Command line reference
After logging into the system, the user has access to all available commands, grouped into four menus, as follows:
- Configuration
- Statistics
- Status
- System
Each menu can be selected by typing its name in the console, e.g.:
.> configuration
Useful commands to navigate the console:
lsorhelpto list available branches (or by hitting TAB from keyboards).returns to the initial branch..returns to the previous branch- CTRL+D cancels a running command
Commands residing in cascading menus can also be executed from any location, outside their normal context menu, using the [.] prefix, provided the path and the command name is known, e.g.:
.status.device.> .configuration.interface.01 .configuration.interface.01.>
Configuration
The Configuration menu is used for the administration of all the interfaces (ports) in the system. An interface must first be selected (from 01 to 32, 56 or 64 depending on the model) before configuring it:
.configuration.> interface.01 .configuration.interface.01.>
The following commands are available:
.configuration.interface.01.enable
Enables the selected interface.
.configuration.interface.01.disable
Disables the selected interface.
.configuration.interface.01.label [show/set/reset]
- show displays the port label.
- set sets the port label.
- reset resets the port label.
.configuration.interface.01.show
Displays the configuration associated with the selected interface and its current status regarding the link, whether it is enabled or not, speed and duplex mode.
.configuration.interface.01.speed [value]
Sets the port speed. Available values (depending on the port): 1G, 10G, 25G, 40G, 100G, 100G_FEC_RS, 2x50G, 4x10G, 4x25G, AUTONEG.
.configuration.interface.01.statistics
Displays statistics counters for the specified port.
.configuration.interface.01.transceiver.show
Displays information about the SFP/QSFP transceiver present in the interface. Key metrics here are the Tx and Rx dB levels which can offer insight on whether the fiber lines are experiencing faults or even intrusion attempts.
Statistics
The Statistics menu is used for displaying or resetting network traffic related statistics.
.> statistics
The following commands are available:
.statistics.global [show/reset]
- show displays the following global statistics: bytes received, bytes sent, packets received, packets sent.
- reset resets the global statistics.
.statistics.interface [port_number/all] [show/reset]
- show displays the full statistics for a specified interface, or, if all is selected, displays the full statistics for all interfaces.
- reset resets the full statistics for a specified interface, or, if all is selected, resets the full statistics for all interfaces.
Status
The Status menu is used for displaying the status of the main functionalities and the system itself.
.> status
The following commands are available:
.status.device.show
Displays general information about the device and device status.
.status.interface [port_number/all] [show/transceiver.show]
- show displays the configuration associated with the selected interface and its current status regarding link speed.
- transceiver.show displays information about the SFP/QSFP transceiver present in the interface, and about all ports.
System
The System menu is used for administrative changes.
.> system
The following commands are available:
.system.aaa.tacacs+ [add/config/show]
Configure remote authentication for the TACACS+ protocol.
.system.aaa.tacacs+.add --hostname [hostname or IPv4/IPv6 address] --login-type [login/chap/pap] --min-admin-level [0–15] --min-user-level [0–15] --port [0–65535] --priority [1–3] --secret [string] --timeout [1–3]
Adds a TACACS+ server.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --hostname | hostname or IPv4/IPv6 address | The TACACS+ server's hostname or IP address. | --hostname 10.10.10.1 |
| --login-type | login/chap/pap | The type of login used in the server. | --login-type login |
| --min-admin-level | 0–15 | Value that defines what priv_lvl is requested for a user to be granted admin privileges. | --min-admin-level 5 |
| --min-user-level | 0–15 | Value that defines what priv_lvl is requested for a user to be granted normal privileges. | --min-user-level 5 |
| --port | 0–65535 | The port for the connection to the TACACS+ server. Default expected port is 49. | --port 49 |
| --priority | 1–3 | The server priority in the user selection within the device. A server with a lower value have higher priority, so their users will be selected first in case of duplicates. There cannot be 2 specified servers sharing the same priority. | --priority 1 |
| --secret | string | Key string used to encrypt the communication between the server and the client. | --secret key123 |
| --timeout | 1–3 | Waiting time for response from the server, in seconds. | --timeout 1 |
.system.aaa.tacacs+.config --priority [1–4] --setting [enable/disable/restrict]
General settings for the TACACS+ authentication method.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --priority | 1–4 | Sets the priority of the TACACS+ authentication method. Lower value represents higher priority, meaning this method will be called before lower priority methods. | --priority 1 |
| --setting | enable/disable/restrict | Enables, disables, or restricts the method. Restrict means the method will only be used if all higher priority methods are failing. | --setting enable |
.system.aaa.tacacs+.show
Displays information about the current TACACS+ configuration. If one or more entries exist, they will be listed here. Existing entries can be configured using their current priority number as identifier (between 1 and 3).
