CLI Commands

This section is a command reference for all CLI commands.

account create

Creates a CLI admin account.

Usage

account create [OPTIONS] USERNAME

Options

--help

Displays the help text for this command.

Arguments

USERNAME

The user for which you want to make a CLI admin account.

Examples

*** list users ***

Pulse One > account list

users:

- admin

- young

 

*** add new account ***

Pulse One > account create example

Password:

Confirm Password:

Created user example

 

*** confirm addition ***

Pulse One > account list

users:

- admin

- young

- example

account delete

Deletes the CLI admin account.

Usage

account delete [OPTIONS] USERNAME

Options

--help

Displays the help text for this command.

Arguments

USERNAME

The CLI admin account that you want to delete.

Examples

*** list users ***

Pulse One > account list

- users:

- admin

- test

- example

 

*** delete account ***

Pulse One > account delete example

Type DELETE to confirm: DELETE

User 'example' deleted.

 

*** confirm deletion ***

Pulse One > account list

users:

- admin

- test

account list

Lists all existing admin CLI accounts.

Usage

account list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** list cli admin users ***

Pulse One > account list

users:

- admin

- test

- example

account password change

Changes the password for a CLI admin account.

Usage

account password change [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > account password change

Current password:

Password:

Confirm Password:

 

You can connect to SSH at xx.xx.xx.xx:pp

Press <ENTER> to log in to Pulse One

Login below:

Username: admin

Password:

Logged in as admin

Last login at 2018-06-06T09:45:04Z via console

Pulse One >

account password reset

Resets the password (assigns a temporary password) for a CLI admin account.

Usage

account password reset [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** list current cli admin users ***

Pulse One > account list

users:

- admin

- young

- example

*** change password for “example” cli admin user ***

Pulse One > account password reset

Enter the user whose password needs to be reset: example

Type RESET to confirm: RESET

Temporary password for user 'example'

N3yXa6Jb

cluster add

This command should only be performed on the Active node of a proposed Pulse One cluster. The command generates a cluster join token, and then outputs the command that must be run on the Passive node so that it forms a cluster with the Active node.

- The Active node requires a configured internal interface.
- The cluster join token is valid until the token is regenerated by issuing another cluster add command.

Usage

cluster add [OPTIONS] ADDRESS

Options

--help

Displays the help text for this command.

Arguments

ADDRESS

The IPv4 address of the proposed Passive node for the cluster.

Examples

*** log into Active node xx.xx.xx.xx to add Passive node yy.yy.yy.yy ***

Pulse One > cluster add yy.yy.yy.yy

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

(interface messages)

* Starting networking ...

(interface messages)

* Starting chronyd ...

* Starting NFS sm-notify ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

* Stopping racoon ... [ ok ]

* Flushing policy entries ... [ ok ]

* Loading ipsec policies from /etc/ipsec.conf.

* Starting racoon ... [ ok ]

 

To cluster yy.yy.yy.yy as a passive Pulse One appliance with this active appliance, configure networking on the passive appliance and run the following command on it:

cluster join xx.xx.xx.xx 70yqww0k

In this example, the cluster join token is “70yqww0k”.

cluster config

Configures automatic failover for a two-node Active/Passive Pulse One cluster.

Usage

cluster config [OPTIONS]

Options

--help

Displays the help text for this command.

-f, --auto-failover INTEGER

Configures the auto failover timeout (in minutes).

When this is set to 0, automatic failover is disabled. This is the default setting.

Arguments

None.

Examples

Pulse One > cluster config -f 2

auto_failover: true

auto_failover_timeout: 2 minutes

cluster demote

Demotes the current node to standalone.

This is required to perform a manual failover, or to de-cluster an Active/Passive pair of nodes.

- When de-clustering Active/Passive nodes, you must demote the Passive node before the Active node.
- This command resets the internal interface of the node.

Usage

cluster demote [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** these examples show declustering of an Active/Passive pair ***

*** log into Passive node yy.yy.yy.yy, then check synchronisation ***

Pulse One > cluster status

auto_failover: false

cluster:

active_node: xx.xx.xx.xx

nodes:

- xx.xx.xx.xx

- yy.yy.yy.yy

node:

id: 02f42ceae73c48afbff7e601020644aa

ip: yy.yy.yy.yy

mode: passive

systems:

null: null

data-store:

details:

- Waiting for master to send event

- 0 seconds behind master

errors: null

status: In Sync

 

file-store:

details:

- file-store instance on yy.yy.yy.yy:27017 is currently SECONDARY

- file-store instance on xx.xx.xx.xx:27017 is currently PRIMARY

errors: null

status: In Sync

index:

details:

- 'Reported status: green'

errors: null

status: In Sync

log-collector: null

log-indexer:

details:

- 'Reported status: green'

errors: null

status: In Sync

(secure channel messages)

status: Connected

services: null

 

*** demote Passive node yy.yy.yy.yy to standalone

Pulse One > cluster demote

Demoting node to standalone cluster node...

Stopping uno_file-store_1 ... done

Removing uno_file-store_1 ... done

Stopping uno_log-indexer_1 ... done

Removing uno_log-indexer_1 ... done

Stopping uno_index_1 ... done

Removing uno_index_1 ... done

Stopping uno_data-store_1 ... done

Removing uno_data-store_1 ... done

* Stopping racoon ... [ ok ]

* Flushing policy entries ... [ ok ]

* Loading ipsec policies from /etc/ipsec.conf.

* Starting racoon ... [ ok ]

Creating and starting 2 ... done

Creating and starting 3 ... done

Creating and starting 4 ... done

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

* eth1 ... [ ok ]

* lo ... [ ok ]

* eth4 ... [ !! ]

* eth0 ... [ !! ]

* Starting networking ...

* lo ... [ ok ]

* eth4 ... [ ok ]

* eth0 ... [ ok ]

 

* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

[ ok ]

node:

id: 02f42ceae73c48afbff7e601020644aa

ip: null

mode: standalone

 

*** log into Active node xx.xx.xx.xx, confirm status ***

Pulse One > cluster status

auto_failover: false

cluster:

active_node: null

nodes:

- xx.xx.xx.xx

- yy.yy.yy.yy

node:

id: 137a56c7928b48ddac404bf033928866

ip: xx.xx.xx.xx

mode: active

systems:

null: null

data-store: null

file-store:

details:

- file-store instance on xx.xx.xx.xx:27017 is currently PRIMARY

errors: null

status: In Sync

index:

details:

- Cluster split

errors:

- Not In Sync

status: Errors

log-collector: null

log-indexer:

details:

- Cluster split

errors:

- Not In Sync

status: Errors

(secure channel messages)

status: Connected

services: null

 

*** demote an Active node to standalone ***

Pulse One > cluster demote

Have you demoted the passive node? You should do these steps in order:

(1) demote the passive node to standalone

(2) wait for the demote command to finish

(3) demote the active node to standalone

Are you ready to proceed with step (3)? [y/N]: y

 

Demoting node to standalone cluster node...

Stopping uno_file-store_1 ... done

Removing uno_file-store_1 ... done

Stopping uno_log-indexer_1 ... done

Removing uno_log-indexer_1 ... done

Stopping uno_log-collector_1 ... done

Removing uno_log-collector_1 ... done

Stopping uno_index_1 ... done

Removing uno_index_1 ... done

Stopping uno_data-store_1 ... done

Removing uno_data-store_1 ... done

* Stopping racoon ... [ ok ]

* Flushing policy entries ... [ ok ]

* Loading ipsec policies from /etc/ipsec.conf.

* Starting racoon ... [ ok ]

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

* eth1 ... [ ok ]

* lo ... [ ok ]

* eth4 ... [ !! ]

* eth0 ... [ !! ]

* Starting networking ...

* lo ... [ ok ]

* eth4 ... [ ok ]

* eth0 ... [ ok ]

* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

[ ok ]

node:

id: 137a56c7928b48ddac404bf033928866

ip: null

mode: standalone

cluster join

Joins the current node to an existing Active node to form a two-node Active/Passive cluster.

The current node becomes the Passive node in the cluster.

The cluster join command requires a cluster join token. This token is generated by first running the cluster add command on the Active node, see cluster add.

- This command will destroy any local data and then sync all data from the Active node.
- This command does not require Docker images to have been loaded. Instead, Docker images are loaded as they are required.

Usage

cluster join [OPTIONS] ADDRESS TOKEN

Options

--help

Displays the help text for this command.

Arguments

ADDRESS

IPv4 address of the Active node for the cluster.

TOKEN

The cluster join token generated by the cluster add command, see cluster add.

Examples

*** previous “cluster add” generated cluster join token “70yqww0k” ***

 

*** log into Passive yy.yy.yy.yy and join to Active xx.xx.xx.xx ***

Pulse One > cluster join xx.xx.xx.xx 70yqww0k

WARNING: This will delete all Pulse One data, resetting the appliance to factory defaults. The data will not be recoverable.

Type "DESTROY" to continue: DESTROY

Resetting data...

Stopping uno_backend_4 ... done

Stopping uno_backend_2 ... done

.

. (services stop)

.

Stopping uno_log-indexer_1 ... done

Stopping uno_file-store_1 ... done

 

Removing uno_backend_4 ... done

Removing uno_backend_2 ... done

Removing uno_backend_3 ... done

.

. (Removal of files and directories)

.

Removing directory /data/log_indexer

Removing directory /data/mongodb

Removing directory /data/mysql

Destroyed.

Joining cluster 10.64.45.175 as a passive node...

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

* lo ... [ ok ]

* eth4 ... [ !! ]

* eth0 ... [ !! ]

* Starting networking ...

* lo ... [ ok ]

* eth4 ... [ ok ]

* eth1 ...ip: RTNETLINK answers: File exists

[ !! ]

* eth0 ... [ ok ]

* Starting NFS sm-notify ... * Starting chronyd ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

[ ok ]

* Stopping racoon ... [ ok ]

* Flushing policy entries ... [ ok ]

* Loading ipsec policies from /etc/ipsec.conf.

* Starting racoon ... [ ok ]

VPN connexion established

Synchronizing configuration from cluster. This may take a long time depending on the amount of active node data.

node:

id: 02f42ae73c48afbff7e601020644aa

ip: yy.yy.yy.yy

mode: passive

cluster promote

Promotes the current standalone node to Active and enables clustering.

Usage

cluster promote [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** promote standalone node xx.xx.xx.xx to Active ***

Pulse One > cluster promote

Promoting node to active cluster node...

Stopping uno_data-store_1 ... done

Removing uno_data-store_1 ... done

Stopping uno_index_1 ... done

Removing uno_index_1 ... done

Stopping uno_file-store_1 ... done

Removing uno_file-store_1 ... done

Stopping uno_log-indexer_1 ... done

Removing uno_log-indexer_1 ... done

Stopping uno_log-collector_1 ... done

Removing uno_log-collector_1 ... done

auto_failover: false

node:

id: 137a56c7928b48ddac404bf033928866

ip: xx.xx.xx.xx

mode: active

cluster status

Reports the clustering status of the current node.

Where the node is in a cluster (either as Active or Passive), the status of individual services (“systems”) are also displayed, including individual synchronization statuses.

Usage

cluster status [--watch]

Options

--help

Displays the help text for this command.

--watch

Watch status live

Arguments

None.

Examples

*** current node is a standalone node ***

Pulse One > cluster status

node:

id: 8acc362dab954ed5a9bb17a1608b4708

ip: null

mode: standalone

 

*** current node is an Active node in a clustered pair ***

*** active / passive nodes are shown as xx.xx.xx.xx / yy.yy.yy.yy ***

Pulse One > cluster status

auto_failover: false

cluster:

active_node: null

nodes:

- xx.xx.xx.xx

- yy.yy.yy.yy

node:

id: 2e3296806c58418769694d6668ba32ba

ip: xx.xx.xx.xx

mode: active

 

systems:

null: null

data-store: null

file-store:

details:

- file-store instance on xx.xx.xx.xx:27017 is currently PRIMARY

- file-store instance on yy.yy.yy.yy:27017 is currently SECONDARY

errors: null

status: In Sync

index:

details:

- 'Reported status: green'

errors: null

status: In Sync

log-collector: null

log-indexer:

details:

- 'Reported status: green'

errors: null

status: In Sync

secure-channel:

details:

- 'xx.xx.xx.xx yy.yy.yy.yy '

- "\tesp mode=transport spi=24624562(0x0177bdb2) reqid=0(0x00000000)"

- "\tE: aes-cbc 438bd137 9ba94ad3 213d01a6 1afe1cd0"

.

. (secure channel messages)

.

- "\tallocated: 297347\thard: 0\tsoft: 0"

- "\tsadb_seq=0 pid=7209 refcnt=0"

status: Disconnected

services: null

domain admins list

Displays a list of the admins for all domains, or a specified domain.

This command is deprecated. Please use p1 domain admins list.

domain list

Displays all provisioned domain names.

This command is deprecated. Please use p1 domain list.

domain-property list

Lists all of the domain properties.

This command is deprecated. Please use p1 domain property list.

domain-property reset

Resets all of the domain properties.

This command is deprecated. Please use p1 domain property reset.

domain-property set

Sets a domain property.

This command is deprecated. Please use p1 domain property set.

email-domain add

Adds an email domain.

This command is deprecated. Please use pws email-domain add.

email-domain delete

Deletes an email domain.

This command is deprecated. Please use pws email-domain delete.

email-domain list

Shows all the email domains.

This command is deprecated. Please use pws email-domain list.

help

Shows the top level of the help system.

Usage

help [OPTIONS] [COMMAND]

Options

--help

Displays the help text for this command.

Arguments

COMMAND

The CLI command for which you want to display the help text.

Examples

Pulse One > help

Usage: [OPTIONS] COMMAND [ARGS]...

Pulse One

Options

:

--help Show this message and exit.

Commands:

account Manage admin accounts

cluster Manage cluster

domain Manage domains.

domain-property Manage domain properties.

email-domain Manage email domains.

help Show command help

https Configure HTTPS SSL/TLS settings

licenses Manage licenses

log-aggregator Manage log-aggregator component settings.

logout Log out

network Configure network settings

ntp A command to configure and diagnose problems...

p1 Pulse One Group

pws Pulse Workspace Group

pws-config Manage Pulse Workspace configurations.

services Manage services

smtp Configure SMTP settings

system Manage system

https csr

Generates an HTTPS Certificate Signing Request (CSR).

This request must be sent to your certificate authority, which will return a signed certificate to you.

Usage

https csr [OPTIONS]

Options

--help

Displays the help text for this command.

--with-text

Present the CSR in a human-readable format. This is ignored if –pem-only is included.

--pem-only

Present the CSR in a PEM-encoded format.

Arguments

None.

Examples

*** Basic CSR ***

Pulse One > https csr

Please provide information for the certificate for mobile.example.com:

Country Name []: UK

State Or Province Name []: Cambridgeshire

Locality Name []: Cambridge

Organization Name []: Example Ltd

Organizational Unit Name []: Example Dept

The Certificate Signing Request follows. Please select the CSR, copy it, and give it to your Certificate Authority.

 

-----BEGIN CERTIFICATE REQUEST-----

MIICxDCCAawCAQAwfzELMAkGA1UEBhMCVUsxGjAYBgNVBAMMEW1vYmlsZS5wd3Nl

bmcuY29tMRIwEAYDVQQHDAlDYW1icmlkZ2UxEzARBgNVBAoMCkRlbW9uIEx0ZC4x

zpIbaOmMlZcCbAzrZxNwK74ksR16j8I3+d9qlcktmik8qTLyhBNheIl/9H+agLr5

.

. (certificate truncated)

.

y6Q1JXosi2v+QyFtKdvZEMM629jUGIc9fIqfl5bpPjehU4ZKnjRGQQulUyXFNMIz

MpQ0OsHbxKqJ0QXndJsNyRwZcJQs4yjwN3E7bZujQ+WCplI0y4GH3MQJdon6mEDD

VoQDiLQkVy1iXhXzEtPAdRy+hMUhbKLTVcxEyZLnckAK3UjjL3I1Adp8xRqi/6U2

Ob1VqDw1Ayx0Fljup0y0gGuDZuBuQhKGBxi0HXETeqA7ZLRqbklkvw==

-----END CERTIFICATE REQUEST-----

 

*** Using ‘with-text’ option ***

Pulse One > https csr --with-text

Please provide information for the certificate for mobile.example.com:

Country Name []: UK

State Or Province Name []: Cambridgeshire

Locality Name []: Cambridge

Organization Name []: Example Ltd

Organizational Unit Name []: Example Dept

The Certificate Signing Request follows. Please select the CSR, copy it, and give it to your Certificate Authority.

 

Certificate Request:

Data:

Version: 0 (0x0)

Subject: C=UK, CN=mobile.example.com, L=Cambridge, O=Example Ltd,

ST=Cambridgeshire, OU=Example Dept

Subject Public Key Info:

Public Key Algorithm: rsaEncryption

Public-Key: (2048 bit)

Modulus:

00:df:3f:b9:05:07:02:84:b9:23:2c:8a:66:1c:a0:

b2:76:b6:98:c3:40:c3:6b:c3:25:4f:fc:4a:8c:a6:

.

. (shortened)

.

6a:89:df:89:0c:e2:67:94:2d:2f:76:52:50:80:d4:

d9:ee:4d:5f:0d:ae:ef:74:9d:29:a0:6a:96:6c:f6:

aa:cb

Exponent: 65537 (0x10001)

Attributes:

a0:00

Signature Algorithm: sha256WithRSAEncryption

81:d9:7f:f3:e8:8f:4c:be:32:7b:cf:84:2a:4e:ba:93:d5:d9:

82:65:d4:22:ae:55:0f:b1:68:d0:39:b6:1e:45:d1:60:b1:32:

.

. (shortened)

.

94:b7:2d:16:bb:4e:5f:fd:88:b2:ae:45:87:9b:e6:f5:44:92:

e6:ee:fa:47:1e:21:fb:ba:85:2a:18:78:82:d8:43:e0:bf:86:

5f:87:0b:22

 

-----BEGIN CERTIFICATE REQUEST-----

MIICvjCCAaYCAQAweTELMAkGA1UEBhMCVUsxGjAYBgNVBAMMEW1vYmlsZS5wd3Nl

bmcuY29tMQ4wDAYDVQQHDAVMdXRvbjESMBAGA1UECgwJRGVtbyBMdGQuMRUwEwYD

VQQIDAxCZWRmb3Jkc2hpcmUxEzARBgNVBAsMCkRlbW8gRGVwdC4wggEiMA0GCSqG

.

. (certificate truncated)

.

dNzA92L736Jt9FhstPMQ9RXvx+s+QKInk5zajWnLrGtpz99rz7yO5MxjMwQ9zqkJ

mDeAlm+rMeM3VlWno66RVkDwCm6CQbDY/eYB0xHSXYwd0HPIfCFYNmhUlLctFrtO

X/2Isq5Fh5vm9USS5u76Rx4h+7qFKhh4gthD4L+GX4cLIg==

-----END CERTIFICATE REQUEST-----

 

*** Using ‘pem-only’ option ***

Pulse One > https csr --pem-only

Please provide information for the certificate for mobile.example.com:

Country Name []: UK

State Or Province Name []: Cambridgeshire

Locality Name []: Cambridge

Organization Name []: Example Ltd

Organizational Unit Name []: Example Dept

The Certificate Signing Request follows. Please select the CSR, copy it, and give it to your Certificate Authority.

 

-----BEGIN CERTIFICATE REQUEST-----

MIICwjCCAaoCAQAwfTELMAkGA1UEBhMCVUsxGjAYBgNVBAMMEW1vYmlsZS5wd3Nl

bmcuY29tMRIwEAYDVQQHDAlDYW1icmlkZ2UxETAPBgNVBAoMCERlbW8gTHRkMRcw

FQYDVQQIDA5DYW1icmlkZ2VzaGlyZTESMBAGA1UECwwJRGVtbyBEZXB0MIIBIjAN

.

. (certificate truncated)

.

tWDJoUNgV/4uIspC/+0s9eTGoLEgt5jgOQpEjuIGkx/5lt+3jYYgkBM+89KEps+X

rEsufRe9AEIrSZKTjBGW6qznuPxlqZhJrzcYZtcXAyvMPK1aaeEIAI9T2VTcgzV+

g5u8p31ylZap3GkuA0HIR0R10VItJTDoTr0a2d+Evf5rIRP5D9VGd0jejMP0poO6

XB2Gfn3HmcPNpwMkurbBsfTkwuk3xbzQfiIkwWtyMvfzfdwcl6U=

-----END CERTIFICATE REQUEST-----

 

https set ca-bundle

Sets the HTTPS certificate authority bundle.

After this command completes, a restart is required for new settings to go into effect.

Usage

https set ca-bundle [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > https set ca-bundle

Overwrite existing certificate authority bundle? [y/N]: y

Paste your HTTPS certificate chain in PEM format:

-----BEGIN CERTIFICATE-----

MIIDBTCCAe2gAwIBAgIRALPEq57d1knqntc9NgQvwYQwDQYJKoZIhvcNAQELBQAw

HDEaMBgGA1UEAwwRbW9iaWxlLnB3c2VuZy5jb20wHhcNMTgwNjE4MDA1MTA5WhcN

MTkwNjE5MDA1MTA5WjAcMRowGAYDVQQDDBFtb2JpbGUucHdzZW5nLmNvbTCCASIw

.

. (certificate truncated)

.

NtnFrOJrJxy4qO44RW8k78RmaT7uc1bDA8IiDeYo4aZdAQDwwJl7RN2UddZlkXaX

Qnj+a8+j3D9CbWtR/VLb6EMwtYgXXf6ClUfRCbZpaStCmyN4baRoGKsqL+u+yyfR

S1woFfAzqPiJ/dDLh5K4wy+b9aFR2RzX7b7dw7M/8nrvbGNkMUFJO9oBMm6IOl92

UosvaSJTAfc9

-----END CERTIFICATE-----

 

Saved certificate authority bundle.

https set cert

Sets the HTTPS certificate.

After this command completes, a restart is required for new settings to go into effect.

Usage

https set cert [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > https set cert

Overwrite existing certificate? [y/N]: y

Paste your HTTPS certificate in PEM format:

-----BEGIN CERTIFICATE-----

MIIDBTCCAe2gAwIBAgIRALPEq57d1knqntc9NgQvwYQwDQYJKoZIhvcNAQELBQAw

HDEaMBgGA1UEAwwRbW9iaWxlLnB3c2VuZy5jb20wHhcNMTgwNjE4MDA1MTA5WhcN

MTkwNjE5MDA1MTA5WjAcMRowGAYDVQQDDBFtb2JpbGUucHdzZW5nLmNvbTCCASIw

.

. (certificate truncated)

.

NtnFrOJrJxy4qO44RW8k78RmaT7uc1bDA8IiDeYo4aZdAQDwwJl7RN2UddZlkXaX

Qnj+a8+j3D9CbWtR/VLb6EMwtYgXXf6ClUfRCbZpaStCmyN4baRoGKsqL+u+yyfR

S1woFfAzqPiJ/dDLh5K4wy+b9aFR2RzX7b7dw7M/8nrvbGNkMUFJO9oBMm6IOl92

UosvaSJTAfc9

-----END CERTIFICATE-----

Saved certificate "mobile.example.com"

https set key

Sets the HTTPS certificate key.

- After this command completes, a restart is required for new settings to go into effect.
- Encrypted SSL private keys and keys containing passphrase are not supported.

Usage

https set key [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > https set key

Overwriting private key will invalidate and delete current certificate.

Overwrite existing key? [y/N]: y

Paste your HTTPS certificate key in PEM format:

-----BEGIN PRIVATE KEY-----MMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDfP7kFBwKEuSMs^MimYcoLJ2tpjDQMNrwyVP/EqMppY2HiVrBIjktyR9xLhHQNAsgwejDbr/QhN7eLVG^MNvMS/7g+Dg6lP95xM2dm4Zsrd8nTEI23vkYwIqb+Bbrd

.

. (key truncated)

.

