Manual Chapter :
File Management
Applies To:
Show Versions
ARX
- 6.3.0
| Use the at command to schedule a CLI command or script to run at a later time. | |||||
| start is the scheduled start time. This cannot be in the past unless you specify the optional date (below) and use every interval to run the job regularly. It breaks down into the following format:
| |||||
| every interval (optional) creates a regular interval at which the CLI jobs run. This breaks down into one of two formats: every count {minutes | hours | days | weeks | months}
| |||||
| |||||
| report report-prefix (optional, 1-255 characters) creates a report for the scheduled job. The report is named as follows: report-prefix_yyyymmddHHMM.rpt, where report-prefix is chosen here, yyyy is the year of the scheduled run, mm is the month, dd is the day, HH is the hour, and MM is the minute. Each run of the CLI job generates a report (if you specify an interval with the every option), so the date makes it possible to differentiate multiple reports for the same job. | |||||
| every interval - none; the CLI command or script runs only once. report report-prefix - none; the at command does not generate a report (though the command itself may generate one). | |||||
| The CLI displays the scheduled execution time after you enter this command. Use show at to view all pending CLI jobs. You can remove a job from the schedule with the clear at command. To run a script immediately, you can use the run command. To download a CLI-script file from an FTP, SCP, or TFTP site, use the copy command. You can use expect monitor to repeat any show command until a certain string appears in its output. | |||||
| bstnA(cfg)# at 01:06 every 5 minutes do "show sessions" report adminSessions runs the show sessions command every 5 minutes. Each run generates a report with the prefix, adminSessions. See Figure 7.1 for a sample report. bstnA(cfg)# at 10:30:00 do expect show firewall timeout 30 runs the expect show firewall command at 10:30 in the morning, once only. bstnA(cfg)# at date 05/05/2011 03:45:00 every 1 days do "active-directory update forest medarch.org proxy-user acoProxy2" runs the active-directory update forest command at 3:45 AM, daily. | |||||
Figure 7.1 Sample Report: adminSessions_....rpt
bstnA# show reports adminSessions_201008260431.rpt
| Every time someone uses the at command, one CLI job is added to the command schedule. Use the clear at command to remove one CLI job from this schedule, or to remove all of them. | |
| clear at [job-id] | |
| clear all scheduled CLI jobs if no job-id is used. | |
| bstnA# clear at bstnA# clear at 3 | |
| Use the copy ftp command to transfer a file (such as a software-release file or a log file) to or from the ARX via FTP. | |||
| user[:password]@ (optional) are the credentials for FTP access. If you omit them, they default to the credentials set by the ip ftp-user command. If you omit the password, the CLI prompts for one. server is the IP address or hostname for the FTP server. source-file is the source-file path. Lead with an extra slash (/) if the path is absolute (for example, ftp://10.1.1.5//var/rels/aco4665.rel). Use only one slash if the path is local to the home directory for user (for example, ftp://10.1.1.5/basic_ns.scr). This conforms with the specification for FTP URLs in RFC 1738. You cannot use wildcards (such as *). dir is the destination directory. Choose one of the following: configs, scripts, license, or releases. file (1-1024 characters) is the name you choose for the copy. | |||
| directory is one of the following: logs, stats-logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the source file from the above directory. You can use wildcards (such as *) to select multiple files. ftp://[user:password@]server/dest-path (1-1024 characters) is the URL for the destination directory or file (see above). format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the external copy of the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the reports in plain-text format. | |||
| If you enter a user name without a password, the CLI prompts for the password before continuing. Enter the password for the user you included in the URL. Use copy scp to upload or download over a secure connection, using SCP. The copy tftp command uses TFTP (Trivial FTP) as a transport. To send out a file as an E-mail attachment, use copy smtp. The copy {nfs|cifs} command transfers files between the maintenance directories on the ARX and its client-accessible volumes. For a download to the local disks, you can use show directories directory-name to verify that the copy was successful. To move a file from the local disk to an FTP server, thereby removing it from the local disk, you can use the move ... ftp command. To manage local files, use delete and/or rename. To view ASCII files, use show directory file-name, tail, and/or grep. | |||
| For copies from the reports directory, you can reformat the copy to XML or CSV (comma-separated value) format. Use a .xml or .csv extension for the destination-file-name, and the copy assumes the chosen format. A .txt or .rpt extension leaves the destination file in plain-text format. | |||
| |||
| bstnA# copy ftp://jpublic@arxftp.f5.com/rel6.0.rel releases rel6.0.rel Password: jpassword bstnA# copy logs syslog ftp://noc.phredco.com/syslog-switch10 | |||
| Use the copy {nfs|cifs} command to transfer a file (such as a software-release file or a log file) between the ARX and one of its managed volumes. | |||
| copy {nfs|cifs} namespace vol-path source-file directory file nfs | cifs is a required choice. This chooses the protocol for the file transfer. namespace (1-30 characters) identifies the namespace that holds the file. vol (1-1024 characters) is the name of the volume that holds the source file. source-file-path (1-1024 characters) is path to the source file, starting at the root of the above volume. You can use wildcards (such as *, ?, or [a-z]) to select multiple files; see the Guidelines: Wildcards below. directory is the destination directory. Choose one of the following: configs, scripts, license, or releases. file (1-255 characters) is the name you choose for the copy. If you copy a file into the releases directory, its extension must be .rel (for example, lastestRelease.rel). | |||
| directory is one of the following: logs, stats-logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the source file from the above directory. As above, you can use wildcards (such as *) to specify multiple files. nfs | cifs is a required choice. This chooses the protocol for the file transfer. namespace (1-30 characters) identifies the namespace to hold the copy. vol (1-1024 characters) is the volume to hold the copy. dest-file-path (optional, 1-1024 characters) is the path to the destination file, starting at the volume root. If you omit this, the destination file appears in the volume root, and has the same name as the source file. format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the external copy of the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the reports in plain-text format. | |||