.system.aaa.tacacs+.[1–3] [edit/remove/show]
Configure an existing TACACS+ entry using its priority number as identifier (between 1 and 3).
- edit edits the entry using the same options as the tacacs+.add command shown above.
- remove deletes the entry.
- show displays information about this entry.
.system.aaa.radius [add/config/show]
Configure remote authentication for the RADIUS protocol.
.system.aaa.radius.add --attribute_name [string] --attribute_type [string or integer] --attribute_value [string or integer] --fallback_role [none/admin/user/viewer] --hostname [hostname or IPv4/IPv6 address] --operator ['<', '<=', '=>', '>', '==', '!='] --port [0–65535] --priority [1–3] --role [none/admin/user/viewer] --secret [string] --timeout [1–3]
Adds a RADIUS server.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --attribute_name | string | Privilege map entry name. | --attribute_name entry1 |
| --attribute_type | string (str) or integer (int) | Privilege map entry type. | --attribute_type int |
| --attribute_value | string or integer | Privilege map entry value. | --attribute_value 23 |
| --operator | '<', '<=', '=>', '>', '==', '!=' | Privilege map entry value comparison operator. | --operator '==' |
| --role | none/admin/user/viewer | Privilege map entry role. | --role admin |
| --fallback_role | none/admin/user/viewer | Comes into effect when there isn’t a match between a user and a rule, with the 'none' option denying authentication access to any user. | --fallback_role none |
| --hostname | hostname or IPv4/IPv6 address | The RADIUS server's hostname or IP address. | --hostname 10.10.10.1 |
| --port | 0–65535 | The port for the connection to the RADIUS server. Default expected port is 1812. | --port 1812 |
| --priority | 1–3 | The server priority in the user selection within the device. A server with a lower value have higher priority, so their users will be selected first in case of duplicates. There cannot be 2 specified servers sharing the same priority. | --priority 1 |
| --secret | string | Key string used to encrypt the communication between the server and the client. | --secret key123 |
| --timeout | 1–3 | Waiting time for response from the server, in seconds. | --timeout 1 |
.system.aaa.radius.config --priority [1–4] --setting [enable/disable/restrict]
General settings for the RADIUS authentication method.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --priority | 1–4 | Sets the priority of the RADIUS authentication method. Lower value represents higher priority, meaning this method will be called before lower priority methods. | --priority 1 |
| --setting | enable/disable/restrict | Enables, disables, or restricts the method. Restrict means the method will only be used if all higher priority methods are failing. | --setting enable |
.system.aaa.radius.show
Displays information about the current RADIUS configuration. If one or more entries exist, they will be listed here. Existing entries can be configured using their current priority number as identifier (between 1 and 3).
.system.aaa.radius.[1–3] [edit/privilege-map/remove/show]
Configure an existing RADIUS entry using its priority number as identifier (between 1 and 3).
- edit edits the entry using the same options as the radius.add command shown above (with the exception of privilege map-specific options).
- privilege-map edits the privilege map for this entry.
- remove deletes the entry.
- show displays information about this entry.
.system.aaa.radius.[1–3].privilege-map [add/delete/edit/show]
Configure the privilege map of the specified RADIUS entry.
- add adds an entry to the privilege map of the specified RADIUS entry using the same privilege map-specific options as the radius.add command shown above (--attribute_name, --attribute_type, --attribute_value, --operator, --role).
- delete removes the entry specified with the --index option (e.g. --index 1 to remove the entry with index number 1).
- edit edits an entry using the same privilege map-specific options as the radius.add command shown above (--attribute_name, --attribute_type, --attribute_value, --operator, --role), in addition to the --index option (e.g. --index 1 to edit the entry with index number 1).
- show displays the current privilege map entries and their index numbers.
