CLI Commands
This section is a command reference for all CLI commands.
account create
Creates a CLI admin account.
Usage
account create [OPTIONS] USERNAME
Options
--help
Displays the help text for this command.
Arguments
USERNAME
The user for which you want to make a CLI admin account.
Examples
*** list users ***
Pulse One > account list
users:
- admin
- young
*** add new account ***
Pulse One > account create example
Password:
Confirm Password:
Created user example
*** confirm addition ***
Pulse One > account list
users:
- admin
- young
- example
account delete
Deletes the CLI admin account.
Usage
account delete [OPTIONS] USERNAME
Options
--help
Displays the help text for this command.
Arguments
USERNAME
The CLI admin account that you want to delete.
Examples
*** list users ***
Pulse One > account list
- users:
- admin
- test
- example
*** delete account ***
Pulse One > account delete example
Type DELETE to confirm: DELETE
User 'example' deleted.
*** confirm deletion ***
Pulse One > account list
users:
- admin
- test
account list
Lists all existing admin CLI accounts.
Usage
account list [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** list cli admin users ***
Pulse One > account list
users:
- admin
- test
- example
account password change
Changes the password for a CLI admin account.
Usage
account password change [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > account password change
Current password:
Password:
Confirm Password:
You can connect to SSH at xx.xx.xx.xx:pp
Press <ENTER> to log in to Pulse One
Login below:
Username: admin
Password:
Logged in as admin
Last login at 2018-06-06T09:45:04Z via console
Pulse One >
account password reset
Resets the password (assigns a temporary password) for a CLI admin account.
Usage
account password reset [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** list current cli admin users ***
Pulse One > account list
users:
- admin
- young
- example
*** change password for “example” cli admin user ***
Pulse One > account password reset
Enter the user whose password needs to be reset: example
Type RESET to confirm: RESET
Temporary password for user 'example'
N3yXa6Jb
cluster add
This command should only be performed on the Active node of a proposed Pulse One cluster. The command generates a cluster join token, and then outputs the command that must be run on the Passive node so that it forms a cluster with the Active node.
- The Active node requires a configured internal interface.
- The cluster join token is valid until the token is regenerated by issuing another cluster add command.
Usage
cluster add [OPTIONS] ADDRESS
Options
--help
Displays the help text for this command.
Arguments
ADDRESS
The IPv4 address of the proposed Passive node for the cluster.
Examples
*** log into Active node xx.xx.xx.xx to add Passive node yy.yy.yy.yy ***
Pulse One > cluster add yy.yy.yy.yy
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ... [ ok ]
* Stopping chronyd ... [ ok ]
* Stopping networking ...
(interface messages)
* Starting networking ...
(interface messages)
* Starting chronyd ...
* Starting NFS sm-notify ... [ ok ]
* Mounting NFS filesystems ... [ ok ]
* Stopping racoon ... [ ok ]
* Flushing policy entries ... [ ok ]
* Loading ipsec policies from /etc/ipsec.conf.
* Starting racoon ... [ ok ]
To cluster yy.yy.yy.yy as a passive Pulse One appliance with this active appliance, configure networking on the passive appliance and run the following command on it:
cluster join xx.xx.xx.xx 70yqww0k
In this example, the cluster join token is “70yqww0k”.
cluster config
Configures automatic failover for a two-node Active/Passive Pulse One cluster.
Usage
cluster config [OPTIONS]
Options
--help
Displays the help text for this command.
-f, --auto-failover INTEGER
Configures the auto failover timeout (in minutes).
When this is set to 0, automatic failover is disabled. This is the default setting.
Arguments
None.
Examples
Pulse One > cluster config -f 2
auto_failover: true
auto_failover_timeout: 2 minutes
cluster demote
Demotes the current node to standalone.
This is required to perform a manual failover, or to de-cluster an Active/Passive pair of nodes.
- When de-clustering Active/Passive nodes, you must demote the Passive node before the Active node.
- This command resets the internal interface of the node.
Usage
cluster demote [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

*** these examples show declustering of an Active/Passive pair ***
*** log into Passive node yy.yy.yy.yy, then check synchronisation ***
Pulse One > cluster status
auto_failover: false
cluster:
active_node: xx.xx.xx.xx
nodes:
- xx.xx.xx.xx
- yy.yy.yy.yy
node:
id: 02f42ceae73c48afbff7e601020644aa
ip: yy.yy.yy.yy
mode: passive
systems:
null: null
data-store:
details:
- Waiting for master to send event
- 0 seconds behind master
errors: null
status: In Sync
file-store:
details:
- file-store instance on yy.yy.yy.yy:27017 is currently SECONDARY
- file-store instance on xx.xx.xx.xx:27017 is currently PRIMARY
errors: null
status: In Sync
index:
details:
- 'Reported status: green'
errors: null
status: In Sync
log-collector: null
log-indexer:
details:
- 'Reported status: green'
errors: null
status: In Sync
(secure channel messages)
status: Connected
services: null
*** demote Passive node yy.yy.yy.yy to standalone
Pulse One > cluster demote
Demoting node to standalone cluster node...
Stopping uno_file-store_1 ... done
Removing uno_file-store_1 ... done
Stopping uno_log-indexer_1 ... done
Removing uno_log-indexer_1 ... done
Stopping uno_index_1 ... done
Removing uno_index_1 ... done
Stopping uno_data-store_1 ... done
Removing uno_data-store_1 ... done
* Stopping racoon ... [ ok ]
* Flushing policy entries ... [ ok ]
* Loading ipsec policies from /etc/ipsec.conf.
* Starting racoon ... [ ok ]
Creating and starting 2 ... done
Creating and starting 3 ... done
Creating and starting 4 ... done
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ... [ ok ]
* Stopping chronyd ... [ ok ]
* Stopping networking ...
* eth1 ... [ ok ]
* lo ... [ ok ]
* eth4 ... [ !! ]
* eth0 ... [ !! ]
* Starting networking ...
* lo ... [ ok ]
* eth4 ... [ ok ]
* eth0 ... [ ok ]
* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]
* Mounting NFS filesystems ... [ ok ]
[ ok ]
node:
id: 02f42ceae73c48afbff7e601020644aa
ip: null
mode: standalone
*** log into Active node xx.xx.xx.xx, confirm status ***
Pulse One > cluster status
auto_failover: false
cluster:
active_node: null
nodes:
- xx.xx.xx.xx
- yy.yy.yy.yy
node:
id: 137a56c7928b48ddac404bf033928866
ip: xx.xx.xx.xx
mode: active
systems:
null: null
data-store: null
file-store:
details:
- file-store instance on xx.xx.xx.xx:27017 is currently PRIMARY
errors: null
status: In Sync
index:
details:
- Cluster split
errors:
- Not In Sync
status: Errors
log-collector: null
log-indexer:
details:
- Cluster split
errors:
- Not In Sync
status: Errors
(secure channel messages)
status: Connected
services: null
*** demote an Active node to standalone ***
Pulse One > cluster demote
Have you demoted the passive node? You should do these steps in order:
(1) demote the passive node to standalone
(2) wait for the demote command to finish
(3) demote the active node to standalone
Are you ready to proceed with step (3)? [y/N]: y
Demoting node to standalone cluster node...
Stopping uno_file-store_1 ... done
Removing uno_file-store_1 ... done
Stopping uno_log-indexer_1 ... done
Removing uno_log-indexer_1 ... done
Stopping uno_log-collector_1 ... done
Removing uno_log-collector_1 ... done
Stopping uno_index_1 ... done
Removing uno_index_1 ... done
Stopping uno_data-store_1 ... done
Removing uno_data-store_1 ... done
* Stopping racoon ... [ ok ]
* Flushing policy entries ... [ ok ]
* Loading ipsec policies from /etc/ipsec.conf.
* Starting racoon ... [ ok ]
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ... [ ok ]
* Stopping chronyd ... [ ok ]
* Stopping networking ...
* eth1 ... [ ok ]
* lo ... [ ok ]
* eth4 ... [ !! ]
* eth0 ... [ !! ]
* Starting networking ...
* lo ... [ ok ]
* eth4 ... [ ok ]
* eth0 ... [ ok ]
* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]
* Mounting NFS filesystems ... [ ok ]
[ ok ]
node:
id: 137a56c7928b48ddac404bf033928866
ip: null
mode: standalone
cluster join
Joins the current node to an existing Active node to form a two-node Active/Passive cluster.
The current node becomes the Passive node in the cluster.
The cluster join command requires a cluster join token. This token is generated by first running the cluster add command on the Active node, see cluster add.
- This command will destroy any local data and then sync all data from the Active node.
- This command does not require Docker images to have been loaded. Instead, Docker images are loaded as they are required.
Usage
cluster join [OPTIONS] ADDRESS TOKEN
Options
--help
Displays the help text for this command.
Arguments
ADDRESS
IPv4 address of the Active node for the cluster.
TOKEN
The cluster join token generated by the cluster add command, see cluster add.

*** previous “cluster add” generated cluster join token “70yqww0k” ***
*** log into Passive yy.yy.yy.yy and join to Active xx.xx.xx.xx ***
Pulse One > cluster join xx.xx.xx.xx 70yqww0k
WARNING: This will delete all Pulse One data, resetting the appliance to factory defaults. The data will not be recoverable.
Type "DESTROY" to continue: DESTROY
Resetting data...
Stopping uno_backend_4 ... done
Stopping uno_backend_2 ... done
.
. (services stop)
.
Stopping uno_log-indexer_1 ... done
Stopping uno_file-store_1 ... done
Removing uno_backend_4 ... done
Removing uno_backend_2 ... done
Removing uno_backend_3 ... done
.
. (Removal of files and directories)
.
Removing directory /data/log_indexer
Removing directory /data/mongodb
Removing directory /data/mysql
Destroyed.
Joining cluster 10.64.45.175 as a passive node...
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ... [ ok ]
* Stopping chronyd ... [ ok ]
* Stopping networking ...
* lo ... [ ok ]
* eth4 ... [ !! ]
* eth0 ... [ !! ]
* Starting networking ...
* lo ... [ ok ]
* eth4 ... [ ok ]
* eth1 ...ip: RTNETLINK answers: File exists
[ !! ]
* eth0 ... [ ok ]
* Starting NFS sm-notify ... * Starting chronyd ... [ ok ]
* Mounting NFS filesystems ... [ ok ]
[ ok ]
* Stopping racoon ... [ ok ]
* Flushing policy entries ... [ ok ]
* Loading ipsec policies from /etc/ipsec.conf.
* Starting racoon ... [ ok ]
VPN connexion established
Synchronizing configuration from cluster. This may take a long time depending on the amount of active node data.
node:
id: 02f42ae73c48afbff7e601020644aa
ip: yy.yy.yy.yy
mode: passive
cluster promote
Promotes the current standalone node to Active and enables clustering.
Usage
cluster promote [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** promote standalone node xx.xx.xx.xx to Active ***
Pulse One > cluster promote
Promoting node to active cluster node...
Stopping uno_data-store_1 ... done
Removing uno_data-store_1 ... done
Stopping uno_index_1 ... done
Removing uno_index_1 ... done
Stopping uno_file-store_1 ... done
Removing uno_file-store_1 ... done
Stopping uno_log-indexer_1 ... done
Removing uno_log-indexer_1 ... done
Stopping uno_log-collector_1 ... done
Removing uno_log-collector_1 ... done
auto_failover: false
node:
id: 137a56c7928b48ddac404bf033928866
ip: xx.xx.xx.xx
mode: active
cluster status
Reports the clustering status of the current node.
Where the node is in a cluster (either as Active or Passive), the status of individual services (“systems”) are also displayed, including individual synchronization statuses.
Usage
cluster status [--watch]
Options
--help
Displays the help text for this command.
--watch
Watch status live
Arguments
None.