| This command is useful on a site that prohibits FTP access to the datacenter, or otherwise restricts network connections between the ARX and the Internet. You can go to a host in the client network to access the Internet, download a desired file to an ARX volume, and then use this copy command to copy the file into an ARX directory. For example, you could use this method to download a new release file from https://downloads.f5.com/esd/productlines.jsp and then copy it to the releases directory. The CLI chooses a user identity based on the transfer protocol. For NFS, the CLI uses root as its identity. For CIFS, the CLI uses the proxy-user (gbl-ns) for the chosen namespace. These identities typically ensure that there are no permissions problems during the copy operation. There are several alternative options for the copy command that access the network directly. The copy ftp command copies files over an FTP connection to or from a remote server. Use copy scp to upload or download over a secure connection, using SCP. The copy tftp command uses TFTP (Trivial FTP) as a transport. To send out a file as an E-mail attachment, use copy smtp. For a download to the local disks, you can use show directories directory-name to verify that the copy was successful. To move a file from the local disks to a ARX volume, thereby deleting it from the local disk, you can use the move ... {nfs|cifs} command. To manage local files, use delete and/or rename. To view ASCII files, use show directory file-name, tail, and/or grep. | |||
| |||
| bstnA# copy cifs medarcv /rcrds/maint/ 11658.rel releases latest.rel copies a release file, 11658.rel, from a directory in the medarcv~/rcrds volume. After the copy is complete, this command sequence could go on to load this release (with boot system and reload). bstnA# copy logs syslog* nfs wwmed /acct/.admin/ | |||
| Use the copy ron command to securely copy a configuration or script file to another ARX on the current Resilient-Overlay Network (RON). | |||
| source-arx (1-30 characters) is the hostname of the remote ARX. Use the show ron command for a list of all ARX systems on the current RON. source-file (1-1024 characters) is the name of the remote file. file (1-1024 characters) is the name you choose for the local copy. | |||
| file (1-1024 characters) identifies the source file from the above directory. You can use wildcards (such as *, ?, or [a-z]) to select multiple files; see the Guidelines: Wildcards below. dest-arx (1-30 characters) is the hostname of the remote ARX. Use the show ron command for a list of all ARX systems on the current RON. dest-file (optional, 1-1024 characters) is the name of the remote file. The CLI ignores this if you used wildcards to select multiple files. | |||
| This copy operation uses the ip ron-user credentials at the remote switch, or the current user credentials if no such RON user is defined. If the administrative account is not defined at the remote switch, or if it is defined with a different password, the copy operation fails. There are several other copy commands for copying files to or from other servers, or for copying to or from a client-accessible volume on the current switch. Use copy ftp or copy tftp to upload or download using FTP or TFTP. To copy a file to or from an SCP server in your network, use copy scp. To send out a file as an E-mail attachment, use copy smtp. The copy {nfs|cifs} command transfers files between the maintenance directories on the ARX and its client-accessible volumes. After a download to the local disks, you can use show directories directory-name to verify that the copy was successful. To manage local files, use delete and/or rename. To view ASCII files, use show directory file-name, tail, and/or grep. | |||
| |||
| bstnA# copy ron prtlndA scripts setupUsrShr.scr scripts setup.scr provA# copy configs test.rcfg ron newptA configs test2.rcfg | |||
| Use the copy scp command to securely copy a file (such as a software-release file or a log file) to or from the ARX over SCP. | |||
| user@ (optional if someone created an ip scp-user) is the username to present to the other end of the SCP connection. This user must be valid at the remote host. If you omit this and an ip scp-user is defined, it defaults to the username set by that command. server: is the IP address or hostname for the SCP host. End with a colon (:). source-file is the source-file path. Lead with a slash (/) if the path is absolute (for example, scp://root@10.1.1.5:/var/rels/aco4665.rel). Use no slash if the path is local to the home directory for user (for example, scp://root@10.1.1.5:basic_ns.scr). directory is the destination directory. Choose one of the following: configs, scripts, license, or releases. file (1-1024 characters) is the name you choose for the local copy. accept-host-key (optional) indicates that if the other end of the connection has an unknown SSH host key (that is, if it is new, or if its key has changed since the last time the host was contacted), the ARX should accept the new host key and continue with the download. Otherwise, the ARX stops the download if the host presents an unknown key. | |||
| directory is one of the following: logs, stats-logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the source file from the above directory. You can use wildcards (such as *, ?, or [a-z]) to select multiple files; see the Guidelines: Wildcards below. accept-host-key (optional) means to accept an unknown SSH host key from the remote host, if it presents one. format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the external copy of the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the reports in plain-text format. | |||
| If you enter a user name without a password, the CLI prompts you for a password after you issue this command. Enter the password for the user in the URL. The file is transferred over SCP, which uses a secure, encrypted connection to the remote host. Every host identifies itself with an encrypted SSH key. Whenever the ARX transfers a file using SCP, it exchanges keys with the remote host. If the remote-host key is different from one received previously, the host may not be the one you intended; an attacker may be posing as the intended host. For this reason, the ARX does not download or upload to a host with an unknown key unless you raise the accept-host-key flag. Note that the first contact with any server will require this flag to succeed. Use copy ftp or copy tftp to upload or download using FTP or TFTP. To send out a file as an E-mail attachment, use copy smtp. The copy {nfs|cifs} command transfers files between the maintenance directories on the ARX and its client-accessible volumes. After a download to the local disks, you can use show directories directory-name to verify that the copy was successful. To move a file from the local disk to an SCP server, thereby removing it from the local disk, you can use the move ... scp command. To manage local files, use delete and/or move. To view ASCII files, use show directory file-name, tail, and/or grep. | |||
| |||
| bstnA# copy scp://jpublic@myserver:rel2.0.rel releases r2.0.rel Password: password-for-jpublic bstnA# copy logs syslog scp://noc:/var/logs/acolog10 accept-host-key | |||
