The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Starting from Cisco CMX 10.3.1, you can use the Tab key to auto complete any Cisco CMX command on the command line interface. If you enter cmxos and then click the Tab key, the CLI displays the available keywords. If you enter a partial string and then click the Tab key, the CLI then displays the complete string.
Cisco CMX CLI does not support read-only user accounts. It supports only cmxadmin and root user accounts.
To export Cisco CMX history data from Cassandra to a CSV file, use the cassandraexport command.
cassandraexport {--date <yyyy/mm/dd>} [--table <tablename> | --file <filename> | --sql <sql statement> | --rowsperfetch <rows per fetch>]
| --date <yyyy/mm/dd> |
Date on which the export is to be performed. This is required. |
| --table <table name> |
(Optional) Name of the table to export. |
| --file <filename> |
(Optional) Name of the CSV file. The default is /tmp/CassandraExport_sql.csv. |
| --sql <sql statement> |
This option is not currently supported. |
| --rowsperfetch <rows per fetch> |
(Optional) The default is 1000 rows. |
None.
CMX root user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
This command extracts a maximum of only one day of data, starting from midnight of the date given to the time when the command is issued.
You can use these methods to export Cisco CMX data from Cassandra:
The method that we most recommend is through the Notifications feature (Manage > Notifications> New Notification). For more information, see the “Managing Notifications from Applications” section in the Cisco Connected Mobile Experiences Configuration Guide for this release at: http://www.cisco.com/c/en/us/support/wireless/mobility-services-engine/products-installation-and-configuration-guides-list.html
An alternative method is to use the cassandraexport command, and to export daily. We recommend that you schedule the export during a quiet period of the day, for example 2:00 A.M. If you use this method during a time when the system is continuously changing, a timeout can occur.
Use the Cisco CMX History API only if your export does not exceed 2000 records, for example 100 floors.
The following example shows how to export Cisco CMX data from Cassandra to a CSV file:
[cmxadmin@server]# /opt/cmx/bin/cassandraexport --date 2017/06/14
Data exported into the file /tmp/CassandraExport_201706150220-02.csvTo check the database for schema integrity, use the cmxctl checkdb command.
cmxctl checkdb { cassandra | postgres }
| cassandra |
Checks the cassandra schema. |
| postgres |
Checks the postgres schema. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3 |
This command was introduced. |
The following example shows how to the schemen integrity for cassandra and postgres database:
[cmxadmin@server]# cmxctl checkdb cassandra
Schema passed analytics
Schema passed loc
Schema passed mse
Cassandra passed schema validation
[root@server]# cmxctl checkdb postgres
Schema passed analytics
Schema passed loc
Schema passed mse
Postgres passed schema validationTo check logs and generate a report, use the cmxctl checklogs command.
cmxctl checklogs
None
CMX admin user
After a report is generated, the specific log that shows the error can be viewed for additional details. For example, /opt/cmx.var.log.cmxjobs.log.3 has 108 errors, use the command more /opt/cmx.var.log.cmxjobs.log.3 to view the corresponding file.
The following example shows how to check logs and generate a report:
[cmxadmin@cmx]# cmxctl checklogs
************************************************************************
Checking /opt/cmx/var/log/cmxjobs.log.3 for errors..
/opt/cmx/var/log/cmxjobs.log.3 has 108 errors
**********************************************************************
Checking /opt/cmx/var/log/system-cron.log for errors..
/opt/cmx/var/log/system-cron.log has 0 errors
************************************************************************
Checking /opt/cmx/var/log/cmxjobs.log for errors..
/opt/cmx/var/log/cmxjobs.log has 81 errors
************************************************************************
Checking /opt/cmx/var/log/collectd.log for errors..
/opt/cmx/var/log/collectd.log has 0 errors
***********************************************************************
Checking /opt/cmx/var/log/consul.log for errors..
/opt/cmx/var/log/consul.log has 0 errors
************************************************************************
Checking /opt/cmx/var/log/qless-py-worker.log for errors..
/opt/cmx/var/log/qless-py-worker.log has 0 errors
************************************************************************
Checking /opt/cmx/var/log/influxdb.log for errors..
/opt/cmx/var/log/influxdb.log has 0 errors
************************************************************************
Checking /opt/cmx/var/log/cmxjobs.log.4 for errors..
/opt/cmx/var/log/cmxjobs.log.4 has 108 errors
***********************************************************************To configure general analytics settings, use the cmxctl config analytics command:
cmxctl config analytics {cleanRedis | enableMinDwellFilter | {True | False} | setMinDwellFilter <value> | setNumMonthsRepeatHistory <value> | view}
| cleanRedis |
Removes old, invalid Redis bloom filters. |
| enableMinDwellFilter {True | False} |
|
| setMinDwellFilter <value> |
Sets the minimum dwell filter value [0-1440]. The default is 0. |
| setNumMonthsRepeatHistory <value> |
Sets the number of months [0-6] to retain the repeat history. The default is 6. |
| view |
Displays the general analytics settings. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional subcommands were added. |
|
Cisco CMX Release 10.3.1 |
This command was introduced. |
You can set a minimum dwell filter to filter out visitors whose dwell at the root campus level is less than a specified amount. The root campus level encompasses all campuses; it represents the root of the heterarchy. This affects the aggregated data, so once the filter is enabled, it applies to all reports for that day moving forward (until it is disabled again). This filter does not affect the raw visits.
