1. Home
    2. Cortex
    3. Cortex XDR
    4. Cortex XDR™ Pro Administrator’s Guide
    5. Broker VM
    6. Manage Your Broker VMs
    7. Open Remote Terminal

    Open Remote Terminal

    Cortex XDR allows you to remotely connect to a broker VM directly from the Cortex XDR console.
    1. Navigate to
      Cortex XDR app
      gear.png
      Settings
      Broker
      VMs
       table.
    2. Locate the broker VM you want to connect to, right-click and select
      Open Remote Terminal
      .
      Cortex XDR opens a CLI window where you can perform the following commands:
      • Logs
        Broker VM logs located are located in
        /data/logs/ folder
         and contain the applet name in file name. For example, folder
        /data/logs/[applet name]
        , containing
        container_ctrl_[applet name].log
      • Ubuntu Commands
        Cortex XDR Broker VM supports all Ubuntu commands. For example,
        telnet 10.0.0.10 80 or ifconfig -a
        .
      • Sudo Commands
        Cortex XDR requires you use the following values when running commands:
        Applet Names
        • Agent Proxy—
          tms_proxy
        • Syslog Collector—
          anubis
        • WEC—
          wec
        • Network Mapper—
          network_mapper
        • Pathfinder—
          odysseus
        Services
        • Upgrade-—
          zenith_upgrade
        • Frontend service—
          webui
        • Sync with Cortex XDR—
          cloud_sync
        • Internal messaging service (RabbitMQ)-—
          rabbitmq-server
        • Uploads metrics to the Cortex XDR—
          metrics_uploader
        • Prometheus node exporter—
          node_exporter
        • Backend service—
          backend
        Command
        Description
        Example
        applets_restart
        Restarts one or more applets.
        >
        sudo applets_restart wec
        applets_start
        Start one or more applets.
        >sudo applets_start wec
        applets_status
        Check the status of one or more applets.
        > sudo applets_status wec
        applets_stop
        Stop one or more applets.
        > sudo applets_stop wec
        services_restart
        Restarts one or more services. OS services are not supported.
        > sudo services_restart cloud_sync
        services_start
        Start one or more services
        > sudo services_start cloud_sync
        services_status
        Check the status of one or more services.
        > sudo services_status cloud_sync
        services_stop
        Stop one or more services.
        > sudo services_restart cloud_sync
        set_ui_password.sh
        Changes password of the Broker VM Web UI.
        Run the command, enter the new password followed by Ctrl+D.
        > sudo set_ui_password.sh
        tcpdump
        Linux capture network traffic command.
        You must use
        -w
         flag in order to print output to file.
        > sudo tcpdump -i eth0 -w /tmp/packets.pcap
        kill
        Linux kill command.
        > sudo kill [some pid]
        route
        Modify your IP address routing.
        /sbin/route

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2020 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo