Core/CM Server CLI Commands
This chapter describes the commands for available for Juniper ATP Appliance Core/CM or vCore servers. These commands are used to configure devices and software, manage security events, and show system information and status.
You must enclose non-alphabet characters in double quotes in CLI commands.
Basic Mode Commands
Use general system commands to configure the appliance, view appliance history, enter other CLI modes, obtain help with CLI syntax, and to exit the CLI session.
The general commands are:
Refer to the respective sections in this guide to review Diagnosis Mode, CM Mode, Collector Mode and Server Mode commands per product device.
Core Mode Commands
Server Mode Commands
Diagnosis Mode Commands
CoreCM CLI Commands
- capture-start
- cm
- core
- copy
- diagnosis
- exit
- gssreport
- help
- history
- ifrestart
- ping
- reboot
- reset-admin-password
- restart
- restore
- set (core mode)
- server
- set system-alert (server mode)
- set (server mode)
- set appliance-type (server mode)
- set (diagnosis mode)
- setupcheck
- show (core mode)
- show (diagnosis mode)
- show (server mode)
- shutdown
- traceroute
- upgrade
- updateimage
- wizard
capture-start
Description |
Starts packet capture as a means for diagnosing and debugging network traffic and obtaining stats. See Also:[mode]; |
Product(s) CLI |
All-in-One | Collector | Core | Mac OS X Detection Engine |
Mode(s) |
Diagnosis |
Syntax |
capture-start |
Parameters |
<IP address> <interface_name> |
Sub-Commands |
None |
Example |
The following example starts a packet capture process on interface eth1 for a Traffic Collector with IP address 8.8.8.8: hostname # diagnosis hostname (diagnosis)# capture-start 8.8.8.8 eth1 Note:
Note: Address 8.8.8.8 need not be a Juniper ATP Appliance. It is just a host that the capture filters on. |
cm
Description |
Enters cm (Central Manager) mode. See Also: basic [mode]; |
Product(s) CLI |
All-in-One | Core |
Mode(s) |
Basic |
Syntax |
cm |
Parameters |
None |
Sub-Commands |
exit | help | history | upgrade |
Example |
The following command example enters cm configuration mode: hostname # cm hostname (cm)# |
core
Description |
Enters core mode. See Also: basic [mode]; |
Product(s) CLI |
All-in-One | Collector | Core | Mac OS X Detection Engine |
Mode(s) |
Basic |
Syntax |
core |
Parameters |
None |
Sub-Commands |
exit, help, history, show, updateimage |
Example |
The following command example enters core configuration mode: hostname # core hostname (core)# |
copy
Description |
Uses Secure Copy (SCP) to copy and transfer packet capture or traceback (crash) data to a remote location, providing the same authentication and level of security as an SSH transfer. The copy traceback command, upon Customer Support's request, copies the traceback files out of the box to a remote location. See Also:[mode]; |
Product(s) CLI |
All-in-One | Collector | Core-CM | Mac OSX Engine |
Mode(s) |
Diagnosis |
Syntax |
copy capture <scp source_file_name username@destination_host:destination_folder> | traceback {<tab> | ALL} <string URI as user@hostname:path |
Parameters |
copy capture <scp remote filename_location> copy traceback <ALL | filename> copy traceback <tab> [tab displays all available crash filenames] |
Sub-Commands |
None |
Example |
The following example copies the file "Eth1.txt" from the local host to a remote host: hostname (diagnosis)# copy capture scp captureEth1.txt |
diagnosis
Description |
Enters the Diagnosis configuration and status check mode. See Also: collector [mode], server [mode] |
Product(s) CLI |
All-in-One | Collector | Mac OS X Detection Engine |
Mode(s) |
Basic |
Syntax |
diagnosis |
Parameters |
None |
Sub-Commands |
; ; ; ;;;;;; |
Example |
The following example enters diagnosis configuration and status check mode: hostname # diagnosis hostname (diagnosis)# ? |
exit
Description |
Ends the CLI session. |
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Basic | Core | Collector | Diagnosis | Server |
Syntax |
exit |
Parameters |
None |
Example |
The following example ends a command mode or CLI session. JATP# (diagnosis) exit JATP# |
gssreport
Description |
Use the gssreport command to submit reports to Juniper Global Security Services (GSS), and to display the status of the current GSS report. See Also:;[mode] |
Product(s) CLI |
All-in-One | Collector | Mac OS X Detection Engine |
Mode(s) |
diagnosis |
Syntax |
gssreport status | submit |
Parameters |