FI+H0H5Zlc7gBAoGAZ/f9L5k6cYZzMXrEf4oN^MVKj1hmclbORGBLB1TOF8buaDuWW9SMQX9VJmzvM4jXb8wuLK+3ALQ8TKvZ2+nQyI^MgRLAoF8d0sZZh4v7IHPEHU3Lcd

ZcmuB9FXcmksGSXOQtDzO+SnpqqBOvSRAUj69e^Mcf36qVK9whM2cXlMuUz+p8Q=-----END PRIVATE KEY-----

Saved certificate key.

https show

Shows the content of one of the following:

•The certificate.

•The certificate authentication bundle.

•The key.

Usage

https show [OPTIONS] SETTING

Options

--help

Displays the help text for this command.

Arguments

SETTING

The specific element you want to see:

•cert: Select this to view the certificate.

•ca-bundle: Select this to view the certificate authentication bundle.

•key: Select this to view the key.

Examples

*** view the certificate ***

Pulse One > https show cert

-----BEGIN CERTIFICATE-----

MIIFKTCCBBGgAwIBAgIIT0qMdyB+X8kwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV

BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow

GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz

.

. (certificate truncated)

.

+vPfyqOq4jCKwuygbfx9dvTAkQ9F+b0kyYucT032s8khTY543E80Q+liUjN5uhKs

DiHpD++C5sN+qKZX+1LbgWY2FO8FRkNrdK/XsaomeJX/NuJHUL/MAdIcPJ4YSTHg

im62qyMSB892SLbGLtSoxuwF0OMTANvg/e4x/PrBJR5Uah6ujyVjWMbZmeqMKNHA

E8PDkWlTfT9d/F9P7TwZhbY28w+0WA0A3qDtOXM=

-----END CERTIFICATE-----

 

 

*** view the certificate authentication bundle ***

Pulse One > https show ca-bundle

-----BEGIN CERTIFICATE-----

MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx

EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT

EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp

.

. (certificate truncated)

.

RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi

DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11

GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x

LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT

MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv

IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx

.

. (certificate truncated)

.

9kIDN0zmiN/VryTyscPfzLXs4Jlet0lUIDyUGAzHHFIYSaRt4bNYC8nY7NmuHDKO

KHAN4v6mF56ED71XcLNa6R+ghlO773z/aQvgSMO3kwvIClTErF0UZzdsyqUvMQg3

qm5vjLyb4lddJIGvl5echK1srDdMZvNhkREg5L4wn3qkKQmw4TRfZHcYQFHfjDCm

rw==

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh

MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE

YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3

.

. (certificate truncated)

.

TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ

HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER

dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf

ReYNnyicsbkqWletNw+vHX/bvZ8=

-----END CERTIFICATE-----

 

*** view the key ***

Pulse One > https show key

PEM contents hidden for security. Verify with hashes below.

Updated: 2017-11-03T17:55:40Z

SHA256: 0171f7c2d1e300a9516f0f75ece2626fa1ad583b8c9509df96e3dca9f4357d2e

MD5: f26a01cfa3674c823daf2b5a748012ae

licenses add

Adds a license key to the system.

After this command completes, perform a services restart to put new settings into effect.

Usage

licenses add [OPTIONS] KEY

Options

--help

Displays the help text for this command.

Arguments

KEY

The license key.

Examples

*** list current licenses ***

Pulse One > licenses show

- created: '2018-06-15T16:34:45Z'

type: unity.workspaces.5000u

- created: '2018-06-18T00:50:07Z'

type: unity.appliances.configdist

 

*** add a log-aggregator license ***

Pulse One > licenses add P1-ALOG-st4QZLVQ-5p1csqLj

Added license P1-ALOG-st4QZLVQ-5p1csqLj

 

*** confirm addition of license ***

Pulse One > licenses show

- created: '2018-06-15T16:34:45Z'

type: unity.workspaces.5000u

- created: '2018-06-18T00:50:07Z'

type: unity.appliances.configdist

- created: '2018-06-21T13:28:57Z'

type: unity.appliances.log_aggregator

licenses show

Lists all installed licenses.

Usage

licenses show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > licenses show

- created: '2018-06-15T16:34:45Z'

type: unity.workspaces.5000u

- created: '2018-06-18T00:50:07Z'

type: unity.appliances.configdist

log-aggregator nfs

Sets the NFS parameters for the log-aggregator component.

This command is deprecated. Please use p1 log-aggregator nfs.

log-aggregator settings

Sets the data storage settings for the log-aggregator component.

This command is deprecated. Please use p1 log-aggregator settings.

log-aggregator show

Shows the details of data storage for the log-aggregator component.

This command is deprecated. Please use p1 log-aggregator show.

log-aggregator targets add

Adds a syslog target that will receive forwarded syslog messages.

This command is deprecated. Please use p1 log-aggregator targets add.

log-aggregator targets list

Shows a list of syslog targets.

This command is deprecated. Please use p1 log-aggregator targets list.

log-aggregator targets remove

Removes a syslog target.

This command is deprecated. Please use p1 log-aggregator targets remove.

logout

Logs out of Pulse One.

Usage

logout [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > logout

You can connect to SSH at xx.xx.xx.xx:pp

Press <ENTER> to log in to Pulse One

network arp

The Address Resolution Protocol (ARP) utility. This protocol maps an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network.

The network arp command shows mappings for a specified hostname/IP address in the local network.

Usage

network arp [OPTIONS] [HOST]

Options

--help

Displays the help text for this command.

Arguments

HOST

(Optional) A hostname/IP address in the local network. Where no host is specified, all recorded mappings are listed.

Examples

*** Specify a host ***

Pulse One > network arp main.lab.example.net

main.lab.example.net (xx.xx.xx.xx) at hh:hh:hh:hh:hh:hh [ether] on eth4

main.lab.example.net (yy.yy.yy.yy) at jj:jj:jj:jj:jj:jj [ether] on eth0

*** No host specified, all entries listed ***

Pulse One > network arp

host1.demo.example.com (xx.xx.xx.xx) at hh:hh:hh:hh:hh:hh [ether] on host

port1.demo.example.com (zz.zz.zz.zz) at kk:kk:kk:kk:kk:kk [ether] on eth0

port2.demo.example.com (vv.vv.vv.vv) at nn:nn:nn:nn:nn:nn [ether] on eth4

host2.demo.example.com (yy.yy.yy.yy) at jj:jj:jj:jj:jj:jj [ether] on host

port3.demo.example.com (vv.vv.vv.vv) at pp:pp:pp:pp:pp:pp [ether] on eth0

network dns

Configures DNS lookup servers.

After this command completes, a restart is required for new settings to go into effect.

Usage

network dns [OPTIONS]

Options

--help

Displays the help text for this command.

-p, --primary IP

Set primary DNS server address

-s, --secondary IP

Set secondary DNS server address

Arguments

None.

Examples

Pulse One > network dns -p xx.xx.xx.xx -s yy.yy.yy.yy

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ...

[ ok ]

* Stopping chronyd ...

[ ok ]

* Stopping networking ...

* eth4 ...

[ !! ]

* lo ...

[ ok ]

* eth0 ...

[ !! ]

* Starting networking ...

* lo ...

[ ok ]

* eth4 ...

[ ok ]

* eth0 ...

ip: RTNETLINK answers: Network unreachable

ip: RTNETLINK answers: Network unreachable

[ ok ]

primary: xx.xx.xx.xx

secondary: yy.yy.yy.yy

 

Pulse One > * Starting NFS sm-notify ...

* Starting chronyd ...

[ ok ]

* Mounting NFS filesystems ...

[ ok ]

[ ok ]

network hostname

Sets the hostname for an appliance node in a clustered pair. This will enable the Active appliance to be identified.

This command will force a restart of the appliance.

Usage

network hostname [OPTIONS] HOSTNAME

Options

--help

Displays the help text for this command.

Arguments

HOSTNAME

The required hostname.

Examples

Pulse One > network hostname appliance1

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

* eth1 ... [ !! ]

* lo ... [ ok ]

* eth4 ... [ !! ]

* eth0 ... [ !! ]

* Starting networking ...

* lo ... [ ok ]

* eth4 ... [ ok ]

* eth1 ... [ ok ]

* eth0 ... [ ok ]

* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

hostname: appliance1

network interface external

Configures the external network interface.

After this command completes, a restart is required for new settings to go into effect.

Usage

network interface external [OPTIONS]

Options

--help

Displays the help text for this command.

-i, --ip IP_ADDRESS

Set IP address.

-n, --netmask IP_ADDRESS

Set netmask.

-g, --gateway IP_ADDRESS

Set gateway IP address.

--dhcp / --no-dhcp

Enable/disable DHCP. This overrides all other settings if enabled.

Arguments

None.

Examples

Pulse One > network interface external -i xx.xx.xx.xx -n nn.nn.nn.nn

-g gg.gg.gg.gg --no-dhcp

external:

dhcp: false

enabled: true

ip_address: xx.xx.xx.xx

netmask: nn.nn.nn.nn

network interface internal

Configures the internal network interface. This is only required for clustered Pulse One nodes

After this command completes, a restart is required for new settings to go into effect.

Usage

network interface internal [OPTIONS]

Options

--help

Displays the help text for this command.

-i, --ip IP

Set IP address of the management network interface.

-n, --netmask IP

Set netmask for the management network interface.

-g, --gateway IP

Set gateway IP address.

Arguments

None.

Examples

Pulse One > network interface internal -i xx.xx.xx.xx -n nn.nn.nn.nn

-g yy.yy.yy.yy

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

(interface messages)

* Starting networking ...

* lo ... [ ok ]

* eth4 ... [ ok ]

* eth1 ... ip: RTNETLINK answers: File exists

[ !! ]

* eth0 ... [ ok ]

* Starting NFS sm-notify ... * Starting chronyd ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

[ ok ]

internal:

enabled: true

ip_address: xx.xx.xx.xx

netmask: 255.255.0.0

network interface management

Configures the management network interface.

After this command completes, a restart is required for new settings to go into effect.

Usage

network interface management [OPTIONS]

Options

--help

Displays the help text for this command.

-i, --ip IP

Set IP address of the management network interface.

-n, --netmask IP

Set netmask for the management network interface.

-g, --gateway IP

Set gateway IP address.

--dhcp / --no-dhcp

Enable/disable DHCP. This overrides all other settings if enabled.

Arguments

None.

Examples

Pulse One > network interface external -i xx.xx.xx.xx -n nn.nn.nn.nn

-g gg.gg.gg.gg

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ...

[ ok ]

* Stopping chronyd ...

[ ok ]

* Stopping networking ...

* eth4 ...

[ !! ]

* lo ...

[ ok ]

* eth0 ...

[ !! ]

* Starting networking ...

* lo ...

[ ok ]

* eth4 ...

 

[ ok ]

* eth0 ...

ip: RTNETLINK answers: Network unreachable

ip: RTNETLINK answers: Network unreachable

[ ok ]

external:

dhcp: false

enabled: true

ip_address: xx.xx.xx.xx

netmask: nn.nn.nn.nn

 

Pulse One > * Starting NFS sm-notify ...

* Starting chronyd ...

[ ok ]

* Mounting NFS filesystems ...

[ ok ]

[ ok ]

network ip route add

Adds a static route to the system settings.

Usage

network ip route add [NETWORK | OPTIONS] [via ADDRESS] dev INTERFACE

Options

--help

Displays the help text for this command.

Arguments

NETWORK

An IP address and optional CIDR formatted netmask. For example: 192.168.0.0/16

ADDRESS

(Optional) The IP address of the Next hop router (gateway).

INTERFACE

(Required) The interface to be used. That is, internal, external or management.

Examples

*** list defined static routes ***

Pulse One > network ip route show

routes:

- gateway: xx.xx.xx.xx

interface: management

network: yy.yy.yy.yy/nn

 

*** add a static route ***

Pulse One > network ip route add aa.aa.aa.aa/nn via bb.bb.bb.bb dev management

WARNING: This will restart the network and may log you out.

Changes to routing configuration may prevent you from logging back in.