*** current node is a standalone node ***
Pulse One > cluster status
node:
id: 8acc362dab954ed5a9bb17a1608b4708
ip: null
mode: standalone
*** current node is an Active node in a clustered pair ***
*** active / passive nodes are shown as xx.xx.xx.xx / yy.yy.yy.yy ***
Pulse One > cluster status
auto_failover: false
cluster:
active_node: null
nodes:
- xx.xx.xx.xx
- yy.yy.yy.yy
node:
id: 2e3296806c58418769694d6668ba32ba
ip: xx.xx.xx.xx
mode: active
systems:
null: null
data-store: null
file-store:
details:
- file-store instance on xx.xx.xx.xx:27017 is currently PRIMARY
- file-store instance on yy.yy.yy.yy:27017 is currently SECONDARY
errors: null
status: In Sync
index:
details:
- 'Reported status: green'
errors: null
status: In Sync
log-collector: null
log-indexer:
details:
- 'Reported status: green'
errors: null
status: In Sync
secure-channel:
details:
- 'xx.xx.xx.xx yy.yy.yy.yy '
- "\tesp mode=transport spi=24624562(0x0177bdb2) reqid=0(0x00000000)"
- "\tE: aes-cbc 438bd137 9ba94ad3 213d01a6 1afe1cd0"
.
. (secure channel messages)
.
- "\tallocated: 297347\thard: 0\tsoft: 0"
- "\tsadb_seq=0 pid=7209 refcnt=0"
status: Disconnected
services: null
domain admins list
Displays a list of the admins for all domains, or a specified domain.
This command is deprecated. Please use p1 domain admins list.
domain list
Displays all provisioned domain names.
This command is deprecated. Please use p1 domain list.
domain-property list
Lists all of the domain properties.
This command is deprecated. Please use p1 domain property list.
domain-property reset
Resets all of the domain properties.
This command is deprecated. Please use p1 domain property reset.
domain-property set
Sets a domain property.
This command is deprecated. Please use p1 domain property set.
email-domain add
Adds an email domain.
This command is deprecated. Please use pws email-domain add.
email-domain delete
Deletes an email domain.
This command is deprecated. Please use pws email-domain delete.
email-domain list
Shows all the email domains.
This command is deprecated. Please use pws email-domain list.
help
Shows the top level of the help system.
Usage
help [OPTIONS] [COMMAND]
Options
--help
Displays the help text for this command.
Arguments
COMMAND
The CLI command for which you want to display the help text.

Pulse One > help
Usage: [OPTIONS] COMMAND [ARGS]...
Pulse One
Options
:
--help Show this message and exit.
Commands:
account Manage admin accounts
cluster Manage cluster
domain Manage domains.
domain-property Manage domain properties.
email-domain Manage email domains.
help Show command help
https Configure HTTPS SSL/TLS settings
licenses Manage licenses
log-aggregator Manage log-aggregator component settings.
logout Log out
network Configure network settings
ntp A command to configure and diagnose problems...
p1 Pulse One Group
pws Pulse Workspace Group
pws-config Manage Pulse Workspace configurations.
services Manage services
smtp Configure SMTP settings
system Manage system
https csr
Generates an HTTPS Certificate Signing Request (CSR).
This request must be sent to your certificate authority, which will return a signed certificate to you.
Usage
https csr [OPTIONS]
Options
--help
Displays the help text for this command.
--with-text
Present the CSR in a human-readable format. This is ignored if –pem-only is included.
--pem-only
Present the CSR in a PEM-encoded format.
Arguments
None.

*** Basic CSR ***
Pulse One > https csr
Please provide information for the certificate for mobile.example.com:
Country Name []: UK
State Or Province Name []: Cambridgeshire
Locality Name []: Cambridge
Organization Name []: Example Ltd
Organizational Unit Name []: Example Dept
The Certificate Signing Request follows. Please select the CSR, copy it, and give it to your Certificate Authority.
-----BEGIN CERTIFICATE REQUEST-----
MIICxDCCAawCAQAwfzELMAkGA1UEBhMCVUsxGjAYBgNVBAMMEW1vYmlsZS5wd3Nl
bmcuY29tMRIwEAYDVQQHDAlDYW1icmlkZ2UxEzARBgNVBAoMCkRlbW9uIEx0ZC4x
zpIbaOmMlZcCbAzrZxNwK74ksR16j8I3+d9qlcktmik8qTLyhBNheIl/9H+agLr5
.
. (certificate truncated)
.
y6Q1JXosi2v+QyFtKdvZEMM629jUGIc9fIqfl5bpPjehU4ZKnjRGQQulUyXFNMIz
MpQ0OsHbxKqJ0QXndJsNyRwZcJQs4yjwN3E7bZujQ+WCplI0y4GH3MQJdon6mEDD
VoQDiLQkVy1iXhXzEtPAdRy+hMUhbKLTVcxEyZLnckAK3UjjL3I1Adp8xRqi/6U2
Ob1VqDw1Ayx0Fljup0y0gGuDZuBuQhKGBxi0HXETeqA7ZLRqbklkvw==
-----END CERTIFICATE REQUEST-----
*** Using ‘with-text’ option ***
Pulse One > https csr --with-text
Please provide information for the certificate for mobile.example.com:
Country Name []: UK
State Or Province Name []: Cambridgeshire
Locality Name []: Cambridge
Organization Name []: Example Ltd
Organizational Unit Name []: Example Dept
The Certificate Signing Request follows. Please select the CSR, copy it, and give it to your Certificate Authority.
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=UK, CN=mobile.example.com, L=Cambridge, O=Example Ltd,
ST=Cambridgeshire, OU=Example Dept
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:df:3f:b9:05:07:02:84:b9:23:2c:8a:66:1c:a0:
b2:76:b6:98:c3:40:c3:6b:c3:25:4f:fc:4a:8c:a6:
.
. (shortened)
.
6a:89:df:89:0c:e2:67:94:2d:2f:76:52:50:80:d4:
d9:ee:4d:5f:0d:ae:ef:74:9d:29:a0:6a:96:6c:f6:
aa:cb
Exponent: 65537 (0x10001)
Attributes:
a0:00
Signature Algorithm: sha256WithRSAEncryption
81:d9:7f:f3:e8:8f:4c:be:32:7b:cf:84:2a:4e:ba:93:d5:d9:
82:65:d4:22:ae:55:0f:b1:68:d0:39:b6:1e:45:d1:60:b1:32:
.
. (shortened)
.
94:b7:2d:16:bb:4e:5f:fd:88:b2:ae:45:87:9b:e6:f5:44:92:
e6:ee:fa:47:1e:21:fb:ba:85:2a:18:78:82:d8:43:e0:bf:86:
5f:87:0b:22
-----BEGIN CERTIFICATE REQUEST-----
MIICvjCCAaYCAQAweTELMAkGA1UEBhMCVUsxGjAYBgNVBAMMEW1vYmlsZS5wd3Nl
bmcuY29tMQ4wDAYDVQQHDAVMdXRvbjESMBAGA1UECgwJRGVtbyBMdGQuMRUwEwYD
VQQIDAxCZWRmb3Jkc2hpcmUxEzARBgNVBAsMCkRlbW8gRGVwdC4wggEiMA0GCSqG
.
. (certificate truncated)
.
dNzA92L736Jt9FhstPMQ9RXvx+s+QKInk5zajWnLrGtpz99rz7yO5MxjMwQ9zqkJ
mDeAlm+rMeM3VlWno66RVkDwCm6CQbDY/eYB0xHSXYwd0HPIfCFYNmhUlLctFrtO
X/2Isq5Fh5vm9USS5u76Rx4h+7qFKhh4gthD4L+GX4cLIg==
-----END CERTIFICATE REQUEST-----
*** Using ‘pem-only’ option ***
Pulse One > https csr --pem-only
Please provide information for the certificate for mobile.example.com:
Country Name []: UK
State Or Province Name []: Cambridgeshire
Locality Name []: Cambridge
Organization Name []: Example Ltd
Organizational Unit Name []: Example Dept
The Certificate Signing Request follows. Please select the CSR, copy it, and give it to your Certificate Authority.
-----BEGIN CERTIFICATE REQUEST-----
MIICwjCCAaoCAQAwfTELMAkGA1UEBhMCVUsxGjAYBgNVBAMMEW1vYmlsZS5wd3Nl
bmcuY29tMRIwEAYDVQQHDAlDYW1icmlkZ2UxETAPBgNVBAoMCERlbW8gTHRkMRcw
FQYDVQQIDA5DYW1icmlkZ2VzaGlyZTESMBAGA1UECwwJRGVtbyBEZXB0MIIBIjAN
.
. (certificate truncated)
.
tWDJoUNgV/4uIspC/+0s9eTGoLEgt5jgOQpEjuIGkx/5lt+3jYYgkBM+89KEps+X
rEsufRe9AEIrSZKTjBGW6qznuPxlqZhJrzcYZtcXAyvMPK1aaeEIAI9T2VTcgzV+
g5u8p31ylZap3GkuA0HIR0R10VItJTDoTr0a2d+Evf5rIRP5D9VGd0jejMP0poO6
XB2Gfn3HmcPNpwMkurbBsfTkwuk3xbzQfiIkwWtyMvfzfdwcl6U=
-----END CERTIFICATE REQUEST-----
https set ca-bundle
Sets the HTTPS certificate authority bundle.
After this command completes, a restart is required for new settings to go into effect.
Usage
https set ca-bundle [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > https set ca-bundle
Overwrite existing certificate authority bundle? [y/N]: y
Paste your HTTPS certificate chain in PEM format:
-----BEGIN CERTIFICATE-----
MIIDBTCCAe2gAwIBAgIRALPEq57d1knqntc9NgQvwYQwDQYJKoZIhvcNAQELBQAw
HDEaMBgGA1UEAwwRbW9iaWxlLnB3c2VuZy5jb20wHhcNMTgwNjE4MDA1MTA5WhcN
MTkwNjE5MDA1MTA5WjAcMRowGAYDVQQDDBFtb2JpbGUucHdzZW5nLmNvbTCCASIw
.
. (certificate truncated)
.
NtnFrOJrJxy4qO44RW8k78RmaT7uc1bDA8IiDeYo4aZdAQDwwJl7RN2UddZlkXaX
Qnj+a8+j3D9CbWtR/VLb6EMwtYgXXf6ClUfRCbZpaStCmyN4baRoGKsqL+u+yyfR
S1woFfAzqPiJ/dDLh5K4wy+b9aFR2RzX7b7dw7M/8nrvbGNkMUFJO9oBMm6IOl92
UosvaSJTAfc9
-----END CERTIFICATE-----
Saved certificate authority bundle.
https set cert
Sets the HTTPS certificate.
After this command completes, a restart is required for new settings to go into effect.
Usage
https set cert [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > https set cert
Overwrite existing certificate? [y/N]: y
Paste your HTTPS certificate in PEM format:
-----BEGIN CERTIFICATE-----
MIIDBTCCAe2gAwIBAgIRALPEq57d1knqntc9NgQvwYQwDQYJKoZIhvcNAQELBQAw
HDEaMBgGA1UEAwwRbW9iaWxlLnB3c2VuZy5jb20wHhcNMTgwNjE4MDA1MTA5WhcN
MTkwNjE5MDA1MTA5WjAcMRowGAYDVQQDDBFtb2JpbGUucHdzZW5nLmNvbTCCASIw
.
. (certificate truncated)
.
NtnFrOJrJxy4qO44RW8k78RmaT7uc1bDA8IiDeYo4aZdAQDwwJl7RN2UddZlkXaX
Qnj+a8+j3D9CbWtR/VLb6EMwtYgXXf6ClUfRCbZpaStCmyN4baRoGKsqL+u+yyfR
S1woFfAzqPiJ/dDLh5K4wy+b9aFR2RzX7b7dw7M/8nrvbGNkMUFJO9oBMm6IOl92
UosvaSJTAfc9
-----END CERTIFICATE-----
Saved certificate "mobile.example.com"
https set key
Sets the HTTPS certificate key.
- After this command completes, a restart is required for new settings to go into effect.
- Encrypted SSL private keys and keys containing passphrase are not supported.
Usage
https set key [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > https set key
Overwriting private key will invalidate and delete current certificate.
Overwrite existing key? [y/N]: y
Paste your HTTPS certificate key in PEM format:
-----BEGIN PRIVATE KEY-----MMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDfP7kFBwKEuSMs^MimYcoLJ2tpjDQMNrwyVP/EqMppY2HiVrBIjktyR9xLhHQNAsgwejDbr/QhN7eLVG^MNvMS/7g+Dg6lP95xM2dm4Zsrd8nTEI23vkYwIqb+Bbrd
.
. (key truncated)
.
FI+H0H5Zlc7gBAoGAZ/f9L5k6cYZzMXrEf4oN^MVKj1hmclbORGBLB1TOF8buaDuWW9SMQX9VJmzvM4jXb8wuLK+3ALQ8TKvZ2+nQyI^MgRLAoF8d0sZZh4v7IHPEHU3Lcd
ZcmuB9FXcmksGSXOQtDzO+SnpqqBOvSRAUj69e^Mcf36qVK9whM2cXlMuUz+p8Q=-----END PRIVATE KEY-----
Saved certificate key.
https show
Shows the content of one of the following:
•The certificate.
•The certificate authentication bundle.
•The key.
Usage
https show [OPTIONS] SETTING
Options
--help
Displays the help text for this command.
Arguments
SETTING
The specific element you want to see:
•cert: Select this to view the certificate.
•ca-bundle: Select this to view the certificate authentication bundle.
•key: Select this to view the key.