If you configure the minimum dwell filter setting, you must restart Cisco CMX for the change to take effect. Use the cmxctl restart command to restart Cisco CMX.
 Note |
Use the minimum dwell filter only if you don't want to see devices that spend less than the minimum number of minutes at the root campus level. |
Repeat history is kept for the current month and the set number of previous months. This set number of months must be in the range of 0 to 6 months. You do not need to restart Cisco CMX to put this setting into effect.
Note |
If you use the setNumMonthsRepeatHistory command, all current repeat history is deleted. |
The following example shows how to display the current general analytics settings:
[cmxadmin@cmx]# cmxctl config analytics view
+--------------------------+------+
| enableMinimumDwellFilter | True |
+--------------------------+------+
| minimumDwellFilter | 30 |
+--------------------------+------+
| numMonthsRepeatHistory | 6 |
+--------------------------+------+
The following example shows how to set and enable the Analytics minimum dwell filter setting:
[cmxadmin@cmx]# cmxctl config analytics setMinDwellFilter 30
+--------------------------+-------+
| enableMinimumDwellFilter | False |
+--------------------------+-------+
| minimumDwellFilter | 0 |
+--------------------------+-------+
| numMonthsRepeatHistory | 6 |
+--------------------------+-------+
[root@server]# cmxctl config analytics enableMinDwellFilter True
+--------------------------+-------+
| enableMinimumDwellFilter | True |
+--------------------------+-------+
| minimumDwellFilter | 30 |
+--------------------------+-------+
| numMonthsRepeatHistory | 6 |
+--------------------------+-------+
[root@server]# cmxctl analytics restart
...............
Service Analytics has successfully restarted.[cmxadmin@cmx]# cmxctl config analytics cleanRedis
Cleaning up old bloom filters from redis on 2018-06-26
Month filter cutoff date = 2017-12-01
Current valid ids = [4, 3, 2, 1, 17, 18, 8, 9, 11, 12, 13, 14, 19]
cutoff = 2017-12-01
validids = [4, 3, 2, 1, 17, 18, 8, 9, 11, 12, 13, 14, 19]
cutoff = 2018-06-25
validids = [4, 3, 2, 1, 17, 18, 8, 9, 11, 12, 13, 14, 19]
Deleting key: Day_2018-06-23_2
Deleting key: Day_2018-06-24_4
Deleting key: Day_2018-06-21_2
Deleting key: Day_2018-06-21_12
Deleting key: Day_2018-06-24_12
Deleting key: Day_2018-06-22_12
Deleting key: Day_2018-06-23_4
Deleting key: Day_2018-06-21_8
Deleting key: Day_2018-06-23_12
Deleting key: Day_2018-06-22_2
Deleting key: Day_2018-06-24_8
Deleting key: Day_2018-06-22_8
Deleting key: Day_2018-06-21_14
Deleting key: Day_2018-06-22_4
Deleting key: Day_2018-06-23_14
Deleting key: Day_2018-06-24_2
[cmxadmin@cmx]# cmxctl config analytics setNumMonthsRepeatHistory 5
Doing this will delete current history for ALL months. This will affect aggregated report
data but will NOT affect raw visits data. Do you want to continue? [y/N]: y
Successfully change the number of months tracked for repeat history.
+--------------------------+-------+
| enableMinimumDwellFilter | False |
+--------------------------+-------+
| minimumDwellFilter | 0 |
+--------------------------+-------+
| numMonthsRepeatHistory | 5 |
+--------------------------+-------+
[root@server]# #To delete an access point from Cisco CMX, use the cmxctl config aps delete command.
cmxctl config aps delete MAC Address
| MAC Address |
Displays the MAC address of the access point. |
None.
CMX admin user
| Release | Modification |
|---|---|
| Cisco CMX Release 10.4 |
This command was introduced. |
This command should be run at the cmxadmin level.
To enable and manage the remote logging of system events (syslogs), use the cmxctl config audit settings command. To view logged files, use the cmxctl config audit view command.
cmxctl config audit { restart | settings | status | view }
|
restart |
Restarts rsyslog service. |
|
settings |
Enables, disables and configures audit log settings. See Usage Guidelines for information. |
|
status |
Displays whether audit logging is running on CMX, or is disabled. For example, Remote Audit Logging = Disabled . |
|
view |
Displays all or specific log files. See Usage Guidelines for information. |
By default, remote system logging is disabled.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was modified to include restart and status keywords. |
|
Cisco CMX Release 10.5.0 |
This command was introduced. |
The command cmxctl config audit settings prompts you to enter the following configuration questions. If you enter no value, CMX selects the default value, shown in [brackets].
Note |
To enable remote audit logging, enter a remote syslog IP address, port number and domain name. Otherwise, only local audit logging is enabled. |
[cmxadmin@cmx]#cmxctl config audit settings
Enable or Disable Remote Syslogging [Enable / Disable] [Enable]:
If logs size goes beyond 1gb, drop or overwrite messages? [drop / overwrite] [overwrite]:
Protocol for rsyslog connection [TLS / IPSEC] [TLS]:
Please enter rsyslog IP: 192.0.2.1
Please enter rsyslog port [514]: 4514
Enter CA cert file for Remote syslog server: <<CA_FILE_NAME>>
Please enter rsyslog server's Common Name(CN) or Subject Alternate Name(SAN): cisco-ova-00
Please enter the email IDs (comma separated) for mail alerts: email@example.com
Checking for CRL Distribution Points
No CRL URI found. Skipping CRL download.
