Access Cytool

To view syntax and usage examples for Cytool commands, use the
/?
option after any command.
  1. Open a command prompt (on Windows) or Terminal (on Mac) as an administrator:
    Windows:
    • Select
      Start
      All Programs
      Accessories
      . Right-click
      Command prompt
      , and then select
      Run as administrator
      .
    • Select
      Start
      . In the
      Start Search
      box, type
      cmd
      . Then, to open the command prompt as an administrator, press
      CTRL
      +
      SHIFT
      +
      ENTER
      .
    Mac:
    • From
      Finder
      , select
      Applications
      Utilities
      . Double-click
      Terminal
      .
  2. Navigate to the folder that contains Cytool:
    OS
    Example
    Windows
    C:\Users\Administrator>
    cd C:\Program Files\Palo Alto Networks\Traps
    Mac
    PANM2637HQ:~ jdoe$
    cd /Library/Application\ Support/PaloAltoNetworks/Traps/bin
    Linux
    root@ubuntu:~$
    cd /opt/traps/bin
  3. View usage and options for the
    cytool
    command:
    Windows:
    c:\Program Files\Palo Alto Networks\Traps>
    cytool
    Traps (R) supervisor tool 4.1.2.29819 (c) Palo Alto Networks, Inc. All rights reserved Usage: CYTOOL /? | [[/a] command [/? | options]] Options: /? Display this help message. /a Authenticate as supervisor. command enum | protect | startup | runtime | policy | log | quarantine | stat | tla | info | image | wf For more information on a specific command run CYTOOL command /?
    Mac:
    On Mac endpoints, you must run the command as a superuser (sudo) and supply the administrator password.
    PANM2637HQ:bin jdoe$
    sudo ./cytool
    Usage: cytool<options> cytool - Support tool Options: -h --help Display help information. enum List processes protected by Traps. rpc <enable | disable> <process_name | all> Enable/Disable RPC services for daemon(s) and agent(s). esm <connect | disconnect> [address=hostname:port] Connect/Disconnect Traps to/from ESM. startup query List startup status for traps endpoint agent(s) and daemon(s). startup <enable | disable> <process_name | all> Enable/Disable agent(s) and daemon(s) after reboot. runtime query List runtime status for agent(s), daemon(s) and kernel extensions. runtime <start | stop> <process_name | all> Start/Stop agent(s), daemon(s) and kernel extensions immediately. persist list Display list of persistent databases. persist export <db_name | all> Export database(s) to the file(s) in JSON format. persist import <db_name> <file_name> Import data into the database from the given file. persist print <db_name | all> [csv] Print database to the command prompt. log <log_level> <process_name | all> Set log level for the desired process. log collect Generate support fle archive. wakeup Wake up from OS incompatibility state. dump <enable | disable | restore> Enable/Disable dump generation or restore policy settings. checkin Initiate Check In Now (send heartbeat to server). opswat <installed | running | protected | version> Check Traps Agent status and version.
    Linux:
    From the Linux server, run the
    cytool
    command without any arguments or with
    -h
    or
    --help
    options.
    root@ubuntu:~$
    /opt/traps/bin/cytool
    Usage: cytool<options> cytool - Support tool Options: -h --help Display help information. enum List processes protected by Traps. startup query List startup status for traps endpoint agent(s) and daemon(s). startup <enable | disable> <process_name | all> Enable/Disable agent(s) and daemon(s) after reboot. runtime query List runtime status for agent(s), daemon(s) and kernel extensions. runtime <start | stop> <process_name | all> Start/Stop agent(s), daemon(s) and kernel extensions immediately. persist list Display list of persistent databases. persist export <db_name | db_path> Export database(s) to the file(s) in JSON format. persist import <db_name | db_path> <file_name> Import data into the database from the given JSON file. persist print <db_name | db_path> [csv] Print database to the command prompt. log <log_level> <process_name | all> Set log level for the desired process. log collect Generate support file archive. dump <enable | disable | restore> Enable/Disable dump generation or restore policy settings. checkin Initiate Check In Now (send heartbeat to ESM).

Related Documentation