.system.aaa.supervisor [config/deactivate/edit/show]
Configure the Supervisor authentication method.
.system.aaa.supervisor.config --priority [1-4] --setting [enable/disable/restrict]
General settings for the Supervisor authentication method.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --priority | 1–4 | Sets the priority of the Supervisor authentication method. Lower value represents higher priority, meaning this method will be called before lower priority methods. | --priority 1 |
| --setting | enable/disable/restrict | Enables, disables, or restricts the method. Restrict means the method will only be used if all higher priority methods are failing. | --setting enable |
.system.aaa.supervisor.deactivate
Deactivates Supervisor authentication.
.system.aaa.supervisor.edit --hostname [hostname or IP address] --registration-token [string]
Changes the Supervisor hostname or IP address and registration token.
.system.aaa.supervisor.show
Displays information about the current configuration of the Supervisor authentication method.
.system.aaa.users [config/new/edit/remove/show]
Configure the Local Users authentication method.
.system.aaa.users.config --priority [1-4] --setting [enable/restrict]
General settings for the Local Users authentication method.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --priority | 1–4 | Sets the priority of the Local Users authentication method. Lower value represents higher priority, meaning this method will be called before lower priority methods. | --priority 1 |
| --setting | enable/restrict | Enables or restricts the method. Restrict means the method will only be used if all higher priority methods are failing. | --setting enable |
.system.aaa.users.new --email [email] --enable [true/false] --full_name [full_name] --password [password] --role [admin/user/viewer] --username [username]
Creates a new user account using the specified information.
| Option | Parameter | Description | Example |
|---|---|---|---|
| string | The user's email address. | --email new@user.it | |
| --enable | true/false | Enable or disable this user for local authentication. | --enable true |
| --full_name | string | The user's full name. Doesn't support spaces. | --full_name New_User |
| --password | string | The user account's password. Requires 8 characters, one letter uppercase, one letter lowercase, one digit. | --password Password1 |
| --role | admin/user/viewer | The user account's privileges. admin: full control, limitless administration and system update; user: create and set rules, aggregate and filter traffic, and port configuration; viewer: view only: settings, statistics, active rules. | --role admin |
| --username | string | The user account's unique name. | --username newuser |
.system.aaa.users.edit [username] --email [email] --enable [true/false] --full_name [full_name] --password [password] --role [admin|user|viewer] --username [newusername]
Edits the specified user account. All options are optional.
.system.aaa.users.remove [username]
Deletes the specified user account.
.system.aaa.users.show [username]
Displays information about the specified user account.
.system.aaa.show
Lists the authentication methods, whether they are enabled, disabled or restricted, and their priority.
.system.date.set --date [YYYY-MM-DD] --servers [server1,server2,...] --time [HH:MM:SS] --timezone [timezone] --type [user/ntp]
Configures the device's date and time settings.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --date | YYYY-MM-DD | Sets the date manually if --type is set to user. | --date 2008-10-31 |
| --servers | server1,server2,… | The list of NTP servers used to set the date and time if --type is set to ntp. | --servers 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org |
| --time | HH:MM:SS | Sets the time manually if --type is set to user. | --time 01:23:45 |
| --timezone | timezone | The time zone used to set the time if --type is set to ntp. Use .system.date.show_available_timezones to display the list of available time zones. | --timezone Europe/Amsterdam |
| --type | user/ntp | Selects whether the date and time are to be set manually or using NTP servers. | --type ntp |
.system.date.show
Displays the NTP status, time zone, date, time, and configured NTP server(s).
.system.date.show_available_timezones
Lists available timezones to be used for setting a new date.
.system.firewall [append/emplace/insert/remove/show]
Configure the management interface's firewall.
.system.firewall.append --active [true/false] --address [ip address] --label [string] --mask [0–128] --policy [allow/drop] --services [snmp,ssh,http,https]
Adds a firewall record at the end of the list.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets whether or not this entry is enabled. | --active true |
| --address | ip address | The source IPv4 or IPv6 address. | --address 1.1.1.1 |
| --label | string | The label for this entry. | --label fwentry1 |
| --mask | 0–128 | The CIDR mask. | --mask 32 |
| --policy | allow/drop | Sets whether to allow or drop traffic from the specified source IP address and service(s). | --policy allow |
| --services | snmp/ssh/http/https | The services targeted by this entry. | --services snmp,ssh,http,https |
.system.firewall.emplace --active [true/false] --address [ip address] --label [string] --mask [0–128] --policy [allow/drop] --priority [integer] --services [snmp,ssh,http,https]
Adds a firewall record into a specific priority place in the list. See the append command above for an explanation of the options. The only difference is the addition of the --priority option, which takes an integer parameter, e.g. --priority 1.
