norestart] admin:
Adding using norestart without specifying a server
----------------------------------------------------------- admin:utils ntp server add norestart At least one NTP server must be specified for add operation. usage: utils ntp server add s1 [s2 s3 s4 s5] [norestart]
Adding servers without norestart
----------------------------------------- admin:utils ntp server add clock1.cisco.com clock2.cisco.com clock1.cisco.com : added successfully. clock2.cisco.com : added successfully. Restarting NTP on the server.
Adding servers that are already added, without norestart
----------------------------------------------------------------- admin:utils ntp server add clock1.cisco.com clock2.cisco.com clock1.cisco.com : [The host has already been added as an NTP server.] clock2.cisco.com : [The host has already been added as an NTP server.] admin:
Adding server to self without norestart
------------------------------------------------ admin:utils ntp server add bglr-ccm26 bglr-ccm26 : [This server cannot be added as an NTP server.] admin:
Adding inaccessible server without norestart
----------------------------------------------------- admin:utils ntp server add clock3.cisco.com clock3.cisco.com : [ Inaccessible NTP server. Not added. ] admin:
Adding servers with norestart
-------------------------------------- admin:utils ntp server add ntp01-syd.cisco.com ntp02-syd.cisco.com clock.cisco.com norestart ntp01-syd.cisco.com: added successfully. ntp02-syd.cisco.com: added successfully. clock.cisco.com: added successfully. The NTP service must be restarted for the changes to take effect.
Adding servers when 5 are already configured
----------------------------------------------------- admin:utils ntp server add clock3.cisco.com The maximum permissible limit of 5 NTP servers is already configured
The command deletes any configured NTP server or all of them.
After the user enters their choice, they are prompted if they would like to restart the NTP service.
Answering No results in the NTP service not being restarted after deleting the servers.
Note | If the user chooses not to restart the NTP service, an explicit restart of the NTP service is required for the changes to take effect. |
Deleting servers with incorrect command line parameters
---------------------------------------------------------------- admin:utils ntp server delete clock1.cisco.com clock2.cisco.com Incorrect number of optional parameters entered for delete usage: utils ntp server delete admin:
Deleting single server with ntp restart
------------------------------------------------ admin:utils ntp server delete 1: clock1.cisco.com 2: clock2.cisco.com 3: ntp01-syd.cisco.com 4: ntp02-syd.cisco.com 5: clock.cisco.com a: all q: quit Choice: 1 Restart NTP (y/n): y clock1.cisco.com is deleted from the list of configured NTP servers. Continue (y/n)?y clock1.cisco.com: deleted successfully. Restarting NTP on the server. admin:
Deleting all servers without ntp restart
------------------------------------------------- admin:utils ntp server delete 1: clock1.cisco.com 2: clock2.cisco.com 3: ntp01-syd.cisco.com 4: ntp02-syd.cisco.com 5: clock.cisco.com a: all q: quit Choice: a Restart NTP (y/n): n This results in all the configured NTP servers being deleted. Continue (y/n)?y clock1.cisco.com: deleted successfully. clock2.cisco.com: deleted successfully. ntp01-syd.cisco.com: deleted successfully. ntp02-syd.cisco.com: deleted successfully. clock.cisco.com: deleted successfully. The NTP service must be restarted for the changes to take effect. admin:
Deleting all servers when no servers are configured
------------------------------------------------------------ admin:utils ntp server delete There are no NTP servers configured to delete.
Listing servers with incorrect command line parameters
--------------------------------------------------------------- admin:utils ntp server list all Incorrect optional parameter entered for list usage: utils ntp server list admin:
Listing servers
------------------------ admin:utils ntp server list clock1.cisco.com clock2.cisco.com ntp01-syd.cisco.com ntp02-syd.cisco.com clock.cisco.com admin:
Listing servers when no servers are configured
------------------------------------------------------- admin:utils ntp server list There are no NTP servers configured.
This command starts the NTP service, if it is not already running.
Note | You cannot stop the NTP service from the CLI. Use this command when the utils ntp status command returns stopped. |
This command configures kerneldump to provide a kernel crash dumping mechanism. The kernel captures the dump to the local disk, in case of a kernel crash.
Note | The netdump commands have been removed from release 8.6(1) and have been replaced with the kerneldump commands. |
If a kernel crash occurs, the capture kernel dumps the core on the local disk of the server. The primary kernel reserves 128MB of physical memory that the capture kernel uses to boot. The kerneldump uses the kexec command to boot into a capture kernel whenever the kernel crashes.
admin: utils os kerneldump enable ***************WARNING******************* Enabling kerneldump requires system reboot Would you like to boot the machine (y/n):y kerneldump enable operation succeeded System going for a reboot
This command enables, disables, or displays the status of an external SSH server.
