1 2 Previous Next 15 Replies Latest reply: May 28, 2014 12:06 AM by andyclements RSS

    Commands used in Email Gateway 7.0


      Dear All,


      I dont know whether it is a right place and right question to ask it here in the community, but it will be highly apprecaited if anybody help me through out and guide me for below requirement.


      I need your help to find the basic and important commands used in email gateway for doing some troubleshooting through command line.


      I wil be very thankful to all of you for providing me the list of Commands which is good for email gateway troubleshooting and doing other important tasks.






      Message was edited by: shahj.c on 1/22/14 12:44:59 AM CST
        • 1. Re: Commands used in Email Gateway 7.0

          As a general rule, there really aren't many good commands the admin can use to do much troubleshooting from the command line.  Since most admins don't have root access, there are many commands which either simply cannot be run, or can be, but will have limited effectiveness.  The GUI should be used for most troubleshooting.  That said, standard linux troubleshooting tools can be used on the CLI, although keep in mind that the admin user doesn't have root access.

          • 2. Re: Commands used in Email Gateway 7.0

            The GUI is designed to do it all, which drives command line preferrers like me nuts.  As eplossl indicated, most customers dont' have root on the box and the admin shell is rather limited.   For whatever reason the ethos of this product is that administrators can't be trusted with the box they're administering.  Web Gateway in stark contrast is the usual "okay, you're an adult,  have thee root access, but be advised... it's ROOT ACCESS, don't screw things up, okay?"  MEG's ethos is "root access to be used only with adult supervision of McAfee Support."       At least it's somewhat better than the IronMail days when you had to expose an ssh port to the internet to allow them to initiate the connection inbound to admin the box.    I digress.


            That said, in an admin shell

            top   is useful  to keep an eye on swap use, memory and cpu when the goin gets rough.   But that's about it.   And even that can be found in teh GUI under troubleshooting> tools> system load.


            The troubleshooting tab of the GUI especially the messages and mail log search (troubleshooting > reports> save log files> system log viewer) functionality is crucial.

            • 3. Re: Commands used in Email Gateway 7.0

              Dear eplossl and Regis!!


              Thanks for your valuable time. You bith are right, but if a person is working and having full access of the devices. and sometime the issue is not that much critical and you  just want to check the logs of some emails and it cannot be shown in the GUI .. so you need to login through SSH and you need some basic commands. I think it should be good that admin have some knowledge of commands and will help him to grow his skills through command line also like GUI.

              • 4. Re: Commands used in Email Gateway 7.0

                Jehanzeb,  do you have access to the root ssh account on your device  (e.g. su -  after logging in as admin)?     Or do you only have access to the admin account?


                I agree access to all of those log files is what a conscientious administrator can benefit from quickly, however, if you don't have root access what we're saying is that you can't even see any of the useful log files as just the admin account.  

                • 5. Re: Commands used in Email Gateway 7.0

                  Regis, Thanks for your reply. Yes dear i have full access to my Devices. thats why am requesting for the same.

                  • 6. Re: Commands used in Email Gateway 7.0

                    Dear?   Easy there, big fella--I'm taken! 


                    Most customer's don't have root on their device.  Now that you've finally clarified that, though and it also seems that the regular ole admin shell account can also see more of /var/log  than I remember them being able to see when I started using meg  ( *slow clap* ) ....


                    ...and at the risk of taunting the MEG gods (as the past 2 weeks has been mercifully smooth),


                    I'll share some keys from past issues (for which you've hopefully deployed the latest patches to address).  


                    unset TMOUT     # logout timeouts are rather short

                    fgrep segv /var/log/messages   # crashes make Regis sad

                    zfgrep segv /var/log/messages.*.gz   # something crashed that shouldn't

                    fgrep IPMI /var/log/messages   #  There's a new BIOS out if you see errors involving these  #THANKSINTEL

                    fgrep 'Out of memory'  /var/log/messages   # should something cause a run on memory


                    • 7. Re: Commands used in Email Gateway 7.0

                      I have the full list of commands but all is for 6.7.x .. but when i am checking it on 7.x. Its fail to do anything


                      Anyhow thanks .

                      • 8. Re: Commands used in Email Gateway 7.0

                        I never used 6.7.x  but MEG 7.x is based on McAfee Linux.   I'm not sure which distribution McAfee Linux most resembles, but knowing LInux will make you feel rather at home with MEG.  If you could post some of the commands you're used to using and wondering what equivalent ones are, perhaps that could start yielding some answers to your questions.

                        • 9. Re: Commands used in Email Gateway 7.0

                          Alright, I think maybe I can help here.


                          MEG 7.x is built on McAfee Linux OS.  It is a custom variant of the Redhat family of OSes.  I am not sure which Redhat variant it most closely resembles, but I know that it's in that family.  MEG 6.7.2 and below were built on (as I recall) OpenBSD or FreeBSD.  I know it was one of the variants of BSD.  That said, admin access was very tightly controlled.  The interface admins could access was a strictly controlled thing, and didn't allow access to, really, any of the filesystem.  There was a specific set of commands which could be used to look at specific things, but there was no real filesystem access.


                          In MEG 7.0, the admin has access to the actual filesystem on the appliance.  I know that there are a number of commands which cannot be run except as root (tccpdump, for instance), but most greps in the logs should be possible.  Assuming that you do, in fact, have root access, it would even be possible to edit the configuration on the back end.  That said, we strongly recommend that you not do that as editing the raw configuration files without knowing precisely what you are doing can result in system instability or unexpected operation.


                          The grep commands Regis gave would be useful.  I have to admit I am not sure what zfgrep does that zgrep or simply grep do not, but that's ok.  Some suggested commands I would use to look at things...



                          zgrep <search_string> /var/log/messages*  # This command will search for the search string specified (note that it should not be enclosed in brackets) in the messages log

                          zgrep <search_string> /var/log/mail*            # This command will search for the search string specified in the mail log.


                          The messages log contains system data relating to the processes running and the general operation of the appliance.  The mail log contains (if syslog on the appliance is enabled and off-box syslog is not) information about message status.  Depending on the appliance log level and what you have going to the syslog, this data may be very little or it may be a glut of data.  Note, however that it is a bad idea to turn the log level up to the highest level for any extended period of time as that can cause issues due to filesystem usage.


                          top   #This command will allow the admin to see the top processes running on the appliance.  It also allows seeing the load on the box as well as memory status

                          df -h    #This command will allow the admin to see the free disk space on the device, listed in a concise format


                          If there is a specific thing you would like to be able to do, please let us know and we will see if we can assist with finding a way you can look up that information.  Otherwise, I again recommend that the best place to find most of the data you want is via the GUI, as we explicitly designed the appliance to be accessed via the GUI for all administration tasks.




                          Erik Plossl

                          Support Engineering Operations Engineer



                          Message was edited by: eplossl on 1/29/14 6:25:05 AM CST
                          1 2 Previous Next