.system.firewall.insert --active [true/false] --address [ip address] --label [string] --mask [0–128] --policy [allow/drop] --services [snmp,ssh,http,https]
Adds a firewall record at the beginning of the list. See the append command above for an explanation of the options.
.system.firewall.remove --priority [integer]
Removes a firewall entry by specifying its priority. See the show command below for finding an entry's priority.
.system.firewall.show
Displays the list of current firewall entries and their priority.
.system.network [disable/set/status]
Configure the management interface's network settings.
.system.network.disable
Disables the Ethernet management port. The serial management port will still be operating. After issuing the command, the user must confirm it [yes].
Note: If connected through the Ethernet management port, after issuing the disable command, the session will be lost.
.system.network.set --type [disable/dhcp/static/dhcp_v4/dhcp_v6/eui-64] --ip [static IPv4 address] --prefix [IPv4 CIDR prefix] --gateway [gateway IPv4 address] --dns [first DNS IPv4 address] --dns2 [second DNS IPv4 address] --ip_v6 [static IPv6 address] --prefix_v6 [IPv6 CIDR prefix] --gateway_v6 [gateway IPv6 address] --dns_v6 [first DNS IPv6 address] --dns2_v6 [second DNS IPv6 address] --hostname [device hostname]
Sets the management interface's network settings.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --type | disable/dhcp/static/dhcp_v4/dhcp_v6/eui-64 | disable disables the management interface. dhcp sets the IP acquisition mode to DHCP IPv4/IPv6. static sets the IP acquisition mode to STATIC IPv4/IPv6. dhcp_v4 sets the IP acquisition mode to DHCP IPv4. dhcp_v6 sets the IP acquisition mode to DHCP IPv6. eui-64 sets the IP acquisition mode to STATIC IPv6 EUI-64. | --type dhcp |
| --ip | IPv4 address | Sets the management interface's IPv4 address, if --type is set to static. | --ip 127.0.0.1 |
| --prefix | IPv4 CIDR prefix | Sets the management interface's IPv4 CIDR prefix, if --type is set to static. | --prefix 24 |
| --gateway | IPv4 address | Sets the management interface's gateway's IPv4 address, if --type is set to static. | --gateway 192.168.1.1 |
| --dns | IPv4 address | Sets the management interface's first DNS's IPv4 address, if --type is set to static. | --dns 8.8.8.8 |
| --dns2 | IPv4 address | Sets the management interface's second DNS's IPv4 address, if --type is set to static. | --dns2 8.8.8.8 |
| --ip_v6 | IPv6 address | Sets the management interface's IPv6 address, if --type is set to static or eui-64. | --ip_v6 ::1 |
| --prefix_v6 | IPv6 CIDR prefix | Sets the management interface's IPv6 CIDR prefix, if --type is set to static. | --prefix_v6 64 |
| --gateway_v6 | IPv6 address | Sets the management interface's gateway's IPv6 address, if --type is set to static or eui-64. | --gateway_v6 FE80::1 |
| --dns_v6 | IPv6 address | Sets the management interface's first DNS's IPv4 address, if --type is set to static or eui-64. | --dns_v6 2001:4860:4860::8888 |
| --dns2_v6 | IPv6 address | Sets the management interface's second DNS's IPv4 address, if --type is set to static or eui-64. | --dns2_v6 2001:4860:4860::8888 |
| --hostname | string | Sets the management interface's hostname. | --hostname hostname |
.system.network.status
Displays the network parameters of the unit: IP mode, hostname, link status, IP, mask, gateway, DNS, and MAC.