| Use the copy smtp command to send a maintenance file (such as a software-release file or a log file) as an E-mail attachment. This syntax only supports uploads from the switch. | |||
| directory is one of the following: logs, stats-logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the source file from the above directory, such as a log file or a report. You can use wildcards (such as *, ?, or [a-z]) to select multiple files; see the Guidelines: Wildcards below. Each matching file results in a separate E-mail message. smtp:// is required. This declares that the destination is an E-mail address. e-mail-address (optional) is the recipient of the E-mail in username@host format (for example, jsmith@myco.com). If you omit this, the CLI uses the default address set by the cfg-smtp to command. destination-file is the name of the copy. If you used wildcards to select multiple files, this is the prefix for each copy. Each copy is sent as an attachment to the outbound E-mail message. format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the external copy of the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the reports in plain-text format. | |||
| Use copy ftp, copy tftp, or copy scp to upload or download using FTP, TFTP, or SCP. The copy {nfs|cifs} command transfers files between the maintenance directories on the ARX and its client-accessible volumes. To manage local files, use delete and/or move. To view ASCII files, use show directory file-name, tail, and/or grep. | |||
| |||
| bstnA# copy logs syslog smtp://juser@wwmed.com/syslog bstnA# copy reports metadata_only.17.rpt smtp://juser@wwmed.com/mdo.csv | |||
| Use the copy tftp command to transfer a file (such as a software-release file or a log file) to or from the ARX via TFTP. | |||
| server is the IP address or hostname for the TFTP server. source-file is the source-file path. Lead with an extra slash (/) if the path is absolute (for example, tftp://10.1.1.5//var/rels/aco4665.rel). Use only one slash if the path is local to the tftpboot directory. This conforms with the specification for FTP URLs in RFC 1738. directory is the destination directory. Choose one of the following: configs, scripts, license, or releases. file (1-255 characters) is the name you choose for the copy. | |||
| directory is one of the following: logs, stats-logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the source file from the above directory. You can use wildcards (such as *, ?, or [a-z]) to select multiple files; see the Guidelines: Wildcards below. format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the external copy of the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the reports in plain-text format. | |||
| Use copy scp to upload or download over a secure connection, using SCP. Use copy ftp to upload or download using FTP. To send out a file as an E-mail attachment, use copy smtp. The copy {nfs|cifs} command transfers files between the maintenance directories on the ARX and its client-accessible volumes. After a copy to the local disks, you can use show directories directory-name to verify that the copy was successful. To move a file from the local disk to a TFTP server, thereby removing it from the local disk, you can use the move ... tftp command. To manage local files, use delete and/or rename. To view ASCII files, use show directory file-name, tail, and/or grep. | |||
| |||
| bstnA# copy tftp://tftp.f5.com/rel6.0.rel releases r6.0.rel | |||
| The ARX contains directories for software-release files, log files, core files, report files, diagnostic information, and other maintenance files. Use the delete command to delete all files from a specified directory or to delete a specified file. | |||
| delete {configs | license} file-name releases | ... | capture identifies the directory. This is a required choice. file-name (1-1024 characters) identifies a file to delete from the above directory. This is optional for any directory except configs or license; if you omit it for one of the other directories, the command deletes all files in the chosen directory. You can also use wildcards for those directories (such as *, ?, or [a-z]); see the Guidelines: Wildcards below. Some files in the configs and license directories are required for system operation and/or reboot recovery, so you cannot delete all files (or use wildcards) in those directories. You must specify a file to delete. | |||
| The CLI prompts for confirmation before deleting any files; enter yes to delete the file(s). You cannot delete the running-release, armed-release, or backup-release file. You also cannot delete the active.license file in the license directory; removing the active license disables all storage services, so it is not recommended. (You can use clear active-license if you have been advised to remove the active license.) Do not delete core files unless advised to do so by F5 personnel; these files contain valuable data for diagnosing software problems. The show directories command displays a listing of all directories on the ARX. Use the grep, rename, copy, and delete commands to maintain these files. | |||
| |||
| bstnA# delete logs syslog5.log bstnA# delete logs syslog* bstnA# delete cores | |||
| The ARX contains directories for software-release files, log files, core files, and other maintenance files. Use the grep command to filter one of these files, displaying the lines that match a pattern or text string. | |
| grep filter {releases | logs | stats-logs | cores | configs | replicated-configs | reports | software | scripts | capture | license} file-name [ ignore ignore ] [ tail lines ] filter (1-255 characters) is the pattern or text string to search for in the file. See the Guidelines: Regular Expression below for the syntax. The grep displays all lines containing this pattern. releases | ... | license selects the directory. This is a required choice. file-name (1-1024 characters) identifies the file to read. ignore (optional) filters out text, and ignore (1-1024 characters) specifies a text string to ignore. tail (optional) displays the end of the file, and lines (1-1024) specifies how many lines to show at the end of the file. | |
| grep filter {releases | logs | stats-logs | cores | configs | replicated-configs | reports | software | scripts | capture | license} [ ignore ignore ] [ tail lines ] filter (1-255 characters) is the pattern or text string to search for in the directory. See the Guidelines: Regular Expression below for the syntax. The grep displays all lines from all files containing this pattern. releases | ... | license selects the directory. This is a required choice. ignore (optional) filters out text, and ignore (1-1024 characters) specifies a text string to ignore. tail (optional) displays the end of the file, and lines (1-1024) specifies the number of lines to show. | |
| . matches any single character. .* matches any string, including the null string. [...] matches any one of the enclosed characters. [a-z] matches any character in the sorted range, a through z. \ matches the next character, even if it has special meaning (for example, \. matches a period instead of any character). [^...] matches any character that is not enclosed. | |