status - displays the status of the current GSS report. submit - submits a report to Juniper ATP Appliance GSS. |
Sub-Commands |
None |
Example |
The following examples display the status of a GSS report submission: hostname # diagnosis hostname (diagnosis)# gssreport submit Successfully started GSS report hostname (diagnosis)# gssreport status GSS is currently enabled Last 5-minute GSS report at 2015-07-28 10:34:24.414322: successfully submitted Last hourly GSS report at 2015-07-28 10:34:24.468259: successfully submitted Last daily GSS report at 2015-07-28 10:34:28.225512: successfully submitted |
help
Description |
Displays information about the CLI help system. |
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Basic | Core | Collector | Diagnosis | Server |
Syntax |
help |
Parameters |
None |
Example |
The following example shows some of the output of the help command. CONTEXT SENSITIVE HELP [?] - Display context sensitive help. This is either a list of possible command completions with summaries, or the full syntax of the current command. A subsequent repeat of this key, when a command has been resolved, will display a detailed reference. AUTO-COMPLETION The following keys both perform auto-completion for the current command line. If the command prefix is not unique then the bell will ring and a subsequent repeat of the key will display possible completions. [enter] - Auto-completes, syntax-checks then executes a command. If there is a syntax error then offending part of the command line will be highlighted and explained. [tab] - Auto-completes [space] - Auto-completes, or if the command is already resolved inserts a space. If “<cr>” is shown, that means that what you have entered so far is a complete command, and you may press Enter (carriage return) to execute it. Use ? to learn command parameters and option: JATP (server)# show f? firewall Show the firewall configuration settings interface JATP (server)# show firewall? all Show the current iptables settings whitelist Show the iptables whitelist settings show firewall whitelist? <cr> show firewall whitelist |
history
Description |
Displays the current CLI session command line history. |
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Basic | Core | Collector | Diagnosis | Server |
Syntax |
history |
Parameters |
None |
Example |
The following examples returns command line history for the current CLI session. JATP# (core) history |
ifrestart
Description |
Restarts the interface driver and services using the interface. |
Product(s) CLI |
All-in-One | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Server |
Syntax |
ifrestart eth0 | eth1 |
Parameters |
eth0 Restarts the management network administra interface. eth1 Restarts the monitoring network interface. |
Example |
The following example restarts the eth0 interface for the management network. <FireEye_name># ifrestart eth0 |
ping
Description |
Sends ICMP (Internet Control Message Protocol) echo request packets to a specified host name or IP address to verify that the destination is reachable over the network. |
||||||
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
||||||
Mode(s) |
Server |
||||||
Syntax |
ping [-c count] [-h hops] [string] |
||||||
Parameters |
|
||||||
Example |
The following example sends three echo requests to the device with the IP Address 10.10.10.1 <FireEye_name># ping -c 3 10.10.10.1 PING 10.10.10.1 (10.10.10.1) 56(84) bytes of data. 64 bytes from 10.10.10.1: icmp_req=1 ttl=64 time=0.314 ms 64 bytes from 10.10.10.1: icmp_req=2 ttl=64 time=0.277 ms 64 bytes from v: icmp_req=3 ttl=64 time=0.274 m --- 10.10.10.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1999ms rtt min/avg/max/mdev = 0.274/0.288/0.314/0.022 ms |
reboot
Description |
Reboots the Juniper ATP Appliance. |
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Server |
Syntax |
reboot |
Parameters |
None |
Example |
The following example reboots the system. hostname# reboot |
reset-admin-password
Description |
A sudo user named “recovery” uses this command to reset the admin password. This user will not require any password and can only login on a physical device, not using ssh login. |
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Server |
Syntax |
recovery |
Parameters |
exit | help| history | reset-admin-password |
Example |
The following example resets the admin password. customer login: recovery Note:
Since passwords do not sync across devices, you must perform this reset manually on all ATP Appliance devices. |
