Access Cytool

To view syntax and usage examples for Cytool commands, use the /? option after any command.
  1. Open a command prompt (on Windows) or Terminal (on Mac) as an administrator:
    Windows:
    • Select StartAll ProgramsAccessories. Right-click Command prompt, and then select Run as administrator.
    • Select Start. In the Start Search box, type cmd. Then, to open the command prompt as an administrator, press CTRL+SHIFT+ENTER.
    Mac:
    • From Finder, select ApplicationsUtilities. Double-click Terminal.
  2. Navigate to the folder that contains Cytool:
    OSExample
    Windows
    C:\Users\Administrator> cd
    C:\Program Files\Palo Alto Networks\Traps
    Mac
    PANM2637HQ:~ jdoe$ cd /Library/Application\ Support/PaloAltoNetworks/Traps/bin
    Linux
    root@ubuntu:~$ cd /opt/traps/bin
  3. View usage and options for the cytool command:
    Windows:
    c:\Program Files\Palo Alto Networks\Traps> cytool
    Traps (R) supervisor tool 4.1.2.29819
    (c) Palo Alto Networks, Inc. All rights reserved
    
    Usage: CYTOOL /? | [[/a] command [/? | options]]
    Options:
        /?             Display this help message.
        /a             Authenticate as supervisor.
        command        enum | protect | startup | runtime | policy | log | quarantine | stat | tla | info | image | wf
    
    For more information on a specific command run
        CYTOOL command /?
    
    Mac:
    On Mac endpoints, you must run the command as a superuser (sudo) and supply the administrator password.
    PANM2637HQ:bin jdoe$ sudo
    ./cytool
    Usage: cytool<options>
    cytool - Support tool
    
    Options:
    -h --help                                           Display help information.
    enum                                                List processes protected by Traps.
    rpc <enable | disable> <process_name | all>         Enable/Disable RPC services for daemon(s) and agent(s).
    esm <connect | disconnect> [address=hostname:port]  Connect/Disconnect Traps to/from ESM.
    startup query                                       List startup status for traps endpoint agent(s) and daemon(s).
    startup <enable | disable> <process_name | all>     Enable/Disable agent(s) and daemon(s) after reboot.
    runtime query                                       List runtime status for agent(s), daemon(s) and kernel extensions.
    runtime <start | stop> <process_name | all>         Start/Stop agent(s), daemon(s) and kernel extensions immediately.
    persist list                                        Display list of persistent databases.
    persist export <db_name | all>                      Export database(s) to the file(s) in JSON format.
    persist import <db_name> <file_name>                Import data into the database from the given file.
    persist print <db_name | all> [csv]                 Print database to the command prompt.
    log <log_level> <process_name | all>                Set log level for the desired process.
    log collect											Generate support fle archive.
    wakeup                                              Wake up from OS incompatibility state.
    dump <enable | disable | restore>                   Enable/Disable dump generation or restore policy settings.
    checkin												Initiate Check In Now (send heartbeat to server).
    opswat <installed | running | protected | version>	Check Traps Agent status and version.
    Linux:
    From the Linux server, run the cytool command without any arguments or with -h or --help options.
    root@ubuntu:~$ /opt/traps/bin/cytool
    
    Usage: cytool<options>
    cytool - Support tool
    
    Options:
    -h --help                                           Display help information.
    enum                                                List processes protected by Traps.
    startup query                                       List startup status for traps endpoint agent(s) and daemon(s).
    startup <enable | disable> <process_name | all>     Enable/Disable agent(s) and daemon(s) after reboot.
    runtime query                                       List runtime status for agent(s), daemon(s) and kernel extensions.
    runtime <start | stop> <process_name | all>         Start/Stop agent(s), daemon(s) and kernel extensions immediately.
    persist list                                        Display list of persistent databases.
    persist export <db_name | db_path>                  Export database(s) to the file(s) in JSON format.
    persist import <db_name | db_path> <file_name>      Import data into the database from the given JSON file.
    persist print <db_name | db_path> [csv]             Print database to the command prompt.
    log <log_level> <process_name | all>                Set log level for the desired process.
    log collect                                         Generate support file archive.
    dump <enable | disable | restore>                   Enable/Disable dump generation or restore policy settings.
    checkin                                             Initiate Check In Now (send heartbeat to ESM).

Related Documentation