Import Rsyslog CA Certificate successful
0
Remote Audit Logging = Enabled
[cmxadmin@cmx]#cmxctl config audit settings
Enable or Disable Remote Syslogging [Enable / Disable] [Enable]:
If logs size goes beyond lgb, drop or overwrite messages? [drop / overwrite] [overwrite]:
Please enter rsyslog IP:
Please enter rsyslog port [514]:
Please enter rsyslog DNS name: yoursyslogserver.yourco.com
Please enter the email IDs (comma separated) for mail alerts: email@example.comFollow the prompts to select what events you would like logged:
Please select the events to be logged
All Events [yes/no] [yes]:
Settings saved
Starting rsyslog serviceIf you enter yes, all events are logged. If no, answer the following prompts:
Enter day [today(1)/yesterday(2)/last week(3)/last month(4)/all(5)] [5]:
Enter event type [MGMT_EVENT(1)/CONN_EVENT(2)/AUTH_EVENT(3)/CONF_EVENT(4)/ALL(5) [5]:
Enter identity [root(1)/admin(2)/all(3)] [3]:
Enter status [success(1)/failure(2)/all(3) [3]:
The command cmxctl config audit view prompts you to enter which types of logs you want to view.
Show all logs [yes/no] [yes]:
If you enter yes , all logged events are displayed. If no , answer the following prompts, or Enter to accept the default vaule.
Enter day [today(1)/yesterday(2)/last week(3)/last month(4)/all(5)] [5]:
Enter event type [MGMT_EVENT(1)/CONN_EVENT(2)/AUTH_EVENT(3)/CONF_EVENT(4)/ALL(5) [5]:
Enter identity [root(1)/admin(2)/all(3)] [3]:
Enter status [success(1)/failure(2)/all(3) [3]:
The following example shows how to enable remote system logging of all events:
[cmxadmin@cmx]#
cmxctl config audit settings
Enable or Disable Remote Syslogging [Enable / Disable] [Enable]:
If logs size goes beyond lgb, drop or overwrite messages? [drop / overwrite] [overwrite]:
Please enter rsyslog IP: 168.172.1.20
Please enter rsyslog port [514]: 514
Please enter rsyslog DNS name: sls1296@wowco.com
Please enter the email IDs (comma separated) for mail alerts: email@example.comRemote Audit Logging = EnabledPlease select the events to be logged
All Events [yes/no] [yes]: yes
Settings saved
Restarting rsyslog service
Shutting down system logger: [OK]
Starting system logger: [OK]
The following example shows how to display all admin-level success status logs for the current day.
[cmxadmin@cmx]#
cmxctl config audit view
Show all logs [yes/no] [yes]: no
Enter day [today(1)/yesterday(2)/last week(3)/last month(4)/all(5)] [5]: 1
Enter event type [MGMT_EVENT(1)/CONN_EVENT(2)/AUTH_EVENT(3)/CONF_EVENT(4)/ALL(5) [5]: 5
Enter identity [root(1)/admin(2)/all(3)] [3]: 2
Enter status [success(1)/failure(2)/all(3) [3]: 1
CMX displays the selected logs.
The following example shows how to view the audit log status.
[cmxadmin@cmx]#
cmxctl config audit status
Remote Audit Logging = Enabled
Remote Syslog Server IP = 10.20.1.10
Remote Syslog Server Port = 4514
Connection Protocol = TLSThe following example shows how to restart rsyslog service.
[cmxadmin@cmx]#
cmxctl config audit restart
rsyslog service restartedTo set strong CMX authentication requirements for passwords, logging in, and session timeout, use the cmxctl config auth settings command. To view these authentication settings, use the cmxctl config auth show command.
cmxctl config auth {settings | show}
|
settings |
Configures CMX authentication settings. |
|
show |
Displays CMX authentication settings. |
By default, strong authentication is not enabled.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.2 |
This command was modified to set fail interval to 15 minutes when UCAPL mode is enabled. Added two new parameters: Maximum password lifetime and Password Expiry Warning Period. |
|
Cisco CMX Release 10.6 |
This command was modified to add the default values for FIPS and UCAPL. |
|
Cisco CMX Release 10.5.0 |
This command was introduced. |
The command cmxctl config auth prompts you to set the appropriate values, according to your system authentication settings.
If Enable strong password is set to Yes, you can extend the password upto 127 characters. However, we recommend you to ensure that password should have minimum one lower case, one upper case, one digit and a special character.