Do you wish to add aa.aa.aa.aa/22 ? [y/N]: y

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

* eth4 ... [ !! ]

* lo ... [ ok ]

* eth0 ... [ !! ]

* Starting networking ...

* lo ... [ ok ]

* eth4 ... ip: RTNETLINK answers: Network unreachable

ip: RTNETLINK answers: Network unreachable

[ ok ]

* eth0 ... [ ok ]

* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

[ ok ]

gateway: bb.bb.bb.bb

interface: management

network: aa.aa.aa.aa/nn

 

*** confirm addition of static route, new route listed last ***

Pulse One > network ip route show

routes:

- gateway: xx.xx.xx.xx

interface: management

network: yy.yy.yy.yy/nn

- gateway: bb.bb.bb.bb

interface: management

network: aa.aa.aa.aa/nn

network ip route delete

Removes a static route from the system settings.

Usage

network ip route delete [OPTIONS] NETWORK

Options

--help

Displays the help text for this command.

Arguments

NETWORK

The IP address of a current static route.

Examples

*** list defined static routes ***

Pulse One > network ip route show

routes:

- gateway: xx.xx.xx.xx

interface: management

network: yy.yy.yy.yy/nn

- gateway: bb.bb.bb.bb

interface: management

network: aa.aa.aa.aa/nn

 

*** delete a static route ***

Pulse One > network ip route delete yy.yy.yy.yy/nn

WARNING: This will restart the network and may log you out.

Changes to routing configuration may prevent you from logging back in.

Do you wish to delete yy.yy.yy.yy/nn ? [y/N]: y

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

* eth4 ... [ !! ]

* lo ... [ ok ]

* eth0 ... [ !! ]

* Starting networking ...

* lo ... [ ok ]

* eth4 ... ip: RTNETLINK answers: Network unreachable

[ ok ]

* eth0 ... [ ok ]

* Starting NFS sm-notify ...

* Starting chronyd ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

[ ok ]

Deleted.

 

*** confirm deletion of static route ***

Pulse One > network ip route show

routes:

- gateway: xx.xx.xx.xx

interface: management

network: yy.yy.yy.yy/nn

network ip route show

Displays the current IP static routes table.

Usage

network ip route show

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** populated IP static routing table ***

Pulse One > network ip route show

routes:

- gateway: xx.xx.xx.xx

interface: management

network: yy.yy.yy.yy/nn

- gateway: bb.bb.bb.bb

interface: management

network: aa.aa.aa.aa/nn

 

*** empty IP static routing table ***

Pulse One > network ip route show

routes: []

network nslookup

A DNS lookup utility.

Usage

network nslookup [OPTIONS] HOST DNS_SERVER

Options

--help

Displays the help text for this command.

Arguments

HOST

The host you want to look up.

DNS_SERVER

The DNS server on which you want to search.

Examples

Pulse One > network nslookup xx.xx.xx.xx yy.yy.yy.yy

Server: yy.yy.yy.yy

Address 1: yy.yy.yy.yy exampledns01.example.com

Name: xx.xx.xx.xx

Address 1: xx.xx.xx.xx

network ping

A Ping utility. This will either send ten packets, or execute for ten seconds, whichever comes first.

Usage

network ping [OPTIONS] IP

Options

--help

Displays the help text for this command.

Arguments

IP

The IP address you want to ping.

Examples

Pulse One > network ping xx.xx.xx.xx

PING xx.xx.xx.xx (xx.xx.xx.xx): 56 data bytes

64 bytes from xx.xx.xx.xx: seq=0 ttl=252 time=6.325 ms

64 bytes from xx.xx.xx.xx: seq=1 ttl=252 time=4.076 ms

64 bytes from xx.xx.xx.xx: seq=2 ttl=252 time=4.040 ms

64 bytes from xx.xx.xx.xx: seq=3 ttl=252 time=3.946 ms

64 bytes from xx.xx.xx.xx: seq=4 ttl=252 time=4.261 ms

64 bytes from xx.xx.xx.xx: seq=5 ttl=252 time=3.908 ms

64 bytes from xx.xx.xx.xx: seq=6 ttl=252 time=4.108 ms

64 bytes from xx.xx.xx.xx: seq=7 ttl=252 time=3.808 ms

64 bytes from xx.xx.xx.xx: seq=8 ttl=252 time=3.733 ms

64 bytes from xx.xx.xx.xx: seq=9 ttl=252 time=3.735 ms

 

--- xx.xx.xx.xx ping statistics ---

10 packets transmitted, 10 packets received, 0% packet loss

round-trip min/avg/max = 3.733/4.194/6.325 ms

network show

Shows all network settings.

Usage

network show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** clustered node ***

Pulse One > network show

default_gateway:

interface: external

ip_address: xx.xx.xx.xx

external:

dhcp: false

enabled: true

ip_address: xx.xx.xx.xx

mac_address: hh:hh:hh:hh:hh:hh

netmask: 255.255.0.0

internal:

enabled: true

ip_address: xx.xx.xx.xx

mac_address: hh:hh:hh:hh:hh:hh

netmask: 255.255.0.0

internal_gateway:

interface: internal

ip_address: xx.xx.xx.xx

management:

dhcp: false

enabled: true

ip_address: xx.xx.xx.xx

mac_address: hh:hh:hh:hh:hh:hh

netmask: 255.255.0.0

management_gateway:

interface: management

ip_address: xx.xx.xx.xx

 

*** standalone node ***

default_gateway:

interface: external

ip_address: xx.xx.xx.xx

dns:

primary: dd.dd.dd.dd

secondary: dd.dd.dd.dd

external:

dhcp: false

enabled: true

ip_address: xx.xx.xx.xx

mac_address: hh:hh:hh:hh:hh:hh

netmask: 255.255.252.0

management:

dhcp: false

enabled: true

ip_address: xx.xx.xx.xx

mac_address: hh:hh:hh:hh:hh:hh

netmask: 255.255.252.0

management_gateway:

interface: management

ip_address: xx.xx.xx.xx

network traceroute

Runs the Traceroute utility for a specified IP address.

Usage

network traceroute [OPTIONS] IP

Options

--help

Displays the help text for this command.

Arguments

IP

The IP address you want to ping.

Examples

Pulse One > network traceroute xx.xx.xx.xx

traceroute to xx.xx.xx.xx (xx.xx.xx.xx), 30 hops max, 46 byte packets

1 * * *

2 yy.yy.yy.yy (yy.yy.yy.yy) 1.138 ms 1.284 ms 1.104 ms

3 zz.zz.zz.zz (zz.zz.zz.zz) 1.345 ms 1.453 ms 1.327 ms

4 aa.aa.aa.aa (aa.aa.aa.aa) 17.474 ms 3.895 ms *

ntp pool

Adds or updates the single NTP pool.

Usage

ntp pool [OPTIONS] LOCATION

Options

--help

Displays the help text for this command.

--enable / --disable

Enable or disable a pool of NTP servers.

Arguments

LOCATION

The NTP pool that you want to add to the NTP configuration.

Examples

*** show current (empty) NTP configuration ***

Pulse One > ntp show

pool: null

servers: []

 

*** add NTP pool ***

Pulse One > ntp pool pool.ntp.org

pool:

enabled: true

location: pool.ntp.org

servers: []

 

*** disable the new pool ***

Pulse One > ntp pool pool.ntp.org --disable

* Stopping chronyd ...

[ ok ]

* Starting chronyd ...

[ ok ]

ntp:

pool:

enabled: false

location: pool.ntp.org

servers: []

ntp remove

Removes a server or pool from the NTP configuration.

There must always be either a pool or a server configured.

Usage

ntp remove [OPTIONS] [ POOL | SERVER ] LOCATION

Options

--help

Displays the help text for this command.

Arguments

POOL

Specify a pool.

SERVER

 

Specify a server.

LOCATION

The identifier of the server/pool that you want to remove.

Examples

*** show current NTP configuration ***

Pulse One > ntp show

pool:

enabled: true

location: pool.ntp.org

servers:

- enabled: true

location: xx.xx.xx.xx

- enabled: true

location: yy.yy.yy.yy

 

*** remove NTP pool ***

Pulse One > ntp remove pool pool.ntp.org

* Stopping chronyd ...

[ ok ]

* Starting chronyd ...

[ ok ]

ntp:

pool: null

servers:

- enabled: true

location: xx.xx.xx.xx

- enabled: true

location: yy.yy.yy.yy

*** remove an NTP server ***

Pulse One > ntp remove server yy.yy.yy.yy

* Stopping chronyd ...

[ ok ]

* Starting chronyd ...

[ ok ]

ntp:

pool: null

servers:

- enabled: true

location: xx.xx.xx.xx

 

*** attempt to remove the final server ***

Pulse One > ntp remove server xx.xx.xx.xx

ERROR: An NTP pool or server must be configured.

ntp server

Adds or updates an NTP server.

Usage

ntp server [OPTIONS] LOCATION

Options

--help

Displays the help text for this command.

--enable / --disable

Enable or disable an NTP server.

Arguments

LOCATION

The NTP server that you want to add to the NTP configuration.

Examples

*** show current NTP configuration ***

Pulse One > ntp show

pool: null

servers:

- enabled: true

location: xx.xx.xx.xx

 

*** add second NTP server yy.yy.yy.yy ***

Pulse One > ntp server yy.yy.yy.yy

* Stopping chronyd ...

[ ok ]

* Starting chronyd ...

[ ok ]

ntp:

pool: null

servers:

- enabled: true

location: xx.xx.xx.xx

- enabled: true

location: yy.yy.yy.yy

 

 

Pulse One > ntp server xx.xx.xx.xx --disable

* Stopping chronyd ...

[ ok ]

* Starting chronyd ...

[ ok ]

ntp:

pool: null

servers:

- enabled: true

location: yy.yy.yy.yy

- enabled: false

location: xx.xx.xx.xx

ntp show

Shows all current NTP settings.

Enabled servers are listed before disabled servers.

Usage

ntp show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** single pool, no servers ***

Pulse One > ntp show

pool:

enabled: true

location: pool.ntp.org

servers: []

 

*** pair of servers, no pool ***

Pulse One > ntp show

pool: null

servers:

- enabled: true

location: yy.yy.yy.yy

- enabled: false

location: xx.xx.xx.xx

p1 domain admins list

Lists admins, either for all domains or for a specified domain.

This command is disabled under MSSP mode.

Usage

p1 domain admins list [OPTIONS] [DOMAIN]

Options

--help

Displays the help text for this command.

Arguments

DOMAIN

(Optional) Specifies a domain. If not specified, all domains are listed.

Examples

*** list all domains ***

Pulse One > p1 domain admins list

domains:

mobile.example.com:

uiadmin:

email: [email protected]

roles:

- Super Admin

 

*** list specific domain ***

Pulse One > p1 domain admins list mobile.example.com

domains:

mobile.example.com:

uiadmin:

email: [email protected]

roles:

- Super Admin

p1 domain admins password reset

Resets the password of a local domain admin.

This is required when the path becomes locked after failed login attempts.

Usage

p1 domain admins password reset [OPTIONS] [USERNAME]

Options

--help

Displays the help text for this command.

Arguments

USERNAME

(Optional) Specifies a local domain admin.

Examples

*** Reset password of local domain admin "tk-428" ***

Pulse One > p1 domain admins password reset tk-428

Resetting the password of tk-428...

Changed password of local web user: tk-428 to azxhYPaGwybW3nfw

p1 domain list

Displays all provisioned domain names.

This command is disabled under MSSP mode.

Usage

p1 domain list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > p1 domain list

domains:

- mobile.example.com

p1 domain property list

Shows settings for all domain properties.

This command is disabled under MSSP mode.

Usage

p1 domain property list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: google

- afw_enterprise_id: null

p1 domain property reset

Resets all the domain properties.

This command is disabled under MSSP mode.

Usage

p1 domain property reset [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** list all domain properties ***

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: google

- afw_enterprise_id: null

 

*** reset properties ***

Pulse One > p1 domain property reset

Resetting domain properties...

Done

 

*** confirm properties are reset ***

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: null

- afw_enterprise_id: null

p1 domain property set

Sets a domain property.

This command is disabled under MSSP mode.

Usage

p1 domain property set [OPTIONS] DOMAIN_PROPERTY_NAME DOMAIN_PROPERTY

Options

--help

Displays the help text for this command.

Arguments

DOMAIN_PROPERTY_NAME

The domain property that you want to change. The available domain properties are:

•afw_domain_admin_user

•afw_enterprise_type

•afw_enterprise_id

DOMAIN_PROPERTY

The new value for the domain property, either afw (Android for Work) or Google. Always use afw unless directed otherwise.

Examples

*** list all domain properties ***

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: null

- afw_enterprise_id: null

 

*** reset properties ***

Pulse One > p1 domain property set afw_enterprise_type google

Setting domain property: afw_enterprise_type to google ...

Done

 

*** confirm properties are reset ***

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: google

- afw_enterprise_id: null

p1 domain provision

Provisions a new Pulse One environment.

This command is disabled under MSSP mode.

Usage

p1 domain provision [OPTIONS] DOMAIN

Options

--help

Displays the help text for this command.

--admin-username USERNAME

(Required) Username of the admin user. The default is root.

--admin-email EMAIL

(Required) Email address of admin.

Arguments

DOMAIN

The name of the domain you want to provision.

Examples

Pulse One > p1 domain provision mobile.example.com --admin-username user

--admin-email [email protected]

 

This will overwrite any existing Pulse One configuration. This can not be run on an already provisioned environment. You may need to `destroy` your environment before continuing.

Continue? [y/N]: Y

Set new admin password.

Password:

Confirm Password:

.

. (messages)

.

Provider domain mobile.example.com created.

Provisioned.

p1 domain whitelist add ip

Adds an IP address or range to the whitelist from which an admin can log into the Pulse One GUI.

All IP addresses outside the whitelist are then blocked from accessing Pulse One.

Whitelisting IP addresses/ranges is disabled by default. It is enabled when you add the first IP address/range to the whitelist, which must include your current IP address. After you have added your first whitelist item, all other IP addresses/ranges are automatically blacklisted. You can then continue to add all other required IP addresses/ranges until you have added all IP addresses/ranges from which admins can log in.

To reset all whitelist entries, use the p1 domain whitelist reset.

You can only add countries to the whitelist from the Pulse One GUI.

Usage

p1 domain whitelist add ip [OPTIONS] IP_ADDRESS

Options

--help

Displays the help text for this command.

Arguments

IP_ADDRESS

The IP address or range that you want to add to the whitelist, with an optional CIDR-formatted netmask. For example, 192.168.0.0/16.

Examples

*** add a specific whitelisted ip address or range ***

Pulse One > p1 domain whitelist add ip 192.168.0.0/16

Pulse One >

 

*** show all whitelisted entries

Pulse One > p1 domain whitelist show

Getting whitelist configurations...

 

Whitelisted Countries: null

Whitelisted IPs: 192.168.0.0/16

p1 domain whitelist reset

Resets whitelist of IP addresses and countries from which an admin can log into the Pulse One GUI.

To add an item to the whitelist, see p1 domain whitelist add ip.

Usage

p1 domain whitelist reset [OPTIONS] [DOMAIN]

Options

--help

Displays the help text for this command.

Arguments

DOMAIN

(Optional) The name of a single domain you want to remove from the whitelist. If this option is not specified, the whitelist is emptied.

Examples

*** reset a specific whitelisted domain ***

Pulse One > p1 domain whitelist reset example.demo.com

WARNING: This will remove <message>. Do you wish to continue? [y/N]: y

Pulse One >

 

*** reset all whitelisted domains ***

Pulse One > p1 domain whitelist reset

WARNING: This will remove all IP address and country restrictions from all domains, allowing admins to log in from any IP address/country. Do you wish to continue? [y/N] y

Pulse One >

p1 domain whitelist show

Displays a whitelist of IP addresses and countries from which an admin can log into the Pulse One GUI.

To add an item to the whitelist, see p1 domain whitelist add ip.

Usage

p1 domain whitelist show [OPTIONS]

Options

--help

 

Displays the help text for this command.

Arguments

None.

Examples

*** empty whitelist ***

Pulse One > p1 domain whitelist show

Getting whitelist configurations...

 

Whitelisted Countries: null

Whitelisted IPs: null

 

*** populated whitelist ***

Pulse One > p1 domain whitelist show

Getting whitelist configurations...

 

Whitelisted Countries: null

Whitelisted IPs: xx.xx.xx.xx/mm

p1 log-aggregator nfs

Sets the NFS parameters for the log-aggregator component.

After this command completes, perform a services restart to put new settings into effect.

Usage

p1 log-aggregator nfs [OPTIONS]

Options

--help

Displays the help text for this command.

--enable / --disable

Enable or disable NFS data storage.

-v, --volume VOLUME

Specify NFS volume in the form remote_host:remote_dir. This is required for the --enable option.

-o, --options OPTIONS

Specify NFS options, as a comma-separated list. Available options match those that are described on the mount_nfs manual (man) page.

Arguments

None.

Examples

*** enable NFS ***

Pulse One > p1 log-aggregator nfs --enable -v example:/home

This will delete all existing appliance logs. All services will be stopped if currently running.

Continue? [y/N]: y

Stopping uno_data-store_1 ... done

Stopping uno_index_1 ... done

.

. (service messages)

.

Stopping uno_ui-assets_1 ... done

Stopping uno_cache_1 ... done

keep_days: 3

nfs:

options: vers=3,nolock,retry=1,rw

volume: example:/home

type: nfs

p1 log-aggregator settings

Sets data storage settings for the log-aggregator component.

After this command completes, perform a services restart to put new settings into effect.

Usage

p1 log-aggregator settings [OPTIONS]

Options

--help

Displays the help text for this command.

-d, --keep-days RETENTION_POLICY

(Required) Specify the number of days any given log will be kept in the index.

--tls / --no-tls

Enables or disables TLS on syslog input.

Arguments

None.

Examples

*** set keep_days ***

Pulse One > p1 log-aggregator settings -d 28

Changing retention policy could lead to loss of data.

Continue? [y/N]: y

keep_days: 28

tls: false

 

*** set TLS to true ***

Pulse One > p1 log-aggregator settings --tls

keep_days: 28

tls: true

p1 log-aggregator show

Shows details of data storage for the log-aggregator component.

Usage

p1 log-aggregator show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > p1 log-aggregator show

disk usage: 520b

settings:

keep_days: 28

nfs:

options: vers=3,nolock,retry=1,rw

volume: example:/home

type: nfs

status: Enabled

p1 log-aggregator targets add

Adds a syslog target that will receive forwarded syslog messages.

After this command completes, perform a services restart to put new settings into effect.

Usage

p1 log-aggregator targets add [OPTIONS] HOST

Options

--help

Displays the help text for this command.

-p, --port INTEGER

The host's syslog connection port

--tls / --no-tls

Enable TLS when sending logs

Arguments

HOST

The target host that you want to add.

Examples

*** check current targets (empty) ***

Pulse One > p1 log-aggregator targets list

{}

 

*** add a target ***

Pulse One > p1 log-aggregator targets add -p 333 --no-tls xx.xx.xx.xx

xx.xx.xx.xx:333:

host: xx.xx.xx.xx

port: 333

tls: false

 

*** confirm the addition ***

Pulse One > p1 log-aggregator targets list

xx.xx.xx.xx:333:

host: xx.xx.xx.xx

port: 333

tls: false

p1 log-aggregator targets list

Displays a list of syslog targets.

Usage

p1 log-aggregator targets list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** the list is empty ***

Pulse One > p1 log-aggregator targets list

{}

 

*** one target in the list ***

Pulse One > p1 log-aggregator targets list

10.11.12.13:333:

host: 10.11.12.13

port: 333

tls: false

p1 log-aggregator targets remove

Removes a syslog target.

After this command completes, perform a services restart to put new settings into effect.

Usage

p1 log-aggregator targets remove [OPTIONS] HOST:PORT

Options

--help

Displays the help text for this command.

Arguments

HOST:PORT

Specify a syslog target to remove.

Examples

*** check current targets ***

Pulse One > p1 log-aggregator targets list

xx.xx.xx.xx:333:

host: xx.xx.xx.xx

port: 333

tls: false

 

*** delete a target ***

Pulse One > p1 log-aggregator targets remove -p 333 --no-tls xx.xx.xx.xx

Deleted.

 

*** confirm the deletion (now empty) ***

Pulse One > p1 log-aggregator targets list

{}

p1 mssp provision

Provisions an MSSP management domain.

This command is enabled by a valid MSSP license.

Usage

p1 mssp provision [OPTIONS] DOMAIN

Options

--help

Displays the help text for this command.

--admin-username USERNAME

(Required) Username of admin.

--admin-email EMAIL

(Required) Email address of admin.

Arguments

DOMAIN

The name of the MSSP domain you want to provision.

Examples

Pulse One > p1 mssp provision demo.example.com --admin-username admin

--admin-email [email protected]

This will overwrite any existing Pulse One configuration. This can not be run on an already provisioned environment. You may need to `destroy` your environment before continuing.

Continue? [y/N]: y

Set new admin password.

Password:

Confirm Password:

Stopping uno_ui-assets_1 ... done

Stopping uno_cache_1 ... done

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Stopping uno_file-store_1 ... done

Removing uno_ui-assets_1 ... done

Removing uno_cache_1 ... done

Removing uno_index_1 ... done

Removing uno_data-store_1 ... done

Removing uno_file-store_1 ... done

Creating identity domain...

Provider domain demo.example.com created.

Provisioned.

pws config refresh-app-icons

Refreshes the workspace application icons on the current node.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config refresh-app-icons [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config refresh-app-icons

Refreshing app icons...

Done

pws config reset ios-certificate

Regenerates the iOS MDM root certificate.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config reset ios-certificate [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config reset ios-certificate

WARNING: This regenerates the iOS MDM root certificate. Existing MDM device certificates issued to iOS devices will be invalidated and iOS devices will need to re-enroll to get policy updates.

 

Type "RESET" to continue: RESET

 

Regenerating iOS MDM root certificate...

Regenerated iOS MDM root certificate.

pws config set esa

Sets the Google ESA Credentials.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config set esa [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config set esa

Please enter a valid Google ESA Credential:

{"auth_uri": "https://accounts.google.com/o/oauth2/auth",

"private_key": "-----BEGIN PRIVATE KEY-----\\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCNDflIP01ZhEvt\\nIf03JNyM73tl7n0VxxUaJPUwXPettGonSJBOcN5ndJU4r6RDo0N85EPo75I2LktG\\nAjj6RUCk1OPN+PASG2eWXP1ROVYd1PVzeLA6C4Js8mkCLwB+N2hkA/f9HNxooFQY\\n1fGjfHaZb70RE2Oj8Q .

. (esa credentials truncated)

 

6PdPLwjd7KwBDbD9KiX+O5b0gA4GpMVm/L2tBAoGBANbThumPG8GPCqogiS0I\\nxBePd17QYR+g4D4AwVd328iuAuQ3oYyNTHP+rUAiyVwKI4GU6CxhabWHYAb6ycjm\\nYF/Pa2EAMaL1bUScENhM3xlejMgyWWrGdQjHkj0sFPdb8EqLqV6EvQRpWkJusHan\\na+RV/qSHyCdsFDlfJiL19M1G\\n-----END PRIVATE KEY-----\\n",

"client_email": "[email protected]", "private_key_id": "473a94a52343c31de3bbd925535b165b15b1d592",

"client_id": "105626901240200099628",

"token_uri": "https://accounts.google.com/o/oauth2/token", "client_x509_cert_url":

"https://www.googleapis.com/robot/v1/metadata/x509/account-4%40pulse-

dev-1125.iam.gserviceaccount.com", "type": "service_account", "auth_provider_x509_cert_url":

"https://www.googleapis.com/oauth2/v1/certs"}

 

 

Setting Google ESA Credentials...

