CLI Commands

This section is a command reference for all CLI commands.

account create

Creates a CLI admin account.

Usage

account create [OPTIONS] USERNAME

Options

--help

Displays the help text for this command.

Arguments

USERNAME

The user for which you want to make a CLI admin account.

Examples

*** list users ***

Pulse One > account list

users:

- admin

- young

 

*** add new account ***

Pulse One > account create example

Password:

Confirm Password:

Created user example

 

*** confirm addition ***

Pulse One > account list

users:

- admin

- young

- example

account delete

Deletes the CLI admin account.

Usage

account delete [OPTIONS] USERNAME

Options

--help

Displays the help text for this command.

Arguments

USERNAME

The CLI admin account that you want to delete.

Examples

*** list users ***

Pulse One > account list

- users:

- admin

- test

- example

 

*** delete account ***

Pulse One > account delete example

Type DELETE to confirm: DELETE

User 'example' deleted.

 

*** confirm deletion ***

Pulse One > account list

users:

- admin

- test

account list

Lists all existing admin CLI accounts.

Usage

account list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** list cli admin users ***

Pulse One > account list

users:

- admin

- test

- example

account password change

Changes the password for a CLI admin account.

Usage

account password change [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > account password change

Current password:

Password:

Confirm Password:

 

You can connect to SSH at xx.xx.xx.xx:pp

Press <ENTER> to log in to Pulse One

Login below:

Username: admin

Password:

Logged in as admin

Last login at 2018-06-06T09:45:04Z via console

Pulse One >

account password reset

Resets the password (assigns a temporary password) for a CLI admin account.

Usage

account password reset [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** list current cli admin users ***

Pulse One > account list

users:

- admin

- young

- example

*** change password for “example” cli admin user ***

Pulse One > account password reset

Enter the user whose password needs to be reset: example

Type RESET to confirm: RESET

Temporary password for user 'example'

N3yXa6Jb

cluster add

This command should only be performed on the Active node of a proposed Pulse One cluster. The command generates a cluster join token, and then outputs the command that must be run on the Passive node so that it forms a cluster with the Active node.

Usage

cluster add [OPTIONS] ADDRESS

Options

--help

Displays the help text for this command.

Arguments

ADDRESS

The IPv4 address of the proposed Passive node for the cluster.

Examples

*** log into Active node xx.xx.xx.xx to add Passive node yy.yy.yy.yy ***

Pulse One > cluster add yy.yy.yy.yy

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

(interface messages)

* Starting networking ...

(interface messages)

* Starting chronyd ...

* Starting NFS sm-notify ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

* Stopping racoon ... [ ok ]

* Flushing policy entries ... [ ok ]

* Loading ipsec policies from /etc/ipsec.conf.

* Starting racoon ... [ ok ]

 

To cluster yy.yy.yy.yy as a passive Pulse One appliance with this active appliance, configure networking on the passive appliance and run the following command on it:

cluster join xx.xx.xx.xx 70yqww0k

In this example, the cluster join token is “70yqww0k”.

cluster config

Configures automatic failover for a two-node Active/Passive Pulse One cluster.

Usage

cluster config [OPTIONS]

Options

--help

Displays the help text for this command.

-f, --auto-failover INTEGER

Configures the auto failover timeout (in minutes).

When this is set to 0, automatic failover is disabled. This is the default setting.

Arguments

None.

Examples

Pulse One > cluster config -f 2

auto_failover: true

auto_failover_timeout: 2 minutes

cluster demote

Demotes the current node to standalone.

This is required to perform a manual failover, or to de-cluster an Active/Passive pair of nodes.

Usage

cluster demote [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

cluster join

Joins the current node to an existing Active node to form a two-node Active/Passive cluster.

The current node becomes the Passive node in the cluster.

The cluster join command requires a cluster join token. This token is generated by first running the cluster add command on the Active node, see cluster add.

Usage

cluster join [OPTIONS] ADDRESS TOKEN

Options

--help

Displays the help text for this command.

Arguments

ADDRESS

IPv4 address of the Active node for the cluster.

TOKEN

The cluster join token generated by the cluster add command, see cluster add.

cluster promote

Promotes the current standalone node to Active and enables clustering.

Usage

cluster promote [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** promote standalone node xx.xx.xx.xx to Active ***

Pulse One > cluster promote

Promoting node to active cluster node...

Stopping uno_data-store_1 ... done

Removing uno_data-store_1 ... done

Stopping uno_index_1 ... done

Removing uno_index_1 ... done

Stopping uno_file-store_1 ... done

Removing uno_file-store_1 ... done

Stopping uno_log-indexer_1 ... done

Removing uno_log-indexer_1 ... done

Stopping uno_log-collector_1 ... done

Removing uno_log-collector_1 ... done

auto_failover: false

node:

id: 137a56c7928b48ddac404bf033928866

ip: xx.xx.xx.xx

mode: active

cluster status

Reports the clustering status of the current node.

Where the node is in a cluster (either as Active or Passive), the status of individual services (“systems”) are also displayed, including individual synchronization statuses.

Usage

cluster status [--watch]

Options

--help

Displays the help text for this command.

--watch

Watch status live

Arguments

None.

domain admins list

Displays a list of the admins for all domains, or a specified domain.

This command is deprecated. Please use p1 domain admins list.

domain list

Displays all provisioned domain names.

This command is deprecated. Please use p1 domain list.

domain-property list

Lists all of the domain properties.

This command is deprecated. Please use p1 domain property list.

domain-property reset

Resets all of the domain properties.

This command is deprecated. Please use p1 domain property reset.

domain-property set

Sets a domain property.

This command is deprecated. Please use p1 domain property set.

email-domain add

Adds an email domain.

This command is deprecated. Please use pws email-domain add.

email-domain delete

Deletes an email domain.

This command is deprecated. Please use pws email-domain delete.

email-domain list

Shows all the email domains.

This command is deprecated. Please use pws email-domain list.

help

Shows the top level of the help system.

Usage

help [OPTIONS] [COMMAND]

Options

--help

Displays the help text for this command.

Arguments

COMMAND

The CLI command for which you want to display the help text.

https csr

Generates an HTTPS Certificate Signing Request (CSR).

This request must be sent to your certificate authority, which will return a signed certificate to you.

Usage

https csr [OPTIONS]

Options

--help

Displays the help text for this command.

--with-text

Present the CSR in a human-readable format. This is ignored if –pem-only is included.

--pem-only

Present the CSR in a PEM-encoded format.

Arguments

None.

 

https set ca-bundle

Sets the HTTPS certificate authority bundle.

After this command completes, a restart is required for new settings to go into effect.

Usage

https set ca-bundle [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > https set ca-bundle

Overwrite existing certificate authority bundle? [y/N]: y

Paste your HTTPS certificate chain in PEM format:

-----BEGIN CERTIFICATE-----

MIIDBTCCAe2gAwIBAgIRALPEq57d1knqntc9NgQvwYQwDQYJKoZIhvcNAQELBQAw

HDEaMBgGA1UEAwwRbW9iaWxlLnB3c2VuZy5jb20wHhcNMTgwNjE4MDA1MTA5WhcN

MTkwNjE5MDA1MTA5WjAcMRowGAYDVQQDDBFtb2JpbGUucHdzZW5nLmNvbTCCASIw

.