Enable strong password [yes / no] [yes]:
Minimum password length [8-20] [8]:
Maximum password lifetime [1-9999] [9999]:
Password Expiry Warning Period [1-30] [14]:
Unsuccessful login attempts before account lock [3-5] [3]:
Fail interval in minutes [1-120] [15]:
Account lockout interval in minutes [1-120] [30]:
Session idle timeout in minutes [1-120] [30]:CMX authentication defaults with FIPS/UCAPL off:
CMX authentication defaults in FIPS mode:
Enable strong password [yes / no] [yes]:
Minimum password length [8-20] [8]:
Maximum password lifetime [1-9999] [9999]:
Password Expiry Warning Period [1-30] [14]:
Unsuccessful login attempts before account lock [3-5] [3]:
Account lockout interval in minutes [1-120] [30]:
Session idle timeout in minutes [1-120] [30]:
Restart services for the changes to take effectCMX authentication defaults in UCAPL mode:
Enable strong password [yes / no] [yes]:
Minimum password length [15-20] [15]:
Maximum password lifetime (in days): 60 days
Password Expiry Warning Period (in days): 7 days
Unsuccessful login attempts before account lock is set to 3 for UCAPL mode.
Fail interval in minutes [1-120] [15]:
Account lockout interval in minutes [1-120] [30]:
Session timeout is set to 15 minutes for UCAPL mode.
Enable Global session timeout (10 mins) for UCAPL mode [yes / no] [no]:
Global Session timeout set to: 15 minutes
Restart services for the changes to take effect
Note |
Fail interval is automatically set to 15 minutes when UCAPL mode is enabled. Cisco CMX account will be locked if consecutive failed login attempts occur within the set fail interval period. |
CMX authentication defaults in UCAPL over FIPS mode:
Enable strong password: yes
Minimum password length: 15-20 characters
Unsuccessful login attempts before account lock: 3
Enable Global session timeout (10 mins) for Web UI: yes
The following example shows how to display security parameters for a FIPS-enabled CMX:
[cmxadmin@cmx]# cmxctl config auth show
Enable strong password : yes
Minimum password length : 8
Maximum password lifetime : 9999
Password Expiry Warning Period : 30
Unsuccessful login attempts before account lock : 3
Fail interval in minutes : 15
Account Lockout interval in minutes : 30
Session idle timeout in minutes : 30
The following example shows how to configure auth settings:
[cmxadmin@cmx]# cmxctl config auth settings
Enable strong password [yes / no] [yes]: yes
Minimum password length [8-127] [8]: 8
Maximum password lifetime [1-9999] [9999]:9999
Password Expiry Warning Period [1-30] [14]:30
Unsuccessful login attempts before account lock [3-5] [3]: 3
Fail interval in minutes [1-120] [15]: 15
Account lockout interval in minutes [1-120] [30]: 30
Session idle timeout in minutes [1-720] [30]:
Restart services for the changes to take effect
The following example shows how to view the auth settings:
[cmxadmin@cmx]# cmxctl config auth show
Enable strong password : yes
Minimum password length : 8
Maximum password lifetime :9999
Password Expiry Warning Period :30
Unsuccessful login attempts before account lock : 3
Fail interval in minutes : 15
Account Lockout interval in minutes : 30
Session idle timeout in minutes : 30
To view the the SHA1 (keyHash) and SHA2(sha2KeyHash) strings, use the cmxctl config authinfo get command.
cmxctl config authinfo get
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command gets the authorization information for NMSP connections to the controllers.
The following example shows how to get the authorization information:
[cmxadmin@cmx]# cmxctl config authinfo get
+-------------------+------------------------------------------+------------------------------------------------------------------+
| macAddress | keyHashString | sha2KeyHashString |
+-------------------+------------------------------------------+------------------------------------------------------------------+
| 00:0c:29:07:36:84 | e743ac54029ce36282c582f04bfb45ec187c824d | 560d69882adb90dda10227651da0c6a2850999620b50f83ed0d157fb87d1a920 |
+-------------------+------------------------------------------+------------------------------------------------------------------+To add and manage external RADIUS authentication servers, use the cmxctl config authserver command.
cmxctl config authserver { delete | settings | show }
|
delete |
Removes an external RADIUS authentication server. |
|
settings |
Adds and configures an external RADIUS authentication server. |
|
show |
Shows external server configuration. |
External Remote Authentication Dial-In User Service (RADIUS) authentication server is not configured.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Before running this command, create a RADIUS user with information similar to the following example:
|
Entry |
Values |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
The cmxctl config authserver settings command prompts you to configure the authentication server:
Enter external RADIUS authentication server host :
Enter RADIUS server shared secret key :
Configure local account. This account can be used if RADIUS server is not reachable.
Enter username :
Enter password :
Repeat for confirmation :
External RADIUS authentication server configured successfully.The following example shows how to add an external RADIUS authentication server to CMX.
Note |
This example uses the values described in the Usage Guidelines. |
[cmxadmin@cmx]#
cmxctl config authserver settings
Enter external RADIUS authentication server host : 168.192.28.114
Enter RADIUS server shared secret key : Cisco123
Configure local account. This account can be used if RADIUS server is not reachable.
Enter username : radiusUser
Enter password : Cisco123
Repeat for confirmation : Cisco123
External RADIUS authentication server configured successfully.To create and manage a banner that displays when users log into CMX, use the cmxctl config banner command.
cmxctl config banner {disable | edit | show}
|
disable |
Disable the login banner. |
|
edit |
Edit the login banner text. |
|
show |
Display the login banner. |
By default, CMX has no login banner.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5.0 |
This command was introduced. |
|
Cisco CMX Release 10.6 |
This command was modified to include disable keyword. |
None
The following example shows how to create the login banner “CentOS release 7.0.”