*** view the certificate ***
Pulse One > https show cert
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIIT0qMdyB+X8kwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz
.
. (certificate truncated)
.
+vPfyqOq4jCKwuygbfx9dvTAkQ9F+b0kyYucT032s8khTY543E80Q+liUjN5uhKs
DiHpD++C5sN+qKZX+1LbgWY2FO8FRkNrdK/XsaomeJX/NuJHUL/MAdIcPJ4YSTHg
im62qyMSB892SLbGLtSoxuwF0OMTANvg/e4x/PrBJR5Uah6ujyVjWMbZmeqMKNHA
E8PDkWlTfT9d/F9P7TwZhbY28w+0WA0A3qDtOXM=
-----END CERTIFICATE-----
*** view the certificate authentication bundle ***
Pulse One > https show ca-bundle
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT
EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp
.
. (certificate truncated)
.
RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi
DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11
GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x
LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT
MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv
IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx
.
. (certificate truncated)
.
9kIDN0zmiN/VryTyscPfzLXs4Jlet0lUIDyUGAzHHFIYSaRt4bNYC8nY7NmuHDKO
KHAN4v6mF56ED71XcLNa6R+ghlO773z/aQvgSMO3kwvIClTErF0UZzdsyqUvMQg3
qm5vjLyb4lddJIGvl5echK1srDdMZvNhkREg5L4wn3qkKQmw4TRfZHcYQFHfjDCm
rw==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh
MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE
YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3
.
. (certificate truncated)
.
TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ
HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER
dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf
ReYNnyicsbkqWletNw+vHX/bvZ8=
-----END CERTIFICATE-----
*** view the key ***
Pulse One > https show key
PEM contents hidden for security. Verify with hashes below.
Updated: 2017-11-03T17:55:40Z
SHA256: 0171f7c2d1e300a9516f0f75ece2626fa1ad583b8c9509df96e3dca9f4357d2e
MD5: f26a01cfa3674c823daf2b5a748012ae
licenses add
Adds a license key to the system.
After this command completes, perform a services restart to put new settings into effect.
Usage
licenses add [OPTIONS] KEY
Options
--help
Displays the help text for this command.
Arguments
KEY
The license key.
Examples
*** list current licenses ***
Pulse One > licenses show
- created: '2018-06-15T16:34:45Z'
type: unity.workspaces.5000u
- created: '2018-06-18T00:50:07Z'
type: unity.appliances.configdist
*** add a log-aggregator license ***
Pulse One > licenses add P1-ALOG-st4QZLVQ-5p1csqLj
Added license P1-ALOG-st4QZLVQ-5p1csqLj
*** confirm addition of license ***
Pulse One > licenses show
- created: '2018-06-15T16:34:45Z'
type: unity.workspaces.5000u
- created: '2018-06-18T00:50:07Z'
type: unity.appliances.configdist
- created: '2018-06-21T13:28:57Z'
type: unity.appliances.log_aggregator
licenses show
Lists all installed licenses.
Usage
licenses show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > licenses show
- created: '2018-06-15T16:34:45Z'
type: unity.workspaces.5000u
- created: '2018-06-18T00:50:07Z'
type: unity.appliances.configdist
log-aggregator nfs
Sets the NFS parameters for the log-aggregator component.
This command is deprecated. Please use p1 log-aggregator nfs.
log-aggregator settings
Sets the data storage settings for the log-aggregator component.
This command is deprecated. Please use p1 log-aggregator settings.
log-aggregator show
Shows the details of data storage for the log-aggregator component.
This command is deprecated. Please use p1 log-aggregator show.
log-aggregator targets add
Adds a syslog target that will receive forwarded syslog messages.
This command is deprecated. Please use p1 log-aggregator targets add.
log-aggregator targets list
Shows a list of syslog targets.
This command is deprecated. Please use p1 log-aggregator targets list.
log-aggregator targets remove
Removes a syslog target.
This command is deprecated. Please use p1 log-aggregator targets remove.
logout
Logs out of Pulse One.
Usage
logout [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > logout
You can connect to SSH at xx.xx.xx.xx:pp
Press <ENTER> to log in to Pulse One
network arp
The Address Resolution Protocol (ARP) utility. This protocol maps an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network.
The network arp command shows mappings for a specified hostname/IP address in the local network.
Usage
network arp [OPTIONS] [HOST]
Options
--help
Displays the help text for this command.
Arguments
HOST
(Optional) A hostname/IP address in the local network. Where no host is specified, all recorded mappings are listed.
Examples
*** Specify a host ***
Pulse One > network arp main.lab.example.net
main.lab.example.net (xx.xx.xx.xx) at hh:hh:hh:hh:hh:hh [ether] on eth4
main.lab.example.net (yy.yy.yy.yy) at jj:jj:jj:jj:jj:jj [ether] on eth0
*** No host specified, all entries listed ***
Pulse One > network arp
host1.demo.example.com (xx.xx.xx.xx) at hh:hh:hh:hh:hh:hh [ether] on host
port1.demo.example.com (zz.zz.zz.zz) at kk:kk:kk:kk:kk:kk [ether] on eth0
port2.demo.example.com (vv.vv.vv.vv) at nn:nn:nn:nn:nn:nn [ether] on eth4
host2.demo.example.com (yy.yy.yy.yy) at jj:jj:jj:jj:jj:jj [ether] on host
port3.demo.example.com (vv.vv.vv.vv) at pp:pp:pp:pp:pp:pp [ether] on eth0
network dns
Configures DNS lookup servers.
After this command completes, a restart is required for new settings to go into effect.
Usage
network dns [OPTIONS]
Options
--help
Displays the help text for this command.
-p, --primary IP
Set primary DNS server address
-s, --secondary IP
Set secondary DNS server address
Arguments
None.

Pulse One > network dns -p xx.xx.xx.xx -s yy.yy.yy.yy
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ...
[ ok ]
* Stopping chronyd ...
[ ok ]
* Stopping networking ...
* eth4 ...
[ !! ]
* lo ...
[ ok ]
* eth0 ...
[ !! ]
* Starting networking ...
* lo ...
[ ok ]
* eth4 ...
[ ok ]
* eth0 ...
ip: RTNETLINK answers: Network unreachable
ip: RTNETLINK answers: Network unreachable
[ ok ]
primary: xx.xx.xx.xx
secondary: yy.yy.yy.yy
Pulse One > * Starting NFS sm-notify ...
* Starting chronyd ...
[ ok ]
* Mounting NFS filesystems ...
[ ok ]
[ ok ]
network hostname
Sets the hostname for an appliance node in a clustered pair. This will enable the Active appliance to be identified.
This command will force a restart of the appliance.
Usage
network hostname [OPTIONS] HOSTNAME
Options
--help
Displays the help text for this command.
Arguments
HOSTNAME
The required hostname.
Examples
Pulse One > network hostname appliance1
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ... [ ok ]
* Stopping chronyd ... [ ok ]
* Stopping networking ...
* eth1 ... [ !! ]
* lo ... [ ok ]
* eth4 ... [ !! ]
* eth0 ... [ !! ]
* Starting networking ...
* lo ... [ ok ]
* eth4 ... [ ok ]
* eth1 ... [ ok ]
* eth0 ... [ ok ]
* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]
* Mounting NFS filesystems ... [ ok ]
hostname: appliance1
network interface external
Configures the external network interface.
After this command completes, a restart is required for new settings to go into effect.
Usage
network interface external [OPTIONS]
Options
--help
Displays the help text for this command.
-i, --ip IP_ADDRESS
Set IP address.
-n, --netmask IP_ADDRESS
Set netmask.
-g, --gateway IP_ADDRESS
Set gateway IP address.
--dhcp / --no-dhcp
Enable/disable DHCP. This overrides all other settings if enabled.
Arguments
None.
Examples
Pulse One > network interface external -i xx.xx.xx.xx -n nn.nn.nn.nn
-g gg.gg.gg.gg --no-dhcp
external:
dhcp: false
enabled: true
ip_address: xx.xx.xx.xx
netmask: nn.nn.nn.nn
network interface internal
Configures the internal network interface. This is only required for clustered Pulse One nodes
After this command completes, a restart is required for new settings to go into effect.
Usage
network interface internal [OPTIONS]
Options
--help
Displays the help text for this command.
-i, --ip IP
Set IP address of the management network interface.
-n, --netmask IP
Set netmask for the management network interface.
-g, --gateway IP
Set gateway IP address.
Arguments
None.
Examples
Pulse One > network interface internal -i xx.xx.xx.xx -n nn.nn.nn.nn
-g yy.yy.yy.yy
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ... [ ok ]
* Stopping chronyd ... [ ok ]
* Stopping networking ...
(interface messages)
* Starting networking ...
* lo ... [ ok ]
* eth4 ... [ ok ]
* eth1 ... ip: RTNETLINK answers: File exists
[ !! ]
* eth0 ... [ ok ]
* Starting NFS sm-notify ... * Starting chronyd ... [ ok ]
* Mounting NFS filesystems ... [ ok ]
[ ok ]
internal:
enabled: true
ip_address: xx.xx.xx.xx
netmask: 255.255.0.0
network interface management
Configures the management network interface.
After this command completes, a restart is required for new settings to go into effect.
Usage
network interface management [OPTIONS]
Options
--help
Displays the help text for this command.
-i, --ip IP
Set IP address of the management network interface.
-n, --netmask IP
Set netmask for the management network interface.
-g, --gateway IP
Set gateway IP address.
--dhcp / --no-dhcp
Enable/disable DHCP. This overrides all other settings if enabled.
Arguments
None.

Pulse One > network interface external -i xx.xx.xx.xx -n nn.nn.nn.nn
-g gg.gg.gg.gg
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ...
[ ok ]
* Stopping chronyd ...
[ ok ]
* Stopping networking ...
* eth4 ...
[ !! ]
* lo ...
[ ok ]
* eth0 ...
[ !! ]
* Starting networking ...
* lo ...
[ ok ]
* eth4 ...
[ ok ]
* eth0 ...
ip: RTNETLINK answers: Network unreachable
ip: RTNETLINK answers: Network unreachable
[ ok ]
external:
dhcp: false
enabled: true
ip_address: xx.xx.xx.xx
netmask: nn.nn.nn.nn
Pulse One > * Starting NFS sm-notify ...
* Starting chronyd ...
[ ok ]
* Mounting NFS filesystems ...
[ ok ]
[ ok ]
network ip route add
Adds a static route to the system settings.
Usage
network ip route add [NETWORK | OPTIONS] [via ADDRESS] dev INTERFACE
Options
--help
Displays the help text for this command.
Arguments
NETWORK
An IP address and optional CIDR formatted netmask. For example: 192.168.0.0/16
ADDRESS
(Optional) The IP address of the Next hop router (gateway).
INTERFACE
(Required) The interface to be used. That is, internal, external or management.

*** list defined static routes ***
Pulse One > network ip route show
routes:
- gateway: xx.xx.xx.xx
interface: management
network: yy.yy.yy.yy/nn
*** add a static route ***
Pulse One > network ip route add aa.aa.aa.aa/nn via bb.bb.bb.bb dev management
WARNING: This will restart the network and may log you out.
Changes to routing configuration may prevent you from logging back in.
Do you wish to add aa.aa.aa.aa/22 ? [y/N]: y
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ... [ ok ]
* Stopping chronyd ... [ ok ]
* Stopping networking ...
* eth4 ... [ !! ]
* lo ... [ ok ]
* eth0 ... [ !! ]
* Starting networking ...
* lo ... [ ok ]
* eth4 ... ip: RTNETLINK answers: Network unreachable
ip: RTNETLINK answers: Network unreachable
[ ok ]
* eth0 ... [ ok ]
* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]
* Mounting NFS filesystems ... [ ok ]
[ ok ]
gateway: bb.bb.bb.bb
interface: management
network: aa.aa.aa.aa/nn
*** confirm addition of static route, new route listed last ***
Pulse One > network ip route show
routes:
- gateway: xx.xx.xx.xx
interface: management
network: yy.yy.yy.yy/nn
- gateway: bb.bb.bb.bb
interface: management
network: aa.aa.aa.aa/nn
network ip route delete
Removes a static route from the system settings.
Usage
network ip route delete [OPTIONS] NETWORK
Options
--help
Displays the help text for this command.
Arguments
NETWORK
The IP address of a current static route.