. (certificate truncated)

.

NtnFrOJrJxy4qO44RW8k78RmaT7uc1bDA8IiDeYo4aZdAQDwwJl7RN2UddZlkXaX

Qnj+a8+j3D9CbWtR/VLb6EMwtYgXXf6ClUfRCbZpaStCmyN4baRoGKsqL+u+yyfR

S1woFfAzqPiJ/dDLh5K4wy+b9aFR2RzX7b7dw7M/8nrvbGNkMUFJO9oBMm6IOl92

UosvaSJTAfc9

-----END CERTIFICATE-----

 

Saved certificate authority bundle.

https set cert

Sets the HTTPS certificate.

After this command completes, a restart is required for new settings to go into effect.

Usage

https set cert [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > https set cert

Overwrite existing certificate? [y/N]: y

Paste your HTTPS certificate in PEM format:

-----BEGIN CERTIFICATE-----

MIIDBTCCAe2gAwIBAgIRALPEq57d1knqntc9NgQvwYQwDQYJKoZIhvcNAQELBQAw

HDEaMBgGA1UEAwwRbW9iaWxlLnB3c2VuZy5jb20wHhcNMTgwNjE4MDA1MTA5WhcN

MTkwNjE5MDA1MTA5WjAcMRowGAYDVQQDDBFtb2JpbGUucHdzZW5nLmNvbTCCASIw

.

. (certificate truncated)

.

NtnFrOJrJxy4qO44RW8k78RmaT7uc1bDA8IiDeYo4aZdAQDwwJl7RN2UddZlkXaX

Qnj+a8+j3D9CbWtR/VLb6EMwtYgXXf6ClUfRCbZpaStCmyN4baRoGKsqL+u+yyfR

S1woFfAzqPiJ/dDLh5K4wy+b9aFR2RzX7b7dw7M/8nrvbGNkMUFJO9oBMm6IOl92

UosvaSJTAfc9

-----END CERTIFICATE-----

Saved certificate "mobile.example.com"

https set key

Sets the HTTPS certificate key.

Usage

https set key [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > https set key

Overwriting private key will invalidate and delete current certificate.

Overwrite existing key? [y/N]: y

Paste your HTTPS certificate key in PEM format:

-----BEGIN PRIVATE KEY-----MMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDfP7kFBwKEuSMs^MimYcoLJ2tpjDQMNrwyVP/EqMppY2HiVrBIjktyR9xLhHQNAsgwejDbr/QhN7eLVG^MNvMS/7g+Dg6lP95xM2dm4Zsrd8nTEI23vkYwIqb+Bbrd

.

. (key truncated)

.

FI+H0H5Zlc7gBAoGAZ/f9L5k6cYZzMXrEf4oN^MVKj1hmclbORGBLB1TOF8buaDuWW9SMQX9VJmzvM4jXb8wuLK+3ALQ8TKvZ2+nQyI^MgRLAoF8d0sZZh4v7IHPEHU3Lcd

ZcmuB9FXcmksGSXOQtDzO+SnpqqBOvSRAUj69e^Mcf36qVK9whM2cXlMuUz+p8Q=-----END PRIVATE KEY-----

Saved certificate key.

https show

Shows the content of one of the following:

•The certificate.

•The certificate authentication bundle.

•The key.

Usage

https show [OPTIONS] SETTING

Options

--help

Displays the help text for this command.

Arguments

SETTING

The specific element you want to see:

•cert: Select this to view the certificate.

•ca-bundle: Select this to view the certificate authentication bundle.

•key: Select this to view the key.

licenses add

Adds a license key to the system.

After this command completes, perform a services restart to put new settings into effect.

Usage

licenses add [OPTIONS] KEY

Options

--help

Displays the help text for this command.

Arguments

KEY

The license key.

Examples

*** list current licenses ***

Pulse One > licenses show

- created: '2018-06-15T16:34:45Z'

type: unity.workspaces.5000u

- created: '2018-06-18T00:50:07Z'

type: unity.appliances.configdist

 

*** add a log-aggregator license ***

Pulse One > licenses add P1-ALOG-st4QZLVQ-5p1csqLj

Added license P1-ALOG-st4QZLVQ-5p1csqLj

 

*** confirm addition of license ***

Pulse One > licenses show

- created: '2018-06-15T16:34:45Z'

type: unity.workspaces.5000u

- created: '2018-06-18T00:50:07Z'

type: unity.appliances.configdist

- created: '2018-06-21T13:28:57Z'

type: unity.appliances.log_aggregator

licenses show

Lists all installed licenses.

Usage

licenses show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > licenses show

- created: '2018-06-15T16:34:45Z'

type: unity.workspaces.5000u

- created: '2018-06-18T00:50:07Z'

type: unity.appliances.configdist

log-aggregator nfs

Sets the NFS parameters for the log-aggregator component.

This command is deprecated. Please use p1 log-aggregator nfs.

log-aggregator settings

Sets the data storage settings for the log-aggregator component.

This command is deprecated. Please use p1 log-aggregator settings.

log-aggregator show

Shows the details of data storage for the log-aggregator component.

This command is deprecated. Please use p1 log-aggregator show.

log-aggregator targets add

Adds a syslog target that will receive forwarded syslog messages.

This command is deprecated. Please use p1 log-aggregator targets add.

log-aggregator targets list

Shows a list of syslog targets.

This command is deprecated. Please use p1 log-aggregator targets list.

log-aggregator targets remove

Removes a syslog target.

This command is deprecated. Please use p1 log-aggregator targets remove.

logout

Logs out of Pulse One.

Usage

logout [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > logout

You can connect to SSH at xx.xx.xx.xx:pp

Press <ENTER> to log in to Pulse One

network arp

The Address Resolution Protocol (ARP) utility. This protocol maps an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network.

The network arp command shows mappings for a specified hostname/IP address in the local network.

Usage

network arp [OPTIONS] [HOST]

Options

--help

Displays the help text for this command.

Arguments

HOST

(Optional) A hostname/IP address in the local network. Where no host is specified, all recorded mappings are listed.

Examples

*** Specify a host ***

Pulse One > network arp main.lab.example.net

main.lab.example.net (xx.xx.xx.xx) at hh:hh:hh:hh:hh:hh [ether] on eth4

main.lab.example.net (yy.yy.yy.yy) at jj:jj:jj:jj:jj:jj [ether] on eth0

*** No host specified, all entries listed ***

Pulse One > network arp

host1.demo.example.com (xx.xx.xx.xx) at hh:hh:hh:hh:hh:hh [ether] on host

port1.demo.example.com (zz.zz.zz.zz) at kk:kk:kk:kk:kk:kk [ether] on eth0

port2.demo.example.com (vv.vv.vv.vv) at nn:nn:nn:nn:nn:nn [ether] on eth4

host2.demo.example.com (yy.yy.yy.yy) at jj:jj:jj:jj:jj:jj [ether] on host

port3.demo.example.com (vv.vv.vv.vv) at pp:pp:pp:pp:pp:pp [ether] on eth0

network dns

Configures DNS lookup servers.