restart
Description |
Restarts Juniper ATP Appliance services. |
||||||||||||||||||||||
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
||||||||||||||||||||||
Mode(s) |
Server |
||||||||||||||||||||||
Syntax |
restart [all | behaviorengine | cm | collector | core | correlationengine | database | ntpserver | sshserver | staticengine | webserver] |
||||||||||||||||||||||
Parameters |
|
||||||||||||||||||||||
Example |
The following example restarts the Central manager service. JATP# restart cm |
restore
Description |
Restores the system configuration to the factory default settings. This will only reset the password to default temporarily. |
||||||||
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
||||||||
Mode(s) |
server |
||||||||
Syntax |
restore [support | firewall {backup | default} | hostname | network] Allowlist rules rely on normal service shutdown to be backed up. Powering off a VM directly will lose the allowist state as rules cannot be saved in that case. |
||||||||
Parameters Note:
vCore for AWS does not use the following CLI commands: restore hostname restore network |
|
||||||||
Example |
The following example restores the system. JATP# restore This next example restores the SSH login “support” password to the default JATP # restore support password Restore the default support password? (Yes/No)? yes support password was restored successfully! |
set (core mode)
Description |
Resets the Secondary Core UUID, if the virtual core is cloned. |
Product(s) CLI |
Core/CM (Virtual Core) |
Mode(s) |
Core (for Virtual Core configurations) |
Syntax |
set id |
Sub-Commands |
None |
Example |
The following example sets the Virtual Core appliance id: hostname # core hostname (core) # set id <cr> |
server
Description |
Enters the server configuration mode. |
Product(s) CLI |
All-in-One | Collector | Core/CM | Mac Mini Mac OS X |
Mode(s) |
Basic |
Syntax |
server |
Sub-Commands |
;;;;;;;;;; Whitelist rules rely on normal service shutdown to be backed up.Powering off a VM directly will lose the allowlist state as rules cannot be saved in that case. |
Example |
The following example enters server configuration mode: hostname # server hostname (server) # ? |
set system-alert (server mode)
Description |
Configure the traffic threshold and checking interval for the Collector “monitored traffic” health status. When the monitored traffic of a collector within the checking interval time is lower than the threshold, a system health alert is generated. You can send an email notification of the alert if email notifications of system health events are configured. |
Product(s) CLI |
All-in-One | Core CM |
Mode(s) |
Server, See Also:; set (collector mode); show |
Syntax |
set system-alert traffic <integer> time <interval> Note:
Note that both "traffic" and "time" parameters are required in order to set the threshold for both the minimum traffic and time. |
Parameters |
traffic - the minimum traffic (in KB) interval - the checking interval (in minutes) |
Example |
JATP (server) # set system-alert traffic 100 time 30 This example sets the system alert such that, if the total monitored traffic of a collector within the last 30 minutes dips lower than 100KB, then a system health alert will be generated (and users will receive an email notification of the alert if email notifications are configured for system health events). By default this alert is disabled, and users must set the minimum traffic and interval in order to enable it. Also note that all bytes seen on Ethernet frames are counted in the traffic. The minimum interval for the "set system-alert traffic" time interval command is 10 minutes. If the minimum interval is set to less than 10 minutes, no alerts will be triggered. |
set (server mode)
Description |
Configure the system settings. |
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Server, See Also: ; ; |
Syntax |
set [autoupdate {on | off} | cli timeout secs | clock | cm address | cysupport {enable | disable} localmode {enable | disable}| passphrase string | dns | firewall {all <backup | flush> | whitelist} | hostname string | ip interface {management | alternate-exhaust}| ntpserver | password | proxy {config | enabled | remove} | timezone string | uipassword] |
Parameters Note:
vCore for AWS does not use the following CLI commands:
[Users cannot set static IP address or change the hostname directly on an EC2 AWS instance] (See columns below) |