*** list defined static routes ***
Pulse One > network ip route show
routes:
- gateway: xx.xx.xx.xx
interface: management
network: yy.yy.yy.yy/nn
- gateway: bb.bb.bb.bb
interface: management
network: aa.aa.aa.aa/nn
*** delete a static route ***
Pulse One > network ip route delete yy.yy.yy.yy/nn
WARNING: This will restart the network and may log you out.
Changes to routing configuration may prevent you from logging back in.
Do you wish to delete yy.yy.yy.yy/nn ? [y/N]: y
* WARNING: you are stopping a boot service
* Unmounting NFS filesystems ... [ ok ]
* Stopping chronyd ... [ ok ]
* Stopping networking ...
* eth4 ... [ !! ]
* lo ... [ ok ]
* eth0 ... [ !! ]
* Starting networking ...
* lo ... [ ok ]
* eth4 ... ip: RTNETLINK answers: Network unreachable
[ ok ]
* eth0 ... [ ok ]
* Starting NFS sm-notify ...
* Starting chronyd ... [ ok ]
* Mounting NFS filesystems ... [ ok ]
[ ok ]
Deleted.
*** confirm deletion of static route ***
Pulse One > network ip route show
routes:
- gateway: xx.xx.xx.xx
interface: management
network: yy.yy.yy.yy/nn
network ip route show
Displays the current IP static routes table.
Usage
network ip route show
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** populated IP static routing table ***
Pulse One > network ip route show
routes:
- gateway: xx.xx.xx.xx
interface: management
network: yy.yy.yy.yy/nn
- gateway: bb.bb.bb.bb
interface: management
network: aa.aa.aa.aa/nn
*** empty IP static routing table ***
Pulse One > network ip route show
routes: []
network nslookup
A DNS lookup utility.
Usage
network nslookup [OPTIONS] HOST DNS_SERVER
Options
--help
Displays the help text for this command.
Arguments
HOST
The host you want to look up.
DNS_SERVER
The DNS server on which you want to search.
Examples
Pulse One > network nslookup xx.xx.xx.xx yy.yy.yy.yy
Server: yy.yy.yy.yy
Address 1: yy.yy.yy.yy exampledns01.example.com
Name: xx.xx.xx.xx
Address 1: xx.xx.xx.xx
network ping
A Ping utility. This will either send ten packets, or execute for ten seconds, whichever comes first.
Usage
network ping [OPTIONS] IP
Options
--help
Displays the help text for this command.
Arguments
IP
The IP address you want to ping.
Examples
Pulse One > network ping xx.xx.xx.xx
PING xx.xx.xx.xx (xx.xx.xx.xx): 56 data bytes
64 bytes from xx.xx.xx.xx: seq=0 ttl=252 time=6.325 ms
64 bytes from xx.xx.xx.xx: seq=1 ttl=252 time=4.076 ms
64 bytes from xx.xx.xx.xx: seq=2 ttl=252 time=4.040 ms
64 bytes from xx.xx.xx.xx: seq=3 ttl=252 time=3.946 ms
64 bytes from xx.xx.xx.xx: seq=4 ttl=252 time=4.261 ms
64 bytes from xx.xx.xx.xx: seq=5 ttl=252 time=3.908 ms
64 bytes from xx.xx.xx.xx: seq=6 ttl=252 time=4.108 ms
64 bytes from xx.xx.xx.xx: seq=7 ttl=252 time=3.808 ms
64 bytes from xx.xx.xx.xx: seq=8 ttl=252 time=3.733 ms
64 bytes from xx.xx.xx.xx: seq=9 ttl=252 time=3.735 ms
--- xx.xx.xx.xx ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max = 3.733/4.194/6.325 ms
network show
Shows all network settings.
Usage
network show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

*** clustered node ***
Pulse One > network show
default_gateway:
interface: external
ip_address: xx.xx.xx.xx
external:
dhcp: false
enabled: true
ip_address: xx.xx.xx.xx
mac_address: hh:hh:hh:hh:hh:hh
netmask: 255.255.0.0
internal:
enabled: true
ip_address: xx.xx.xx.xx
mac_address: hh:hh:hh:hh:hh:hh
netmask: 255.255.0.0
internal_gateway:
interface: internal
ip_address: xx.xx.xx.xx
management:
dhcp: false
enabled: true
ip_address: xx.xx.xx.xx
mac_address: hh:hh:hh:hh:hh:hh
netmask: 255.255.0.0
management_gateway:
interface: management
ip_address: xx.xx.xx.xx
*** standalone node ***
default_gateway:
interface: external
ip_address: xx.xx.xx.xx
dns:
primary: dd.dd.dd.dd
secondary: dd.dd.dd.dd
external:
dhcp: false
enabled: true
ip_address: xx.xx.xx.xx
mac_address: hh:hh:hh:hh:hh:hh
netmask: 255.255.252.0
management:
dhcp: false
enabled: true
ip_address: xx.xx.xx.xx
mac_address: hh:hh:hh:hh:hh:hh
netmask: 255.255.252.0
management_gateway:
interface: management
ip_address: xx.xx.xx.xx
network traceroute
Runs the Traceroute utility for a specified IP address.
Usage
network traceroute [OPTIONS] IP
Options
--help
Displays the help text for this command.
Arguments
IP
The IP address you want to ping.
Examples
Pulse One > network traceroute xx.xx.xx.xx
traceroute to xx.xx.xx.xx (xx.xx.xx.xx), 30 hops max, 46 byte packets
1 * * *
2 yy.yy.yy.yy (yy.yy.yy.yy) 1.138 ms 1.284 ms 1.104 ms
3 zz.zz.zz.zz (zz.zz.zz.zz) 1.345 ms 1.453 ms 1.327 ms
4 aa.aa.aa.aa (aa.aa.aa.aa) 17.474 ms 3.895 ms *
ntp pool
Adds or updates the single NTP pool.
Usage
ntp pool [OPTIONS] LOCATION
Options
--help
Displays the help text for this command.
--enable / --disable
Enable or disable a pool of NTP servers.
Arguments
LOCATION
The NTP pool that you want to add to the NTP configuration.
Examples
*** show current (empty) NTP configuration ***
Pulse One > ntp show
pool: null
servers: []
*** add NTP pool ***
Pulse One > ntp pool pool.ntp.org
pool:
enabled: true
location: pool.ntp.org
servers: []
*** disable the new pool ***
Pulse One > ntp pool pool.ntp.org --disable
* Stopping chronyd ...
[ ok ]
* Starting chronyd ...
[ ok ]
ntp:
pool:
enabled: false
location: pool.ntp.org
servers: []
ntp remove
Removes a server or pool from the NTP configuration.
There must always be either a pool or a server configured.
Usage
ntp remove [OPTIONS] [ POOL | SERVER ] LOCATION
Options
--help
Displays the help text for this command.
Arguments
POOL
Specify a pool.
SERVER
Specify a server.
LOCATION
The identifier of the server/pool that you want to remove.

*** show current NTP configuration ***
Pulse One > ntp show
pool:
enabled: true
location: pool.ntp.org
servers:
- enabled: true
location: xx.xx.xx.xx
- enabled: true
location: yy.yy.yy.yy
*** remove NTP pool ***
Pulse One > ntp remove pool pool.ntp.org
* Stopping chronyd ...
[ ok ]
* Starting chronyd ...
[ ok ]
ntp:
pool: null
servers:
- enabled: true
location: xx.xx.xx.xx
- enabled: true
location: yy.yy.yy.yy
*** remove an NTP server ***
Pulse One > ntp remove server yy.yy.yy.yy
* Stopping chronyd ...
[ ok ]
* Starting chronyd ...
[ ok ]
ntp:
pool: null
servers:
- enabled: true
location: xx.xx.xx.xx
*** attempt to remove the final server ***
Pulse One > ntp remove server xx.xx.xx.xx
ERROR: An NTP pool or server must be configured.
ntp server
Adds or updates an NTP server.
Usage
ntp server [OPTIONS] LOCATION
Options
--help
Displays the help text for this command.
--enable / --disable
Enable or disable an NTP server.
Arguments
LOCATION
The NTP server that you want to add to the NTP configuration.