[cmxadmin@cmx]# cmxctl config banner edit
Current Login Banner = []
Enter text to be displayed as login banner. Enter a single period on a line to terminate.
CentOS release 7.0
.
login as: cmxadmin
CentOS release 7.0
cmxadmin@168.172.1.20’s password:
Last login: 6/5/2018 1:10 PM
When you log into CMX from a browser, the banner message appears in a pop-up window on the login page.
The following example shows how to disable the login banner.
[cmxadmin@cmx]# cmxctl config banner disable
Login banner disabled successfully
To create, import, or manage security key certificates, use the cmxctl config certs command.
cmxctl config certs {clear | clientcertvalidation {enable | disable} | creatcsr | importcacert filename.pem | importcrl filename.pem | importcrlurl URL | importrsyslogca filename.pem | importradiusca filename.pem | importservercert filename.pem | installnewcerts | keytype {RSA | ECDSA} | show}
|
clear |
Clears certificate files in the /opt/cmx/srv/certs directory. |
||
|
clientcertvalidation |
When FIPS or UCAPL is enabled, configures CMX to validate all client certificates.
|
||
|
createcsr |
Creates a new public and private keypair, and generates a corresponding Certificate Signing Request (CSR). |
||
|
importcacert filename.pem |
Imports a Certificate of Authority (CA) Privacy Enhanced Mail (pem) file. |
||
|
importcrl filename.pem |
Imports a Certificate Revocation List (CRL) pem file. |
||
|
importcrlurl URL |
Imports the URL of the CRL online, to keep the CRL current. |
||
|
importrsyslogca filename.pem |
Imports a CA pem file for the remote syslog server. |
||
|
importradiusca filename.pem |
Imports a CA pem file for the Radius/AAA server. |
||
|
importservercert filename.pem |
Imports the signed certificate and private key for the CMX server, concatenated into a single pem file.
|
||
|
installnewcerts |
Generates new self-signed certificates.
|
||
|
keytype |
Selects your encryption algorithm key type.
|
||
|
show |
Displays certificate details. |
By default, authentication certificates are not created, imported, or validated.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release10.6.2 |
This command was modified to include importradiusca filename.pem keyword. |
|
Cisco CMX Release10.6 |
This command was modified to include clientcertvalidation , importcontrollerca , and importrsyslogca keywords. |
|
Cisco CMX Release 10.5.0 |
This command was introduced. |
Note |
Certificates and keys are stored in the /opt/cmx/srv/certs folder. |
Cisco recommends following this deployment order for cmxctl config certs commands.
cmxctl config certs clear — Optional, but recommended. Clears any certificates from the /opt/cmx/srv/certs directory.
cmxctl config certs keytype — Selects your key type: RSA (the default) or ECDSA.
cmxctl config certs installnewcerts — Generates new self-signed certificates in the /opt/cmx/srv/certs directory.
cmxctl config certs createcsr — Creates a Certificate Signing Request (CSR).
Private key — /opt/cmx/srv/certs/cmxserverkey.pem
CSR — /opt/cmx/srv/certs/cmxservercsr.pem
Send the CSR to an external CA, to obtain a signed certificate for the CMX server.
cmxctl config certs importcacert — Installs the CA certifications. At the prompt, provide an export and import password specific to this command.
cmxctl config certs importservercert — Installs the CA-signed server certificate and the private key as a concatenated pem file. At the prompt, provide an export and import password specific to this command.
The command cmxctl config certs clientcertvalidation enable prompts you to answer whether or not you want CMX to accept invalid client certificates.
Do you want to accept invalid client certificate? [yes/no] [no]:no—Enables client certificate validation, and will not accept invalid client certificates.
yes—Enables client certificate validation, but will accept invalid client certificates.
The following example shows how to clear out old certificates from the /opt/cmx/srv/certs directory.
[cmxadmin@cmx]# cmxctl config certs clear
Clear Certificates
The following example shows how to select key type ECDSA:
[cmxadmin@cmx]# cmxctl config certs keytype
Please enter key type [RSA / ECDSA] [RSA]:ECDSA
Keytype is set to ECDSA.
The following example shows how to generate new self-signed certification files in the /opt/cmx/srv/certs directory using an RSA key:
[cmxadmin@cmx]# cmxctl config certs installnewcerts
Keytype is RSA, generating RSA key with length 4096
Generating RSA private key, 4096 bit long modulus
.......................
...............................
e is 65537 (0x10001)
Generating RSA private key, 4096 bit long modulus
..............................................
..........................
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=CA/L=San Jose/O=MSE/CN=ServerCrt
Getting CA Private Key
Certificates are valid.
New self-signed certificates installed successfully.
To apply these certificate changes, CMX Services will be restarted now.
Please press Enter to continue. The following example shows how to create a new certificate signing request (CSR):
[cmxadmin@cmx]# cmxctl config certs createcsr
For SAN field of CSR, enter FQDN for CMXX server : servername.domain.com
Keytype is RSA, so generating RSA key with length 4096
Generating RSA private key, 4096 bit long modulus
...........
........
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]: US
State or Province Name (full name) [Some-State]: CA
Locality Name (eg, city) []: San Jose
Organization Name (eg, company) [Internet Widgits Pty Ltd]: Yourco, Inc.