| The show directories command displays maintenance directories of the hard disks on the ARX. These are the directories and files you can search with the grep command. Use the move, copy, and delete commands to maintain these files. | |
| bstnA# grep :POLICY logs syslog bstnA# grep :POLICY logs syslog ignore init is the same search, but without any lines containing init. Sample output appears in Figure 7.3 on page 7-24. bstnA# grep :POLICY.*\.\.\. logs syslog ignore init searches for the same strings followed by an ellipses (...). Note the use of \. Sample output appears in Figure 7.4 on page 7-24. bstnA# grep :POLICY.*\.\.\. logs syslog ignore init tail 5 is the same as the above example, but shows only the last 5 lines. Sample output appears in Figure 7.5 on page 7-24. prtlndA# grep prtlndA.*CLI_COMMAND.*show namespace.*wwmed logs | |
Figure 7.2 Sample Output: grep
bstnA# grep :POLICY logs syslog
2004-05-12T05:42:11.380-0400:bstnA:1-1-SCM-1439:POLICY_PDP-0-7-MSG7:: afnpdpd: init_daemon succeeded
Figure 7.3 Sample Output: grep ... ignore
bstnA# grep :POLICY logs syslog ignore init
Figure 7.4 Sample Output: grep Using \
bstnA# grep :POLICY.*\.\.\. logs syslog ignore init
Figure 7.5 Sample Output: grep ... tail
bstnA# grep :POLICY.*\.\.\. logs syslog ignore init tail 5
Figure 7.6 Sample Output: grep (directory)
prtlndA# grep prtlndA.*CLI_COMMAND.*show namespace.*wwmed logs
| When you use the copy or move command to transport files to/from an FTP site, you enter a username and password for the FTP server. Use the ip ftp-user command to set a default username and password. Use the no form of this command to revert to the anonymous default. | |
| name (1-32 characters) is the FTP username. | |
| name - anonymous | |
| This command makes the copy ftp and move ... ftp commands easier to use; you can omit the username and password from each of these commands, defaulting to this one. | |
| bstnA(cfg)# ip ftp-user jsmith Password: jpasswd Validate Password: jpasswd bstnA(cfg)# ... | |
| When you use the copy ron command to copy a file onto another ARX, you require an administrative username and password for the remote peer. Use the ip ron-user command to set a default username and password. Use the no form of this command to revert to using the current administrative account as the default. | |
| ip ron-user name | |
| If this is not set, the copy ron command uses the username and password of the current administrative account. | |
| bstnA(cfg)# ip ron-user jsmith Password: jpasswd Validate Password: jpasswd bstnA(cfg)# ... | |
| When you use the copy or move command to transfer files to/from an SCP server, you enter a username and password for the SCP server. Use the ip scp-user command to set a default username and password for these operations. Use the no form of this command to remove the default. | |
| name (1-32 characters) is a Unix username that is valid on the remote SCP server(s). | |
| This command makes the copy scp and move ... scp commands easier to use; you can omit the username and password from each command, defaulting to this one. | |
| bstnA(cfg)# ip scp-user jsmith Password: jpasswd Validate Password: jpasswd bstnA(cfg)# ... | |
| The ARX contains directories for software release files, log files, report files, and other maintenance files. Use the move command to change the name of a file in one of these directories. | |
| move {logs | cores | configs | replicated-configs | diag-info | software | reports | scripts | capture | license} src-file-name dest-file-name logs | ... | license identifies the directory. This is required. cores selects a core-dump file generated by a failing process. The show cores command lists all such files that currently exist, if any. configs selects a configuration file, such as those generated by copy running-config and copy global-config. Use show configs to list them. replicated-configs selects a replicated-configuration file, from a remote ARX cluster. You can use these files for a disaster-recovery operation. Use show replicated-configs to list them. diag-info selects a diagnostics file generated by collect or collect logs. Use show diag-info to see if any are available. software selects a software-related file or a software-user manual. The show software command lists all of them. reports selects a report file. scripts selects a script file. Use show scripts to see all available scripts. capture selects a packet-capture file created by the capture session command. The show capture command lists all packet-capture files currently on the ARX. license selects a license file. The show license command lists all license-related files currently on the ARX. src-file-name (1-1024 characters) is the original file name, the file to rename. dest-file-name (1-1024 characters) is the new name you choose for the file. | |
| The show directories command displays all files and directories on the ARX hard disks. You can also move files to an external servers. The move ... ftp command uploads over FTP, then deletes the source file after a successful copy operation. Use move ... scp to use a secure connection, SCP. The move ... tftp command uses TFTP (Trivial FTP) as a transport. The move ... {nfs|cifs} command transfers files from the maintenance directories on the ARX to its client-accessible volumes. | |
| bstnA# move diag-info ns_wwmed.tgz wwmed_11_12.tgz | |
| Use the move ... ftp command to transfer a file (such as a core-dump file) off of the ARX via FTP. This command deletes the file after it is successfully copied, or leaves the file at the source location if the copy operation fails. | |
| directory is one of the following: logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the source file from the above directory. user[:password]@ (optional) are the credentials for FTP access. If you omit them, they default to the credentials set by the ip ftp-user command. If you omit the password, the CLI prompts for one. server is the IP address or hostname for the FTP server. dest-file is the new path that you want for the file. Lead with an extra slash (/) if the path is absolute (for example, ftp://10.1.1.5//var/caps/arx0107.cap). Use only one slash if the path is local to the home directory for user (for example, ftp://10.1.1.5/gffstnA.tgz). This conforms with the specification for FTP URLs in RFC 1738. format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the reports in plain-text format. | |
| If you enter a user name without a password, the CLI prompts for the password before continuing. Enter the password for the user you included in the URL. You can also move (or copy) files using several additional protocols. Use move ... scp or copy scp to use an SCP connection for the move or copy operation. The move ... tftp and copy tftp commands use TFTP (Trivial FTP) as a transport. To send out a file as an E-mail attachment, use copy smtp. The move ... {nfs|cifs} and copy {nfs|cifs} commands transfer files between the maintenance directories on the ARX and its client-accessible volumes. To rename a file in its current ARX directory, you can use the move command. The move commands only upload to an external server. The equivalent copy commands can also download. For example, the copy ftp command FTP-copies a file to or from the ARX. To manage local files, use delete and/or move. To view ASCII files, use show directory file-name, tail, and/or grep. | |