*** show current NTP configuration ***
Pulse One > ntp show
pool: null
servers:
- enabled: true
location: xx.xx.xx.xx
*** add second NTP server yy.yy.yy.yy ***
Pulse One > ntp server yy.yy.yy.yy
* Stopping chronyd ...
[ ok ]
* Starting chronyd ...
[ ok ]
ntp:
pool: null
servers:
- enabled: true
location: xx.xx.xx.xx
- enabled: true
location: yy.yy.yy.yy
Pulse One > ntp server xx.xx.xx.xx --disable
* Stopping chronyd ...
[ ok ]
* Starting chronyd ...
[ ok ]
ntp:
pool: null
servers:
- enabled: true
location: yy.yy.yy.yy
- enabled: false
location: xx.xx.xx.xx
ntp show
Shows all current NTP settings.
Enabled servers are listed before disabled servers.
Usage
ntp show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** single pool, no servers ***
Pulse One > ntp show
pool:
enabled: true
location: pool.ntp.org
servers: []
*** pair of servers, no pool ***
Pulse One > ntp show
pool: null
servers:
- enabled: true
location: yy.yy.yy.yy
- enabled: false
location: xx.xx.xx.xx
p1 domain admins list
Lists admins, either for all domains or for a specified domain.
This command is disabled under MSSP mode.
Usage
p1 domain admins list [OPTIONS] [DOMAIN]
Options
--help
Displays the help text for this command.
Arguments
DOMAIN
(Optional) Specifies a domain. If not specified, all domains are listed.
Examples
*** list all domains ***
Pulse One > p1 domain admins list
domains:
mobile.example.com:
uiadmin:
email: [email protected]
roles:
- Super Admin
*** list specific domain ***
Pulse One > p1 domain admins list mobile.example.com
domains:
mobile.example.com:
uiadmin:
email: [email protected]
roles:
- Super Admin
p1 domain admins password reset
Resets the password of a local domain admin.
This is required when the path becomes locked after failed login attempts.
Usage
p1 domain admins password reset [OPTIONS] [USERNAME]
Options
--help
Displays the help text for this command.
Arguments
USERNAME
(Optional) Specifies a local domain admin.
Examples
*** Reset password of local domain admin "tk-428" ***
Pulse One > p1 domain admins password reset tk-428
Resetting the password of tk-428...
Changed password of local web user: tk-428 to azxhYPaGwybW3nfw
p1 domain list
Displays all provisioned domain names.
This command is disabled under MSSP mode.
Usage
p1 domain list [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > p1 domain list
domains:
- mobile.example.com
p1 domain property list
Shows settings for all domain properties.
This command is disabled under MSSP mode.
Usage
p1 domain property list [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > p1 domain property list
Getting domain properties...
domain properties:
- afw_domain_admin_user: null
- afw_enterprise_type: google
- afw_enterprise_id: null
p1 domain property reset
Resets all the domain properties.
This command is disabled under MSSP mode.
Usage
p1 domain property reset [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** list all domain properties ***
Pulse One > p1 domain property list
Getting domain properties...
domain properties:
- afw_domain_admin_user: null
- afw_enterprise_type: google
- afw_enterprise_id: null
*** reset properties ***
Pulse One > p1 domain property reset
Resetting domain properties...
Done
*** confirm properties are reset ***
Pulse One > p1 domain property list
Getting domain properties...
domain properties:
- afw_domain_admin_user: null
- afw_enterprise_type: null
- afw_enterprise_id: null
p1 domain property set
Sets a domain property.
This command is disabled under MSSP mode.
Usage
p1 domain property set [OPTIONS] DOMAIN_PROPERTY_NAME DOMAIN_PROPERTY
Options
--help
Displays the help text for this command.
Arguments
DOMAIN_PROPERTY_NAME
The domain property that you want to change. The available domain properties are:
•afw_domain_admin_user
•afw_enterprise_type
•afw_enterprise_id
DOMAIN_PROPERTY
The new value for the domain property, either afw (Android for Work) or Google. Always use afw unless directed otherwise.
Examples
*** list all domain properties ***
Pulse One > p1 domain property list
Getting domain properties...
domain properties:
- afw_domain_admin_user: null
- afw_enterprise_type: null
- afw_enterprise_id: null
*** reset properties ***
Pulse One > p1 domain property set afw_enterprise_type google
Setting domain property: afw_enterprise_type to google ...
Done
*** confirm properties are reset ***
Pulse One > p1 domain property list
Getting domain properties...
domain properties:
- afw_domain_admin_user: null
- afw_enterprise_type: google
- afw_enterprise_id: null
p1 domain provision
Provisions a new Pulse One environment.
This command is disabled under MSSP mode.
Usage
p1 domain provision [OPTIONS] DOMAIN
Options
--help
Displays the help text for this command.
--admin-username USERNAME
(Required) Username of the admin user. The default is root.
--admin-email EMAIL
(Required) Email address of admin.
Arguments
DOMAIN
The name of the domain you want to provision.
Examples
Pulse One > p1 domain provision mobile.example.com --admin-username user
--admin-email [email protected]
This will overwrite any existing Pulse One configuration. This can not be run on an already provisioned environment. You may need to `destroy` your environment before continuing.
Continue? [y/N]: Y
Set new admin password.
Password:
Confirm Password:
.
. (messages)
.
Provider domain mobile.example.com created.
Provisioned.
p1 domain whitelist add ip
Adds an IP address or range to the whitelist from which an admin can log into the Pulse One GUI.
All IP addresses outside the whitelist are then blocked from accessing Pulse One.
Whitelisting IP addresses/ranges is disabled by default. It is enabled when you add the first IP address/range to the whitelist, which must include your current IP address. After you have added your first whitelist item, all other IP addresses/ranges are automatically blacklisted. You can then continue to add all other required IP addresses/ranges until you have added all IP addresses/ranges from which admins can log in.
To reset all whitelist entries, use the p1 domain whitelist reset.
You can only add countries to the whitelist from the Pulse One GUI.
Usage
p1 domain whitelist add ip [OPTIONS] IP_ADDRESS
Options
--help
Displays the help text for this command.
Arguments
IP_ADDRESS
The IP address or range that you want to add to the whitelist, with an optional CIDR-formatted netmask. For example, 192.168.0.0/16.
Examples
*** add a specific whitelisted ip address or range ***
Pulse One > p1 domain whitelist add ip 192.168.0.0/16
Pulse One >
*** show all whitelisted entries
Pulse One > p1 domain whitelist show
Getting whitelist configurations...
Whitelisted Countries: null
Whitelisted IPs: 192.168.0.0/16
p1 domain whitelist reset
Resets whitelist of IP addresses and countries from which an admin can log into the Pulse One GUI.
To add an item to the whitelist, see p1 domain whitelist add ip.
Usage
p1 domain whitelist reset [OPTIONS] [DOMAIN]
Options
--help
Displays the help text for this command.
Arguments
DOMAIN
(Optional) The name of a single domain you want to remove from the whitelist. If this option is not specified, the whitelist is emptied.
Examples
*** reset a specific whitelisted domain ***
Pulse One > p1 domain whitelist reset example.demo.com
WARNING: This will remove <message>. Do you wish to continue? [y/N]: y
Pulse One >
*** reset all whitelisted domains ***
Pulse One > p1 domain whitelist reset
WARNING: This will remove all IP address and country restrictions from all domains, allowing admins to log in from any IP address/country. Do you wish to continue? [y/N] y
Pulse One >
p1 domain whitelist show
Displays a whitelist of IP addresses and countries from which an admin can log into the Pulse One GUI.
To add an item to the whitelist, see p1 domain whitelist add ip.
Usage
p1 domain whitelist show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** empty whitelist ***
Pulse One > p1 domain whitelist show
Getting whitelist configurations...
Whitelisted Countries: null
Whitelisted IPs: null
*** populated whitelist ***
Pulse One > p1 domain whitelist show
Getting whitelist configurations...
Whitelisted Countries: null
Whitelisted IPs: xx.xx.xx.xx/mm
p1 log-aggregator nfs
Sets the NFS parameters for the log-aggregator component.
After this command completes, perform a services restart to put new settings into effect.
Usage
p1 log-aggregator nfs [OPTIONS]
Options
--help
Displays the help text for this command.
--enable / --disable
Enable or disable NFS data storage.
-v, --volume VOLUME
Specify NFS volume in the form remote_host:remote_dir. This is required for the --enable option.
-o, --options OPTIONS
Specify NFS options, as a comma-separated list. Available options match those that are described on the mount_nfs manual (man) page.
Arguments
None.
Examples
*** enable NFS ***
Pulse One > p1 log-aggregator nfs --enable -v example:/home
This will delete all existing appliance logs. All services will be stopped if currently running.
Continue? [y/N]: y
Stopping uno_data-store_1 ... done
Stopping uno_index_1 ... done
.
. (service messages)
.
Stopping uno_ui-assets_1 ... done
Stopping uno_cache_1 ... done
keep_days: 3
nfs:
options: vers=3,nolock,retry=1,rw
volume: example:/home
type: nfs
p1 log-aggregator settings
Sets data storage settings for the log-aggregator component.
After this command completes, perform a services restart to put new settings into effect.
Usage
p1 log-aggregator settings [OPTIONS]
Options
--help
Displays the help text for this command.
-d, --keep-days RETENTION_POLICY
(Required) Specify the number of days any given log will be kept in the index.
--tls / --no-tls
Enables or disables TLS on syslog input.
Arguments
None.
Examples
*** set keep_days ***
Pulse One > p1 log-aggregator settings -d 28
Changing retention policy could lead to loss of data.
Continue? [y/N]: y
keep_days: 28
tls: false
*** set TLS to true ***
Pulse One > p1 log-aggregator settings --tls
keep_days: 28
tls: true
p1 log-aggregator show
Shows details of data storage for the log-aggregator component.
Usage
p1 log-aggregator show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > p1 log-aggregator show
disk usage: 520b
settings:
keep_days: 28
nfs:
options: vers=3,nolock,retry=1,rw
volume: example:/home
type: nfs
status: Enabled
p1 log-aggregator targets add
Adds a syslog target that will receive forwarded syslog messages.
After this command completes, perform a services restart to put new settings into effect.
Usage
p1 log-aggregator targets add [OPTIONS] HOST
Options
--help
Displays the help text for this command.
-p, --port INTEGER
The host's syslog connection port
--tls / --no-tls
Enable TLS when sending logs
Arguments
HOST
The target host that you want to add.
Examples
*** check current targets (empty) ***
Pulse One > p1 log-aggregator targets list
{}
*** add a target ***
Pulse One > p1 log-aggregator targets add -p 333 --no-tls xx.xx.xx.xx
xx.xx.xx.xx:333:
host: xx.xx.xx.xx
port: 333
tls: false
*** confirm the addition ***
Pulse One > p1 log-aggregator targets list
xx.xx.xx.xx:333:
host: xx.xx.xx.xx
port: 333
tls: false
p1 log-aggregator targets list
Displays a list of syslog targets.
Usage
p1 log-aggregator targets list [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** the list is empty ***
Pulse One > p1 log-aggregator targets list
{}
*** one target in the list ***
Pulse One > p1 log-aggregator targets list
10.11.12.13:333:
host: 10.11.12.13
port: 333
tls: false
p1 log-aggregator targets remove
Removes a syslog target.
After this command completes, perform a services restart to put new settings into effect.
Usage
p1 log-aggregator targets remove [OPTIONS] HOST:PORT
Options
--help
Displays the help text for this command.
Arguments
HOST:PORT
Specify a syslog target to remove.
Examples
*** check current targets ***
Pulse One > p1 log-aggregator targets list
xx.xx.xx.xx:333:
host: xx.xx.xx.xx
port: 333
tls: false
*** delete a target ***
Pulse One > p1 log-aggregator targets remove -p 333 --no-tls xx.xx.xx.xx
Deleted.
*** confirm the deletion (now empty) ***
Pulse One > p1 log-aggregator targets list
{}
p1 mssp provision
Provisions an MSSP management domain.
This command is enabled by a valid MSSP license.
Usage
p1 mssp provision [OPTIONS] DOMAIN
Options
--help
Displays the help text for this command.
--admin-username USERNAME
(Required) Username of admin.
--admin-email EMAIL
(Required) Email address of admin.
Arguments
DOMAIN
The name of the MSSP domain you want to provision.

Pulse One > p1 mssp provision demo.example.com --admin-username admin
--admin-email [email protected]
This will overwrite any existing Pulse One configuration. This can not be run on an already provisioned environment. You may need to `destroy` your environment before continuing.
Continue? [y/N]: y
Set new admin password.
Password:
Confirm Password:
Stopping uno_ui-assets_1 ... done
Stopping uno_cache_1 ... done
Stopping uno_index_1 ... done
Stopping uno_data-store_1 ... done
Stopping uno_file-store_1 ... done
Removing uno_ui-assets_1 ... done
Removing uno_cache_1 ... done
Removing uno_index_1 ... done
Removing uno_data-store_1 ... done
Removing uno_file-store_1 ... done
Creating identity domain...
Provider domain demo.example.com created.
Provisioned.
pws config refresh-app-icons
Refreshes the workspace application icons on the current node.
After this command completes, perform a services restart to put new settings into effect.
Usage
pws config refresh-app-icons [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > pws config refresh-app-icons
Refreshing app icons...
Done
pws config reset ios-certificate
Regenerates the iOS MDM root certificate.
After this command completes, perform a services restart to put new settings into effect.
Usage
pws config reset ios-certificate [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > pws config reset ios-certificate
WARNING: This regenerates the iOS MDM root certificate. Existing MDM device certificates issued to iOS devices will be invalidated and iOS devices will need to re-enroll to get policy updates.
Type "RESET" to continue: RESET
Regenerating iOS MDM root certificate...
Regenerated iOS MDM root certificate.
pws config set esa
Sets the Google ESA Credentials.
After this command completes, perform a services restart to put new settings into effect.
Usage
pws config set esa [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