Organizational Unit Name (eg, section) []: Gulag 10
Common Name (e.g. server FQDN or YOUR name) [servername.domain.com]: wirelesstestserver.domain.com
Email Address []:email@yourco.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
The CSR is in: /opt/cmx/srv/certs
The Private key is in: /opt/cmx/srv/certs
CSR created successfully.
Sometimes two or more files need to be combined (or concatenated) before you can import the resulting file. For example, you may have intermediate CA certificates as well as root certs. This example shows how to concatenate the files root-ca-cert.pem and intermediate-ca-cert.pem, and import the resulting file to CMX.
Concatenate the files:
[cmxadmin@cmx]# cat root-ca-cert.pem intermediate-ca-cert.pem > ca-chain.pem
Import the new file ca-chain.pem :
[cmxadmin@cmx]# cmxctl config certs importcacerts ca-chain.pem
Importing CA certificate.....
Enter Export Password: caexportpw
Verifying - Enter Export Password: caexportpw
Enter Import Password: caimportpw
Import CA Certificate successful
0
The importservercert command requires you to combine the server key and the server certificate into one pem file. The following example shows how to combine the files and import the resulting file.
Note |
Import CA chain certificates before importing the server certificate. |
Concatenate the files:
[cmxadmin@cmx]# cat cmxserverkey.pem signed-cert.pem > server-key-cert.pem
Import the new file server-key-cert.pem :
[cmxadmin@cmx]# cmxctl config certs importservercerts server-key-cert.pem
Importing Server certificate.....
Successfully transferred the file
At the prompts, provide an export and import password specific to this command.
Enter Export Password: svrexportpw
Verifying - Enter Export Password: svrexportpw
Enter Import Password: svrimportpw
Private key present in the file: /home/cmxadmin/server-key-cert.pem
Enter Import Password: svrimportpw
No CRL URI found. Skipping CRL download.
Validation of server certificate is successful
Import Server Certificate successful
Restart CMX services for the changes to take effect.
Server certificate imported successfully.
To apply these certificate changes, CMX Services will be restarted now.
Please press Enter to continue.
The following example shows how to display the details of the server certificate and all CA chain certificates:
[cmxadmin@cmx]# cmxctl config certs show
Certificate details
************************* Certificate Listing ********************
====================================================================
*********************** UMLC CA Certificate(s) ************************
====================================================================
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
b6:c0:fc:05:f6:27:45:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=CA, L=San Jose, O=MSE, CN=RootCA
Validity
Not Before: Jan 19 05:17:33 2018 GMT
Not After : Jan 18 05:17:33 2021 GMT
Subject: C=US, ST=CA, L=San Jose, O=MSE, CN=RootCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:ba:f2:2b:cd:87:90:23:f0:64:f5:83:d5:f2:90:
43:1a:16:36:c9:67:1a:82:f1:8f:6b:eb:1c:47:f1:
c4:fd:bf:55:98:ab:06:c0:90:dc:d7:13:1f:d3:2f:
12:e8:f2:74:66:65:7c:49:12:72:0c:27:9c:2e:84:
7e:29:a8:b6:18:62:5f:c2:97:a4:1c:e7:45:a2:cb:
f3:35:f3:64:15:e5:f0:27:6f:f1:07:61:41:9b:4c:
96:b3:56:d4:28:a4:85:90:86:52:4c:04:bc:da:38:
cc:f8:05:5b:3e:5c:03:b4:59:ec:8b:c9:5d:eb:61:
76:ba:20:3f:64:6c:25:5d:50:1e:85:37:ad:09:b2:
4a:fa:58:15:89:91:d9:5f:b8:9d:dd:64:31:8b:a4:
df:99:ff:ae:72:19:f8:a3:93:81:b9:4e:07:74:74:
95:b6:42:7b:5a:7d:38:92:4a:f4:86:5a:54:66:f0:
c1:fe:38:31:df:24:1c:40:94:36:67:8b:b3:56:93:
62:26:29:c2:cd:7f:7d:66:9d:f1:78:54:88:4f:6c:
b3:b7:80:54:05:03:09:c9:f9:14:65:8a:21:00:b5:
To manage Cisco Wireless Controllers (Cisco WLC), use the cmxctl config controllers command.
cmxctl config controllers {activeaps | add | delete | floors wlc-ip-address | import | missingaps | show}
| activeaps |
Displays active access points. |
||
| add |
Adds a Cisco WLC.
|
||
| delete |
Deletes a Cisco WLC. |
||
| floors wlc-ip-address |
Displays floors managed by Cisco WLCs. |
||
| import | Imports a Cisco WLC from Cisco Prime Infrastructure by providing the corresponding credentials, or by placing an exported Cisco Prime Infrastructure MAP file in the /opt directory of the Cisco CMX server and providing the path to the exported MAP file. | ||
| missingaps |
Lists the access points from which Cisco CMX has received data, but the access points are not yet placed on a map. |
||
| show |
Displays information pertaining to a Cisco WLC. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3.1 |
The missingaps and floors keywords were added. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
The message "controller added successfully" after a Cisco WLC is added, refers only to the correct parsing of the command. You should issue a cmxctl controllers show command to ensure that the Cisco WLC is not active.
The missingaps keyword uses SNMP to retrieve the AP's MAC addresses from the access point’s configuration cache every six hours. If the
AP MAC address is not present, it will be displayed as NA on the CLI.