After this command completes, a restart is required for new settings to go into effect.

Usage

network dns [OPTIONS]

Options

--help

Displays the help text for this command.

-p, --primary IP

Set primary DNS server address

-s, --secondary IP

Set secondary DNS server address

Arguments

None.

network hostname

Sets the hostname for an appliance node in a clustered pair. This will enable the Active appliance to be identified.

This command will force a restart of the appliance.

Usage

network hostname [OPTIONS] HOSTNAME

Options

--help

Displays the help text for this command.

Arguments

HOSTNAME

The required hostname.

Examples

Pulse One > network hostname appliance1

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

* eth1 ... [ !! ]

* lo ... [ ok ]

* eth4 ... [ !! ]

* eth0 ... [ !! ]

* Starting networking ...

* lo ... [ ok ]

* eth4 ... [ ok ]

* eth1 ... [ ok ]

* eth0 ... [ ok ]

* Starting chronyd ... * Starting NFS sm-notify ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

hostname: appliance1

network interface external

Configures the external network interface.

After this command completes, a restart is required for new settings to go into effect.

Usage

network interface external [OPTIONS]

Options

--help

Displays the help text for this command.

-i, --ip IP_ADDRESS

Set IP address.

-n, --netmask IP_ADDRESS

Set netmask.

-g, --gateway IP_ADDRESS

Set gateway IP address.

--dhcp / --no-dhcp

Enable/disable DHCP. This overrides all other settings if enabled.

Arguments

None.

Examples

Pulse One > network interface external -i xx.xx.xx.xx -n nn.nn.nn.nn

-g gg.gg.gg.gg --no-dhcp

external:

dhcp: false

enabled: true

ip_address: xx.xx.xx.xx

netmask: nn.nn.nn.nn

network interface internal

Configures the internal network interface. This is only required for clustered Pulse One nodes

After this command completes, a restart is required for new settings to go into effect.

Usage

network interface internal [OPTIONS]

Options

--help

Displays the help text for this command.

-i, --ip IP

Set IP address of the management network interface.

-n, --netmask IP

Set netmask for the management network interface.

-g, --gateway IP

Set gateway IP address.

Arguments

None.

Examples

Pulse One > network interface internal -i xx.xx.xx.xx -n nn.nn.nn.nn

-g yy.yy.yy.yy

* WARNING: you are stopping a boot service

* Unmounting NFS filesystems ... [ ok ]

* Stopping chronyd ... [ ok ]

* Stopping networking ...

(interface messages)

* Starting networking ...

* lo ... [ ok ]

* eth4 ... [ ok ]

* eth1 ... ip: RTNETLINK answers: File exists

[ !! ]

* eth0 ... [ ok ]

* Starting NFS sm-notify ... * Starting chronyd ... [ ok ]

* Mounting NFS filesystems ... [ ok ]

[ ok ]

internal:

enabled: true

ip_address: xx.xx.xx.xx

netmask: 255.255.0.0

network interface management

Configures the management network interface.

After this command completes, a restart is required for new settings to go into effect.

Usage

network interface management [OPTIONS]

Options

--help

Displays the help text for this command.

-i, --ip IP

Set IP address of the management network interface.

-n, --netmask IP

Set netmask for the management network interface.

-g, --gateway IP

Set gateway IP address.

--dhcp / --no-dhcp

Enable/disable DHCP. This overrides all other settings if enabled.

Arguments

None.

network ip route add

Adds a static route to the system settings.

Usage

network ip route add [NETWORK | OPTIONS] [via ADDRESS] dev INTERFACE

Options

--help

Displays the help text for this command.

Arguments

NETWORK

An IP address and optional CIDR formatted netmask. For example: 192.168.0.0/16

ADDRESS

(Optional) The IP address of the Next hop router (gateway).

INTERFACE

(Required) The interface to be used. That is, internal, external or management.

network ip route delete

Removes a static route from the system settings.

Usage

network ip route delete [OPTIONS] NETWORK

Options

--help

Displays the help text for this command.

Arguments

NETWORK

The IP address of a current static route.

network ip route show

Displays the current IP static routes table.

Usage

network ip route show

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** populated IP static routing table ***

Pulse One > network ip route show

routes:

- gateway: xx.xx.xx.xx

interface: management

network: yy.yy.yy.yy/nn

- gateway: bb.bb.bb.bb

interface: management

network: aa.aa.aa.aa/nn

 

*** empty IP static routing table ***

Pulse One > network ip route show

routes: []

network nslookup

A DNS lookup utility.

Usage

network nslookup [OPTIONS] HOST DNS_SERVER

Options

--help

Displays the help text for this command.

Arguments

HOST

The host you want to look up.

DNS_SERVER

The DNS server on which you want to search.

Examples

Pulse One > network nslookup xx.xx.xx.xx yy.yy.yy.yy

Server: yy.yy.yy.yy

Address 1: yy.yy.yy.yy exampledns01.example.com

Name: xx.xx.xx.xx

Address 1: xx.xx.xx.xx

network ping

A Ping utility. This will either send ten packets, or execute for ten seconds, whichever comes first.

Usage

network ping [OPTIONS] IP

Options

--help

Displays the help text for this command.

Arguments

IP

The IP address you want to ping.

Examples

Pulse One > network ping xx.xx.xx.xx

PING xx.xx.xx.xx (xx.xx.xx.xx): 56 data bytes

64 bytes from xx.xx.xx.xx: seq=0 ttl=252 time=6.325 ms

64 bytes from xx.xx.xx.xx: seq=1 ttl=252 time=4.076 ms

64 bytes from xx.xx.xx.xx: seq=2 ttl=252 time=4.040 ms

64 bytes from xx.xx.xx.xx: seq=3 ttl=252 time=3.946 ms

64 bytes from xx.xx.xx.xx: seq=4 ttl=252 time=4.261 ms

64 bytes from xx.xx.xx.xx: seq=5 ttl=252 time=3.908 ms

64 bytes from xx.xx.xx.xx: seq=6 ttl=252 time=4.108 ms

64 bytes from xx.xx.xx.xx: seq=7 ttl=252 time=3.808 ms

64 bytes from xx.xx.xx.xx: seq=8 ttl=252 time=3.733 ms

64 bytes from xx.xx.xx.xx: seq=9 ttl=252 time=3.735 ms

 

--- xx.xx.xx.xx ping statistics ---

10 packets transmitted, 10 packets received, 0% packet loss

round-trip min/avg/max = 3.733/4.194/6.325 ms

network show

Shows all network settings.

Usage

network show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

network traceroute

Runs the Traceroute utility for a specified IP address.

Usage

network traceroute [OPTIONS] IP

Options

--help

Displays the help text for this command.

Arguments

IP

The IP address you want to ping.

Examples

Pulse One > network traceroute xx.xx.xx.xx

traceroute to xx.xx.xx.xx (xx.xx.xx.xx), 30 hops max, 46 byte packets

1 * * *

2 yy.yy.yy.yy (yy.yy.yy.yy) 1.138 ms 1.284 ms 1.104 ms

3 zz.zz.zz.zz (zz.zz.zz.zz) 1.345 ms 1.453 ms 1.327 ms

4 aa.aa.aa.aa (aa.aa.aa.aa) 17.474 ms 3.895 ms *

ntp pool

Adds or updates the single NTP pool.

