Command Usage¶
check¶
Verify different settings and configurations on the Plixer FlowPro appliance.
check replist
Usage: check replist
Description: Check the ability for the Plixer FlowPro to reach nba.plixer.com to download the reputation lists. If this appliance does not have access to the internet, contact Plixer Technical Support for help.
Note
This feature requires the Plixer FlowPro Defender license.
clear¶
Clean up or remove data from a system. Use with caution.
clear domainlist
Usage: clear domainlist <domain_list>
Description: Remove a domain list from the system. Use with caution. Use the show domainlist command to list all active domain lists.
Note
This feature requires the Plixer FlowPro Defender license.
disable¶
Disable Settings.
disable apm
Usage: disable apm <interface> <apmMode>
Description: Disable either monitoring of Latency, VOIP or both on an interface. The specified interface must be active. Valid <apmMode> options are:
voip
latency
bothUse the show configuration command to display a list of currently enabled interfaces.
Note
This feature requires the Plixer FlowPro APM license.
disable defender
Usage: disable defender <interface>
Description: Disable DNS monitoring on an interface. The specified interface must be active. Use the show configuration command to display a list of currently enabled interfaces.
Note
This feature requires the Plixer FlowPro Defender license.
disable domainlist
Usage: disable domainlist <domain_list>
Description: Disable a custom domain reputation list. The disabled domain list will not be removed and can be re-enabled using the enable domainlist command.
Note
This feature requires the Plixer FlowPro Defender license.
disable domainReputationList
Usage: disable domainReputationList
Description: Disable checking against the domain reputation lists configured on the system. Use the show domainlist command to display the available domain lists.
Note
This feature requires the Plixer FlowPro Defender license.
disable erspan
Usage: disable erspan <interface>
Description: Disable the ERSPAN configured on a monitoring interface.
disable flowpro
Usage: disable flowpro <interface>
Description: Disable traffic monitoring on an interface. Use the show configuration command to display the list of enabled interfaces.
disable http_mon
Usage: disable http_mon
Description: This process keeps track of all domains contacted with HTTP. The list of currently active domains is saved for the number of seconds set by the set activeDomainResendSeconds command.
Note
This feature requires the Plixer FlowPro Defender license.
disable trackProcessMetrics
Usage: disable trackProcessMetrics
Description: Disable Plixer FlowPro process metrics.
edit¶
Edit the Plixer FlowPro configuration files.
edit domainlist
Usage: edit domainlist <domain_list>
Description: Edit a custom domain reputation list. The name specified in <domain_list> will create a new list with that name if none exists already.
The custom domain reputation list created must contain one domain per line and each domain must contain a two or three layer domain (2LD/3LD). Domains names that do not contain 2 or 3 layers will be ignored.Note
This feature requires the Plixer FlowPro Defender license.
edit license
Usage: edit license
Description: Opens the plixer.ini file where the license key is stored. The plixer.ini file also stores the Plixer FlowPro configuration information. After editing the plixer.ini file, Plixer FlowPro will restart services to load the changes made.
edit plixer.ini
Usage: edit plixer.ini
Description: Opens the plixer.ini file for edit. The plixer.ini file stores the Plixer FlowPro configuration information. After editing the plixer.ini file, Plixer FlowPro will restart services to load the changes made.
enable¶
Enable monitoring options. All settings can be edited in the configuration file using ‘edit plixer.ini’.
enable apm
Usage: enable apm <interface> <apmMode>
Description: Enable the monitoring of Latency, VOIP or both on an interface. The specified interface must be active. Valid <apmModes> options are:
voip
latency
bothUse the show interfaces command to display a list of available monitoring interfaces.
Note
This feature requires the Plixer FlowPro APM license.
enable defender
Usage: enable defender <interface>
Description: Enable DNS monitoring on an interface. The specified interface must be active. Use the show interfaces command to display a list of available monitoring interfaces.
Note
This feature requires the Plixer FlowPro Defender license.
enable domainlist
Usage: enable domainlist <domain_list>
Description: Enable a custom domain reputation list. Custom user-defined reputation lists can be created to supplement the known compromised domain list provided by Plixer.
Use the edit domainlist <domain_list_name> command to create a new list.
Note
This feature requires the Plixer FlowPro Defender license.
enable domainReputationList
Usage: enable domainReputationList
Description: Enable Plixer FlowPro to download an updated list of known compromised domains. This list will be periodically downloaded from nba.plixer.com. Use the check replist command to verify acccess to the list.
Note
This feature requires the Plixer FlowPro Defender license.
enable erspan
Usage: enable erspan <interface> <ipaddress/cidr> <gateway> <peerIPaddress>
Description: Configure a monitor interface to receive traffic from an ERSPAN/GRE tunnel. This configuration supports all types of GRE tunnels.
All of the following parameters are required:
- interface
- ipaddress/cidr
- gateway
- peerIPaddress
<interface>: interface used to monitor the ERSPAN/GRE tunnel traffic. This interface must be one of the monitoring interfaces displayed by the command show interfaces.
<ipaddress/cidr>: IP address dedicated to the ERSPAN/GRE tunnel. This IP must be routable from the monitoring interface to the network device configured to send ERSPAN/GRE. Both the IP address and CIDR are required, which must be unique to this interface.
Note
Do not use the IP address of the management interface of the Plixer FlowPro appliance.
<gateway>: used by the monitoring interface to create a route to keep the outgoing traffic from the ERSPAN/GRE tunnel localized to the monitoring interface.
<peerIPaddress>: external address of the network device configured to send ERSPAN/GRE. If the device is a VMware VDS, enter the IP address of the VMware host.
Command Example:
enable erspan mon1 10.30.15.50/16 10.30.1.1 10.30.1.203Go to the ERSPAN configuration section for instructions on how to configure the ERSPAN/GRE device.
enable flowpro
Usage: enable flowpro <interface>
Description: Enable traffic monitoring on an interface. The interface must be active. Use the show interfaces command to display a list of available monitoring interfaces.
enable http_mon
Usage: enable http_mon
Description: This process keeps track of all domains accessed with HTTP. The list of currently active domains is saved for the number of seconds set by the set activeDomainResendSeconds command.
Note
This feature requires the Plixer FlowPro Defender license.
enable trackProcessMetrics
Usage: enable trackProcessMetrics
Description: Send process information to your collector about the Plixer FlowPro processes. Information about CPU and memory usage will be sent to the collector.
service¶
service flowpro
Usage: service flowpro <start|stop|restart>
Description: Control the Plixer FlowPro service daemon.
set¶
Change various settings for the Plixer FlowPro appliance.
set activeDomainResendSeconds
Usage: set activeDomainResendSeconds <seconds>
Description: Set the number of seconds to resend the active domain list to your collector. The active domain list is the list of domains seen by the Plixer FlowPro Defender HTTP module since the last time the list was sent. Run the enable http_mon command to enable the HTTP monitoring. The <seconds> parameter must be set to a whole number between 300 (5 minutes) and 86400 (24 hours).
Note
This feature requires the Plixer FlowPro Defender license.
set collector
Usage: set collector <ip> <port>
Description: Configure the collector IP address and port number for the Plixer FlowPro to send flows to. The collector IP and port are required. The flows will not be collected by the collector if it is not configured to listen on that port number.
set hostname
Usage: set hostname <hostname>
Description: Change the hostname of the Plixer FlowPro appliance. The ‘hostname’ parameter is required. A reboot is required for this change to take effect.
set license
Usage: set license
Description: Opens the plixer.ini file where the license key is stored. The plixer.ini file also stores the Plixer FlowPro configuration information. After editing the plixer.ini file, Plixer FlowPro will restart services to load the changes made.
Note
The set license command is an alias of the edit license command as defined in the interactive command help.
set password
Usage: set password
Description: Change the password for the ‘flowpro’ operating system user.
show¶
Display Plixer FlowPro information or settings.
show configuration
Usage: show configuration
Description: Shows current Plixer FlowPro configuration settings.
show domainlist
Usage: show domainlist
Description: Shows all custom domain lists configured on the system. Run the edit domainlist command to edit the custom domain list.
Note
This feature requires the Plixer FlowPro Defender license.
show erspan
Usage: show erspan
Description: Shows current ERSPAN configuration information. Only one ERSPAN tunnel can be configured per interface.
show features
Usage: show features
Description: Shows licensed Plixer FlowPro features.
show interfaces
Usage: show interfaces
Description: Shows available interfaces that can be configured to monitor mirrored traffic.
show license
Usage: show license
Description: Shows current license information.
show machine_id
Usage: show machine_id
Description: Shows the machine id of the Plixer FlowPro appliance.
show status
Usage: show status
Description: Shows status of Plixer FlowPro processes.
system¶
The system command is used to change state of the Plixer FlowPro operating system.
system restart
Usage: system restart
Description: Restart the operating system.
system shutdown
Usage: system shutdown
Description: Shutdown the operating system.