|
autoupdate {content | software} {on | off} cli secs clock cm address set cysupport {enable | disable} | {localmode} dns firewall {all <backup | flush> | whitelist <add | delete | flush>} hostname string ip interface {management | alternateexhaust} <dhcp | address | netmask | gateway} |
Turn on or off automatic product updates. set autoupdate content on Sets CLI period in seconds (0 indicates no timeout). Sets the current date and time. Sets the IP address of the Central Manager and netmask using slash notation; ex: AAA.BBB.CCC.DD/X Enables remote SSH login “support” account or localmode enable|/disable. Sets DNS (or enables DHCP for DNS) for the management interface by default if interface is unspecified. Backs up or flushes (clears) all current iptables for a firewall, or adds, deletes or flushes the current iptables allowlist-specific settings for the firewall. The “add” option adds an IP address to the iptables outbound allowlist. # set firewall whitelist add 10.1.1.1 Sets the system’s host name. Sets the IP address, netmask, or default gateway, or enables DHCP for the management or alternate-exhaust interface. |
ntpserver passphrase string password |
Sets the Network Time Protocol (NTP) server. Sets the device key password; enter a string. Sets a new password for the CLI administrator. |
proxy {config <all|http> | enable <on|off> | remove <all|http>} |
Config, enable/disable, or remove “all” proxy configs, or remove an HTTP-specific proxy server. Tip:
Config the proxy for “all” protocols first, and then change HTTP proxy as needed. |
timezone string |
Sets the timezone for the device. |
uipassword |
Sets a new admin password for CM Web UI access. |
Examples |
The following example enables a proxy server. JATP (server)# set proxy enable on |
set appliance-type (server mode)
Description |
Change the appliance type at any time. For example, change from All-In-One to Core/CM. Note that if you change the appliance type after the initial installation, all data files related to the current type are lost and you must set up the appliance as you would a fresh box. |
||||
Product(s) CLI |
All-in-One | Core CM | Collector |
||||
Mode(s) |
server |
||||
Syntax |
jatp:AIO#(server)# set appliance-type core-cm |
||||
Parameters |
|
||||
Example |
The following example changes the form factor of the appliance from all-in-one (the default) to core-cm: jatp:AIO#(server)# set appliance-type core-cm This will result in the deletion of all data and configurations not relevant to the new form factor. Proceed? (Yes/No)? Yes |
set (diagnosis mode)
Description |
Sets the logging levels for Juniper ATP Appliance components from diagnosis mode. See Also: |
||||||||||||||
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
||||||||||||||
Mode(s) |
diagnosis |
||||||||||||||
Syntax |
set logging all |
||||||||||||||
Parameters |
|
||||||||||||||
Example |
The following example sets the default logging level for all Juniper ATP Appliance components. JATP# set logging all |
setupcheck
Description |
Checks and reports on basic configuration settings and analysis pipeline setup. |
Product(s) CLI |
All-in-One | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
diagnosis |
Syntax |
setupcheck {all | report | basic | analysis} |
Parameters |
all Checks both basic settings and analysis pipelin report Shows report of last setupcheck. basic Checks basic configuration settings. analysis Checks the analysis pipeline. |
Example |
The following example checks all basic configuration settings as well as the analysis pipeline: JATP (diagnosis) # setupcheck all |
show (core mode)
Description |
Displays the guest image(s) status or allowlist statistics. See Also:; show (diagnostic mode) |
|||||||||||||||
Product(s) CLI |
See Also: shutdown; show (diagnostic mode) |
|||||||||||||||
Mode(s) |
Core |
|||||||||||||||
Syntax |
show |
|||||||||||||||
Parameters |
|
|||||||||||||||
Example |
The following example demonstrates the show images command usage: JATP(core)# show images The following example demonstrates the show whitelist command usage: JATP(core)# show whitelist JATP(core)# show whitelist
The following example shows how to get the alternate-exhaust interface (eth2) status: JATP(core)# show alternate-exhaust interface |
show (diagnosis mode)
Description |
Sets the logging levels for Juniper ATP Appliance components from diagnosis mode. See Also: |
||||||||||||||