Parameters |
Description |
---|---|
enable |
Configures an external SSH server as a kerneldump server to kernel dumps. |
disable |
Removes support of the external SSH server that is configured to collect kernel dumps. |
status |
Indicates whether an external SSH server is configured or not, to collect kernel dumps. |
If external SSH server has the kerneldump service enabled and a kernel crash occurs, the capture kernel dumps the core on the external server that is configured to collect the dump.Enabling and disabling kerneldump require a system reboot for the changes to come into effect.
Administrator (admin:)
admin: utils os kerneldump ssh disable 10.77.31.60 Disabling kerneldump requires system reboot Would you like to continue (y/n): y kerneldump disable operation succeeded System going for a reboot
This command is used to specify the level of security provided by selinux.
The selinux does not handle rate limiting. Rate limiting is handled by ipprefs and ip tables.
Administrator (admin:)
This command allows you to enable, disable, create, and check the status of a remote account.
Command |
Result |
---|---|
utils remote_account status |
This command allows you to check the status of a remote account. |
utils remote_account enable |
This command allows you to enable a remote account. |
utils remote_account disable |
This command allows you to disable a remote account. |
utils remote_account create username life |
This command creates a remote account. |
Parameters |
Description |
---|---|
username |
The name of the remote account. The username can contain only lowercase characters and must be more than six-characters long. |
life |
The life of the account in days. After the specified number of day, the account expires. |
A remote account generates a pass phrase that allows Cisco Systems support personnel to get access to the system for the specified life of the account. You can have only one remote account that is enabled at a time.
utils remote_account status
This command resets the application user interface administrator name.
Administrator (admin:)
This command resets the application user interface administrator password.
Administrator (admin:)
utils service{start| stop| restart | auto-restart {enable | disable | show} } service-name
Parameters |
Description |
---|---|
service-name |
|
auto-restart |
Causes a service to automatically restart. |
enable |
Enables auto-restart |
disable |
Disables auto-restart. |
show |
Shows the auto-restart status. |
This command retrieves a list of all services and their status.
Parameters |
Description |
---|---|
page |
(Option)Displays the output one page at a time. |
|
|
---|---|
utils snmp get version community ip-address object [file] |
This interactive command gets the SNMP data using the specified version for the specified MIB OID. |
utils snmphardware-agents [status | restart] |
This command affects the SNMP agents on the server. |
utils snmptest |
|
utils snmpwalk version community ip-address object [file] |
This interactive commands walks through the SNMP MIB. |
Parameters |
Description |
---|---|
get |
Displays the value of the specified SNMP object. |
hardware-agents status |
Displays the status of the hardware agents on the server. |
hardware-agents |
Stops all SNMP agents provided by the hardware vendor. |
hardware-agents restart |
Restarts the hardware agents on the server. |
test |
Tests the SNMP host by sending sample alarms to local syslog and remote syslog. |
walk |
Walks the SNMP MIB, starting with the specified SNMP object. |
version |
Specifies the SNMP version. Possible values are 1 or 2c. |
community |
Specifies the SNMP community string. |
ip-address |
Specifies the IP address of the server. Enter 127.0.0.1 to specify the local host. You can enter the IP address of another node in the cluster to run the command on that node. |
object |
Specifies the SNMP Object ID (OID) to get. |
file |
Specifies a file in which to save the command output. |
This interactive command adds, deletes, lists or updates a community string.
utils snmp config 1/2c community-string {add|delete |list|update}
Parameters |
Description |
---|---|
add |
Adds a new community string. |
delete |
Deletes a community string. |
list |
Lists all community strings. |
update |
Updates a community string. |
The system prompts you for the parameters.
The SNMP Master Agent service is restarted for configuration changes to take effect. Do not abort command after execution until restart is complete. If the command is aborted during service restart, verify service status of SNMP Master Agent by using utils service list. If service is down, start it by using utils service start SNMP Master Agent .
Administrator (admin:)
This interactive command affects v3 user configuration.
Parameters |
Description |
---|---|
add |
Adds a new v3 user with the v3 authentication and privacy passwords. |
delete |
Deletes the configuration information for an existing v3 user. |
list |
Lists the v3 users currently configured. |
update |
Updates configuration information for an existing v3 user. |
The system prompts you for the parameters.
Administrator (admin:)
This command affects the Mib2 configuration information.
Parameters |
Description |
---|---|
add |
Adds the Mib2 configuration information. |
delete |
Deletes the Mib2 configuration information. |
list |
Lists the Mib2 configuration information. |
update |
Updates the Mib2 configuration information. |
The system prompts you for the parameters.