Credentials:

auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs

auth_uri: https://accounts.google.com/o/oauth2/auth

client_email: [email protected]

client_id: '105626901240200099628'

client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/

account-4%40pulse-dev-1125.iam.gserviceaccount.com

private_key_id: 473a94a52343c31de3bbd925535b165b15b1d592

token_uri: https://accounts.google.com/o/oauth2/token

type: service_account

PEM contents hidden for security. Verify with hashes below:

MD5 for the private key: 604bf518cdf6a68872956261e6610ad6

MD5 for the whole Credential string: 34f4ccb1194d79facf25cb662517e3ae

SHA256 for the private key:

a4067666430c507e3f75e4845fe0745ef477a99623b9abdd3f018cfe8b446f70

SHA256 for the whole Credential string:

729d06ea69f86ebfaf1f17875bfae195eab50eb685db600bdd3a4d41cf152451

pws config set ios-mdm-push-certificate

Updates the iOS MSM push certificate. This certificate is used to create a certificate signing request (CSR) for the iOS MDM certificate.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config set ios-mdm-push-certificate [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config set ios-mdm-push-certificate

The iOS MDM push certificate is provided by Pulse Secure and the iOS MDM push key can not be changed. Overwrite existing iOS MDM push certificate? [y/N]: y

Paste your iOS MDM push certificate in PEM format:

-----BEGIN CERTIFICATE-----^MMIIEuzCCA6OgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJVUzET^MMBEGA1UEChMKQXBwbGUgSW5jLjEmMCQGA1UECxMdQXBwbGUgQ2VydGlmaWNhdGlv^MbiBBdXRob3JpdHkxFjAUBgNVBAMTDUFwcGxlIFJvb3Qg

.

. (certificate)

.

ieerCVRouiEr0NlFXVTBMxtinXUWberS7/fxBuN/DlMHhwtXOeuz35WpxoNASUde

Rqk9LgbQIKdC1yNI3IAgPEWjUJArMXogJXP3lztiOGlj/ETiToCiQALUU//cB0aj

z5I+FEIWQzkRBMn2AKRezm9S5LEBxKgsbtIJRsydUzEm6atkWp2qIHKwZQMRCA==

-----END CERTIFICATE-----

 

Hash values for the iOS MDM Push Certificate string:

MD5: 17cf4528db9833e19a47c8fad0f63fdf

SHA256: efe0f65a7049d4a711dd3e38231a66c1c850b18fdaef49f4a84511ca4d2c4264

pws config set ios-pulse-secure-app-push-certificate

Updates the iOS Pulse Client push notification certificate.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config set ios-pulse-secure-app-push-certificate [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config set ios-pulse-secure-app-push-certificate

The IOS Pulse Secure Client App Push Notification certificate needs to be provided by Pulse Secure. Update current certificate? [y/N]: y

Paste your iOS Pulse push certificate in PEM format:

-----BEGIN CERTIFICATE-----^MMIIGSzCCBTOgAwIBAgIIUbJAMJf/nAIwDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV^MBAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3Js^MZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UE

.

. (certificate truncated)

.

Y3VyZS5wdWxzZXNlY3VyZTE5MDcGA1UHuwnL55Rerxoh3Xi7UWFrgJLKsvoiOZUOXma1FEcQXu3A3NOOwn5LayPfbdJLDZmgxpHrck/XFKTDqcRhD2fo8/PeyknuatSC9fg13g3Dw==

-----END CERTIFICATE-----

Hash values for the iOS Client Push Certificate string:

MD5: fa31afc1a1b2c33bcd448f28f7ddf9a2

SHA256: a19cfdc3a4483b3682a22a2c167c63f2f521d41f21ea1b2c378cc4483691d8b5

pws config set msa

Sets the Google MSA Credentials.

- This command is enabled by a valid MSSP license and requires a valid PWS license.
- After this command completes, perform a services restart to put new settings into effect.

Usage

pws config set msa [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config set msa

Please enter a valid Google MSA Credential:

{"auth_uri": "https://accounts.google.com/o/oauth2/auth",

"private_key": "-----BEGIN PRIVATE KEY-----\\nMIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDMeFBApydNOc9M\\nFTga5a1qOs0vZRilwn6k6RIFG3bxOKk0k+iTeQxbRg9/kcglzE+N3wcp0Vw4Mg2K\\nL16f2q4tRLSEzqvtNDjJUuP0rusxmim32nHdM1VHKdd8LvtJ2Ov05iHf6wRgBcIS\\nQ+/rTwm21TfQkiWj3A

.

. (msa credentials truncated)

 

n1VQyoFU+Dicz1C60+7HWAJw3o5pD2NOHxKgQ4pECgYEAuLu3tNhgH/28i0++\\nnkEYwkFCoHbn1JUw62IsGF+2Crp1GMWdG/qjPu2wizUYnwS/TYC+zk9ZPlkRC36M\\n2RF+trd2hS6IG/Ts1BEz4e+BlvoDxOgJ5FXUnXx8TRNsfGRRCmmaOv/eWc1bWsPa\\n/KKFZHcoX9H4InpN6JIHv2AkCYk=\\n-----END PRIVATE KEY-----\\n",

"client_email": "[email protected]", "private_key_id": "5dd8b5951c10b85a0665c1706dcab61c89a01e56",

"client_id": "102471803974255694602",

"token_uri": "https://accounts.google.com/o/oauth2/token", "client_x509_cert_url":

"https://www.googleapis.com/robot/v1/metadata/x509/account-1%40pws-

dev.iam.gserviceaccount.com", "type": "service_account", "auth_provider_x509_cert_url":

"https://www.googleapis.com/oauth2/v1/certs"}

 

 

Setting Google MSA Credentials...

Credentials:

auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs

auth_uri: https://accounts.google.com/o/oauth2/auth

client_email: [email protected]

client_id: '102471083974256594602'

client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/account-1%40pws-dev.iam.gserviceaccount.com

private_key_id: 5dd8b5951c10b85a0665c1706dcab61c89a01e56

token_uri: https://accounts.google.com/o/oauth2/token

type: service_account

PEM contents hidden for security. Verify with hashes below:

MD5 for the private key: f3d746222228629061bf41c2d9616925

MD5 for the whole Credential string: a0a1038a695017fde74f7f6ccd2bad8a

SHA256 for the private key:

48535f0e85443bb3ac42db548cb947567a369148379c8a703a71cb404e3f9621

SHA256 for the whole Credential string:

607d0713ebc6837186111dfd5ed2ae1decb05ba6459a8fd758d8e5208b9dc485

pws config show esa

Shows Workspace ESA information.

Usage

pws config show esa [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config show esa

Credentials:

auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs

auth_uri: https://accounts.google.com/o/oauth2/auth

client_email: wb882f19b668ec52ef12b76169@pfwp-ulsesecureandroidmdmtest2.google.com.iam.gserviceaccount.com

client_id: '108955911278235671297'

client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/wb882f19b668ec52ef12b76169%40pfwp-ulsesecureandroidmdmtest2.google.com.iam.gserviceaccount.com

private_key_id: 4ce2f68b79dff03027d1e0157b29181dc81

project_id: google.com:pfwp-ulsesecureandroidmdmtest2

token_uri: https://accounts.google.com/o/oauth2/token

type: service_account

PEM contents hidden for security. Verify with hashes below:

MD5 for the private key: 431eff630d49180e1447a4f856e2

MD5 for the whole Credential string: ad074eb71e1686bc40153794a7e

SHA256 for the private key: 36c293c8b3fed64dc0c5d21dfa1d83b46a59882c0bfd6c648b837755952

SHA256 for the whole Credential string: 8c29d9463883b6add6bed5ad2ba6d6f93d9cad301c2240d5e902259e22c6

pws config show msa

Shows Workspace MSA information.

This command is enabled by a valid MSSP license and requires a valid PWS license.

Usage

pws config show msa [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config show msa

Credentials:

auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs

auth_uri: https://accounts.google.com/o/oauth2/auth

client_email: [email protected]

client_id: '102471083974256594602'

client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/account-1%40pws-dev.iam.gserviceaccount.com

private_key_id: 5dd8b5951c10b85a0665c1706dcab61c89a01e56

token_uri: https://accounts.google.com/o/oauth2/token

type: service_account

PEM contents hidden for security. Verify with hashes below:

MD5 for the private key: f3d746222228629061bf41c2d9616925

MD5 for the whole Credential string: a0a1038a695017fde74f7f6ccd2bad8a

SHA256 for the private key: 48535f0e85443bb3ac42db548cb947567a369148379c8a703a71cb404e3f9621

SHA256 for the whole Credential string: 607d0713ebc6837186111dfd5ed2ae1decb05ba6459a8fd758d8e5208b9dc485

pws email-domain add

Adds an email domain.

- After this command completes, perform a services restart to put new settings into effect.
- This command is disabled under MSSP mode.

Usage

pws email-domain add [OPTIONS] EMAIL_DOMAIN_NAME

Options

--help

Displays the help text for this command.

Arguments

EMAIL_DOMAIN_NAME

The email domain that you want to add.

Examples

*** list all email domains ***

Pulse One > pws email-domain list

Getting email domains...

No email domain found.

 

*** add a new domain ***

Pulse One > pws email-domain add yahoo.co.uk

Adding email domain yahoo.co.uk...

Done.

 

*** confirm the addition ***

Pulse One > pws email-domain list

Getting email domains...

email domains:

- yahoo.co.uk

pws email-domain delete

Deletes an email domain.

- After this command completes, perform a services restart to put new settings into effect.
- This command is disabled under MSSP mode.

Usage

pws email-domain delete [OPTIONS] EMAIL_DOMAIN_NAME

Options

--help

Displays the help text for this command.

Arguments

EMAIL_DOMAIN_NAME

The email domain that you want to delete.

Examples

*** list all email domains ***

Pulse One > pws email-domain list

Getting email domains...

email domains:

- yahoo.co.uk

 

*** delete an email domain ***

Pulse One > pws email-domain delete yahoo.co.uk

Deleting email domain yahoo.co.uk...

Done.

 

*** confirm the deletion ***

Pulse One > pws email-domain list

Getting email domains...

No email domain found.

pws email-domain list

Shows all the email domains.

This command is disabled under MSSP mode.

Usage

pws email-domain list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws email-domain list

Getting email domains...

email domains:

- yahoo.com

- yahoo.co.uk

- gmail.com

pws-config refresh-app-icons

Refreshes the workspace app icons on the current node.

This command is deprecated. Please use pws config refresh-app-icons.

pws-config reset ios-certificate

Regenerates the iOS MDM root certificate.

This command is deprecated. Please use pws config reset ios-certificate.

pws-config set esa

Sets the Google ESA Credentials.

This command is deprecated. Please use pws config set esa.

pws-config show esa

Shows the Workspace ESA information.

This command is deprecated. Please use pws config show esa.

services logs

Displays logs for application services.

Usage

services logs [OPTIONS] [SERVICE]

Options

--help

Displays the help text for this command.

--tail INTEGER

Number of log lines to show per service.

--follow / --no-follow

Follow logs as they are updated.

Arguments

SERVICE

(Optional) The required app service.

•To list available services for this argument, refer to services status.

•If no SERVICE is specified, all app services are included.

•By default, only app services are included. To view all services, specify ALL.

Examples

*** list logs, limited to most recent 5 entries ***

Pulse One > services logs --tail 3 --no-follow

Attaching to api_1, backend_1, backend_2, backend_3, backend_4, backend_5,

backend_6, backend_7, backend_8, cellsecrpc_1, console_1, file-store_1,

portal_1, proxy_1, pws-api_1, ui-assets_1

pws-api_1 | spawned uWSGI worker 3 (pid: 16, cores: 1)

pws-api_1 | spawned uWSGI worker 4 (pid: 17, cores: 1)

pws-api_1 | spawned uWSGI worker 5 (pid: 18, cores: 1)

api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 13

api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 14

api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 15

.

. (logs)

.

ui-assets_1 | Starting nginx with CORS origin * (.*)

ui-assets_1 | Starting nginx with CORS origin * (.*)

ui-assets_1 | Starting nginx with CORS origin * (.*)

services restart

Restarts one or more services.

By default, all services are restarted. To restart individual service(s), specify the SERVICE argument.

Usage

services restart [OPTIONS] [SERVICE]...

Options

--help

Displays the help text for this command.

Arguments

SERVICE

(Optional) The required service.

•If no SERVICE is specified, all services are included.