.system.license.install --insecure [true/false] --url [license file url]
Installs a new license on the device.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --insecure | true/false | Specifies whether the license URL uses a secure connection. | --insecure false |
| --url | URL | The URL of the new license to install on the device (HTTP/HTTPS/FTP). If server credentials are required, they need to be passed as part of the url in the form ftp://user:password@server/file. If the username or password include special characters that cannot be expressed in the URL format, they will need to be replaced with their entity codes (e.g `@` will be `%40`). A list is available at https://dev.w3.org/html5/html-author/charref | --url ftp://user:password@server/file |
.system.reboot --force [true/false]
Reboots the system, keeping all configurations intact. After issuing the command, the user must confirm it [yes].
Note: Rebooting the unit will temporarily disrupt the data flow.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --force | true/false | Optional. If set to true, the system will reboot without asking for confirmation. | --force true |
.system.snmp.communities [add/delete/edit/show]
Configure SNMP v2c communities.
.system.snmp.communities.add --active [true/false] --name [name]
Adds an SNMP community.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets the new community as active or inactive. | --active true |
| --name | string | Sets the new community's name. | --name community1 |
.system.snmp.communities.edit --active [true/false] --id [id] --name [name]
Edits the community specified by the --id option.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets the specified community as active or inactive. | --active true |
| --id | integer | Specifies the id of the community to edit. | --id 21 |
| --name | string | Set the new name of the specified community. | --name community1 |
.system.snmp.communities.delete --id [id]
Deletes the community specified by the --id option.
.system.snmp.communities.show --id [id]
Displays details about the community specified by the --id option, or about all communities if --id isn't used.
.system.snmp.enable
Enables the SNMP service.
.system.snmp.disable
Disables the SNMP service.
.system.snmp.state
Displays the state of the SNMP service.
.system.snmp.trapsinks [add/edit/delete/show]
Configure SNMP trapsinks.
.system.snmp.trapsinks.add --active [true/false] --community [community] --host [hostname] --name [name] --port [port] --user [user] --version [v2c/v3]
Adds an SNMP trapsink.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets the new trapsink as active or inactive. | --active true |
| --community | string | The trap receiver community, if --version is set to v2c. | --community community1 |
| --host | hostname or IPv4/IPv6 | The trap receiver hostname or IP address. | --host 11.11.11.11 |
| --name | strong | Sets the new trapsink's name. | --name trapsink1 |
| --port | integer | The trap receiver port. | --port 161 |
| --user | string | The trap receiver user, if --version is set to v3. | --user snmpuser1 |
| --version | v2c/v3 | The SNMP version for the new trapsink. | --version v2c |
.system.snmp.trapsinks.edit --active [true/false] --community [community] --host [hostname] --id [id] --name [name] --port [port] --user [user] --version [v2c/v3]
Edits the SNMP trapsink specified by the --id option.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets the specified trapsink as active or inactive. | --active true |
| --community | string | The trap receiver community, if --version is set to v2c. | --community community1 |
| --host | hostname or IPv4/IPv6 | The trap receiver hostname or IP address. | --host 11.11.11.11 |
| --id | integer | Specifies the id of the trapsink to edit. | --id 10 |
| --name | strong | Sets the trapsink's new name. | --name trapsink1 |
| --port | integer | The trap receiver port. | --port 161 |
| --user | string | The trap receiver user, if --version is set to v3. | --user snmpuser1 |
| --version | v2c/v3 | The SNMP version. | --version v2c |
.system.snmp.trapsinks.delete --id [id]
Deletes the SNMP trapsink specified by the --id option.
.system.snmp.trapsinks.show
Displays configured SNMP trapsinks.
.system.snmp.users [add/edit/delete/show]
Configure SNMP v3 users.