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
||||||||||||||
Mode(s) |
diagnosis |
||||||||||||||
Syntax |
show |
||||||||||||||
Parameters |
|
||||||||||||||
Example |
The following example displays the connected Traffic Collector status. JATP(diagnosis)# show device collectorstatus <cr>
This example displays the log error traceback JATP(diagnosis)# show log error traceback <cr> |
show (server mode)
Description |
Display configurations and status information. |
Product(s)CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Server, See Also: |
Syntax |
show |
Parameters (See Tables below) |
|
autoupdate |
Show the automatic update setting. |
cli timeout |
Show the CLI timeout setting. |
clock |
Show the current date and time. |
cm |
Show the Central Manager IP address. |
controller |
Show the driver state for interfaces. |
cysupport |
Show the remote SSH login support status. |
description |
Show the server or system description. |
devicekey |
Show the device key. |
devicetype |
Show the device type. |
dns |
Show the DNS servers settings. |
eula |
Show the End User License Agreement. |
firewall [all <| whitelist] |
Show the firewall configuration settings. |
hostname |
Show the system’s host name. |
interface [management | monitoring | alternateexhaust] |
Show information about the management (administrative) network interface eth0, or the monitoring interface (eth1), or the alternate-exhaust interface (eth2). |
See Also: show controller |
Show the IP address of the management (administrative) interface eth0. |
ip |
Results may show both private and public IP addresses if the AWS vCore has a public IP. |
name |
Show the server name. |
ntpserver |
Show the Network Time Protocol (NTP) server settings. |
proxy |
Shows the proxy configuration for the management network. Show system statistics: |
See also show (collector mode) for show proxy inside/outside data path |
cpuload shows average CPU load in the system for running processes in the last 1, 5 and 15 min intervals. |
stats [cpuload | disk | memory] |
memoryshows the system memory usage. show stats cpuload (0.06,0.13,0.13) |
system-alert |
Shows the current set system-alert settings. |
set timezone |
Shows the list of available timezones as displayed below. Africa/Abidjan Africa/Accra Africa/Addis_Ababa Africa/Algiers Africa/Asmara Africa/Asmera Africa/Bamako Africa/Bangui Africa/Banjul Africa/Bissau Africa/Blantyre Africa/Brazzaville Africa/Bujumbura Africa/Cairo Africa/Casablanca Africa/Ceuta Africa/Conakry Africa/Dakar Africa/Dar_es_Salaam Africa/Djibouti Africa/Douala Africa/El_Aaiun Africa/Freetown Africa/Gaborone Africa/Harare Africa/Johannesburg Africa/Juba Africa/Kampala Africa/Khartoum Africa/Kigali Africa/Kinshasa Africa/Lagos Africa/Libreville Africa/Lome Africa/Luanda Africa/Lubumbashi Africa/Lusaka Africa/Malabo Africa/Maputo Africa/Maseru Africa/Mbabane Africa/Mogadishu Africa/Monrovia Africa/Nairobi Africa/Ndjamena Africa/Niamey Africa/Nouakchott Africa/Ouagadougou Africa/Porto-Novo Africa/Sao_Tome Africa/Timbuktu Africa/Tripoli Africa/Tunis Africa/Windhoek America/Adak America/Anchorage America/Anguilla America/Antigua America/Araguaina America/Argentina/Buenos_Aires America/Argentina/Catamarca America/Argentina/ComodRivadavia America/Argentina/Cordoba America/Argentina/Jujuy America/Argentina/La_Rioja America/Argentina/Mendoza America/Argentina/Rio_Gallegos America/Argentina/Salta America/Argentina/San_Juan America/Argentina/San_Luis America/Argentina/Tucuman America/Argentina/Ushuaia America/Aruba America/Asuncion America/Atikokan America/Atka America/Bahia America/Bahia_Banderas America/Barbados America/Belem America/Belize America/Blanc-Sablon America/Boa_Vista America/Bogota America/Boise America/Buenos_Aires America/Cambridge_Bay America/Campo_Grande America/Cancun America/Caracas America/Catamarca America/Cayenne America/Cayman America/Chicago America/Chihuahua America/Coral_Harbour America/Cordoba America/Costa_Rica America/Creston America/Cuiaba America/Curacao America/Danmarkshavn America/Dawson America/Dawson_Creek America/Denver America/Detroit America/Dominica America/Edmonton America/Eirunepe America/El_Salvador America/Ensenada America/Fort_Nelson America/Fort_Wayne America/Fortaleza America/Glace_Bay America/Godthab America/Goose_Bay America/Grand_Turk America/Grenada America/Guadeloupe America/Guatemala America/Guayaquil America/Guyana America/Halifax America/Havana America/Hermosillo America/Indiana/Indianapolis