•If you want to specify one or more specific services, include each.

Examples

*** restart all services ***

Pulse One > services restart

Restarting...

Starting with version "1902"...

Started.

Restarted.

 

*** restarting a specific service ***

Pulse One > services restart

services start

Starts all services.

Usage

services start [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > services start

Starting with version "1902"...

Started.

services status

Displays the status of all services.

Usage

services status [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** services up ***

Pulse One > services status

Name State

------------------

api Up

backbeat Up

backend Up

backend Up

backend Up

backend Up

backend Up

backend Up

backend Up

backend Up

cache Up

cellsecrpc Up

console Up

data-store Up

file-store Up

index Up

portal Up

proxy Up

pws-api Up

ui-assets Up

 

*** services down ***

Pulse One > services status

Name State

------------------------

api Stopped

backbeat Stopped

backend Stopped

backend Stopped

backend Stopped

backend Stopped

backend Stopped

backend Stopped

backend Stopped

backend Stopped

cache Stopped

cellsecrpc Stopped

console Stopped

data-store Stopped

file-store Stopped

index Stopped

portal Stopped

proxy Stopped

pws-api Stopped

ui-assets Stopped

services stop

Stops all services.

Usage

services stop [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > services stop

Stopping...

Stopping uno_backbeat_1 ... done

Stopping uno_api_1 ... done

Stopping uno_pws-api_1 ... done

Stopping uno_cellsecrpc_1 ... done

Stopping uno_portal_1 ... done

Stopping uno_proxy_1 ... done

Stopping uno_file-store_1 ... done

Stopping uno_backend_8 ... done

Stopping uno_backend_5 ... done

Stopping uno_backend_2 ... done

Stopping uno_backend_7 ... done

Stopping uno_backend_6 ... done

Stopping uno_backend_3 ... done

Stopping uno_backend_4 ... done

Stopping uno_backend_1 ... done

Stopping uno_console_1 ... done

Stopping uno_ui-assets_1 ... done

Stopping uno_cache_1 ... done

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Stopped.

smtp set

Modifies the current SMTP configuration.

After this command completes, perform a services restart to put new settings into effect.

Usage

smtp set [OPTIONS]

Options

--help

Displays the help text for this command.

-s, --server ADDRESS

Sets the SMTP server IP or hostname.

-p, --port PORT

Sets the SMTP server port number.

-t, --tls

(Optional) Enables SSL/TLS.

To disable TLS, use the --no-tls option.

-u, --username USERNAME

(Optional) Sets the SMTP username. This is only required when SMTP expects a username.

To remove the username from the configuration, use the --no-username option.

--password

(Optional) Indicates that a password is required. The system prompts for a password.

This is only required when SMTP expects a password.

To remove the password from the configuration, use the --no-password option.

--sender EMAIL

Defines the email address of default sender for all messages.

--no-username

(Optional) Removes SMTP username from the configuration.

--no-password

(Optional) Removes SMTP password from the configuration.

--no-tls

(Optional) Disables TLS in the configuration.

Arguments

None.

Examples

*** show current smtp settings ***

Pulse One > smtp show

password: '********'

port: 587

sender_email: [email protected]

server: smtp.mailgun.org

ssl_tls: false

username: [email protected]

 

*** reset the port from 587 to 590 ***

Pulse One > smtp set -p 590

password: '********'

port: 590

sender_email: [email protected]

server: smtp.mailgun.org

ssl_tls: false

username: [email protected]

 

*** enable TLS ***

Pulse One > smtp set --tls

password: '********'

port: 590

sender_email: [email protected]

server: smtp.mailgun.org

ssl_tls: true

username: [email protected]

 

*** remove username ***

Pulse One > smtp set --no-username

password: '********'

port: 590

sender_email: [email protected]

server: smtp.mailgun.org

ssl_tls: true

username: null

 

*** reinstate username and port ***

Pulse One > smtp set -u [email protected] -p 587

password: '********'

port: 587

sender_email: [email protected]

server: smtp.mailgun.org

ssl_tls: true

username: [email protected]

smtp show

Displays current SMTP settings.

Usage

smtp show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > smtp show

password: '********'

port: 587

sender_email: [email protected]

server: smtp.mailgun.org

ssl_tls: false

username: [email protected]

system backup export

Exports an archive of system settings as a GZIP TAR (.tgz) file. This uses a specified interface.

You can choose to exclude syslog data if required.

During the process, the following message is displayed:

Download ready at http://xx.xx.xx.xx:8000/backup/download

MD5: 10e3f47281a8a5c494df8dca7d3c5ddd

Press Ctrl-C when finished.

When this message appears, do not press CTRL + C.

Instead, start a web browser and access http://xx.xx.xx.xx:8000/backup/download in a browser.

Save the backup file to an accessible location.

Once the file save completes, return to the CLI and press CTRL + C to complete the export process.

If you press CTRL + C before the download completes, the web browser will close, and you will have to start the system backup export process again.

Usage

system backup export [OPTIONS]

Options

-e, --exclude [syslog]

Exclude syslog data from backup

-i, --interface INTERFACE

INTERFACE can be either external or management. The specified interface is used when downloading the system settings. If unspecified, the management interface is used by default.

--help

Displays the help text for this command.

Arguments

None.

Examples

*** initiate the export ***

Pulse One > system backup export -i external

Services will be stopped before initiating backup. Continue? [y/N]: y

 

Services will be stopped before initiating backup. Continue? [y/N]: y

Stopping uno_log-collector_1 ... done

Stopping uno_api_1 ... done

.

. (system messages: closing services)

.

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Starting backup...

Storing to backup [------------------------------------] 0%

Storing to backup [------------------------------------] 1%

.

. (system messages: percentage completion)

.

Storing to backup [###################################-] 98%

Storing to backup [###################################-] 99%

 

Download ready at http://10.64.196.97:8000/backup/download

MD5: 10e3f47281a1b2c394df8dca7d3c5ddd

Press Ctrl-C when finished.

 

*** in a browser, access xx.xx.xx.xx:8000/backup/download and save the file ***

 

*** then, complete the export process in the CLI by clicking CTRL + C ***

^C

system backup import

Imports an archive and restores the system using a specified interface.

When the process starts, the following message is displayed:

Upload your backup archive here:

URL: http://xx.xx.xx.xx:8000/backup

Press Ctrl-C when finished.

When this message appears, do not press CTRL + C.

Instead, start a web browser and access http://xx.xx.xx.xx:8000/backup.

Using the controls on the web page, upload the backup file you want to restore.

Once the backup file upload completes, return to the CLI and press CTRL + C to continue the import process.

- If you press CTRL + C before the upload completes, the web browser will close, and you will have to start the system backup import process again.
- After this command completes, perform a services restart to put new settings into effect.

Usage

system backup import [OPTIONS]

Options

-i, --interface INTERFACE

INTERFACE can be either external or management. The specified interface is used when importing the system settings. If unspecified, the management interface is used by default.

--help

Displays the help text for this command.

Arguments

None.

Examples

*** initiate the import of a backup ***

Pulse One > system backup import Pulse One > system backup import -i management

Upload your backup archive here:

URL: http://10.96.16.157:8000/backup

Press Ctrl-C when finished.

 

*** in a browser, access xx.xx.xx.xx:8000/backup and upload the backup ***

 

 *** continue the process by clicking CTRL + C ***

^C

 

WARNING: This will replace all Pulse One data and configuration restoring the appliance from backup. The data and configuration will not be recoverable.

Type "DESTROY" to continue: DESTROY

 

Restore backup from backup-2019-04-04T14_01_43Z.tar.gz

(MD5: 7d84ff6a1b2c3d4abb507d5c3ffef972) now? [y/N]: y

Removing directory /data/tmp/upload/0

Removing directory /data/tmp/upload/1

Removing directory /data/tmp/upload/2

 

Removing file /app/conf/users.yml

Removing directory /app/conf/conf.d

Removing directory /app/conf/unity

Restoring from backup [####################################] 100%

 

*** system then reboots ***

system banner remove

Removes a configured login banner.

Usage

system banner remove [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** show current banner ***

Pulse One > system banner show

Pulse Secure PULSE ONE Appliance

(c) 2018, Pulse Secure LLC.

 

*** remove banner ***

Pulse One > system banner remove

Banner removed.

 

*** confirm deletion ***

Pulse One > system banner show

No banner set.

system banner set

Sets a login banner.

Usage

system banner set [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system banner set

Enter or paste the banner message followed by two blank lines:

Pulse Secure PULSE ONE Appliance

(c) 2018, Pulse Secure LLC.

 

Banner saved.

system banner show

Displays the configured login banner.

Usage

system banner show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** no banner ***

Pulse One > system banner show

No banner set.

 

*** banner set ***

Pulse One > system banner show

Pulse Secure PULSE ONE Appliance

(c) 2018, Pulse Secure LLC.

system debug

Launches the debug shell. This operation requires assistance from Pulse One Tech support.

Usage

system debug [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system debug

 

This operation requires assistance from Pulse One Tech support.

Do you wish to proceed? [y/N]: y

 

(debug messages)

system destroy data

Resets all data to factory defaults.

Usage

system destroy data [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy data

WARNING: This will delete all Pulse One data, resetting the appliance to factory defaults. The data will not be recoverable.

 

Type "DESTROY" to continue: DESTROY

 

Resetting data...

Stopping uno_log-collector_1 ... done

Stopping uno_log-indexer_1 ... done

Stopping uno_file-store_1 ... done

Removing uno_log-collector_1 ... done

Removing uno_log-indexer_1 ... done

.

. (system messages: service removals)

.

Removing uno_data-store_1 ... done

Removing network default

Removing file /data/elasticsearch/elasticsearch/nodes/0/_state/global-5.st

Removing file /data/elasticsearch/elasticsearch/nodes/0/indices/

cust___mobile_4c49992c/_state/state-2.st

.

. (system messages: file/directory removals)

.

Removing directory /data/mongodb

Removing directory /data/mysql

 

Destroyed.

system destroy index

Deletes all statistics and profiler data.

This command will stop all services on the Pulse One appliance. You must restart any required services manually after the command completes, see services start.

Usage

system destroy index [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy index

WARNING: This will delete all index service data. The data will not be recoverable.

Type "DESTROY" to continue: DESTROY

Stopping uno_log-collector_1 ...

Stopping uno_log-indexer_1 ...

.

. (system messages: stopping services)

.

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Resetting data...

Removing uno_index_1 ... done

Removing file /data/elasticsearch/elasticsearch/nodes/0/indices/cust___p1_f2ac9527/1/index/_0.cfe

Removing file /data/elasticsearch/elasticsearch/nodes/0/indices/cust___p1_f2ac9527/1/index/_0.cfs

.

. (system messages: removing files and directories)

.

Removing directory /data/elasticsearch/elasticsearch/nodes

Removing directory /data/elasticsearch/elasticsearch

 

system destroy log-indexer

Deletes all received syslog data.

This command will stop all services on the Pulse One appliance. You must restart any required services manually after the command completes, see services start.

Usage

system destroy log-indexer [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy log-indexer

WARNING: This will delete all log-indexer service data. The data will not be recoverable.

Type "DESTROY" to continue: DESTROY

Stopping uno_log-collector_1 ...

Stopping uno_api_1 ...

Stopping uno_pws-api_1 ... done

.

. (system messages: stopping services)

.

Stopping uno_cache_1 ... done

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Resetting data...

Removing uno_log-collector_1 ... done

Removing uno_log-indexer_1 ... done

.

. (system messages: removing files and directories)

.

Removing directory /data/log_indexer/graylog-prod

Removing directory /data/log_indexer/log

system destroy managed-appliance-configs

Deletes all PCS and PPS configurations.

Usage

system destroy managed-appliance-configs [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy managed-appliance-configs

 

Pulse One will forget the configuration data it has received from Pulse Connect Secure and Pulse Policy Secure appliances. It will soon get fresh data from the appliances, but history will be lost. Use this command if, after a Pulse One cluster failover, viewing or publishing PCS/PPS configuration leads to unexplained error messages.

 

Continue? [y/N]: Y

 

.

. (system messages: appliance removals)

.