Pulse One > pws config set esa
Please enter a valid Google ESA Credential:
{"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"private_key": "-----BEGIN PRIVATE KEY-----\\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCNDflIP01ZhEvt\\nIf03JNyM73tl7n0VxxUaJPUwXPettGonSJBOcN5ndJU4r6RDo0N85EPo75I2LktG\\nAjj6RUCk1OPN+PASG2eWXP1ROVYd1PVzeLA6C4Js8mkCLwB+N2hkA/f9HNxooFQY\\n1fGjfHaZb70RE2Oj8Q .
. (esa credentials truncated)
6PdPLwjd7KwBDbD9KiX+O5b0gA4GpMVm/L2tBAoGBANbThumPG8GPCqogiS0I\\nxBePd17QYR+g4D4AwVd328iuAuQ3oYyNTHP+rUAiyVwKI4GU6CxhabWHYAb6ycjm\\nYF/Pa2EAMaL1bUScENhM3xlejMgyWWrGdQjHkj0sFPdb8EqLqV6EvQRpWkJusHan\\na+RV/qSHyCdsFDlfJiL19M1G\\n-----END PRIVATE KEY-----\\n",
"client_email": "[email protected]", "private_key_id": "473a94a52343c31de3bbd925535b165b15b1d592",
"client_id": "105626901240200099628",
"token_uri": "https://accounts.google.com/o/oauth2/token", "client_x509_cert_url":
"https://www.googleapis.com/robot/v1/metadata/x509/account-4%40pulse-
dev-1125.iam.gserviceaccount.com", "type": "service_account", "auth_provider_x509_cert_url":
"https://www.googleapis.com/oauth2/v1/certs"}
Setting Google ESA Credentials...
Credentials:
auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs
auth_uri: https://accounts.google.com/o/oauth2/auth
client_email: [email protected]
client_id: '105626901240200099628'
client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/
account-4%40pulse-dev-1125.iam.gserviceaccount.com
private_key_id: 473a94a52343c31de3bbd925535b165b15b1d592
token_uri: https://accounts.google.com/o/oauth2/token
type: service_account
PEM contents hidden for security. Verify with hashes below:
MD5 for the private key: 604bf518cdf6a68872956261e6610ad6
MD5 for the whole Credential string: 34f4ccb1194d79facf25cb662517e3ae
SHA256 for the private key:
a4067666430c507e3f75e4845fe0745ef477a99623b9abdd3f018cfe8b446f70
SHA256 for the whole Credential string:
729d06ea69f86ebfaf1f17875bfae195eab50eb685db600bdd3a4d41cf152451
pws config set ios-mdm-push-certificate
Updates the iOS MSM push certificate. This certificate is used to create a certificate signing request (CSR) for the iOS MDM certificate.
After this command completes, perform a services restart to put new settings into effect.
Usage
pws config set ios-mdm-push-certificate [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > pws config set ios-mdm-push-certificate
The iOS MDM push certificate is provided by Pulse Secure and the iOS MDM push key can not be changed. Overwrite existing iOS MDM push certificate? [y/N]: y
Paste your iOS MDM push certificate in PEM format:
-----BEGIN CERTIFICATE-----^MMIIEuzCCA6OgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJVUzET^MMBEGA1UEChMKQXBwbGUgSW5jLjEmMCQGA1UECxMdQXBwbGUgQ2VydGlmaWNhdGlv^MbiBBdXRob3JpdHkxFjAUBgNVBAMTDUFwcGxlIFJvb3Qg
.
. (certificate)
.
ieerCVRouiEr0NlFXVTBMxtinXUWberS7/fxBuN/DlMHhwtXOeuz35WpxoNASUde
Rqk9LgbQIKdC1yNI3IAgPEWjUJArMXogJXP3lztiOGlj/ETiToCiQALUU//cB0aj
z5I+FEIWQzkRBMn2AKRezm9S5LEBxKgsbtIJRsydUzEm6atkWp2qIHKwZQMRCA==
-----END CERTIFICATE-----
Hash values for the iOS MDM Push Certificate string:
MD5: 17cf4528db9833e19a47c8fad0f63fdf
SHA256: efe0f65a7049d4a711dd3e38231a66c1c850b18fdaef49f4a84511ca4d2c4264
pws config set ios-pulse-secure-app-push-certificate
Updates the iOS Pulse Client push notification certificate.
After this command completes, perform a services restart to put new settings into effect.
Usage
pws config set ios-pulse-secure-app-push-certificate [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > pws config set ios-pulse-secure-app-push-certificate
The IOS Pulse Secure Client App Push Notification certificate needs to be provided by Pulse Secure. Update current certificate? [y/N]: y
Paste your iOS Pulse push certificate in PEM format:
-----BEGIN CERTIFICATE-----^MMIIGSzCCBTOgAwIBAgIIUbJAMJf/nAIwDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV^MBAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3Js^MZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UE
.
. (certificate truncated)
.
Y3VyZS5wdWxzZXNlY3VyZTE5MDcGA1UHuwnL55Rerxoh3Xi7UWFrgJLKsvoiOZUOXma1FEcQXu3A3NOOwn5LayPfbdJLDZmgxpHrck/XFKTDqcRhD2fo8/PeyknuatSC9fg13g3Dw==
-----END CERTIFICATE-----
Hash values for the iOS Client Push Certificate string:
MD5: fa31afc1a1b2c33bcd448f28f7ddf9a2
SHA256: a19cfdc3a4483b3682a22a2c167c63f2f521d41f21ea1b2c378cc4483691d8b5
pws config set msa
Sets the Google MSA Credentials.
- This command is enabled by a valid MSSP license and requires a valid PWS license.
- After this command completes, perform a services restart to put new settings into effect.
Usage
pws config set msa [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

Pulse One > pws config set msa
Please enter a valid Google MSA Credential:
{"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"private_key": "-----BEGIN PRIVATE KEY-----\\nMIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDMeFBApydNOc9M\\nFTga5a1qOs0vZRilwn6k6RIFG3bxOKk0k+iTeQxbRg9/kcglzE+N3wcp0Vw4Mg2K\\nL16f2q4tRLSEzqvtNDjJUuP0rusxmim32nHdM1VHKdd8LvtJ2Ov05iHf6wRgBcIS\\nQ+/rTwm21TfQkiWj3A
.
. (msa credentials truncated)
n1VQyoFU+Dicz1C60+7HWAJw3o5pD2NOHxKgQ4pECgYEAuLu3tNhgH/28i0++\\nnkEYwkFCoHbn1JUw62IsGF+2Crp1GMWdG/qjPu2wizUYnwS/TYC+zk9ZPlkRC36M\\n2RF+trd2hS6IG/Ts1BEz4e+BlvoDxOgJ5FXUnXx8TRNsfGRRCmmaOv/eWc1bWsPa\\n/KKFZHcoX9H4InpN6JIHv2AkCYk=\\n-----END PRIVATE KEY-----\\n",
"client_email": "[email protected]", "private_key_id": "5dd8b5951c10b85a0665c1706dcab61c89a01e56",
"client_id": "102471803974255694602",
"token_uri": "https://accounts.google.com/o/oauth2/token", "client_x509_cert_url":
"https://www.googleapis.com/robot/v1/metadata/x509/account-1%40pws-
dev.iam.gserviceaccount.com", "type": "service_account", "auth_provider_x509_cert_url":
"https://www.googleapis.com/oauth2/v1/certs"}
Setting Google MSA Credentials...
Credentials:
auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs
auth_uri: https://accounts.google.com/o/oauth2/auth
client_email: [email protected]
client_id: '102471083974256594602'
client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/account-1%40pws-dev.iam.gserviceaccount.com
private_key_id: 5dd8b5951c10b85a0665c1706dcab61c89a01e56
token_uri: https://accounts.google.com/o/oauth2/token
type: service_account
PEM contents hidden for security. Verify with hashes below:
MD5 for the private key: f3d746222228629061bf41c2d9616925
MD5 for the whole Credential string: a0a1038a695017fde74f7f6ccd2bad8a
SHA256 for the private key:
48535f0e85443bb3ac42db548cb947567a369148379c8a703a71cb404e3f9621
SHA256 for the whole Credential string:
607d0713ebc6837186111dfd5ed2ae1decb05ba6459a8fd758d8e5208b9dc485
pws config show esa
Shows Workspace ESA information.
Usage
pws config show esa [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > pws config show esa
Credentials:
auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs
auth_uri: https://accounts.google.com/o/oauth2/auth
client_email: wb882f19b668ec52ef12b76169@pfwp-ulsesecureandroidmdmtest2.google.com.iam.gserviceaccount.com
client_id: '108955911278235671297'
client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/wb882f19b668ec52ef12b76169%40pfwp-ulsesecureandroidmdmtest2.google.com.iam.gserviceaccount.com
private_key_id: 4ce2f68b79dff03027d1e0157b29181dc81
project_id: google.com:pfwp-ulsesecureandroidmdmtest2
token_uri: https://accounts.google.com/o/oauth2/token
type: service_account
PEM contents hidden for security. Verify with hashes below:
MD5 for the private key: 431eff630d49180e1447a4f856e2
MD5 for the whole Credential string: ad074eb71e1686bc40153794a7e
SHA256 for the private key: 36c293c8b3fed64dc0c5d21dfa1d83b46a59882c0bfd6c648b837755952
SHA256 for the whole Credential string: 8c29d9463883b6add6bed5ad2ba6d6f93d9cad301c2240d5e902259e22c6
pws config show msa
Shows Workspace MSA information.
This command is enabled by a valid MSSP license and requires a valid PWS license.
Usage
pws config show msa [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > pws config show msa
Credentials:
auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs
auth_uri: https://accounts.google.com/o/oauth2/auth
client_email: [email protected]
client_id: '102471083974256594602'
client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/account-1%40pws-dev.iam.gserviceaccount.com
private_key_id: 5dd8b5951c10b85a0665c1706dcab61c89a01e56
token_uri: https://accounts.google.com/o/oauth2/token
type: service_account
PEM contents hidden for security. Verify with hashes below:
MD5 for the private key: f3d746222228629061bf41c2d9616925
MD5 for the whole Credential string: a0a1038a695017fde74f7f6ccd2bad8a
SHA256 for the private key: 48535f0e85443bb3ac42db548cb947567a369148379c8a703a71cb404e3f9621
SHA256 for the whole Credential string: 607d0713ebc6837186111dfd5ed2ae1decb05ba6459a8fd758d8e5208b9dc485
pws email-domain add
Adds an email domain.
- After this command completes, perform a services restart to put new settings into effect.
- This command is disabled under MSSP mode.
Usage
pws email-domain add [OPTIONS] EMAIL_DOMAIN_NAME
Options
--help
Displays the help text for this command.
Arguments
EMAIL_DOMAIN_NAME
The email domain that you want to add.
Examples
*** list all email domains ***
Pulse One > pws email-domain list
Getting email domains...
No email domain found.
*** add a new domain ***
Pulse One > pws email-domain add yahoo.co.uk
Adding email domain yahoo.co.uk...
Done.
*** confirm the addition ***
Pulse One > pws email-domain list
Getting email domains...
email domains:
- yahoo.co.uk
pws email-domain delete
Deletes an email domain.
- After this command completes, perform a services restart to put new settings into effect.
- This command is disabled under MSSP mode.
Usage
pws email-domain delete [OPTIONS] EMAIL_DOMAIN_NAME
Options
--help
Displays the help text for this command.
Arguments
EMAIL_DOMAIN_NAME
The email domain that you want to delete.
Examples
*** list all email domains ***
Pulse One > pws email-domain list
Getting email domains...
email domains:
- yahoo.co.uk
*** delete an email domain ***
Pulse One > pws email-domain delete yahoo.co.uk
Deleting email domain yahoo.co.uk...
Done.
*** confirm the deletion ***
Pulse One > pws email-domain list
Getting email domains...
No email domain found.
pws email-domain list
Shows all the email domains.
This command is disabled under MSSP mode.
Usage
pws email-domain list [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > pws email-domain list
Getting email domains...
email domains:
- yahoo.com
- yahoo.co.uk
- gmail.com
pws-config refresh-app-icons
Refreshes the workspace app icons on the current node.
This command is deprecated. Please use pws config refresh-app-icons.
pws-config reset ios-certificate
Regenerates the iOS MDM root certificate.
This command is deprecated. Please use pws config reset ios-certificate.
pws-config set esa
Sets the Google ESA Credentials.
This command is deprecated. Please use pws config set esa.
pws-config show esa
Shows the Workspace ESA information.
This command is deprecated. Please use pws config show esa.
services logs
Displays logs for application services.
Usage
services logs [OPTIONS] [SERVICE]
Options
--help
Displays the help text for this command.
--tail INTEGER
Number of log lines to show per service.
--follow / --no-follow
Follow logs as they are updated.
Arguments
SERVICE
(Optional) The required app service.
•To list available services for this argument, refer to services status.
•If no SERVICE is specified, all app services are included.
•By default, only app services are included. To view all services, specify ALL.
Examples
*** list logs, limited to most recent 5 entries ***
Pulse One > services logs --tail 3 --no-follow
Attaching to api_1, backend_1, backend_2, backend_3, backend_4, backend_5,
backend_6, backend_7, backend_8, cellsecrpc_1, console_1, file-store_1,
portal_1, proxy_1, pws-api_1, ui-assets_1
pws-api_1 | spawned uWSGI worker 3 (pid: 16, cores: 1)
pws-api_1 | spawned uWSGI worker 4 (pid: 17, cores: 1)
pws-api_1 | spawned uWSGI worker 5 (pid: 18, cores: 1)
api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 13
api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 14
api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 15
.
. (logs)
.
ui-assets_1 | Starting nginx with CORS origin * (.*)
ui-assets_1 | Starting nginx with CORS origin * (.*)
ui-assets_1 | Starting nginx with CORS origin * (.*)
services restart
Restarts one or more services.
By default, all services are restarted. To restart individual service(s), specify the SERVICE argument.
Usage
services restart [OPTIONS] [SERVICE]...
Options
--help
Displays the help text for this command.
Arguments
SERVICE
(Optional) The required service.
•If no SERVICE is specified, all services are included.
•If you want to specify one or more specific services, include each.
Examples
*** restart all services ***
Pulse One > services restart
Restarting...
Starting with version "1902"...
Started.
Restarted.
*** restarting a specific service ***
Pulse One > services restart
services start
Starts all services.
Usage
services start [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > services start
Starting with version "1902"...
Started.
services status
Displays the status of all services.
Usage
services status [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