Usage

ntp pool [OPTIONS] LOCATION

Options

--help

Displays the help text for this command.

--enable / --disable

Enable or disable a pool of NTP servers.

Arguments

LOCATION

The NTP pool that you want to add to the NTP configuration.

Examples

*** show current (empty) NTP configuration ***

Pulse One > ntp show

pool: null

servers: []

 

*** add NTP pool ***

Pulse One > ntp pool pool.ntp.org

pool:

enabled: true

location: pool.ntp.org

servers: []

 

*** disable the new pool ***

Pulse One > ntp pool pool.ntp.org --disable

* Stopping chronyd ...

[ ok ]

* Starting chronyd ...

[ ok ]

ntp:

pool:

enabled: false

location: pool.ntp.org

servers: []

ntp remove

Removes a server or pool from the NTP configuration.

There must always be either a pool or a server configured.

Usage

ntp remove [OPTIONS] [ POOL | SERVER ] LOCATION

Options

--help

Displays the help text for this command.

Arguments

POOL

Specify a pool.

SERVER

Specify a server.

LOCATION

The identifier of the server/pool that you want to remove.

ntp server

Adds or updates an NTP server.

Usage

ntp server [OPTIONS] LOCATION

Options

--help

Displays the help text for this command.

--enable / --disable

Enable or disable an NTP server.

Arguments

LOCATION

The NTP server that you want to add to the NTP configuration.

ntp show

Shows all current NTP settings.

Enabled servers are listed before disabled servers.

Usage

ntp show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** single pool, no servers ***

Pulse One > ntp show

pool:

enabled: true

location: pool.ntp.org

servers: []

 

*** pair of servers, no pool ***

Pulse One > ntp show

pool: null

servers:

- enabled: true

location: yy.yy.yy.yy

- enabled: false

location: xx.xx.xx.xx

p1 domain admins list

Lists admins, either for all domains or for a specified domain.

This command is disabled under MSSP mode.

Usage

p1 domain admins list [OPTIONS] [DOMAIN]

Options

--help

Displays the help text for this command.

Arguments

DOMAIN

(Optional) Specifies a domain. If not specified, all domains are listed.

Examples

*** list all domains ***

Pulse One > p1 domain admins list

domains:

mobile.example.com:

uiadmin:

email: [email protected]

roles:

- Super Admin

 

*** list specific domain ***

Pulse One > p1 domain admins list mobile.example.com

domains:

mobile.example.com:

uiadmin:

email: [email protected]

roles:

- Super Admin

p1 domain admins password reset

Resets the password of a local domain admin.

This is required when the path becomes locked after failed login attempts.

Usage

p1 domain admins password reset [OPTIONS] [USERNAME]

Options

--help

Displays the help text for this command.

Arguments

USERNAME

(Optional) Specifies a local domain admin.

Examples

*** Reset password of local domain admin "tk-428" ***

Pulse One > p1 domain admins password reset tk-428

Resetting the password of tk-428...

Changed password of local web user: tk-428 to azxhYPaGwybW3nfw

p1 domain list

Displays all provisioned domain names.

This command is disabled under MSSP mode.

Usage

p1 domain list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > p1 domain list

domains:

- mobile.example.com

p1 domain property list

Shows settings for all domain properties.

This command is disabled under MSSP mode.

Usage

p1 domain property list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: google

- afw_enterprise_id: null

p1 domain property reset

Resets all the domain properties.

This command is disabled under MSSP mode.

Usage

p1 domain property reset [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** list all domain properties ***

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: google

- afw_enterprise_id: null

 

*** reset properties ***

Pulse One > p1 domain property reset

Resetting domain properties...

Done

 

*** confirm properties are reset ***

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: null

- afw_enterprise_id: null

p1 domain property set

Sets a domain property.

This command is disabled under MSSP mode.

Usage

p1 domain property set [OPTIONS] DOMAIN_PROPERTY_NAME DOMAIN_PROPERTY

Options

--help

Displays the help text for this command.

Arguments

DOMAIN_PROPERTY_NAME

The domain property that you want to change. The available domain properties are:

•afw_domain_admin_user

•afw_enterprise_type

•afw_enterprise_id

DOMAIN_PROPERTY

The new value for the domain property, either afw (Android for Work) or Google. Always use afw unless directed otherwise.

Examples

*** list all domain properties ***

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: null

- afw_enterprise_id: null

 

*** reset properties ***

Pulse One > p1 domain property set afw_enterprise_type google

Setting domain property: afw_enterprise_type to google ...

Done

 

*** confirm properties are reset ***

Pulse One > p1 domain property list

Getting domain properties...

domain properties:

- afw_domain_admin_user: null

- afw_enterprise_type: google

- afw_enterprise_id: null

p1 domain provision

Provisions a new Pulse One environment.

This command is disabled under MSSP mode.

Usage

p1 domain provision [OPTIONS] DOMAIN

Options

--help

Displays the help text for this command.

--admin-username USERNAME

(Required) Username of the admin user. The default is root.

--admin-email EMAIL

(Required) Email address of admin.

Arguments

DOMAIN

The name of the domain you want to provision.

Examples

Pulse One > p1 domain provision mobile.example.com --admin-username user

--admin-email [email protected]

 

This will overwrite any existing Pulse One configuration. This can not be run on an already provisioned environment. You may need to `destroy` your environment before continuing.

Continue? [y/N]: Y

Set new admin password.

Password:

Confirm Password:

.

. (messages)

.

Provider domain mobile.example.com created.

Provisioned.

p1 domain whitelist add ip

Adds an IP address or range to the whitelist from which an admin can log into the Pulse One GUI.

All IP addresses outside the whitelist are then blocked from accessing Pulse One.

Whitelisting IP addresses/ranges is disabled by default. It is enabled when you add the first IP address/range to the whitelist, which must include your current IP address. After you have added your first whitelist item, all other IP addresses/ranges are automatically blacklisted. You can then continue to add all other required IP addresses/ranges until you have added all IP addresses/ranges from which admins can log in.

To reset all whitelist entries, use the p1 domain whitelist reset.

You can only add countries to the whitelist from the Pulse One GUI.

Usage

p1 domain whitelist add ip [OPTIONS] IP_ADDRESS

Options

--help

Displays the help text for this command.

Arguments

IP_ADDRESS

The IP address or range that you want to add to the whitelist, with an optional CIDR-formatted netmask. For example, 192.168.0.0/16.

Examples

*** add a specific whitelisted ip address or range ***

Pulse One > p1 domain whitelist add ip 192.168.0.0/16

Pulse One >

 

*** show all whitelisted entries

Pulse One > p1 domain whitelist show

Getting whitelist configurations...

 

Whitelisted Countries: null

Whitelisted IPs: 192.168.0.0/16

p1 domain whitelist reset

Resets whitelist of IP addresses and countries from which an admin can log into the Pulse One GUI.

To add an item to the whitelist, see p1 domain whitelist add ip.

Usage

p1 domain whitelist reset [OPTIONS] [DOMAIN]

Options

--help

Displays the help text for this command.

