I want to know what kind of commands I can run on CLI, and not just commands but a a way to run scripts to output debug status of particular service?.
Is there a way to find number of eps consumed from CLI, or a way to tell noisy or poor rules performance ? thanks
Hi,
Please check the dssummary command:
McAfee KnowledgeBase - How to use dssummary with 9.3.x SIEM devices
Regards
MK
Here are some useful commands you can run from the CLI, you can port them to a text/log file if you want to.
Not showing the dsstatus / dssummary as that was already mentioned on a previous reply.
For Receivers, ACE, APM, DSM, ELM
ps -ejH
ps -auxf
MegaCli64 -CfgDsply –aALL
MegaCli64 -pdlist -a0 | grep 'Firmware s'
sar -d 1 10
tac /var/log/messages* | grep -i 'starting ERC'
Older ELM's
tw_cli show
tw_cli /c2 show
For the ESM
Device Status > from the UI
MegaCli64 -pdlist -a0 | grep 'Firmware s'
MegaCli64 -pdlist -a0 | grep 'Enclosure Device ID:'
MegaCli64 -pdlist -a0 | grep 'Slot'
For an attached DAS
MegaCli64 -pdlist -a1 | grep 'Firmware s'
MegaCli64 -pdlist -a1 | grep 'Enclosure Device ID:'
MegaCli64 -pdlist -a1 | grep 'Slot'
NitroTID
2
/usr/local/ess/data/ngcp.dfl
Alert
Y
127.0.0.1
1110 (1111 if 9.4.x or older)
2,4
Y
/tmp/FILENAME.txt
How to check your Upgrade History and Patch Level
cat /etc/upgrade.history
cat /etc/NitroGuard/.patchinfo
I would add System Properties | ESM Management | Maintenance | View Statistics
Hi
can tell me how to understand the reasons why the emails are deferred status in McAfee ESM or where to find information...why are deferred where i can find log? which are queued andare which deliveRed?
Thanx
Luca
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA