enable¶

The enable commands are used to enable/configure specific functions in Plixer Scrutinizer.

Options and syntax

Note

These commands can alter Plixer Scrutinizer functionality and should be used with caution.

enable baseline <IP_ADDRESS> default	Enables default baselines for the exporter with the specified `IP_ADDRESS`
enable baseline <IP_ADDRESS> manual <PRIMARY, SECONDARY> <ELEMENT> [AVG\|COUNT\|MIN\|MAX\|STD\|SUM] [dailyhr\|busday\|sameday]	Enables a custom baseline with the following parameters for the exporter with the specified `IP_ADDRESS`: • `PRIMARY` - IPFIX element to be included in the baseline (e.g., sourceIPv4Address, applicationName, etc.) • `SECONDARY` - Optional secondary IPFIX element to be included in the baseline • `ELEMENT` - Corresponding numeric IPFIX element for the primary and secondary elements to be used to determine the baseline (e.g., packetDeltaCount, octetDeltaCount, etc.) • `AVE` \| `COUNT` \| `MIN` \| `MAX` \| `STD` \| `SUM` - Selects between average (`AVE`), flow count (`COUNT`), minimum value (`MIN`), maximum value (`MAX`), standard deviation (`STD`), or sum (`SUM`) for measuring the specified `ELEMENT` • `dailyhr` \| `busday` \| `sameday` - Selects between daily (`dailyhr`), daily on business days (`busday`), or same day weekly (`sameday`) for baseline comparison When baselining IP addresses, IP groups should be defined for the address ranges and subnets to be included in the baseline. This will prevent addresses that may only talk once from triggering false positives.
enable custom_algorithm <FILENAME> <NAME>	Enables the custom algorithm `FILENAME` in the flow analytics engine under the specified `NAME` `FILENAME` should not include the `.pm` extension of the algorithm file (must be saved to `scrutinizer/files/algorithms/` ).
enable elk http://<IP:PORT>	Enables ELK flows from Plixer Scrutinizer to the URL specified by `IP:PORT`
enable ipv6	Enables IPv6 for all interfaces in `sysctl.conf`
enable splunk http://<IP:PORT>	Enables Splunk flows from Plixer Scrutinizer to the URL specified by `IP:PORT`
enable ssh_root_login	Allows the superuser root account to log into a Linux shell directly from outside hosts Instead of allowing root SSH login, it is recommended to instead log in as the `plixer` user and use `sudo` for maintenance tasks.
enable user <USERNAME> [SECURITY_LEVEL]	Creates a new login account with the specified `USERNAME` and one of the following `SECURITY_LEVEL` values: • `1` - Only commands that can stop data collection are disabled. • `2` - Commands that can remove integrations or stop data collection are disabled. • `3` - Only commands to collect information about Plixer Scrutinizer and the operating system are enabled.