America/Indiana/Knox America/Indiana/Marengo America/Indiana/Petersburg America/Indiana/Tell_City America/Indiana/Vevay America/Indiana/Vincennes America/Indiana/Winamac America/Indianapolis America/Inuvik America/Iqaluit America/Jamaica America/Jujuy America/Juneau America/Kentucky/Louisville America/Kentucky/Monticello America/Knox_IN America/Kralendijk America/La_Paz America/Lima America/Los_Angeles America/Louisville America/Lower_Princes America/Maceio America/Managua America/Manaus America/Marigot America/Martinique America/Matamoros America/Mazatlan America/Mendoza America/Menominee America/Merida America/Metlakatla America/Mexico_City America/Miquelon America/Moncton America/Monterrey America/Montevideo America/Montreal America/Montserrat America/Nassau America/New_York America/Nipigon America/Nome America/Noronha America/North_Dakota/Beulah America/North_Dakota/Center America/North_Dakota/New_Salem America/Nuuk America/Ojinaga America/Panama America/Pangnirtung America/Paramaribo America/Phoenix America/Port-au-Prince America/Port_of_Spain America/Porto_Acre America/Porto_Velho America/Puerto_Rico America/Punta_Arenas America/Rainy_River America/Rankin_Inlet America/Recife America/Regina America/Resolute America/Rio_Branco America/Rosario America/Santa_Isabel America/Santarem America/Santiago America/Santo_Domingo America/Sao_Paulo America/Scoresbysund America/Shiprock America/Sitka America/St_Barthelemy America/St_Johns America/St_Kitts America/St_Lucia America/St_Thomas America/St_Vincent America/Swift_Current America/Tegucigalpa America/Thule America/Thunder_Bay America/Tijuana America/Toronto America/Tortola America/Vancouver America/Virgin America/Whitehorse America/Winnipeg America/Yakutat America/Yellowknife Antarctica/Casey Antarctica/Davis Antarctica/DumontDUrville Antarctica/Macquarie Antarctica/Mawson Antarctica/McMurdo Antarctica/Palmer Antarctica/Rothera Antarctica/South_Pole Antarctica/Syowa Antarctica/Troll Antarctica/Vostok Arctic/Longyearbyen Asia/Aden Asia/Almaty Asia/Amman Asia/Anadyr Asia/Aqtau Asia/Aqtobe Asia/Ashgabat Asia/Ashkhabad Asia/Atyrau Asia/Baghdad Asia/Bahrain Asia/Baku Asia/Bangkok Asia/Barnaul Asia/Beirut Asia/Bishkek Asia/Brunei Asia/Calcutta Asia/Chita Asia/Choibalsan Asia/Chongqing Asia/Chungking Asia/Colombo Asia/Dacca Asia/Damascus Asia/Dhaka Asia/Dili Asia/Dubai Asia/Dushanbe Asia/Famagusta Asia/Gaza Asia/Harbin Asia/Hebron Asia/Ho_Chi_Minh Asia/Hong_Kong Asia/Hovd Asia/Irkutsk Asia/Istanbul Asia/Jakarta Asia/Jayapura Asia/Jerusalem Asia/Kabul Asia/Kamchatka Asia/Karachi Asia/Kashgar Asia/Kathmandu Asia/Katmandu Asia/Khandyga Asia/Kolkata Asia/Krasnoyarsk Asia/Kuala_Lumpur Asia/Kuching Asia/Kuwait Asia/Macao Asia/Macau Asia/Magadan Asia/Makassar Asia/Manila Asia/Muscat Asia/Nicosia Asia/Novokuznetsk Asia/Novosibirsk Asia/Omsk Asia/Oral Asia/Phnom_Penh Asia/Pontianak Asia/Pyongyang Asia/Qatar Asia/Qostanay Asia/Qyzylorda Asia/Rangoon Asia/Riyadh Asia/Saigon Asia/Sakhalin Asia/Samarkand Asia/Seoul Asia/Shanghai Asia/Singapore Asia/Srednekolymsk Asia/Taipei Asia/Tashkent Asia/Tbilisi Asia/Tehran Asia/Tel_Aviv Asia/Thimbu Asia/Thimphu Asia/Tokyo Asia/Tomsk Asia/Ujung_Pandang Asia/Ulaanbaatar Asia/Ulan_Bator Asia/Urumqi Asia/Ust-Nera Asia/Vientiane Asia/Vladivostok Asia/Yakutsk Asia/Yangon Asia/Yekaterinburg Asia/Yerevan Atlantic/Azores Atlantic/Bermuda Atlantic/Canary Atlantic/Cape_Verde Atlantic/Faeroe Atlantic/Faroe Atlantic/Jan_Mayen Atlantic/Madeira Atlantic/Reykjavik Atlantic/South_Georgia Atlantic/St_Helena Atlantic/Stanley Australia/ACT Australia/Adelaide Australia/Brisbane Australia/Broken_Hill Australia/Canberra Australia/Currie Australia/Darwin Australia/Eucla Australia/Hobart Australia/LHI Australia/Lindeman Australia/Lord_Howe Australia/Melbourne Australia/NSW Australia/North Australia/Perth Australia/Queensland Australia/South Australia/Sydney Australia/Tasmania Australia/Victoria Australia/West Australia/Yancowinna Brazil/Acre Brazil/DeNoronha Brazil/East Brazil/West Canada/Atlantic Canada/Central Canada/Eastern Canada/Mountain Canada/Newfoundland Canada/Pacific Canada/Saskatchewan Canada/Yukon Chile/Continental Chile/EasterIsland Etc/GMT Etc/GMT+0 Etc/GMT+1 Etc/GMT+10 Etc/GMT+11 Etc/GMT+12 Etc/GMT+2 Etc/GMT+3 Etc/GMT+4 Etc/GMT+5 Etc/GMT+6 Etc/GMT+7 Etc/GMT+8 Etc/GMT+9 Etc/GMT-0 Etc/GMT-1 Etc/GMT-10 Etc/GMT-11 Etc/GMT-12 Etc/GMT-13 Etc/GMT-14 Etc/GMT-2 Etc/GMT-3 Etc/GMT-4 Etc/GMT-5 Etc/GMT-6 Etc/GMT-7 Etc/GMT-8 