| For move operations out of the reports directory, you can reformat the file to XML or CSV (comma-separated value) format. Use a .xml or .csv extension for the destination-file-name, and the move operation converts the file to the chosen format. A .txt or .rpt extension leaves the file in plain-text format. | |
| bstnA# move capture fsrvr.cap ftp://noc.phredco.com/bstnA_fsrvr.cap | |
| Use the move ... {nfs|cifs} command to transfer a file (such as a software-release file or a log file) from the ARX to one of its volumes. This command deletes the file after it is successfully copied to the volume, or leaves the file at the source location if the copy operation fails. | |||
| directory is one of the following: logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the source file from the above directory. You can use wildcards (such as *, ?, or [a-z]) to select multiple files; see the Guidelines: Wildcards below. nfs | cifs is a required choice. This chooses the protocol for the file transfer. namespace (1-30 characters) identifies the namespace to use as a destination. vol (1-1024 characters) is the volume where the file will go. dest-file-path (optional, 1-1024 characters) is the destination path for the file, starting at the volume root. If you omit this, the file goes to the volume root and keeps its original name. format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the reports in plain-text format. | |||
| The CLI chooses a user identity to establish its read/write privileges in the ARX volume. It chooses its identity based on the transfer protocol. For NFS, the CLI uses root as its identity. For CIFS, the CLI uses the proxy-user (gbl-ns) for the chosen namespace. These identities typically ensure that there are no permissions problems during the copy operation. You can also move (or copy) files using several additional protocols.Use move ... scp or copy scp to use an SCP connection for the move or copy operation. The move ... tftp and copy tftp commands use TFTP (Trivial FTP) as a transport. To send out a file as an E-mail attachment, use copy smtp. The move ... ftp and copy ftp commands use FTP to send files to an external server. To rename a file in its current ARX directory, you can use the move command. The move commands only upload to an external server. The equivalent copy commands can also download. For example, the copy {nfs|cifs} command copies a file to or from an ARX volume. To manage local files, use delete and/or move. To view ASCII files, use show directory file-name, tail, and/or grep. | |||
| |||
| bstnA# move cores core-* nfs wwmed /acct/.admin/ | |||
| Use the move ... scp command to securely copy a file (such as a software-release file or a log file) to or from the ARX over SCP. This command deletes the file after it is successfully transferred, or leaves the file at the source location if the copy operation fails. | |
| directory is one of the following: logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the file to move out of the above directory. user@ (optional if someone created an ip scp-user) is the username to present to the other end of the SCP connection. This user must be valid at the remote host. If you omit this and an ip scp-user is defined, it defaults to the username set by that command. server: is the IP address or hostname for the SCP host. End with a colon (:). dest-file is the desired path for the file at the remote host. Lead with a slash (/) if the path is absolute (for example, scp://root@10.1.1.5:/var/arxDiags/6_5.tgz). Use no slash if the path is local to the home directory for user (for example, scp://root@10.1.1.5:6_5.tgz). accept-host-key (optional) means to accept an unknown SSH host key from the remote host, if it presents one. format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the reports in plain-text format. | |
| If you enter a username in this command, the CLI prompts you for a password. Enter the password for the user in the URL. The file is transferred over SCP, which uses a secure, encrypted connection to the remote host. Every host identifies itself with an encrypted SSH key. Whenever the ARX transfers a file using SCP, it exchanges keys with the remote host. If the remote-host key is different from one received previously, the host may not be the one you intended; an attacker may be posing as the intended host. For this reason, the ARX does not download or upload to a host with an unknown key unless you raise the accept-host-key flag. Note that the first contact with any server will require this flag to succeed. | |
| You can also move (or copy) files using several additional protocols. The move ... tftp and copy tftp commands use TFTP (Trivial FTP) as a transport. To send out a file as an E-mail attachment, use copy smtp. The move ... ftp and copy ftp commands use FTP to send files to an external server. Use move ... {nfs|cifs} or copy {nfs|cifs} to move or copy a file to a volume on the current ARX. To rename a file in its current ARX directory, you can use the move command. The move commands only upload to an external server. The equivalent copy commands can also download. For example, the copy scp command copies a file to or from an external server. To manage local files, use delete and/or move. To view ASCII files, use show directory file-name, tail, and/or grep. | |
| bstnA# move capture ntap.cap scp://root@noc:/var/logs/arx2ntap.cap accept-host-key Password: root-password | |
| Use the move ... tftp command to transfer a file (such as a packet-capture file) off of the ARX via Trivial FTP (TFTP). This command deletes the file after it is successfully transferred, or leaves the file at the source location if the copy operation fails. | |
| directory is one of the following: logs, cores, configs, replicated-configs, reports, diag-info, software, scripts, capture, or license. file (1-1024 characters) identifies the source file from the above directory. server is the IP address or hostname for the TFTP server. dest-file is the new path for the file. Lead with an extra slash (/) if the path is absolute (for example, tftp://10.1.1.5//var/diags/arxCllct.tgz). Use only one slash if the path is local to the tftpboot directory. This conforms with the specification for FTP URLs in RFC 1738. format {text|report|csv|xml} (optional) applies to the reports directory only. This chooses the output format for the report. The xml option converts the report to XML format, csv converts the report to a Comma-Separated-Value format (useful for spreadsheets), and the text and report options leave the report in plain-text format. | |
