cfxedgecollector supports following CLI Subcommands and the syntax, help are explained in the below sections.
authconfig
collect
configure
export
register
scheduler
status
job
uninstall
backup
restore
authconfig
authconfig command syntax (basic authorization)
Default out-of-the box cfxEdgeCollector authorization is basic.
Following example provides basic usage of authconfig subcommand.
$ cfxedgecollector authconfig --help
Initializing cfxedgecollector authentication.
usage: cfxedgecollector authconfig [-h] [--authprovider {basic,tacacs}] [--host HOST]
[--port PORT] [--secret SECRET] [--timeout TIMEOUT]
[--users USERS] [--useradd USERADD]
[--userdelete USERDELETE]
optional arguments:
-h, --help show this help message and exit
--authprovider {basic,tacacs}
Type of the authentication provider
--host HOST auth server location
--port PORT auth server port
--secret SECRET secret for auth server
--timeout TIMEOUT Authentication timeout
--users USERS Users who can access the edgecollector
--useradd USERADD Add an user to the allowed user list
--userdelete USERDELETE[macaw@edge-collector-vm-0 ~]$ cfxedgecollector authconfig --help
authconfig command syntax (TACACS authorization)
In addition to basic authconfig, if a user wants to add TACACS based authorization, the below CLI can be used.
Note: Stop the UI docker container, delete the container then change the authorization mechanism and start container
$ cfxedgecollector authconfig --authprovider tacacs --host 10.95.107.169 --port 49 --secret hari --timeout 15 --users hari --useradd hari
Collect
This subcommand is used for data collection
cfxedgecollector collect CLI can be used to collect the inventory data using the below steps:
(1) Credentials are configured using CLI
(2) Job details are all configured (as explained in UI section)
(3) Run the collect command using CLI (as shown below)
$ cfxedgecollector collect --help
Container name : cfxcollector
c95a7867c22c2765519286d7165aa4b55b2f7d42cf673e5b681206097c2b0848
cfxedgecollector job is running in the background with Id: c95a7867c22c
***********************************************************
** Attaching to the Running Container in view Mode only **
** Control+C will not terminate the job. **
***********************************************************
Note: Containers will be auto deleted upon Job completion.
usage: cfxedgecollector collect [-h] [--jobname JOBNAME] [--hopcount HOPCOUNT]
[--no_merge] [--group GROUP] [--seed SEED]
[--rule_file RULE_FILE]
[--default_profile DEFAULT_PROFILE]
[--no_rules] [--keep_raw]
[--worker_threads WORKER_THREADS]
[--load_profile LOAD_PROFILE]
[--max_calls MAX_CALLS] [--max_rows MAX_ROWS]
[--max_time MAX_TIME]
[--max_repetitions MAX_REPETITIONS]
[--fresh_start] [--rerun_failed]
[--rerun_inprogress] [--rerun_successful]
[--rerun_partialfailed] [--schedule SCHEDULE]
[--daemon] [--timezone TIMEZONE]
[--verify-credential] [--protocols PROTOCOLS]
[--output-file OUTPUTFILE]
job
positional arguments:
job Directory name containing job.json and necessary
credentials
optional arguments:
-h, --help show this help message and exit
--jobname JOBNAME Override job name with this name
--hopcount HOPCOUNT Override hop count
--no_merge Do not merge previously collected files (by default
merged)
--group GROUP Override collection group (list)
--seed SEED Override seed devices (list)
--rule_file RULE_FILE
Override rules filename with this name
--default_profile DEFAULT_PROFILE
Specify default collection profile (usually 'normal'
or 'slow')
--no_rules Do not run any rules, collect only specified groups
--keep_raw Preserve the raw collected data for CLI / APIs.
--worker_threads WORKER_THREADS
Number of collection worker threads
--load_profile LOAD_PROFILE
Load profile(various parameters that defines working
environment) to use
--max_calls MAX_CALLS
Max SNMP Calls for SNMP Table Operations (0 means no
limit)
--max_rows MAX_ROWS Max SNMP Rows to be collected for SNMP Table
Operations (0 means no limit, default:100,000)
--max_time MAX_TIME Max time in seconds for an SNMP Table Operation (0
means no limit, default:1800)
--max_repetitions MAX_REPETITIONS
Max Repetitions SNMP Bulk Walk Table Operation.
--fresh_start Clean the existing Database and Re-run the discovery
Fresh
--rerun_failed Run failed hosts from the previous execution.
--rerun_inprogress Run in-progress hosts from the previous execution.
--rerun_successful Run successful hosts from the previous execution.
--rerun_partialfailed
Run partially failed hosts from the previous
execution.
--schedule SCHEDULE Run collector at the specified schedule
--daemon Run collector in daemon mode (Collector will always be
running, even when no hosts/devices to discover)
--timezone TIMEZONE Use specified timezone for schedules. This overrides
schedule definition file
--verify-credential Verify credentials specified as a part of job
--protocols PROTOCOLS
Only verify specified protocols
--output-file OUTPUTFILE
Writes the credential verification output in the file
when specified
Merge different jobs and export merged jobs to AIA application
$ cfxedgecollector export --help
Container name : cfxexporter
usage: cfxedgecollector export [-h] [--jobname JOBNAME [JOBNAME ...]] [--network NETWORK]
[--outputname OUTPUTNAME] [--localonly] [--auto-export]
[--export-list] [--key-name KEY_NAME] [--job-export-list]
[--days DAYS] [--months MONTHS]
optional arguments:
-h, --help show this help message and exit
--jobname JOBNAME [JOBNAME ...]