Etc/GMT-9 Etc/GMT0 Etc/Greenwich Etc/UCT Etc/UTC Etc/Universal Etc/Zulu Europe/Amsterdam Europe/Andorra Europe/Astrakhan Europe/Athens Europe/Belfast Europe/Belgrade Europe/Berlin Europe/Bratislava Europe/Brussels Europe/Bucharest Europe/Budapest Europe/Busingen Europe/Chisinau Europe/Copenhagen Europe/Dublin Europe/Gibraltar Europe/Guernsey Europe/Helsinki Europe/Isle_of_Man Europe/Istanbul Europe/Jersey Europe/Kaliningrad Europe/Kiev Europe/Kirov Europe/Lisbon Europe/Ljubljana Europe/London Europe/Luxembourg Europe/Madrid Europe/Malta Europe/Mariehamn Europe/Minsk Europe/Monaco Europe/Moscow Europe/Nicosia Europe/Oslo Europe/Paris Europe/Podgorica Europe/Prague Europe/Riga Europe/Rome Europe/Samara Europe/San_Marino Europe/Sarajevo Europe/Saratov Europe/Simferopol Europe/Skopje Europe/Sofia Europe/Stockholm Europe/Tallinn Europe/Tirane Europe/Tiraspol Europe/Ulyanovsk Europe/Uzhgorod Europe/Vaduz Europe/Vatican Europe/Vienna Europe/Vilnius Europe/Volgograd Europe/Warsaw Europe/Zagreb Europe/Zaporozhye Europe/Zurich Indian/Antananarivo Indian/Chagos Indian/Christmas Indian/Cocos Indian/Comoro Indian/Kerguelen Indian/Mahe Indian/Maldives Indian/Mauritius Indian/Mayotte Indian/Reunion Mexico/BajaNorte Mexico/BajaSur Mexico/General Pacific/Apia Pacific/Auckland Pacific/Bougainville Pacific/Chatham Pacific/Chuuk Pacific/Easter Pacific/Efate Pacific/Enderbury Pacific/Fakaofo Pacific/Fiji Pacific/Funafuti Pacific/Galapagos Pacific/Gambier Pacific/Guadalcanal Pacific/Guam Pacific/Honolulu Pacific/Johnston Pacific/Kiritimati Pacific/Kosrae Pacific/Kwajalein Pacific/Majuro Pacific/Marquesas Pacific/Midway Pacific/Nauru Pacific/Niue Pacific/Norfolk Pacific/Noumea Pacific/Pago_Pago Pacific/Palau Pacific/Pitcairn Pacific/Pohnpei Pacific/Ponape Pacific/Port_Moresby Pacific/Rarotonga Pacific/Saipan Pacific/Samoa Pacific/Tahiti Pacific/Tarawa Pacific/Tongatapu Pacific/Truk Pacific/Wake Pacific/Wallis Pacific/Yap SystemV/AST4 SystemV/AST4ADT SystemV/CST6 SystemV/CST6CDT SystemV/EST5 SystemV/EST5EDT SystemV/HST10 SystemV/MST7 SystemV/MST7MDT SystemV/PST8 SystemV/PST8PDT SystemV/YST9 SystemV/YST9YDT US/Alaska US/Aleutian US/Arizona US/Central US/East-Indiana US/Eastern US/Hawaii US/Indiana-Starke US/Michigan US/Mountain US/Pacific US/Pacific-New US/Samoa |
timezone {US/Eastern | US/Central | US/ Mountain |
Show the current timezone; example: set timezone US/Pacific TIP: set timezone <tab> shows options. |
uptime |
Show how long the system has been running. |
uuid |
Show the system UUID (universally unique ID). |
version |
Show Juniper ATP Appliance software and content security versions: |
Example |
The following example displays information about the CoreCM server device type: CoreCM(server)# show devicetype Device type: cm, core The following example requests data about the alternate-exhaust interface (eth2): CoreCM(server)# show interface alternate-exhaust The following example shows details about the Collector’s monitoring interface (eth1): CoreCM(server)# show interface monitoring Interface: monitoring (eth1) Enabled: Yes Link: Yes IP Address: unknown Mask: unknown MTU: 1500 MAC Address: 90:d6:1f:22:70:g6 Speed: 1000Mb/s Duplex: Full Auto-negotiation: Yes Medium: Copper RX packets: 1869032424 Bytes: 1716560257902 Errors: 0 Overruns: 0 TX packets: 409287 Bytes: 44607401 Errors: 0 Overruns: 0 Traffic rate for the last 5 seconds/1 minute/5 minutes RX bits/sec: 108616/160176/442736 RX packets/sec: 44/46/91 TX bits/sec: 0/112/128 TX packets/sec: 0/0/0 |
shutdown
Description |
Shuts down the Juniper ATP Appliance server. |
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
Mode(s) |
Server |
Syntax |
shutdown |
Parameters |
None |
Example |
The following example performs a shutdown of the current device. JATP# shutdown |
traceroute
Description |
Displays the route packets trace to a host name or an IP address. |
||||
Product(s) CLI |
All-in-One | Collector | Core CM | Mac Mini OS X Detection Engine |
||||
Mode(s) |
Server |
||||
Syntax |
traceroute |
||||
Parameters |
|
||||
Example |
The following example performs a traceroute of the named device. JATP# traceroute -h 2 MacMininOSX-Engine |
upgrade
Description |
Upgrade Juniper ATP Appliance software for the Core/CM device or vCore, and all connected physical or virtual devices. |
||
Product(s) CLI |
All-in-One | Core CM |
||
Mode(s) |
cm |
||
Syntax |
upgrade <URI as user@hostname:path> |
||
Parameters |
|
||
Example |