Administrator (admin:)
This command is used to walk the SNMP MIB starting with the specified OID.
If you run snmp walk on a leaf in the MIB you basically get what you would get with 'utils snmp get ...' command. Here is the sample walk output we are getting for the OID 1.3.6 iso.3.6.1.2.1.1.1.0 = STRING: "Hardware:7825H, 1 Intel(R) Pentium(R) 4 CPU 3.40GHz, 2048 MB Memory: Software:UCOS 2.0.1.0-62" iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.9.1.583 iso.3.6.1.2.1.1.3.0 = Timeticks: (15878339) 1 day, 20:06:23.39 iso.3.6.1.2.1.1.4.0 = "" iso.3.6.1.2.1.1.5.0 = STRING: "bldr-ccm34.cisco.com" iso.3.6.1.2.1.1.6.0 = "" iso.3.6.1.2.1.1.7.0 = INTEGER: 72 iso.3.6.1.2.1.2.1.0 = INTEGER: 3 iso.3.6.1.2.1.2.2.1.1.1 = INTEGER: 1 iso.3.6.1.2.1.2.2.1.1.2 = INTEGER: 2 iso.3.6.1.2.1.2.2.1.1.3 = INTEGER: 3 iso.3.6.1.2.1.2.2.1.2.1 = STRING: "lo" iso.3.6.1.2.1.2.2.1.2.2 = STRING: "eth0" iso.3.6.1.2.1.2.2.1.2.3 = STRING: "eth1" iso.3.6.1.2.1.2.2.1.3.1 = INTEGER: 24 iso.3.6.1.2.1.2.2.1.3.2 = INTEGER: 6 iso.3.6.1.2.1.2.2.1.3.3 = INTEGER: 6 iso.3.6.1.2.1.2.2.1.4.1 = INTEGER: 16436 iso.3.6.1.2.1.2.2.1.4.2 = INTEGER: 1500 iso.3.6.1.2.1.2.2.1.4.3 = INTEGER: 1500 iso.3.6.1.2.1.2.2.1.5.1 = Gauge32: 0 iso.3.6.1.2.1.2.2.1.5.2 = Gauge32: 100000000 iso.3.6.1.2.1.2.2.1.5.3 = Gauge32: 10000000 iso.3.6.1.2.1.2.2.1.6.1 = Hex-STRING: 00 00 00 00 00 00 iso.3.6.1.2.1.2.2.1.6.2 = Hex-STRING: 00 16 35 5C 61 D0 iso.3.6.1.2.1.2.2.1.6.3 = Hex-STRING: 00 16 35 5C 61 CF iso.3.6.1.2.1.2.2.1.7.1 = INTEGER: 1 .....
If you provide an IP address of a remote host the command is executed on that remote host. You have to provide the IP address, not the domain name.
If you use this command on a specific OID (leaf) in the MIB, you will get the value of the MIB. The SNMP get output of system uptime iso.3.6.1.2.1.25.1.1.0 = Timeticks: (19836825) 2 days, 7:06:08.25
If you provide an IP address of a remote host, the command is executed on that remote host. You have to provide the IP address not the domain name.
This command restarts the system on the same partition, restarts the system on the inactive partition, or shuts down the system.
Parameters |
Description |
---|---|
restart |
Restarts the system. |
shutdown |
Shuts down the system. |
switch-version |
Switches to the product release installed on the inactive partition. |
The utils system shutdown command has a 5-minute timeout. If the system does not shut down within 5 minutes, the command gives you the option of doing a forced shutdown.
This commands redirects where the system boot output gets sent.
Parameters |
Description |
---|---|
console |
Redirects the system boot output to the console. |
serial |
Redirects the system boot output to the COM1 (serial port 1). |
status |
Displays the where the serial boot output currently gets sent. |
This command allows you to install upgrades and Cisco Option Package (COP) files from both local and remote directories.
Parameters |
Description |
---|---|
cancel |
Cancels the active upgrade. |
initiate |
Starts a new upgrade wizard or assumes control of an existing upgrade wizard. The wizard prompts you for the location of the upgrade file. |
status |
Displays the status of an upgrade. |
To upgrade the system, follow these steps:
Use the utils system upgrade list command to display a list of the .iso upgrade files that are available on the local disk or remote server from which you plan to upgrade.
Use the utils system upgrade get command to get the upgrade file that you want to use.
Use the utils system upgrade start command to start upgrading from the upgrade file that you received.
This command shows the version of the currently running VMware Tools.
This command updates the currently installed VMware Tools to the latest version required by the ESXi host for that VM.