Arguments

DOMAIN

(Optional) The name of a single domain you want to remove from the whitelist. If this option is not specified, the whitelist is emptied.

Examples

*** reset a specific whitelisted domain ***

Pulse One > p1 domain whitelist reset example.demo.com

WARNING: This will remove <message>. Do you wish to continue? [y/N]: y

Pulse One >

 

*** reset all whitelisted domains ***

Pulse One > p1 domain whitelist reset

WARNING: This will remove all IP address and country restrictions from all domains, allowing admins to log in from any IP address/country. Do you wish to continue? [y/N] y

Pulse One >

p1 domain whitelist show

Displays a whitelist of IP addresses and countries from which an admin can log into the Pulse One GUI.

To add an item to the whitelist, see p1 domain whitelist add ip.

Usage

p1 domain whitelist show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** empty whitelist ***

Pulse One > p1 domain whitelist show

Getting whitelist configurations...

 

Whitelisted Countries: null

Whitelisted IPs: null

 

*** populated whitelist ***

Pulse One > p1 domain whitelist show

Getting whitelist configurations...

 

Whitelisted Countries: null

Whitelisted IPs: xx.xx.xx.xx/mm

p1 log-aggregator nfs

Sets the NFS parameters for the log-aggregator component.

After this command completes, perform a services restart to put new settings into effect.

Usage

p1 log-aggregator nfs [OPTIONS]

Options

--help

Displays the help text for this command.

--enable / --disable

Enable or disable NFS data storage.

-v, --volume VOLUME

Specify NFS volume in the form remote_host:remote_dir. This is required for the --enable option.

-o, --options OPTIONS

Specify NFS options, as a comma-separated list. Available options match those that are described on the mount_nfs manual (man) page.

Arguments

None.

Examples

*** enable NFS ***

Pulse One > p1 log-aggregator nfs --enable -v example:/home

This will delete all existing appliance logs. All services will be stopped if currently running.

Continue? [y/N]: y

Stopping uno_data-store_1 ... done

Stopping uno_index_1 ... done

.

. (service messages)

.

Stopping uno_ui-assets_1 ... done

Stopping uno_cache_1 ... done

keep_days: 3

nfs:

options: vers=3,nolock,retry=1,rw

volume: example:/home

type: nfs

p1 log-aggregator settings

Sets data storage settings for the log-aggregator component.

After this command completes, perform a services restart to put new settings into effect.

Usage

p1 log-aggregator settings [OPTIONS]

Options

--help

Displays the help text for this command.

-d, --keep-days RETENTION_POLICY

(Required) Specify the number of days any given log will be kept in the index.

--tls / --no-tls

Enables or disables TLS on syslog input.

Arguments

None.

Examples

*** set keep_days ***

Pulse One > p1 log-aggregator settings -d 28

Changing retention policy could lead to loss of data.

Continue? [y/N]: y

keep_days: 28

tls: false

 

*** set TLS to true ***

Pulse One > p1 log-aggregator settings --tls

keep_days: 28

tls: true

p1 log-aggregator show

Shows details of data storage for the log-aggregator component.

Usage

p1 log-aggregator show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > p1 log-aggregator show

disk usage: 520b

settings:

keep_days: 28

nfs:

options: vers=3,nolock,retry=1,rw

volume: example:/home

type: nfs

status: Enabled

p1 log-aggregator targets add

Adds a syslog target that will receive forwarded syslog messages.

After this command completes, perform a services restart to put new settings into effect.

Usage

p1 log-aggregator targets add [OPTIONS] HOST

Options

--help

Displays the help text for this command.

-p, --port INTEGER

The host's syslog connection port

--tls / --no-tls

Enable TLS when sending logs

Arguments

HOST

The target host that you want to add.

Examples

*** check current targets (empty) ***

Pulse One > p1 log-aggregator targets list

{}

 

*** add a target ***

Pulse One > p1 log-aggregator targets add -p 333 --no-tls xx.xx.xx.xx

xx.xx.xx.xx:333:

host: xx.xx.xx.xx

port: 333

tls: false

 

*** confirm the addition ***

Pulse One > p1 log-aggregator targets list

xx.xx.xx.xx:333:

host: xx.xx.xx.xx

port: 333

tls: false

p1 log-aggregator targets list

Displays a list of syslog targets.

Usage

p1 log-aggregator targets list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** the list is empty ***

Pulse One > p1 log-aggregator targets list

{}

 

*** one target in the list ***

Pulse One > p1 log-aggregator targets list

10.11.12.13:333:

host: 10.11.12.13

port: 333

tls: false

p1 log-aggregator targets remove

Removes a syslog target.

After this command completes, perform a services restart to put new settings into effect.

Usage

p1 log-aggregator targets remove [OPTIONS] HOST:PORT

Options

--help

Displays the help text for this command.

Arguments

HOST:PORT

Specify a syslog target to remove.

Examples

*** check current targets ***

Pulse One > p1 log-aggregator targets list

xx.xx.xx.xx:333:

host: xx.xx.xx.xx

port: 333

tls: false

 

*** delete a target ***

Pulse One > p1 log-aggregator targets remove -p 333 --no-tls xx.xx.xx.xx

Deleted.

 

*** confirm the deletion (now empty) ***

Pulse One > p1 log-aggregator targets list

{}

p1 mssp provision

Provisions an MSSP management domain.

This command is enabled by a valid MSSP license.

Usage

p1 mssp provision [OPTIONS] DOMAIN

Options

--help

Displays the help text for this command.

--admin-username USERNAME

(Required) Username of admin.

--admin-email EMAIL

(Required) Email address of admin.

Arguments

DOMAIN

The name of the MSSP domain you want to provision.

pws config refresh-app-icons

Refreshes the workspace application icons on the current node.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config refresh-app-icons [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config refresh-app-icons

Refreshing app icons...

Done

pws config reset ios-certificate

Regenerates the iOS MDM root certificate.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config reset ios-certificate [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config reset ios-certificate

WARNING: This regenerates the iOS MDM root certificate. Existing MDM device certificates issued to iOS devices will be invalidated and iOS devices will need to re-enroll to get policy updates.

 

Type "RESET" to continue: RESET

 

Regenerating iOS MDM root certificate...

Regenerated iOS MDM root certificate.

pws config set esa

Sets the Google ESA Credentials.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config set esa [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

pws config set ios-mdm-push-certificate

Updates the iOS MSM push certificate. This certificate is used to create a certificate signing request (CSR) for the iOS MDM certificate.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config set ios-mdm-push-certificate [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config set ios-mdm-push-certificate

The iOS MDM push certificate is provided by Pulse Secure and the iOS MDM push key can not be changed. Overwrite existing iOS MDM push certificate? [y/N]: y

Paste your iOS MDM push certificate in PEM format:

-----BEGIN CERTIFICATE-----^MMIIEuzCCA6OgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJVUzET^MMBEGA1UEChMKQXBwbGUgSW5jLjEmMCQGA1UECxMdQXBwbGUgQ2VydGlmaWNhdGlv^MbiBBdXRob3JpdHkxFjAUBgNVBAMTDUFwcGxlIFJvb3Qg

.