| You can also move (or copy) files using several additional protocols. The move ... scp and copy scp commands use SCP (Secure CoPy) as a transport. To send out a file as an E-mail attachment, use copy smtp. The move ... ftp and copy ftp commands use FTP to send files to an external server. Use move ... {nfs|cifs} or copy {nfs|cifs} to move or copy a file to a volume on the current ARX. To rename a file in its current ARX directory, you can use the move command. The move commands only upload to an external server. The equivalent copy commands can also download. For example, the copy tftp command copies a file to or from an external server. To manage local files, use delete and/or move. To view ASCII files, use show directory file-name, tail, and/or grep. | |
| bstnA# move capture 11_12.cap tftp://tftp.f5.com/11_12_arx.cap | |
| pause [seconds] seconds (optional; 0-3600) is the number of seconds to pause the CLI operation. If you omit this argument, the <Enter> key stops the pause. | |
| 0 (indefinite pause, until you press <Enter>) | |
| You can use this command with terminal clear, which is also useful in writing scripts. For example, you could write a script that lets you view share status during a managed-volume import: | |
| bstnA# pause 300 bstnA# pause pauses the CLI until you press <Enter>. | |
| remark {critical | error | warning | notice | info | debug} comment-string critical | error | warning | notice | info | debug is a required choice. This sets the severity of the message. comment-string (1-255 characters) is the message text. Insert quotation marks around the string if it contains any spaces. | |
| Use show logging levels to verify the log-level settings for each component. From any mode, use show logs syslog or grep pattern logs syslog to view the log messages in the syslog file. See the manual, ARX Log Catalog, for a full list of log messages. | |
| bstnA# remark critical J. Random bringing down NFS | |
| The ARX contains directories for software release files, log files, report files, and other maintenance files. Use the rename command to change the name of a file in one of these directories. | |
| rename {releases | logs | cores | reports | scripts | capture | license} src-file-name dest-file-name releases | ... | license identifies the directory. This is required. logs selects a log file. cores selects a core dump file. reports selects a report file. scripts selects a script file. capture selects a packet-capture file created by the capture session command. license selects a license file. src-file-name (1-1024 characters) is the original file name, the file to rename. dest-file-name (1-1024 characters) is the new name you choose for the file. | |
| The CLI prompts for confirmation before renaming a file; enter yes to proceed with the rename operation. The show directories command displays all files and directories on the ARX hard disks. | |
| bstnA# rename releases rel8.rel fallback.rel | |
| run {scripts | configs} script-name scripts | configs selects the directory that holds the script. Use show scripts or show configs for file listings in these directories. script-name (1-1024 characters) identifies the CLI script file to run. Use show scripts to display the scripts directory contents. | |
| To download a CLI-script file from an FTP, SCP, TFTP or other network service, use the copy command. If you want to run the script periodically, on a schedule, use the at ... do run command. There are several CLI commands (such as attach) that do not get committed until you exit the mode with either exit or end. The best practice is to use the end command at the end of any script; you can use this command from any mode under cfg or gbl mode. If you auto-generate a script (for example, with show running-config or show global-config), you must edit the script before you run it on an earlier release of ARX software. Command syntax may have changed as well as the best practices for command order. Consult the documentation from the earlier release (available from the GUI) and change the scripts commands as needed before you use this command to run it. | |
| bstnA# run scripts testdemo1.scr | |
| Use the show at command to display all scheduled CLI commands and/or scripts. | |
| Job is a numeric ID for the scheduled job. This is assigned by the CLI when the user issues the at command. You can use this ID with clear at to clear the job. NextTime is the date and time for the next scheduled job run. This is in the following format: mm/dd/yyyy.HH:MM. Interval is the time between runs, if there is one. This is the every interval part of the at command. Command is the exact CLI command (or script) that is invoked at each run. Report is the prefix for the report generated at each run, if there is one. Each report is named as follows: report-prefix_yyyymmddHHMM.rpt. The part after the underscore is the date and time of the run. Use show reports to view the reports, if there are any. | |
| bstnA# show at shows all scheduled commands and scripts. See Figure 7.7 for sample output. | |
Figure 7.7 Sample Output: show at
bstnA# show at
| show capture [file-name [summary [cifs|non-cifs]]] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the CLI shows a list of all files in the directory. summary (optional) reduces the output to a group of summary tables, like those shown with Tshark -z. cifs | non-cifs (optional) is a filter on the summary output. If you choose cifs, the summary only counts packets related to CIFS traffic. These are packets to or from UDP/88, TCP/88, UDP/137, UDP/138, TCP/139, and/or TCP/445. The non-cifs option summarizes all packets except the ones to or from those ports. | |
| You can capture IP traffic into a file with the capture session command. This command shows a list of all captured files or shows the contents of one of them. The capture summary is similar to the output of Tshark -z. This shows a table of UDP conversations and TCP conversations, followed by RTT statistics for NFSv2, NFSv3, and SMB (or CIFS). The TCP and UDP tables have one row per pairing of IP addresses. The NFS tables do not appear if you use the cifs option, and the SMB tables do not appear if you enter the non-cifs option. Use the show directories command to show the contents of all directories on the ARX. To maintain this directory, use the copy, move, grep, and delete commands. While a capture session is underway, the ARX writes to its output file each time it captures IP packets. If the capture session writes to multiple files, it creates them all with a time stamp in each of their names. Use show capture sessions for a list of capture sessions that are currently underway. | |
| bstnA> show capture bstnA> show capture nasTraffic_00001_20060328081103.cap Shows the contents of a capture file. See Figure 7.8 for sample output. bstnA> show capture nasTraffic.cap summary Summarizes the contents of a capture file. See Figure 7.9 on page 7-46 for sample output. | |
Figure 7.8 Sample Output: show capture
bstnA# show capture nasTraffic.cap
Figure 7.9 Sample Output: show capture ... summary
bstnA# show capture nasTraffic.cap summary
| show configs [file-name] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the CLI shows a list of the directorys files. | |||||||
| Use the show directories command to show the contents of all directories on the ARX. To maintain this directory, use the copy, move, grep, and delete commands.
