NXLog Agent Minder command line interface

The command line interface is currently a shell script based prototype. Its functionality is expected to change. It will eventually be replaced.

cli.sh dependencies

It relies on the presence of the following command line tools:

  • curl

  • jq

  • sed

  • grep

  • cat

  • edit

The edit command will start the editor specified in your $EDITOR variable.

The script uses the public API’s provided by the product.

Using the command line interface

cli.sh invocation takes the following general format

cli.sh command [target] [parameters]

Please refer to the built-in help for details:

> cli.sh help

Usage cli.sh [minder-url] command [target] [parameters]

 minder-url is the optional API URL of minder. Defaults to https://127.0.0.1:8080

 command is one of
   info target
     print serverinfo JSON for target
   state target
      print operational state for target
   agentstats
      print agent status grid
   edit-agent agent-id
      loads config from agent, edits it locally,
      pushes it back, then restarts agent
   edit-collector agent-id
      loads collector.conf from agent, edits it locally,
      pushes it back, then restarts agent
   restart target
      restart agents
   start target
      start agents
   stop target
      stop agents
   persist_id target
      persist id and signature on agents
   list [filter]
      print a list of agent ids for filter
   count [filter]
      print the number of agents matching filter
   getlog target
      pull and print log. The third argument can optionally provide the number of bytes to read
   getconf target
      pull and print config from target. In case of an agent name the literal contents of the file are returned.
      When a filter is used a JSON structure is returner
   enroll target agent_manager_address
      deploy key/cert and connection configuration to agents. Only connect mode agents supported.
   getfile target ACL file-name
      get and print file contents from target
   putfile target ACL file-name
      put file on the agent's specified ACL
   putconfig filter file-name
      put the file on the specifed agents as the config file
   checkconfig agent-id file-name
      get and compare the agent's config file to the local file
   issues
      print all non-OK agents' status

 target is a
   filter or
   agent id

 filter works as follows:
   keyword=search_expression for exact matching (FASTEST)
   keyword=regex_expression for regex matching (SLOWEST)
   keyword~=search_expression for substring matching

 keyword can be the following
   name
   ip
   os
   version
   net
   module
   state
   route (currently unsupported)