 

Destroyed.

system destroy service-logs

Deletes all service logs.

This command will stop all services on the Pulse One appliance. After completion, any services that were running when the command was used will be restarted automatically.

Usage

system destroy service-logs [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy service-logs

Are you sure you want to delete all service logs? This will temporarily stop all services. [y/N]: y

Stopping uno_backend_1 ...

Stopping uno_backend_4 ...

.

. (system messages: stopping services)

.

Stopping uno_cache_1 ... done

Stopping uno_data-store_1 ... done

Removing uno_backend_1 ...

Removing uno_backend_4 ...

.

. (system messages: removing files and directories)

.

Removing uno_cache_1 ... done

Removing uno_data-store_1 ... done

Creating and starting 2 ... done

Creating and starting 3 ... done

.

. (system messages: creating and starting services)

.

Creating and starting 7 ... done

Creating and starting 8 ... done

system destroy system-config

Resets the appliance to factory defaults.

Usage

system destroy system-config [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy system-config

WARNING: This will delete all Pulse One data and configuration, resetting the appliance to factory defaults. The data and configuration will not be recoverable.

Type "DESTROY" to continue:DESTROY

 

Resetting data...

Stopping uno_ui-assets_1 ... done

Stopping uno_data-store_1 ... done

Stopping uno_cache_1 ... done

Stopping uno_index_1 ... done

Removing uno_ui-assets_1 ... done

Removing uno_data-store_1 ... done

Removing uno_cache_1 ... done

Removing uno_index_1 ... done

Removing network default

Removing file /data/elasticsearch/elasticsearch/nodes/0/_state/global-0.st

Removing file /data/elasticsearch/elasticsearch/nodes/0/node.lock

.

. (File/directory removal messages)

.

Removing directory /app/conf/conf.d

Removing directory /app/conf/unity

 

Destroyed.

 

Press <ENTER> to continue and log out.

system provision

Provisions a new Pulse One environment.

This command is deprecated. Please use p1 domain provision.

system reboot

Reboots the system.

Usage

system reboot [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system reboot

Reboot now? [y/N]: y

Rebooting now...

system security fips

Enables or disables FIPS mode. If no option is specified, FIPS is disabled by default.

Usage

system security fips [OPTIONS]

Options

--help

Displays the help text for this command.

--enable

Enables server FIPS mode.

--disable

Disables server FIPS mode.

Arguments

None.

Examples

*** enable FIPS ***

Pulse One > system security fips --enable

Enabling FIPS mode will stop all services and log you out.

Continue? [y/N]: y

<system reboots>

 

*** disable FIPS ***

Pulse One > system security fips --disable

Disabling FIPS mode will stop all services and log you out.

Continue? [y/N]: y

<system reboots>

 

*** specify no option ***

Pulse One > system security fips

FIPS mode already DISABLED.

system security show

Displays security-related configuration.

Usage

system security show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system security show

FIPS Mode: false

Version: Pulse One version 2.0

system session-settings set

Sets CLI login security settings.

Usage

system session-settings set [OPTIONS]

Options

--help

Displays the help text for this command.

-i, --idle-timeout IDLE_TIMEOUT

Set seconds to wait before logging out an idle session.

-l, --login-timeout LOGIN_TIMEOUT

Set seconds to wait before timing out login attempt.

-m, --max-auth-attempts AUTH_ATTEMPTS

Set number of failed login attempts before client is disconnected.

Arguments

None.

Examples

*** display current settings ***

Pulse One > system session-settings show

idle_timeout: 300

login_timeout: 30

max_auth_attempts: 3

 

*** set idle_timeout ***

Pulse One > system session-settings set -i 250

idle_timeout: 250

login_timeout: 30

max_auth_attempts: 3

system session-settings show

Shows CLI login security settings.

Usage

system session-settings show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system session-settings show

idle_timeout: 300

login_timeout: 30

max_auth_attempts: 3

system shutdown

Halts the system and shuts it down.

Usage

system shutdown [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system shutdown

Shut down now? [y/N]: Y

Shutting down now...

system snapshot

Takes a snapshot of application logs and system information as a GZIP TAR (.tgz) file, using a specified interface.

During the process, a message similar to the following is displayed:

Download ready at http://xx.xx.xx.xx:8000/snapshot/download

MD5: 73c0973a126352559b8be388c8ebc605

Press Ctrl-C when finished.

When this message appears, do not press CTRL + C.

Instead, start a web browser and access http://xx.xx.xx.xx:8000/snapshot/download.

Save the snapshot file to an accessible location.

Once the file save completes, return to the CLI and press CTRL + C to complete the snapshot process.

If you press CTRL + C before the download completes, the web browser will close, and you will have to start the system snapshot process again.

Usage

system snapshot [OPTIONS]

Options

-i, --interface INTERFACE

INTERFACE can be set to either external or management. This interface is used when downloading the snapshot. If unspecified, the management interface is used as a default.

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system snapshot -i management

Services will be stopped before initiating snapshot. Continue? [y/N]: y

Stopping uno_log-collector_1 ... done

Stopping uno_api_1 ... done

.

. (System messages: stopping services)

.

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

 

Starting snapshot...

Adding etc to snapshot-2019-04-04T14:37:43Z.tar.gz

Adding etc/modules-load.d to snapshot-2019-04-04T14:37:43Z.tar.gz

Adding etc/fstab.old to snapshot-2019-04-04T14:37:43Z.tar.gz

.

. (System messages: adding to backup)

.

Adding data/snapshot/ip-routing-info-2019-04-04T14:37:43Z.log to snapshot-2019-04-04T14:37:43Z.tar.gz

Adding data/snapshot/service-2019-04-04T14:37:43Z.log to snapshot-2019-04-04T14:37:43Z.tar.gz

Download ready at http://10.96.16.157:8000/snapshot/download

MD5: fe3bc60d1f1220a19604af1108445389

Press Ctrl-C when finished.

 

*** in a browser, save the file from xx.xx.xx.xx:8000/backup/download ***

 

*** then, complete the export process in the CLI by clicking CTRL + C ***

^C

You may restart services with `services restart`.

 

*** restart services ***

Pulse One > services restart

Restarting...

Starting with version "1902"...

Started.

Restarted.

Pulse One >

system storage add

This command enables unallocated data storage to be added to the data volume used by Pulse One services.

When used, the command displays a list of unallocated data storage volumes.

The user then selects one of these volumes, and it is added to the data volume for Pulse One services.

- This command is only supported on Virtual Machine implementations of Pulse One.
- From Pulse One v2.0.1834 onwards, an LVM data storage system is used. If Pulse One has been upgraded to v2.0.1834, the first use of system storage add will force the existing data storage system to convert to an LVM data storage system. To avoid data loss, you must perform a system backup export before you use system storage add, and then perform a system backup import after system storage add completes.
- These listed volumes must be previously created using standard ESX procedures.

Usage

system storage add [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** display current allocated storage ***

Pulse One > system storage show

Volumes Filesystem Size Used Available Use% Mounted on

System /dev/md1 1.9G 265.8M 1.6G 14% /

Applications /dev/md2 39.2G 4.9G 32.3G 13% /app

Data Storage /dev/vg0/data 906.7G 408.4M 860.3G 0% /data

data-store 405.71M

file-store 2.54G

index 1007.8M

log-collector 1.03M

log-indexer 695.55M

tmp 52B

 

*** list available data storage volumes and add it ***

Pulse One > system storage add

Disk Size

-------------------

/dev/sdc 4.00 GiB

/dev/sdd 5.00 GiB

/dev/sde 3.00 GiB

 

Type name of disk you would like to add [/dev/sdc]: /dev/sde

Expanding storage with selected disk /dev/sde...

Storage expanded.

You may restart services with `services restart`.

 

*** restart services ***

Pulse One > services restart

Restarting...

Stopping uno_log-collector_1 ... done

Stopping uno_api_1 ... done

Stopping uno_pws-api_1 ... done

Stopping uno_backbeat_1 ... done

Stopping uno_file-api_1 ... done

Stopping uno_cellsecrpc_1 ... done

Stopping uno_portal_1 ... done

Stopping uno_proxy_1 ... done

Stopping uno_log-indexer_1 ... done

Stopping uno_file-store_1 ... done

Stopping uno_backend_4 ... done

Stopping uno_backend_2 ... done

Stopping uno_backend_3 ... done

Stopping uno_backend_1 ... done

Stopping uno_console_1 ... done

Stopping uno_ui-assets_1 ... done

Stopping uno_cache_1 ... done

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Starting with version "1902"...

Started.

Restarted.

 

*** show updated storage information ***

*** NOTE - the USED value may drop after services restart ***

Pulse One > system storage show

Volumes Filesystem Size Used Available Use% Mounted on

System /dev/md1 1.9G 265.8M 1.6G 14% /

Applications /dev/md2 39.2G 4.9G 32.3G 13% /app

Data Storage /dev/vg0/data 909.7G 408.4M 863.3G 0% /data

data-store 405.71M

file-store 2.54G

index 1007.8M

log-collector 1.03M

log-indexer 695.55M

tmp 52B

system storage show

Displays system storage information for Pulse One.

Usage

system storage show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system storage show

Volumes Filesystem Size Used Available Use% Mounted on

System /dev/md1 1.9G 321.5M 1.5G 17% /

Applications /dev/md2 39.2G 9.3G 27.9G 25% /app

Data Storage /dev/vg0/data 903.8G 4.7G 853.2G 1% /data

data-store 405.71M

file-store 2.54G

index 1007.8M

log-collector 1.03M

log-indexer 695.55M

tmp 52B

system upgrade

This command upgrades Pulse One software, or replaces a Pulse One iOS APNS device certificate.

Pulse Secure recommends that you perform a backup of your current system before using this command, see system backup export.

Usage

There are two forms of this command:

•Upgrading the Pulse One software:

•To perform the upgrade using the CLI only, use:

system upgrade cli [OPTIONS] <url> <hash>

For this method, an external web server is required to host the upgrade package.

•To perform the upgrade using a hybrid of CLI and browser, use:

system upgrade [OPTIONS] <url> <md5>

No external web server is required to use this method. Refer to the Pulse One Getting Started Guide for the full procedure.

•Replacing a Pulse One iOS APNS device certificate, use:

system upgrade -i external

When the process starts, the following message is displayed:

Upload your backup archive here:

URL: https://xx.xx.xx.xx:8000/upgrade

Start a web browser and access http://xx.xx.xx.xx:8000/upgrade. Using the controls on the web page, select the archive certificate file (.tgz), and then enter the MD5 hash for the file. Click Submit.

Once the upload completes, return to the CLI and continue the process.

Options

--help

Displays the help text for this command.

-i, --interface INTERFACE

This option cannot be used on a CLI-only method.

Network interface through which to upload the upgrade bundle. Can be internal, external or management.

Arguments

url

The URL for the upgrade file.

hash

The hash value for the upgrade file, in either MD5 or SHA256 format.

Examples

*** Upgrade using the CLI only ***

Pulse One > system upgrade cli https://example.com/upgrade/file2

5ac23b102d34a670c341abe0ff01

WARNING: Please ensure that backup has been performed (`system backup export` command). Data and configuration changes cannot be reverted after upgrade.

Type "UPGRADE" to continue:UPGRADE

 

<upgrade messages>

 

*** Upgrade an iOS APNS device certificate ***

 

Pulse One > system upgrade -i external

WARNING: Please ensure that backup has been performed (`system backup export` command). Data and configuration changes cannot be reverted after upgrade.

 

Type "UPGRADE" to continue:UPGRADE

Upload your upgrade bundle here:

URL: http://xx.xx.xx.xx:8000/upgrade

 

<perform upload in browser>

 

Validating hash...

Upgrading to PWS certificates <timestamp>

(1/1) Installing pulse-one-certificate (<version>)

Executing pulse-one-certificate-<version>.post-install

OK: 2384 MiB in 142 packages.

Restarting unitycom

Connection to xx.xx.xx.xx closed by remote host.

Connection to xx.xx.xx.xx closed.

system version

Display Pulse One version info.

Usage

system version [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system version

Pulse One: 2.0.1902

unitycom: 1902-31