| |||||||
| |||||||
| bstnA# show configs | |||||||
| A core file contains system-memory dumps from a software failure; this information is very useful in diagnosing software problems. All core files reside in the cores directory. Use the show cores command to display this directory or information from a core file. | |
| show cores file-name { backtrace | syslog | list | message | cmdinfo} file-name (optional, 1-1024 characters) is the name of the core file to view. backtrace | syslog | list | message | cmdinfo is a required choice. backtrace displays information from the current program stack. See Figure 7.10 on page 7-51 for a sample backtrace. syslog displays contextual lines from the syslog file (many lines before and 20 lines after the core-dump event). list shows what types of information/files you can extract from the core file. You can use one of these items with show cores file-name list-item syntax, described below. message displays the syslog-file message that announced the core dump. Use the time stamp in this message to focus on the time of the software failure. cmdinfo displays the CLI output for the specified file/argument. | |
| stoweA# show cores bstnA> show cores core-0012.dmp backtrace | |
Figure 7.10 Sample Output: show cores ... backtrace
bstnA> show cores core-0012.dmp backtrace
| If someone issues a collect command with a local file as the target, a large diagnostics file is written to the diag-info directory. Use this command to prove that the file was created. Use the copy command to copy the file off to an FTP server, an SCP host, a TFTP server, an E-mail recipient, or a namespace. The move command can send the file to one of those destinations and delete the original. Use move (with a local destination) to rename it, or delete to remove it. | |
| bstnA> show diag-info | |
| The ARX contains directories on its hard disks where you can store release files, configuration scripts, and other switch-maintenance files. Use the show directories command to display all directories or enter show directory-name to display the contents for one directory only. | |
| directories shows all directories and their contents releases | logs | ... | scripts focuses on one directory. | |
| bstnA> show directories bstnA> show releases | |
Figure 7.11 Sample Output: show directories
bstnA# show directories
| show license [file-name] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the command displays the list of the directorys files. | |
| Issue the command to view the directory contents. Then issue the command with a file name to view the contents of the given license file. The documentation for show active-license describes the detailed output for a license file. If the directory listing does not include an active.license file, no license is active for the current ARX. You can use the license activate command to automatically activate a license, but only if the ARX is connected to the Internet. For an ARX that is off of the Internet, you can manually activate the license. Start with the license create license-dossier command for manual activation. | |
| stkbrgA# show license stkbrgA# show license active.license | |
Figure 7.12 Sample Output: show license
stkbrgA# show license
Figure 7.13 Sample Output: show license active.license
stkbrgA# show license active.license
| show logs [file-name] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the command displays the list of the directorys files. | |
| Issue the command to view the directory contents. Then issue the command with a file name to view the file contents. The syslog file is arguably the most-important file in the logs directory. It shows detailed logs from most of the switch software. You can use the logging level command to change the volume of messages from each software subsystem. Namespaces, volumes, and shares are denoted in the syslog by their internal, numeric IDs: use the show id-mappings command to translate these IDs into names used in the CLI. | |
| bstnA# show logs | |
| A software release for the ARX is packaged in a release file. All release files are stored in the releases directory. Use this command to display the contents of the releases directory and/or the version of a specified release file. | |||||||
| show releases [file-name] [verbose] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the command displays the list of the directorys files. verbose (optional) runs a checksum test on the integrity of the downloaded release file. | |||||||
The version of the release appears in the final column. The version appears in Vrelease.build format, where build is a specific build in the given release. For example, V5.02.000.12574 would appear for build 12574 of release 5.02.000. If you issue the command with a file name, the output shows the version number, the date the release was built, and the username that ran the build. If you use the verbose option, the results of a checksum test appear. If this shows that the checksum failed, retry the copy of the release file. | |||||||
| provA# show releases provA# show releases test1.rel provA# show releases test1.rel verbose | |||||||
Figure 7.14 Sample Output: show releases
provA# show releases
| show replicated-configs [file-name] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the CLI shows a list of the directorys files. | |
| Use the show directories command to show the contents of all directories on the ARX. To maintain this directory, use the copy, move, grep, and delete commands. This holds global-configuration files from remote ARX clusters. You can create a config-replication rule to regularly copy a global-config file from one cluster to another. The files contents are an ordered list of CLI commands required to recreate the remote clusters global configuration; they are the same as the output for show global-config. | |
| newptA# show replicated-configs newptA# show replicated-configs provSvcs.rcfg | |
newptA# show replicated-configs provSvcs.rcfg
| show reports report-name show reports type report-type report-name (optional, 1-1024 characters) is the name of the report to display. report-type (optional, 1-12 characters) specifies the type of report to list. Enter show reports type ? for a full list of report types. | |
| Issue the command (perhaps with a type specification) to view the directory contents. Then issue the command with a file name to view the file contents. | |
| bstnA# show reports lists all reports. See Figure 7.16 on page 7-65 for sample output. bstnA> show reports inconsistencies.12.rpt bstnA> show reports type Imp | |
Figure 7.16 Sample Output: show reports
bstnA# show reports
reagentListsSinceNov_ac1.MEDARCH.ORG_labs_201201190637.rpt 01/19 01:37 762 B FDR DONE: 0 in 00:00:00
bstnA> show reports inconsistencies.14.rpt
Figure 7.18 Sample Output: show reports type Imp
bstnA> show reports type Imp
| show reports status report-name report-name (optional, 1-1024 characters) is the name of the report to summarize. | |