. (certificate)

.

ieerCVRouiEr0NlFXVTBMxtinXUWberS7/fxBuN/DlMHhwtXOeuz35WpxoNASUde

Rqk9LgbQIKdC1yNI3IAgPEWjUJArMXogJXP3lztiOGlj/ETiToCiQALUU//cB0aj

z5I+FEIWQzkRBMn2AKRezm9S5LEBxKgsbtIJRsydUzEm6atkWp2qIHKwZQMRCA==

-----END CERTIFICATE-----

 

Hash values for the iOS MDM Push Certificate string:

MD5: 17cf4528db9833e19a47c8fad0f63fdf

SHA256: efe0f65a7049d4a711dd3e38231a66c1c850b18fdaef49f4a84511ca4d2c4264

pws config set ios-pulse-secure-app-push-certificate

Updates the iOS Pulse Client push notification certificate.

After this command completes, perform a services restart to put new settings into effect.

Usage

pws config set ios-pulse-secure-app-push-certificate [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config set ios-pulse-secure-app-push-certificate

The IOS Pulse Secure Client App Push Notification certificate needs to be provided by Pulse Secure. Update current certificate? [y/N]: y

Paste your iOS Pulse push certificate in PEM format:

-----BEGIN CERTIFICATE-----^MMIIGSzCCBTOgAwIBAgIIUbJAMJf/nAIwDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV^MBAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3Js^MZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UE

.

. (certificate truncated)

.

Y3VyZS5wdWxzZXNlY3VyZTE5MDcGA1UHuwnL55Rerxoh3Xi7UWFrgJLKsvoiOZUOXma1FEcQXu3A3NOOwn5LayPfbdJLDZmgxpHrck/XFKTDqcRhD2fo8/PeyknuatSC9fg13g3Dw==

-----END CERTIFICATE-----

Hash values for the iOS Client Push Certificate string:

MD5: fa31afc1a1b2c33bcd448f28f7ddf9a2

SHA256: a19cfdc3a4483b3682a22a2c167c63f2f521d41f21ea1b2c378cc4483691d8b5

pws config set msa

Sets the Google MSA Credentials.

Usage

pws config set msa [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

pws config show esa

Shows Workspace ESA information.

Usage

pws config show esa [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config show esa

Credentials:

auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs

auth_uri: https://accounts.google.com/o/oauth2/auth

client_email: wb882f19b668ec52ef12b76169@pfwp-ulsesecureandroidmdmtest2.google.com.iam.gserviceaccount.com

client_id: '108955911278235671297'

client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/wb882f19b668ec52ef12b76169%40pfwp-ulsesecureandroidmdmtest2.google.com.iam.gserviceaccount.com

private_key_id: 4ce2f68b79dff03027d1e0157b29181dc81

project_id: google.com:pfwp-ulsesecureandroidmdmtest2

token_uri: https://accounts.google.com/o/oauth2/token

type: service_account

PEM contents hidden for security. Verify with hashes below:

MD5 for the private key: 431eff630d49180e1447a4f856e2

MD5 for the whole Credential string: ad074eb71e1686bc40153794a7e

SHA256 for the private key: 36c293c8b3fed64dc0c5d21dfa1d83b46a59882c0bfd6c648b837755952

SHA256 for the whole Credential string: 8c29d9463883b6add6bed5ad2ba6d6f93d9cad301c2240d5e902259e22c6

pws config show msa

Shows Workspace MSA information.

This command is enabled by a valid MSSP license and requires a valid PWS license.

Usage

pws config show msa [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws config show msa

Credentials:

auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs

auth_uri: https://accounts.google.com/o/oauth2/auth

client_email: [email protected]

client_id: '102471083974256594602'

client_x509_cert_url: https://www.googleapis.com/robot/v1/metadata/x509/account-1%40pws-dev.iam.gserviceaccount.com

private_key_id: 5dd8b5951c10b85a0665c1706dcab61c89a01e56

token_uri: https://accounts.google.com/o/oauth2/token

type: service_account

PEM contents hidden for security. Verify with hashes below:

MD5 for the private key: f3d746222228629061bf41c2d9616925

MD5 for the whole Credential string: a0a1038a695017fde74f7f6ccd2bad8a

SHA256 for the private key: 48535f0e85443bb3ac42db548cb947567a369148379c8a703a71cb404e3f9621

SHA256 for the whole Credential string: 607d0713ebc6837186111dfd5ed2ae1decb05ba6459a8fd758d8e5208b9dc485

pws email-domain add

Adds an email domain.

Usage

pws email-domain add [OPTIONS] EMAIL_DOMAIN_NAME

Options

--help

Displays the help text for this command.

Arguments

EMAIL_DOMAIN_NAME

The email domain that you want to add.

Examples

*** list all email domains ***

Pulse One > pws email-domain list

Getting email domains...

No email domain found.

 

*** add a new domain ***

Pulse One > pws email-domain add yahoo.co.uk

Adding email domain yahoo.co.uk...

Done.

 

*** confirm the addition ***

Pulse One > pws email-domain list

Getting email domains...

email domains:

- yahoo.co.uk

pws email-domain delete

Deletes an email domain.

Usage

pws email-domain delete [OPTIONS] EMAIL_DOMAIN_NAME

Options

--help

Displays the help text for this command.

Arguments

EMAIL_DOMAIN_NAME

The email domain that you want to delete.

Examples

*** list all email domains ***

Pulse One > pws email-domain list

Getting email domains...

email domains:

- yahoo.co.uk

 

*** delete an email domain ***

Pulse One > pws email-domain delete yahoo.co.uk

Deleting email domain yahoo.co.uk...

Done.

 

*** confirm the deletion ***

Pulse One > pws email-domain list

Getting email domains...

No email domain found.

pws email-domain list

Shows all the email domains.

This command is disabled under MSSP mode.

Usage

pws email-domain list [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > pws email-domain list

Getting email domains...

email domains:

- yahoo.com

- yahoo.co.uk

- gmail.com

pws-config refresh-app-icons

Refreshes the workspace app icons on the current node.

This command is deprecated. Please use pws config refresh-app-icons.

pws-config reset ios-certificate

Regenerates the iOS MDM root certificate.

This command is deprecated. Please use pws config reset ios-certificate.

pws-config set esa

Sets the Google ESA Credentials.

This command is deprecated. Please use pws config set esa.

pws-config show esa

Shows the Workspace ESA information.

This command is deprecated. Please use pws config show esa.

services logs

Displays logs for application services.

Usage

services logs [OPTIONS] [SERVICE]

Options

--help

Displays the help text for this command.

--tail INTEGER

Number of log lines to show per service.

--follow / --no-follow

Follow logs as they are updated.

Arguments

SERVICE

(Optional) The required app service.

•To list available services for this argument, refer to services status.

•If no SERVICE is specified, all app services are included.

•By default, only app services are included. To view all services, specify ALL.