In addition, the AP MAC address will be displayed only if you have enabled the configuration.apimport feature flag by using the cmxctl config featureflags configuration.apimport: true command. For example:
[cmxadmin@server]# cmxctl config featureflags configuration.apimport true
+---------------------------------+-------+
| location.compactlocationhistory | false |
+---------------------------------+-------+
| configuration.apimport | true |
The AP MAC address import occurs every 6 hours, so for new APs added to the controller, the AP MAC value for missingap will be available only after the next job run.
Starting from Cisco CMX Release 10.3.1, you can specify SNMP settings when you use the cmxctl config controllers add command. For example:
[cmxadmin@cmx]# cmxctl config controllers add
Please enter controller type [WLC / NGWC] [WLC]: WLC
Please enter controller ip: 0.0.0.0
Please enter the controller version [Optional]:
Please enter controller SNMP version [v1 / v2c / v3] [v2c]: v2c
Please enter controller SNMP write community [private]:
....................................................................
Controller Added 0.0.0.0
The following example shows how to display the Cisco WLC information:
[cmxadmin@cmx]# cmxctl config controllers show
+--------------+------+------------+----------------+------+--------+
| IP Address | Type | Version | Device Version | SHA2 | Status |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.65 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.44 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.46 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.70 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.93 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.97 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.35 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.58 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.82 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.84 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+
| 30.30.30.53 | WLC | 8.0.72.141 | - | No | ACTIVE |
+--------------+------+------------+----------------+------+--------+To manage history data, use the cmxctl config data command.
cmxctl config data deleteAll
| deleteALL |
Deletes all client history and analytics raw data. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
This command was introduced. |
This example shows how to delete client history and raw analytics data.
[cmxadmin@cmx]# cmxctl config data deleteAll
Do you wish to continue? All client history data, analytics data will be deleted and CMX services will be restarted. [y/N]: y
Stopping all the services
All the Application services are stopped
Data Deletion Began
Deleting All Analytics Raw Visits Data
Deleting All Clients History Data
Starting all the services
All the Application services are restarted
To manage percent setting at which warning alert is generated for unique device count on Cisco CMX, use the cmxctl config devicelimitalert command.
cmxctl config devicelimitalert {getalertpercent | setalertpercent percent}
| getalertpercent |
Displays the current percent setting after which warning alert is generated for Unique Device Count on Cisco CMX. |
| setalertpercent |
Sets a percentage limit for Unique Device Count warning alert on Cisco CMX. |
| percent |
Enter the percent settings after which a warning alert is generated for Unique Device Count on Cisco CMX. Percent value can be between 1-99. The default value is 90%. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.2 |
This command was introduced. |
This command should be run at the cmxadmin level.
The following example shows how to set percent setting after which a warning alert is generated for Unique Device Count on Cisco CMX:
[cmxadmin@cmx]# cmxctl config devicelimitalert setalertpercent
Percent after which Unique Device Alert gets generated [1-99] [90]: 50
Changed the Warning Alert Percent Setting for Device Count SuccessfullyThe following example shows how to display the percent setting for Unique Device Count warning alert on Cisco CMX:
[cmxadmin@cmx]# cmxctl config devicelimitalert getalertpercent
90To list and toggle feature flags, use the cmxctl config featureflags command.
cmxctl config featureflags {feature name} {true | false}
| service.featurename |
Name of the Cisco CMX service and feature.
|
| true |
Enables the feature of the service. |
| false |
Disables the feature of the service |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.2 |
This command was modified to add more location feature names. |
|
Cisco CMX Release 10.2.2 |
This command was changed. The display default for analytics.sma was changed to false. |
|
Cisco CMX Release 10.2.0 |
This command was introduced. |
The following example shows how to list the feature flags:
[cmxadmin@cmx]# cmxctl config featureflags
+-----------------------------------------+-------+
| location.compactlocationhistory | false |
+-----------------------------------------+-------+
| configuration.oi.host | true |
+-----------------------------------------+-------+
| configuration.apimport | false |
+-----------------------------------------+-------+
| location.ssidfilterpersistblockedmacs | false |
+-----------------------------------------+-------+
| location.rogueapclienthistory | false |
+-----------------------------------------+-------+
| location.filteredssidscleanupatmidnight | true |
+-----------------------------------------+-------+
| nmsplb.cmxgrouping | false |
+-----------------------------------------+-------+
| monit | true |
+-----------------------------------------+-------+
| container.influxdbreporter | true |
+-----------------------------------------+-------+
| nmsplb.autolearnssids | true |
+-----------------------------------------+-------+
| configuration.highendbypass | false |
+-----------------------------------------+-------+
| apiserver.enabled | true |
+-----------------------------------------+-------+
| location.computelocthroughassociatedap | false |
+-----------------------------------------+-------+
| analytics.queuetime | false |
+-----------------------------------------+-------+
To enable, verify, and manage Federal Information Processing Standards (FIPS) mode, use the cmxctl config fips command.
cmxctl config fips {enable | status | verify}
|
enable |
Enables FIPS mode. |
|
status |
Displays FIPS mode status. |
|
verify |
Verifies that your CMX system is correctly configured to support FIPS mode. |
By default, FIPS mode is disabled.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
Cisco CMX supports the Federal Information Processing Standard 140‑2 (FIPS 140‑2). FIPS 140‑2 is a standard published by the National Institute of Standards and Technology (NIST) and is used to accredit cryptographic modules in software components. The US Federal government requires that all IT products dealing with Sensitive, but Unclassified (SBU) information meet these standards. If your system needs to be FIPS 140‑2 compliant, you can enable FIPS. Once you do so, the system uses the cryptographic algorithms defined by the NIST for FIPS 140‑2 for all encrypted communication between its internal and external components.