| Use this command to get a one-line status for the job that created the report. The line is the same as the one shown by show reports. The line shows a summary status for the job that generated the report, with the following fields: report-name identifies the report. For time-sensitive reports, this name contains a date stamp for when the report was created, either manually or on a schedule. The report is created when an administrator invokes a report-generating command or when a rules schedule fires. last-mod-time is the time of the reports most-recent change. size is the amount of internal-disk space that the report uses. You can use copy ftp and similar commands to copy reports off the ARX, and delete reports report-name to clear a report from the disk. type indicates the process that created the report. This column uses the same abbreviations used for the type report-type option, above. status shows the current or final state of the operation (typically DONE or FAILED) followed by a summary of the results. The summary shows a number of objects processed (such as files and directories) and the elapsed time for the report run. The elapsed time is the time since the report was created, which may be longer than the actual time the process ran; view the report contents to find actual processing times. | |
| bstnA# show reports status status import.2.bills.6.rpt shows the status for an import report. See Figure 7.19 for sample output. | |
Figure 7.19 Sample Output: show reports status
bstnA# show reports status import.2.bills.6.rpt
| show scripts [file-name] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the command displays the list of the directorys files. | |
| Issue the show scripts command to view the directory contents. Then issue the command with a file name to view the file contents. | |
| bstnA# show scripts | |
| show software [file-name] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the command displays the list of the directorys files. | |
| The software directory contains MIBs, user documentation, and some useful scripts. Issue the show software command to view the directory contents. Then issue the command with a file name to view the file contents (this only works with the text-based files, such as MIBs and scripts). To view the documentation, use one of the copy commands (copy ftp, copy scp, copy {nfs|cifs}, copy tftp, or copy smtp) to upload it to an external machine. Then use a standard PDF reader or plugin. PDF readers are freely available on the Internet. | |
| bstnA# show software shows the full contents of the software directory. See Figure 7.20 for sample output. | |
Figure 7.20 Sample Output: show software
bstnA# show software
| The ARX has an internal stats-monitor process that monitors communication with external devices (such as filers and clients) and places statistical data about this communication in the stats-logs directory. Use this command to display the contents of the stats-logs directory or the contents of a specific stats-log file. | |||||||||||||
| show stats-logs [file-name] file-name (optional, 1-1024 characters) is the name of the file to display. If you omit this, the command displays the list of the directorys files. | |||||||||||||
| Issue the command to view the directory contents. Then issue the command with a file name to view the file contents. The stats-logs are all in CSV format, so that you can copy them onto an external device and use Microsoft Excel (or a similar spreadsheet application) to view them as spreadsheets. You can use copy ftp, copy {nfs|cifs}, copy smtp, or similar copy commands to copy these files off of the ARX. If you select a stats-monitor sampling interval that is shorter than the default, the stats-monitor process writes to these .csv files more frequently. These .csv files are kept (together with all other log files) on a separate disk partition from configuration files and other important data. Each hour, the stats-monitor creates an hourly file with the first line of the new hour; this is a summary of the data in the raw file. The stats-monitor files are not permitted to consume more than 80% of the log partition. If the .csv files approach their size limit, the oldest raw-data files are removed and the hourly-summary files remain. | |||||||||||||
| |||||||||||||
| |||||||||||||
STATS_RESET marks when a reboot, a clear statistics cifs work-queues, or a clear statistics filer occurred to clear some statistics. This has a ts (time-stamp) field, followed by some KEY fields to identify the object statistics that were cleared. | |||||||||||||
| bstnA# show stats-logs shows a list of all stats-log CSV files. See Figure 7.21 for sample output. provA# show stats-logs metadata_20110705_041347.raw.stats.csv shows a particular stats-log CSV file. See Figure 7.22 on page 7-78 for sample output. | |||||||||||||
Figure 7.21 Sample Output: show stats-logs
bstnA# show stats-logs
Figure 7.22 Sample Output: show stats-logs metadata_...
provA# show stats-logs metadata_20110705_041347.raw.stats.csv
| Use the tail command to display the end of a file selected from a specified directory. | |
| tail {releases | logs | stats-logs | cores | configs | replicated-configs | reports | software | scripts | capture | license} file-name [lines | follow] releases | ... | license identifies the directory. This is a required choice. file-name (1-1024 characters) identifies the file to display. This command shows the last 24 lines of the file. You can use the optional lines argument or follow flag to change the number of lines: lines (optional; 1-4096) is the number of lines at the end of the file to display. follow (optional) makes the CLI follow the file as it grows. | |
| Use show directories to view a list of all files in all directories. Use show directory-name (for example, show logs or show capture) to list the files in one directory. | |
| bstnA# tail logs syslog follow bstnA# tail logs syslog 100 bstnA# tail scripts myscript.scr bstnA# tail capture cifsVol.cap follow tails a packet-capture file, cifsVol.cap, as it grows. You can use the capture session command to start capturing packets and sending them to a file. | |
| To stop a process from generating a report, use the truncate-report command. This truncates the report without otherwise affecting the process. | |
| truncate-report file-name file-name (1-255 characters) identifies the report file to truncate. This must be a file in the reports directory; use show reports for a file listing. | |
| bstnA# truncate-report last-modified.22.rpt | |
| Use the wait-for report command to wait until the ARX finishes writing a report. | |
| report-name (1-255 characters) identifies the report. You can use the show reports command to list all of them. timeout (optional, 1-2096) is a timeout value, in seconds. This sets a time limit; if the report takes longer than this to complete, the wait-for operation quits. | |
| timeout - 0 (zero, meaning that the wait-for command should wait indefinitely) | |
| Many commands create reports to show their progress (such as nsck ... report metadata-only), and some internal operations generate reports (such as the various reports produced as a by-product of a share enable (gbl-ns-vol-shr)). You can use this command to wait for any given process to finish writing a report. If you set a timeout and it expires before the report is finished, the command exits with a warning. | |
| bstnA# wait-for report remService_medco_201005260714.rpt | |