Examples

*** list logs, limited to most recent 5 entries ***

Pulse One > services logs --tail 3 --no-follow

Attaching to api_1, backend_1, backend_2, backend_3, backend_4, backend_5,

backend_6, backend_7, backend_8, cellsecrpc_1, console_1, file-store_1,

portal_1, proxy_1, pws-api_1, ui-assets_1

pws-api_1 | spawned uWSGI worker 3 (pid: 16, cores: 1)

pws-api_1 | spawned uWSGI worker 4 (pid: 17, cores: 1)

pws-api_1 | spawned uWSGI worker 5 (pid: 18, cores: 1)

api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 13

api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 14

api_1 | 2018/06/18 12:53:02 [notice] 1#0: start worker process 15

.

. (logs)

.

ui-assets_1 | Starting nginx with CORS origin * (.*)

ui-assets_1 | Starting nginx with CORS origin * (.*)

ui-assets_1 | Starting nginx with CORS origin * (.*)

services restart

Restarts one or more services.

By default, all services are restarted. To restart individual service(s), specify the SERVICE argument.

Usage

services restart [OPTIONS] [SERVICE]...

Options

--help

Displays the help text for this command.

Arguments

SERVICE

(Optional) The required service.

•If no SERVICE is specified, all services are included.

•If you want to specify one or more specific services, include each.

Examples

*** restart all services ***

Pulse One > services restart

Restarting...

Starting with version "1902"...

Started.

Restarted.

 

*** restarting a specific service ***

Pulse One > services restart

services start

Starts all services.

Usage

services start [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > services start

Starting with version "1902"...

Started.

services status

Displays the status of all services.

Usage

services status [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

services stop

Stops all services.

Usage

services stop [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > services stop

Stopping...

Stopping uno_backbeat_1 ... done

Stopping uno_api_1 ... done

Stopping uno_pws-api_1 ... done

Stopping uno_cellsecrpc_1 ... done

Stopping uno_portal_1 ... done

Stopping uno_proxy_1 ... done

Stopping uno_file-store_1 ... done

Stopping uno_backend_8 ... done

Stopping uno_backend_5 ... done

Stopping uno_backend_2 ... done

Stopping uno_backend_7 ... done

Stopping uno_backend_6 ... done

Stopping uno_backend_3 ... done

Stopping uno_backend_4 ... done

Stopping uno_backend_1 ... done

Stopping uno_console_1 ... done

Stopping uno_ui-assets_1 ... done

Stopping uno_cache_1 ... done

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Stopped.

smtp set

Modifies the current SMTP configuration.

After this command completes, perform a services restart to put new settings into effect.

Usage

smtp set [OPTIONS]

Options

--help

Displays the help text for this command.

-s, --server ADDRESS

Sets the SMTP server IP or hostname.

-p, --port PORT

Sets the SMTP server port number.

-t, --tls

(Optional) Enables SSL/TLS.

To disable TLS, use the --no-tls option.

-u, --username USERNAME

(Optional) Sets the SMTP username. This is only required when SMTP expects a username.

To remove the username from the configuration, use the --no-username option.

--password

(Optional) Indicates that a password is required. The system prompts for a password.

This is only required when SMTP expects a password.

To remove the password from the configuration, use the --no-password option.

--sender EMAIL

Defines the email address of default sender for all messages.

--no-username

(Optional) Removes SMTP username from the configuration.

--no-password

(Optional) Removes SMTP password from the configuration.

--no-tls

(Optional) Disables TLS in the configuration.

Arguments

None.

smtp show

Displays current SMTP settings.

Usage

smtp show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > smtp show

password: '********'

port: 587

sender_email: [email protected]

server: smtp.mailgun.org

ssl_tls: false

username: [email protected]

system backup export

Exports an archive of system settings as a GZIP TAR (.tgz) file. This uses a specified interface.

You can choose to exclude syslog data if required.

During the process, the following message is displayed:

Download ready at http://xx.xx.xx.xx:8000/backup/download

MD5: 10e3f47281a8a5c494df8dca7d3c5ddd

Press Ctrl-C when finished.

When this message appears, do not press CTRL + C.

Instead, start a web browser and access http://xx.xx.xx.xx:8000/backup/download in a browser.

Save the backup file to an accessible location.

Once the file save completes, return to the CLI and press CTRL + C to complete the export process.

If you press CTRL + C before the download completes, the web browser will close, and you will have to start the system backup export process again.

Usage

system backup export [OPTIONS]

Options

-e, --exclude [syslog]

Exclude syslog data from backup

-i, --interface INTERFACE

INTERFACE can be either external or management. The specified interface is used when downloading the system settings. If unspecified, the management interface is used by default.

--help

Displays the help text for this command.

Arguments

None.

system backup import

Imports an archive and restores the system using a specified interface.

When the process starts, the following message is displayed:

Upload your backup archive here:

URL: http://xx.xx.xx.xx:8000/backup

Press Ctrl-C when finished.

When this message appears, do not press CTRL + C.

Instead, start a web browser and access http://xx.xx.xx.xx:8000/backup.

Using the controls on the web page, upload the backup file you want to restore.

Once the backup file upload completes, return to the CLI and press CTRL + C to continue the import process.

Usage

system backup import [OPTIONS]

Options

-i, --interface INTERFACE

INTERFACE can be either external or management. The specified interface is used when importing the system settings. If unspecified, the management interface is used by default.

--help

Displays the help text for this command.

Arguments

None.

system banner remove

Removes a configured login banner.

Usage

system banner remove [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** show current banner ***

Pulse One > system banner show

Pulse Secure PULSE ONE Appliance

(c) 2018, Pulse Secure LLC.

 

*** remove banner ***

Pulse One > system banner remove

Banner removed.

 

*** confirm deletion ***

Pulse One > system banner show

No banner set.

system banner set

Sets a login banner.

Usage

system banner set [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system banner set

Enter or paste the banner message followed by two blank lines:

Pulse Secure PULSE ONE Appliance

(c) 2018, Pulse Secure LLC.

 

Banner saved.

system banner show

Displays the configured login banner.

Usage

system banner show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

*** no banner ***

Pulse One > system banner show

No banner set.

 

*** banner set ***

Pulse One > system banner show

Pulse Secure PULSE ONE Appliance

(c) 2018, Pulse Secure LLC.

system debug

Launches the debug shell. This operation requires assistance from Pulse One Tech support.

Usage

system debug [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system debug

 

This operation requires assistance from Pulse One Tech support.

Do you wish to proceed? [y/N]: y

 

(debug messages)

system destroy data

Resets all data to factory defaults.

Usage

system destroy data [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

system destroy index

Deletes all statistics and profiler data.

This command will stop all services on the Pulse One appliance. You must restart any required services manually after the command completes, see services start.

Usage

system destroy index [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy index

WARNING: This will delete all index service data. The data will not be recoverable.

Type "DESTROY" to continue: DESTROY

Stopping uno_log-collector_1 ...

Stopping uno_log-indexer_1 ...

.

. (system messages: stopping services)

.

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Resetting data...

Removing uno_index_1 ... done

Removing file /data/elasticsearch/elasticsearch/nodes/0/indices/cust___p1_f2ac9527/1/index/_0.cfe

Removing file /data/elasticsearch/elasticsearch/nodes/0/indices/cust___p1_f2ac9527/1/index/_0.cfs

.

. (system messages: removing files and directories)

.