The following example copies Juniper ATP Appliance software to the Core from a remote location defined by the path provided. CoreCM(cm)# upgrade admin@remoteHost.edu:some/remote/ directory |
updateimage
Description |
Update or correct the guest-image OS profile used by the detection and analysis behavioral engine. The updateimage command will update the guest images from a USB drive attached to the Juniper ATP Appliance. |
||
Product(s) CLI |
All-in-One | Core-CM | Mac Mini OS X Detection Engine |
||
Mode(s) |
Core |
||
Syntax |
updateimage |
||
Parameters |
|
||
Example |
The following example performs a built-in profile update for the Core detection engine. JATP (core)# updateimage built-in Installing image SC-XP-20140617.img... Previous version of SC-XP-20140617.img exists. Checking integrity... Image SC-XP-20140617.img is already installed Installing image SC-W7-20140521.img... Previous version of SC-W7-20140521.img exists. Checking integrity... Image SC-W7-20140521.img is already installed |
wizard
Description |
Enters the Configuration Wizard. For Configuration Wizard commands and response, see “Configuration Wizard for the CoreCM Server” in the next section to follow command prompts and recommended responses. |
Product(s) CLI |
All-in-One | Core/CM | Collector | Mac Mini Mac OS X |
Mode(s) |
Basic |
Parameters |
wizard |
Example |
None |
The following command starts the configuration wizard. hostname # wizard |
Configuration Wizard for the CoreCM Server
Enter CTRL-C to exit the Configuration Wizard at any time. If you exit without completing the configuration, you will be prompted again whether to run the Configuration Wizard.
You may also rerun the Configuration Wizard at any time with the CLI command wizard.
Configuration Wizard Prompts |
Customer Response Actions |
Use DHCP to obtain the IP address and DNS server address for the administrative interface (Yes/No)? Note:
Only if your DHCP response is no,enter the following information when prompted:
Restart the administrative interface (Yes/No) |
We strongly discourage the use of DHCP addressing because it changes dynamically. A static IP address is preferred. Recommended: Respond with
Enter |
Enter a valid hostname. |
Type a hostname when prompted; do not include the domain; for example: juniperatp1 Note:
Only alphanumeric characters and hyphens (in the middle of the hostname) are allowed. |
[OPTIONAL] If the system detects a Secondary Core with an eth3 port, then the alternate CnC exhaust option is displayed: Use alternate-exhaust for the analysis engine exhaust traffic (Yes/No)? Enter IP address for the alternate-exhaust (eth2) interface: Enter netmask for the alternate-exhaust (eth2) interface: (example: 255.255.0.0) Enter gateway IP Address for the alternateexhaust (eth2) interface: (example:10.6.0.1) Enter primary DNS server IP Address for the alternate-exhaust (eth2) interface: (example: 8.8.8.8) Do you have a secondary DNS server for the alternate-exhaust (eth2) interface? Do you want to enter the search domains for the alternate-exhaust (eth2) interface? Note:
A complete network interface restart can take more than 60 seconds |
Refer to “Configuring an Alternate Analysis Engine Interface” in the Juniper ATP Appliance Operator’s Guide for more information. Enter yes to configure an alternate eth2 interface. Enter the IP address for the eth2 interface. Enter the eth2 netmask. Enter the gateway IP address. Enter the primary DNS server IP Address for the alternate-exhaust (eth2) interface. Enter yes or no to confirm or deny an eth2 secondary DNS server. Enter yes or no to indicate whether you want to enter search domain. |
Regenerate the SSL self-signed certificate (Yes/No)? |
Enter yes to create a new SSL certificate for the Juniper ATP Appliance Server Web UI. If you decline the self-signed certificate by entering no, be prepared to install a certificate authority (CA) certificate. |
Enter the following server attributes: Central Manager (CM) IP Address: Device Name: (must be unique) Device Name: (must be unique) Device Key PassPhrase Note:
Remember this passphrase and use it for all distributed devices. |
Is this a Central Manager device?: Enter Yes; the system will auto-set IP 127.0.0.1 as the All-in-One IP address. Enter a connected Juniper ATP Appliance Collector Device Name; this identifies the Collector in the Web UI. Enter a device Description Enter a user-defined PassPhrase to be used to authenticate the Core to the Central Manager. |