*** services up ***
Pulse One > services status
Name State
------------------
api Up
backbeat Up
backend Up
backend Up
backend Up
backend Up
backend Up
backend Up
backend Up
backend Up
cache Up
cellsecrpc Up
console Up
data-store Up
file-store Up
index Up
portal Up
proxy Up
pws-api Up
ui-assets Up
*** services down ***
Pulse One > services status
Name State
------------------------
api Stopped
backbeat Stopped
backend Stopped
backend Stopped
backend Stopped
backend Stopped
backend Stopped
backend Stopped
backend Stopped
backend Stopped
cache Stopped
cellsecrpc Stopped
console Stopped
data-store Stopped
file-store Stopped
index Stopped
portal Stopped
proxy Stopped
pws-api Stopped
ui-assets Stopped
services stop
Stops all services.
Usage
services stop [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > services stop
Stopping...
Stopping uno_backbeat_1 ... done
Stopping uno_api_1 ... done
Stopping uno_pws-api_1 ... done
Stopping uno_cellsecrpc_1 ... done
Stopping uno_portal_1 ... done
Stopping uno_proxy_1 ... done
Stopping uno_file-store_1 ... done
Stopping uno_backend_8 ... done
Stopping uno_backend_5 ... done
Stopping uno_backend_2 ... done
Stopping uno_backend_7 ... done
Stopping uno_backend_6 ... done
Stopping uno_backend_3 ... done
Stopping uno_backend_4 ... done
Stopping uno_backend_1 ... done
Stopping uno_console_1 ... done
Stopping uno_ui-assets_1 ... done
Stopping uno_cache_1 ... done
Stopping uno_index_1 ... done
Stopping uno_data-store_1 ... done
Stopped.
smtp set
Modifies the current SMTP configuration.
After this command completes, perform a services restart to put new settings into effect.
Usage
smtp set [OPTIONS]
Options
--help
Displays the help text for this command.
-s, --server ADDRESS
Sets the SMTP server IP or hostname.
-p, --port PORT
Sets the SMTP server port number.
-t, --tls
(Optional) Enables SSL/TLS.
To disable TLS, use the --no-tls option.
-u, --username USERNAME
(Optional) Sets the SMTP username. This is only required when SMTP expects a username.
To remove the username from the configuration, use the --no-username option.
--password
(Optional) Indicates that a password is required. The system prompts for a password.
This is only required when SMTP expects a password.
To remove the password from the configuration, use the --no-password option.
--sender EMAIL
Defines the email address of default sender for all messages.
--no-username
(Optional) Removes SMTP username from the configuration.
--no-password
(Optional) Removes SMTP password from the configuration.
--no-tls
(Optional) Disables TLS in the configuration.
Arguments
None.

*** show current smtp settings ***
Pulse One > smtp show
password: '********'
port: 587
sender_email: [email protected]
server: smtp.mailgun.org
ssl_tls: false
username: [email protected]
*** reset the port from 587 to 590 ***
Pulse One > smtp set -p 590
password: '********'
port: 590
sender_email: [email protected]
server: smtp.mailgun.org
ssl_tls: false
username: [email protected]
*** enable TLS ***
Pulse One > smtp set --tls
password: '********'
port: 590
sender_email: [email protected]
server: smtp.mailgun.org
ssl_tls: true
username: [email protected]
*** remove username ***
Pulse One > smtp set --no-username
password: '********'
port: 590
sender_email: [email protected]
server: smtp.mailgun.org
ssl_tls: true
username: null
*** reinstate username and port ***
Pulse One > smtp set -u [email protected] -p 587
password: '********'
port: 587
sender_email: [email protected]
server: smtp.mailgun.org
ssl_tls: true
username: [email protected]
smtp show
Displays current SMTP settings.
Usage
smtp show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > smtp show
password: '********'
port: 587
sender_email: [email protected]
server: smtp.mailgun.org
ssl_tls: false
username: [email protected]
system backup export
Exports an archive of system settings as a GZIP TAR (.tgz) file. This uses a specified interface.
You can choose to exclude syslog data if required.
During the process, the following message is displayed:
Download ready at http://xx.xx.xx.xx:8000/backup/download
MD5: 10e3f47281a8a5c494df8dca7d3c5ddd
Press Ctrl-C when finished.
When this message appears, do not press CTRL + C.
Instead, start a web browser and access http://xx.xx.xx.xx:8000/backup/download in a browser.
Save the backup file to an accessible location.
Once the file save completes, return to the CLI and press CTRL + C to complete the export process.
If you press CTRL + C before the download completes, the web browser will close, and you will have to start the system backup export process again.
Usage
system backup export [OPTIONS]
Options
-e, --exclude [syslog]
Exclude syslog data from backup
-i, --interface INTERFACE
INTERFACE can be either external or management. The specified interface is used when downloading the system settings. If unspecified, the management interface is used by default.
--help
Displays the help text for this command.
Arguments
None.

*** initiate the export ***
Pulse One > system backup export -i external
Services will be stopped before initiating backup. Continue? [y/N]: y
Services will be stopped before initiating backup. Continue? [y/N]: y
Stopping uno_log-collector_1 ... done
Stopping uno_api_1 ... done
.
. (system messages: closing services)
.
Stopping uno_index_1 ... done
Stopping uno_data-store_1 ... done
Starting backup...
Storing to backup [------------------------------------] 0%
Storing to backup [------------------------------------] 1%
.
. (system messages: percentage completion)
.
Storing to backup [###################################-] 98%
Storing to backup [###################################-] 99%
Download ready at http://10.64.196.97:8000/backup/download
MD5: 10e3f47281a1b2c394df8dca7d3c5ddd
Press Ctrl-C when finished.
*** in a browser, access xx.xx.xx.xx:8000/backup/download and save the file ***
*** then, complete the export process in the CLI by clicking CTRL + C ***
^C
system backup import
Imports an archive and restores the system using a specified interface.
When the process starts, the following message is displayed:
Upload your backup archive here:
URL: http://xx.xx.xx.xx:8000/backup
Press Ctrl-C when finished.
When this message appears, do not press CTRL + C.
Instead, start a web browser and access http://xx.xx.xx.xx:8000/backup.
Using the controls on the web page, upload the backup file you want to restore.
Once the backup file upload completes, return to the CLI and press CTRL + C to continue the import process.
- If you press CTRL + C before the upload completes, the web browser will close, and you will have to start the system backup import process again.
- After this command completes, perform a services restart to put new settings into effect.
Usage
system backup import [OPTIONS]
Options
-i, --interface INTERFACE
INTERFACE can be either external or management. The specified interface is used when importing the system settings. If unspecified, the management interface is used by default.
--help
Displays the help text for this command.
Arguments
None.

*** initiate the import of a backup ***
Pulse One > system backup import Pulse One > system backup import -i management
Upload your backup archive here:
URL: http://10.96.16.157:8000/backup
Press Ctrl-C when finished.
*** in a browser, access xx.xx.xx.xx:8000/backup and upload the backup ***
*** continue the process by clicking CTRL + C ***
^C
WARNING: This will replace all Pulse One data and configuration restoring the appliance from backup. The data and configuration will not be recoverable.
Type "DESTROY" to continue: DESTROY
Restore backup from backup-2019-04-04T14_01_43Z.tar.gz
(MD5: 7d84ff6a1b2c3d4abb507d5c3ffef972) now? [y/N]: y
Removing directory /data/tmp/upload/0
Removing directory /data/tmp/upload/1
Removing directory /data/tmp/upload/2
Removing file /app/conf/users.yml
Removing directory /app/conf/conf.d
Removing directory /app/conf/unity
Restoring from backup [####################################] 100%
*** system then reboots ***
system banner remove
Removes a configured login banner.
Usage
system banner remove [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** show current banner ***
Pulse One > system banner show
Pulse Secure PULSE ONE Appliance
(c) 2018, Pulse Secure LLC.
*** remove banner ***
Pulse One > system banner remove
Banner removed.
*** confirm deletion ***
Pulse One > system banner show
No banner set.
system banner set
Sets a login banner.
Usage
system banner set [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system banner set
Enter or paste the banner message followed by two blank lines:
Pulse Secure PULSE ONE Appliance
(c) 2018, Pulse Secure LLC.
Banner saved.
system banner show
Displays the configured login banner.
Usage
system banner show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
*** no banner ***
Pulse One > system banner show
No banner set.
*** banner set ***
Pulse One > system banner show
Pulse Secure PULSE ONE Appliance
(c) 2018, Pulse Secure LLC.
system debug
Launches the debug shell. This operation requires assistance from Pulse One Tech support.
Usage
system debug [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system debug
This operation requires assistance from Pulse One Tech support.
Do you wish to proceed? [y/N]: y
(debug messages)
system destroy data
Resets all data to factory defaults.
Usage
system destroy data [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

Pulse One > system destroy data
WARNING: This will delete all Pulse One data, resetting the appliance to factory defaults. The data will not be recoverable.
Type "DESTROY" to continue: DESTROY
Resetting data...
Stopping uno_log-collector_1 ... done
Stopping uno_log-indexer_1 ... done
Stopping uno_file-store_1 ... done
Removing uno_log-collector_1 ... done
Removing uno_log-indexer_1 ... done
.
. (system messages: service removals)
.
Removing uno_data-store_1 ... done
Removing network default
Removing file /data/elasticsearch/elasticsearch/nodes/0/_state/global-5.st
Removing file /data/elasticsearch/elasticsearch/nodes/0/indices/
cust___mobile_4c49992c/_state/state-2.st
.
. (system messages: file/directory removals)
.
Removing directory /data/mongodb
Removing directory /data/mysql
Destroyed.
system destroy index
Deletes all statistics and profiler data.
This command will stop all services on the Pulse One appliance. You must restart any required services manually after the command completes, see services start.
Usage
system destroy index [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system destroy index
WARNING: This will delete all index service data. The data will not be recoverable.
Type "DESTROY" to continue: DESTROY
Stopping uno_log-collector_1 ...
Stopping uno_log-indexer_1 ...
.
. (system messages: stopping services)
.
Stopping uno_index_1 ... done
Stopping uno_data-store_1 ... done
Resetting data...
Removing uno_index_1 ... done
Removing file /data/elasticsearch/elasticsearch/nodes/0/indices/cust___p1_f2ac9527/1/index/_0.cfe
Removing file /data/elasticsearch/elasticsearch/nodes/0/indices/cust___p1_f2ac9527/1/index/_0.cfs
.
. (system messages: removing files and directories)
.
Removing directory /data/elasticsearch/elasticsearch/nodes
Removing directory /data/elasticsearch/elasticsearch
system destroy log-indexer
Deletes all received syslog data.
This command will stop all services on the Pulse One appliance. You must restart any required services manually after the command completes, see services start.
Usage
system destroy log-indexer [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system destroy log-indexer
WARNING: This will delete all log-indexer service data. The data will not be recoverable.
Type "DESTROY" to continue: DESTROY
Stopping uno_log-collector_1 ...
Stopping uno_api_1 ...
Stopping uno_pws-api_1 ... done
.
. (system messages: stopping services)
.
Stopping uno_cache_1 ... done
Stopping uno_index_1 ... done
Stopping uno_data-store_1 ... done
Resetting data...
Removing uno_log-collector_1 ... done
Removing uno_log-indexer_1 ... done
.
. (system messages: removing files and directories)
.
Removing directory /data/log_indexer/graylog-prod
Removing directory /data/log_indexer/log
system destroy managed-appliance-configs
Deletes all PCS and PPS configurations.
Usage
system destroy managed-appliance-configs [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system destroy managed-appliance-configs
Pulse One will forget the configuration data it has received from Pulse Connect Secure and Pulse Policy Secure appliances. It will soon get fresh data from the appliances, but history will be lost. Use this command if, after a Pulse One cluster failover, viewing or publishing PCS/PPS configuration leads to unexplained error messages.
Continue? [y/N]: Y
.
. (system messages: appliance removals)
.
Destroyed.
system destroy service-logs
Deletes all service logs.
This command will stop all services on the Pulse One appliance. After completion, any services that were running when the command was used will be restarted automatically.
Usage
system destroy service-logs [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