Removing directory /data/elasticsearch/elasticsearch/nodes

Removing directory /data/elasticsearch/elasticsearch

 

system destroy log-indexer

Deletes all received syslog data.

This command will stop all services on the Pulse One appliance. You must restart any required services manually after the command completes, see services start.

Usage

system destroy log-indexer [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy log-indexer

WARNING: This will delete all log-indexer service data. The data will not be recoverable.

Type "DESTROY" to continue: DESTROY

Stopping uno_log-collector_1 ...

Stopping uno_api_1 ...

Stopping uno_pws-api_1 ... done

.

. (system messages: stopping services)

.

Stopping uno_cache_1 ... done

Stopping uno_index_1 ... done

Stopping uno_data-store_1 ... done

Resetting data...

Removing uno_log-collector_1 ... done

Removing uno_log-indexer_1 ... done

.

. (system messages: removing files and directories)

.

Removing directory /data/log_indexer/graylog-prod

Removing directory /data/log_indexer/log

system destroy managed-appliance-configs

Deletes all PCS and PPS configurations.

Usage

system destroy managed-appliance-configs [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system destroy managed-appliance-configs

 

Pulse One will forget the configuration data it has received from Pulse Connect Secure and Pulse Policy Secure appliances. It will soon get fresh data from the appliances, but history will be lost. Use this command if, after a Pulse One cluster failover, viewing or publishing PCS/PPS configuration leads to unexplained error messages.

 

Continue? [y/N]: Y

 

.

. (system messages: appliance removals)

.

 

Destroyed.

system destroy service-logs

Deletes all service logs.

This command will stop all services on the Pulse One appliance. After completion, any services that were running when the command was used will be restarted automatically.

Usage

system destroy service-logs [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

system destroy system-config

Resets the appliance to factory defaults.

Usage

system destroy system-config [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

system provision

Provisions a new Pulse One environment.

This command is deprecated. Please use p1 domain provision.

system reboot

Reboots the system.

Usage

system reboot [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system reboot

Reboot now? [y/N]: y

Rebooting now...

system security fips

Enables or disables FIPS mode. If no option is specified, FIPS is disabled by default.

Usage

system security fips [OPTIONS]

Options

--help

Displays the help text for this command.

--enable

Enables server FIPS mode.

--disable

Disables server FIPS mode.

Arguments

None.

Examples

*** enable FIPS ***

Pulse One > system security fips --enable

Enabling FIPS mode will stop all services and log you out.

Continue? [y/N]: y

<system reboots>

 

*** disable FIPS ***

Pulse One > system security fips --disable

Disabling FIPS mode will stop all services and log you out.

Continue? [y/N]: y

<system reboots>

 

*** specify no option ***

Pulse One > system security fips

FIPS mode already DISABLED.

system security show

Displays security-related configuration.

Usage

system security show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system security show

FIPS Mode: false

Version: Pulse One version 2.0

system session-settings set

Sets CLI login security settings.

Usage

system session-settings set [OPTIONS]

Options

--help

Displays the help text for this command.

-i, --idle-timeout IDLE_TIMEOUT

Set seconds to wait before logging out an idle session.

-l, --login-timeout LOGIN_TIMEOUT

Set seconds to wait before timing out login attempt.

-m, --max-auth-attempts AUTH_ATTEMPTS

Set number of failed login attempts before client is disconnected.

Arguments

None.

Examples

*** display current settings ***

Pulse One > system session-settings show

idle_timeout: 300

login_timeout: 30

max_auth_attempts: 3

 

*** set idle_timeout ***

Pulse One > system session-settings set -i 250

idle_timeout: 250

login_timeout: 30

max_auth_attempts: 3

system session-settings show

Shows CLI login security settings.

Usage

system session-settings show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system session-settings show

idle_timeout: 300

login_timeout: 30

max_auth_attempts: 3

system shutdown

Halts the system and shuts it down.

Usage

system shutdown [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system shutdown

Shut down now? [y/N]: Y

Shutting down now...

system snapshot

Takes a snapshot of application logs and system information as a GZIP TAR (.tgz) file, using a specified interface.

During the process, a message similar to the following is displayed:

Download ready at http://xx.xx.xx.xx:8000/snapshot/download

MD5: 73c0973a126352559b8be388c8ebc605

Press Ctrl-C when finished.

When this message appears, do not press CTRL + C.

Instead, start a web browser and access http://xx.xx.xx.xx:8000/snapshot/download.

Save the snapshot file to an accessible location.

Once the file save completes, return to the CLI and press CTRL + C to complete the snapshot process.

If you press CTRL + C before the download completes, the web browser will close, and you will have to start the system snapshot process again.

Usage

system snapshot [OPTIONS]

Options

-i, --interface INTERFACE

INTERFACE can be set to either external or management. This interface is used when downloading the snapshot. If unspecified, the management interface is used as a default.

--help

Displays the help text for this command.

Arguments

None.

system storage add

This command enables unallocated data storage to be added to the data volume used by Pulse One services.

When used, the command displays a list of unallocated data storage volumes.

The user then selects one of these volumes, and it is added to the data volume for Pulse One services.

Usage

system storage add [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

system storage show

Displays system storage information for Pulse One.

Usage

system storage show [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system storage show

Volumes Filesystem Size Used Available Use% Mounted on

System /dev/md1 1.9G 321.5M 1.5G 17% /

Applications /dev/md2 39.2G 9.3G 27.9G 25% /app

Data Storage /dev/vg0/data 903.8G 4.7G 853.2G 1% /data

data-store 405.71M

file-store 2.54G

index 1007.8M

log-collector 1.03M

log-indexer 695.55M

tmp 52B

system upgrade

This command upgrades Pulse One software, or replaces a Pulse One iOS APNS device certificate.

Pulse Secure recommends that you perform a backup of your current system before using this command, see system backup export.

Usage

There are two forms of this command:

•Upgrading the Pulse One software:

•To perform the upgrade using the CLI only, use:

system upgrade cli [OPTIONS] <url> <hash>

For this method, an external web server is required to host the upgrade package.

•To perform the upgrade using a hybrid of CLI and browser, use:

system upgrade [OPTIONS] <url> <md5>

No external web server is required to use this method. Refer to the Pulse One Getting Started Guide for the full procedure.

•Replacing a Pulse One iOS APNS device certificate, use:

system upgrade -i external

When the process starts, the following message is displayed:

Upload your backup archive here:

URL: https://xx.xx.xx.xx:8000/upgrade

Start a web browser and access http://xx.xx.xx.xx:8000/upgrade. Using the controls on the web page, select the archive certificate file (.tgz), and then enter the MD5 hash for the file. Click Submit.

Once the upload completes, return to the CLI and continue the process.

Options

--help

Displays the help text for this command.

-i, --interface INTERFACE

This option cannot be used on a CLI-only method.

Network interface through which to upload the upgrade bundle. Can be internal, external or management.

Arguments

url

The URL for the upgrade file.

hash

The hash value for the upgrade file, in either MD5 or SHA256 format.

system version

Display Pulse One version info.

Usage

system version [OPTIONS]

Options

--help

Displays the help text for this command.

Arguments

None.

Examples

Pulse One > system version

Pulse One: 2.0.1902

unitycom: 1902-31