Specify a valid jobname
--network NETWORK Export devices in the specified range or network
address Only
--outputname OUTPUTNAME
Use this argument to specify the output filename
--localonly Do not export to cfxAIA, export to a local file only
--auto-export Export all the device data in to a single zip file
where every job has auto-export enabled and key name
provided in it.
--export-list Status of all the uploaded data zip files
--key-name KEY_NAME Provide key name which is added in the job's export
settings.
--job-export-list Status of all the uploaded data zip files and its
individual jobs that are part of zip file
--days DAYS Data exported list till how many no.of days to show
--months MONTHS Data exported list till how many no.of months to show[macaw@localhost ~]$ cfxedgecollector export --help
Used to establish connectivity between EdgeCollector and AIA application
$ cfxedgecollector register --help
usage: cfxedgecollector register [-h] [--target TARGET] [--key-name KEYNAME]
[--key-value KEYVALUE] [--add] [--remove] [--update]
[--list]
optional arguments:
-h, --help show this help message and exit
--target TARGET target realize system ip-address/DNS Name
--key-name KEYNAME Unique and Alphanumeric key name, Allowed only Alphanumeric and _ or - special characters
--key-value KEYVALUE access key
--add Register to the realize system with edgecollector
--remove Un-register to the realize system with edgecollector
--update Update the realize system details with edgecollector
--list List all the cron job status
Note : Key needs to be configured at AIAAPP, download and use it to register cfxEdgeCollector with AIAAPP.
Scheduler
Used to schedule jobs and autoexport collected data by EdgeCollector to AIAAPP
$ cfxedgecollector scheduler --help
usage: cfxedgecollector scheduler [-h] [--jobname JOBNAME]
[--export-schedule-name EXPORT_NAME]
[--action {enable,disable,remove}] [--schedule SCHEDULE]
[--restore] [--comment COMMENT] [--status]
[--auto-export-schedule]
optional arguments:
-h, --help show this help message and exit
--jobname JOBNAME Job name to apply the schedule
--export-schedule-name EXPORT_NAME
Auto export schedule name
--action {enable,disable,remove}
Type of the scheduler operation to perform on job.
--schedule SCHEDULE Schedule input json file. Runs collector at the specified schedule
--restore Restores removed cron job from Database to cron scheduler
--comment COMMENT Comment should not contain special characters like (*, SPACE etc). It's a single word comment.
--status List all the cron job status
--auto-export-schedule
Creates auto export schedule
This subcommand is used for checking the status as shown below
$ cfxedgecollector status --help
usage: cfxedgecollector status [-h] [--jobname JOBNAME] [--status] [--type TYPE]
[--network NETWORK] [--date_range DATE_RANGE] [--failed]
[--duplicates]
[--db {seed,inprogress,successful,duplicate,partial,failed,deviceidentity}]
optional arguments:
-h, --help show this help message and exit
--jobname JOBNAME Name of the job
--status Print current status of the Job and ignore all other
options and filters
--type TYPE Specify type of report
(default|credentials|groups|system|duplicates)
--network NETWORK Print devices in the specified ranges or network
addresses ex: 10.1.*.*, 10.25.1.2, 10.10.5.0/24,
10.12.1.1-10.12.1.20
--date_range DATE_RANGE
Print devices that have been attempted in the
specified date ranges (mm/dd/yyy-mm/dd/yyyy) with
optional time ex: 12/30/2017T10:00-12/31/2017T18:30
--failed Include failed devices also in the output
--duplicates Include duplicate devices also in the output
--db {seed,inprogress,successful,duplicate,partial,failed,deviceidentity}
Table to dump data from
Job
This subcommand is used to know the jobs list from cli to know the status of running jobs and to stop the jobs.
$ cfxedgecollector job --help
usage: cfxedgecollector job [-h] [--stop] [--list] [--status]
[--jobname JOBNAME]
optional arguments:
-h, --help show this help message and exit
--stop Stop a job
--list List all jobs
--status Status of running jobs
--jobname JOBNAME Job name to stop
Upgrade
This subcommand is used to upgrade EdgeCollector by using the following command
$ sudo pip install --upgrade <binary name>
Note: In case of upgrade only cfxedgecollector binaries will be upgraded. Existing jobs will be migrated as per the requirement.
Uninstall
Edge collector installation can be removed by using command
$ sudo cfxedgecollector uninstall
Before uninstallation users should manually stop the cfxedgecollector service by using command cfxedgecollector --delete. Also, users should make sure there are no running jobs.
Uninstallation using the above CLI command will remove only the installed binary. To cleanup all jobs and data, following CLI option can be used
Backup
All job configuration and data(with log, db etc) can be backed up using the following CLI command
$ cfxedgecollector backup
This will create a zip with the followings:
job dir
data dir
load profiles created by user
Encryption details
Backup info
1. What time backup is created
2. Info of the edge collector
All backups will be stored in the backup directory.
Backup Listing
Users can check the backed up data/list using following CLI command
cfxedgecollector backup –list
$ cfxedgecollector backup --help
usage: cfxedgecollector backup [-h] [--list]
optional arguments:
-h, --help show this help message and exit
--list Lists all backups
Restore
Previously backed up data can be restored using following CLI command
cfxedgecollector restore < backup.zip
Prerequisites
No job should be running while restoring the backup.
If the job with the same name exists, then the existing job will be overwritten only if "--override" flag is present, otherwise the job will be skipped with a message.
While restoring the job, all credentials will be re-encrypted with the new keys.
$ cfxedgecollector restore --help
usage: cfxedgecollector restore [-h] [--override] backup_file
positional arguments:
backup_file
optional arguments:
-h, --help show this help message and exit
--override Replace if job exists with same name, skip otherwise