Pulse One > system destroy service-logs
Are you sure you want to delete all service logs? This will temporarily stop all services. [y/N]: y
Stopping uno_backend_1 ...
Stopping uno_backend_4 ...
.
. (system messages: stopping services)
.
Stopping uno_cache_1 ... done
Stopping uno_data-store_1 ... done
Removing uno_backend_1 ...
Removing uno_backend_4 ...
.
. (system messages: removing files and directories)
.
Removing uno_cache_1 ... done
Removing uno_data-store_1 ... done
Creating and starting 2 ... done
Creating and starting 3 ... done
.
. (system messages: creating and starting services)
.
Creating and starting 7 ... done
Creating and starting 8 ... done
system destroy system-config
Resets the appliance to factory defaults.
Usage
system destroy system-config [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

Pulse One > system destroy system-config
WARNING: This will delete all Pulse One data and configuration, resetting the appliance to factory defaults. The data and configuration will not be recoverable.
Type "DESTROY" to continue:DESTROY
Resetting data...
Stopping uno_ui-assets_1 ... done
Stopping uno_data-store_1 ... done
Stopping uno_cache_1 ... done
Stopping uno_index_1 ... done
Removing uno_ui-assets_1 ... done
Removing uno_data-store_1 ... done
Removing uno_cache_1 ... done
Removing uno_index_1 ... done
Removing network default
Removing file /data/elasticsearch/elasticsearch/nodes/0/_state/global-0.st
Removing file /data/elasticsearch/elasticsearch/nodes/0/node.lock
.
. (File/directory removal messages)
.
Removing directory /app/conf/conf.d
Removing directory /app/conf/unity
Destroyed.
Press <ENTER> to continue and log out.
system provision
Provisions a new Pulse One environment.
This command is deprecated. Please use p1 domain provision.
system reboot
Reboots the system.
Usage
system reboot [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system reboot
Reboot now? [y/N]: y
Rebooting now...
system security fips
Enables or disables FIPS mode. If no option is specified, FIPS is disabled by default.
Usage
system security fips [OPTIONS]
Options
--help
Displays the help text for this command.
--enable
Enables server FIPS mode.
--disable
Disables server FIPS mode.
Arguments
None.
Examples
*** enable FIPS ***
Pulse One > system security fips --enable
Enabling FIPS mode will stop all services and log you out.
Continue? [y/N]: y
<system reboots>
*** disable FIPS ***
Pulse One > system security fips --disable
Disabling FIPS mode will stop all services and log you out.
Continue? [y/N]: y
<system reboots>
*** specify no option ***
Pulse One > system security fips
FIPS mode already DISABLED.
system security show
Displays security-related configuration.
Usage
system security show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system security show
FIPS Mode: false
Version: Pulse One version 2.0
system session-settings set
Sets CLI login security settings.
Usage
system session-settings set [OPTIONS]
Options
--help
Displays the help text for this command.
-i, --idle-timeout IDLE_TIMEOUT
Set seconds to wait before logging out an idle session.
-l, --login-timeout LOGIN_TIMEOUT
Set seconds to wait before timing out login attempt.
-m, --max-auth-attempts AUTH_ATTEMPTS
Set number of failed login attempts before client is disconnected.
Arguments
None.
Examples
*** display current settings ***
Pulse One > system session-settings show
idle_timeout: 300
login_timeout: 30
max_auth_attempts: 3
*** set idle_timeout ***
Pulse One > system session-settings set -i 250
idle_timeout: 250
login_timeout: 30
max_auth_attempts: 3
system session-settings show
Shows CLI login security settings.
Usage
system session-settings show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system session-settings show
idle_timeout: 300
login_timeout: 30
max_auth_attempts: 3
system shutdown
Halts the system and shuts it down.
Usage
system shutdown [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system shutdown
Shut down now? [y/N]: Y
Shutting down now...
system snapshot
Takes a snapshot of application logs and system information as a GZIP TAR (.tgz) file, using a specified interface.
During the process, a message similar to the following is displayed:
Download ready at http://xx.xx.xx.xx:8000/snapshot/download
MD5: 73c0973a126352559b8be388c8ebc605
Press Ctrl-C when finished.
When this message appears, do not press CTRL + C.
Instead, start a web browser and access http://xx.xx.xx.xx:8000/snapshot/download.
Save the snapshot file to an accessible location.
Once the file save completes, return to the CLI and press CTRL + C to complete the snapshot process.
If you press CTRL + C before the download completes, the web browser will close, and you will have to start the system snapshot process again.
Usage
system snapshot [OPTIONS]
Options
-i, --interface INTERFACE
INTERFACE can be set to either external or management. This interface is used when downloading the snapshot. If unspecified, the management interface is used as a default.
--help
Displays the help text for this command.
Arguments
None.

Pulse One > system snapshot -i management
Services will be stopped before initiating snapshot. Continue? [y/N]: y
Stopping uno_log-collector_1 ... done
Stopping uno_api_1 ... done
.
. (System messages: stopping services)
.
Stopping uno_index_1 ... done
Stopping uno_data-store_1 ... done
Starting snapshot...
Adding etc to snapshot-2019-04-04T14:37:43Z.tar.gz
Adding etc/modules-load.d to snapshot-2019-04-04T14:37:43Z.tar.gz
Adding etc/fstab.old to snapshot-2019-04-04T14:37:43Z.tar.gz
.
. (System messages: adding to backup)
.
Adding data/snapshot/ip-routing-info-2019-04-04T14:37:43Z.log to snapshot-2019-04-04T14:37:43Z.tar.gz
Adding data/snapshot/service-2019-04-04T14:37:43Z.log to snapshot-2019-04-04T14:37:43Z.tar.gz
Download ready at http://10.96.16.157:8000/snapshot/download
MD5: fe3bc60d1f1220a19604af1108445389
Press Ctrl-C when finished.
*** in a browser, save the file from xx.xx.xx.xx:8000/backup/download ***
*** then, complete the export process in the CLI by clicking CTRL + C ***
^C
You may restart services with `services restart`.
*** restart services ***
Pulse One > services restart
Restarting...
Starting with version "1902"...
Started.
Restarted.
Pulse One >
system storage add
This command enables unallocated data storage to be added to the data volume used by Pulse One services.
When used, the command displays a list of unallocated data storage volumes.
The user then selects one of these volumes, and it is added to the data volume for Pulse One services.
- This command is only supported on Virtual Machine implementations of Pulse One.
- From Pulse One v2.0.1834 onwards, an LVM data storage system is used. If Pulse One has been upgraded to v2.0.1834, the first use of system storage add will force the existing data storage system to convert to an LVM data storage system. To avoid data loss, you must perform a system backup export before you use system storage add, and then perform a system backup import after system storage add completes.
- These listed volumes must be previously created using standard ESX procedures.
Usage
system storage add [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.

*** display current allocated storage ***
Pulse One > system storage show
Volumes Filesystem Size Used Available Use% Mounted on
System /dev/md1 1.9G 265.8M 1.6G 14% /
Applications /dev/md2 39.2G 4.9G 32.3G 13% /app
Data Storage /dev/vg0/data 906.7G 408.4M 860.3G 0% /data
data-store 405.71M
file-store 2.54G
index 1007.8M
log-collector 1.03M
log-indexer 695.55M
tmp 52B
*** list available data storage volumes and add it ***
Pulse One > system storage add
Disk Size
-------------------
/dev/sdc 4.00 GiB
/dev/sdd 5.00 GiB
/dev/sde 3.00 GiB
Type name of disk you would like to add [/dev/sdc]: /dev/sde
Expanding storage with selected disk /dev/sde...
Storage expanded.
You may restart services with `services restart`.
*** restart services ***
Pulse One > services restart
Restarting...
Stopping uno_log-collector_1 ... done
Stopping uno_api_1 ... done
Stopping uno_pws-api_1 ... done
Stopping uno_backbeat_1 ... done
Stopping uno_file-api_1 ... done
Stopping uno_cellsecrpc_1 ... done
Stopping uno_portal_1 ... done
Stopping uno_proxy_1 ... done
Stopping uno_log-indexer_1 ... done
Stopping uno_file-store_1 ... done
Stopping uno_backend_4 ... done
Stopping uno_backend_2 ... done
Stopping uno_backend_3 ... done
Stopping uno_backend_1 ... done
Stopping uno_console_1 ... done
Stopping uno_ui-assets_1 ... done
Stopping uno_cache_1 ... done
Stopping uno_index_1 ... done
Stopping uno_data-store_1 ... done
Starting with version "1902"...
Started.
Restarted.
*** show updated storage information ***
*** NOTE - the USED value may drop after services restart ***
Pulse One > system storage show
Volumes Filesystem Size Used Available Use% Mounted on
System /dev/md1 1.9G 265.8M 1.6G 14% /
Applications /dev/md2 39.2G 4.9G 32.3G 13% /app
Data Storage /dev/vg0/data 909.7G 408.4M 863.3G 0% /data
data-store 405.71M
file-store 2.54G
index 1007.8M
log-collector 1.03M
log-indexer 695.55M
tmp 52B
system storage show
Displays system storage information for Pulse One.
Usage
system storage show [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system storage show
Volumes Filesystem Size Used Available Use% Mounted on
System /dev/md1 1.9G 321.5M 1.5G 17% /
Applications /dev/md2 39.2G 9.3G 27.9G 25% /app
Data Storage /dev/vg0/data 903.8G 4.7G 853.2G 1% /data
data-store 405.71M
file-store 2.54G
index 1007.8M
log-collector 1.03M
log-indexer 695.55M
tmp 52B
system upgrade
This command upgrades Pulse One software, or replaces a Pulse One iOS APNS device certificate.
Pulse Secure recommends that you perform a backup of your current system before using this command, see system backup export.
Usage
There are two forms of this command:
•Upgrading the Pulse One software:
•To perform the upgrade using the CLI only, use:
system upgrade cli [OPTIONS] <url> <hash>
For this method, an external web server is required to host the upgrade package.
•To perform the upgrade using a hybrid of CLI and browser, use:
system upgrade [OPTIONS] <url> <md5>
No external web server is required to use this method. Refer to the Pulse One Getting Started Guide for the full procedure.
•Replacing a Pulse One iOS APNS device certificate, use:
system upgrade -i external
When the process starts, the following message is displayed:
Upload your backup archive here:
URL: https://xx.xx.xx.xx:8000/upgrade
Start a web browser and access http://xx.xx.xx.xx:8000/upgrade. Using the controls on the web page, select the archive certificate file (.tgz), and then enter the MD5 hash for the file. Click Submit.
Once the upload completes, return to the CLI and continue the process.
Options
--help
Displays the help text for this command.
-i, --interface INTERFACE
This option cannot be used on a CLI-only method.
Network interface through which to upload the upgrade bundle. Can be internal, external or management.
Arguments
url
The URL for the upgrade file.
hash
The hash value for the upgrade file, in either MD5 or SHA256 format.

*** Upgrade using the CLI only ***
Pulse One > system upgrade cli https://example.com/upgrade/file2
5ac23b102d34a670c341abe0ff01
WARNING: Please ensure that backup has been performed (`system backup export` command). Data and configuration changes cannot be reverted after upgrade.
Type "UPGRADE" to continue:UPGRADE
<upgrade messages>
*** Upgrade an iOS APNS device certificate ***
Pulse One > system upgrade -i external
WARNING: Please ensure that backup has been performed (`system backup export` command). Data and configuration changes cannot be reverted after upgrade.
Type "UPGRADE" to continue:UPGRADE
Upload your upgrade bundle here:
URL: http://xx.xx.xx.xx:8000/upgrade
<perform upload in browser>
Validating hash...
Upgrading to PWS certificates <timestamp>
(1/1) Installing pulse-one-certificate (<version>)
Executing pulse-one-certificate-<version>.post-install
OK: 2384 MiB in 142 packages.
Restarting unitycom
Connection to xx.xx.xx.xx closed by remote host.
Connection to xx.xx.xx.xx closed.
system version
Display Pulse One version info.
Usage
system version [OPTIONS]
Options
--help
Displays the help text for this command.
Arguments
None.
Examples
Pulse One > system version
Pulse One: 2.0.1902
unitycom: 1902-31