.system.snmp.users.add --active [true/false] --auth [md5/sha] --auth_pass [auth passphrase] --priv [des/aes] --priv_pass [priv passphrase] --security [noauth/auth/priv] --username [username]
Adds an SNMP user.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets the new user as active or inactive. | --active true |
| --auth | md5/sha | The algorithm for user authentication (--security set to auth or priv). | --auth sha |
| --auth_pass | string | The passphrase for user authentication (--security set to auth or priv). | --auth_pass userpwd1 |
| --priv | des/aes | The encryption protocol (--security set to priv). | --priv des |
| --priv_pass | string | The encryption passphrase (--security set to priv). | --priv_pass userpwd2 |
| --security | noauth/auth/priv | Selects the requested security policy. Note that requests sent by `noauth` users will be performed in clear over the network. | --security priv |
| --username | string | Sets the new user's name. | --username user1 |
.system.snmp.users.edit --active [true/false] --auth [md5/sha] --auth_pass [auth passphrase] --id [id] --priv [des/aes] --priv_pass [priv passphrase] --security [noauth/auth/priv] --username [username]
Edits the SNMP user specified by the --id option.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets the specified user as active or inactive. | --active true |
| --auth | md5/sha | The algorithm for user authentication (--security set to auth or priv). | --auth sha |
| --auth_pass | string | The passphrase for user authentication (--security set to auth or priv). | --auth_pass userpwd1 |
| --id | integer | Specifies the id of the user to edit. | --id 12 |
| --priv | des/aes | The encryption protocol (--security set to priv). | --priv des |
| --priv_pass | string | The encryption passphrase (--security set to priv). | --priv_pass userpwd2 |
| --security | noauth/auth/priv | Selects the requested security policy. Note that requests sent by `noauth` users will be performed in clear over the network. | --security priv |
| --username | string | Sets the specified user's new name. | --username user1 |
.system.snmp.users.delete --id [id]
Deletes the SNMP user specified by the --id option.
.system.snmp.users.show --id [id]
Displays details about the user specified by the --id option, or about all users if --id isn't used.
.system.syslog.application.show
Displays all application logs and their timestamps.
.system.syslog.system.show
Displays all system logs and their timestamps.
.system.syslog.servers [add/edit/delete/show]
Configure remote syslog servers to send logs to.
.system.syslog.servers.add --active [true/false] --hostname [hostname] --port [port] --priority [alert/emerg/crit/error/warning/notice/info/debug] --protocol [tcp/udp] --type [system/app/both]
Adds a remote syslog server entry.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets the new server as active or inactive. | --active true |
| --hostname | hostname or IPv4/IPv6 | The server's hostname or IP address. | --hostname 1.1.1.1 |
| --port | integer | The server port through which to connect. | --port 5454 |
| --priority | alert/emerg/crit/error/warning/notice/info/debug | The type of logs to send. From alert (send only the highest priority logs) all the way down to debug (send everything). | --priority debug |
| --protocol | tcp/udp | The protocol used for sending the logs. | --protocol tcp |
| --type | system/app/both | The log source: system sends OS components logs, app sends management plane logs, both sends both. | --type both |
.system.syslog.servers.edit --active [true/false] --hostname [hostname] --id [id] --port [port] --priority [alert/emerg/crit/error/warning/notice/info/debug] --protocol [tcp/udp] --type [system/app/both]
Edits the remote syslog server entry specified by the --id option.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --active | true/false | Sets the server as active or inactive. | --active true |
| --hostname | hostname or IPv4/IPv6 | The server's hostname or IP address. | --hostname 1.1.1.1 |
| --id | integer | Specifies the id of the entry to edit. | --id 22 |
| --port | integer | The server port through which to connect. | --port 5454 |
| --priority | alert/emerg/crit/error/warning/notice/info/debug | The type of logs to send. From alert (send only the highest priority logs) all the way down to debug (send everything). | --priority debug |
| --protocol | tcp/udp | The protocol used for sending the logs. | --protocol tcp |
| --type | system/app/both | The log source: system sends OS components logs, app sends management plane logs, both sends both. | --type both |
.system.syslog.servers.delete --id [id]
Deletes the remote syslog server specified by the --id option.
.system.syslog.servers.show
Displays the list of remote syslog servers.
.system.update.install --insecure [true/false] --url [system package url]
Installs a new device firmware from a URL.
| Option | Parameter | Description | Example |
|---|---|---|---|
| --insecure | true/false | Specifies whether the firmware package URL uses a secure connection. | --insecure false |
| --url | URL | The URL of the firmware package to install on the device (HTTP/HTTPS/FTP). If server credentials are required, they need to be passed as part of the url in the form ftp://user:password@server/file. If the username or password include special characters that cannot be expressed in the URL format, they will need to be replaced with their entity codes (e.g `@` will be `%40`). A list is available at https://dev.w3.org/html5/html-author/charref | --url ftp://user:password@server/file |