Note |
FIPS is a prerequisite to UCAPL mode. Enable and configure FIPS before running the cmxctl config fips ucapl command. See cmxctl config fips ucaplmode. |
Cisco recommends that you run these commands before enabling FIPS mode:
cmxctl config certs... —Removes old certificates and installs or imports new ones.
cmxctl config audit settings —Configures CMX authentication settings.
cmxctl config certs importrsyslogca <cert.pem> —Imports a CA pem file for the remote syslog server.
cmxctl config fips verify —Checks to see if your system is correctly configured for FIPS.
Note |
Note that the command cmxctl config fips enable is irreversible. You cannot disable FIPS mode after you enable the FIPS mode. |
The following example shows how to check that your CMX system is correctly configured to support FIPS mode. In this example, the system lacks the strong password required for FIPS compliance.
[cmxadmin@cmx]# cmxctl config fips verify
+--------------------------------------+
| CA Certificate | True |
+--------------------------------------+
| Server Certificate | True |
+--------------------------------------+
| Server Key | True |
+--------------------------------------+
| Rsyslog CA Certificate | False|
+--------------------------------------+
Certificate Validation
+--------------------------------------+
| CA Cert Validation | True |
+--------------------------------------+
| Server Cert Validation | True |
+--------------------------------------+
| Client Cert Validation | True |
+--------------------------------------+
Security Configuration
+--------------------------------------+
| Strong Password | True |
+--------------------------------------+
| Security Parameters | True |
+--------------------------------------+
Audit Logging
+--------------------------------------+
| Audit Logging Status | False|
+--------------------------------------+To enable and manage pre-shared key (PSK) authentication in Federal Information Processing Standards (FIPS) mode, use the cmxctl config fips ipsecauth command.
cmxctl config fips ipsecauth { disablepsk | enablepsk | status}
|
ipsecauth |
Manages IPSec authentication. |
|
disablepsk |
Disables pre-shared key (PSK) authentication. |
|
enablepsk |
Enables PSK authentication. |
|
status |
Displays the current IPSec authorization type. The default is pubkey . |
By default, pre-shared key (PSK) authentication is disabled.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
The following example shows how to enable pre-shared key (PSK) authentication.
[cmxadmin@cmx]# cmxctl config fips ipsecauth enablepsk
IPSec auth type changed to PSK.
IPSec is configured with PSK : U9u3Pr8agBoUQoP2bKtxtk555J1JxfNr
Configuring ipsec ....
In primary
Stopping strongSwan IPsec...
Starting strongSwan 5.6.2 IPsec [starter]...
To enable, view status, or disable compliance with the U.S. Department of Defense Unified Capabilities Approved Products List (UCAPL) certification, use the cmxctl config fips ucaplmode command.
cmxctl config fips ucaplmode {enable | disable | status}
|
enable |
Enables UCAPL over FIPS mode. |
|
disable |
Disables UCAPL over FIPS mode. |
|
status |
Displays UCAPL mode status. |
By default, UCAPL mode is disabled.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
UCAPL mode is a higher level of security than FIPS alone. Its purpose is to maintain a single consolidated list of products that have completed Interoperability and cybersecurity certification. Less secure protocols, such as HTTP, TLS ver. 1, and RSA 1024 are no longer supported. Once you have enabled FIPS mode, you have the option to enable UCAPL mode. UCAPL requires a 15-20 character password, and disk encryption, among other restrictions.
Once UCAPL mode is enabled, the following authentication changes are made, if they are not already specified:
Enable strong password : yes
Minimum password length : 15
Unsuccessful login attempts before account lock : 3
Session timeout in minutes : 10
The following example shows how to enable UCAPL over FIPS mode:
[cmxadmin@cmx]#
cmxctl config fips ucaplmode enable
UCAPL mode enabled.The CMX processes restart.
To enable or disable an automatic backup that will run when UCAPL mode is enabled, use the cmxctl config fips ucaplmode autobackup command.
cmxctl config fips ucaplmode autobackup
By default, the CMX automatic backup is disabled. The backup duration is weekly.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
All auto-backups are run weekly, on the day and hour you select.
Note |
You can configure the auto-backup without being in UCAPL mode, but it will not run until UCAPL mode is enabled. |
The following example shows how to enable and configure an automatic backup for every Saturday night, while in UCAPL mode.
[cmxadmin@cmx]#
cmxctl config fips ucaplmode autobackup
CMX Auto Backup is currently disabled.
Do you want to enable it ? (yes/no) [yes]: yes
CMX Auto Backup frequency is weekly.
Please select day and hour of the week to run the auto-backup.
Day of the week: [0=Sunday, 1=Monday ... 6=Saturday] [0]: 6
Hour of the day: [0-23] [2]: 10
CMX auto-backup is now enabled.
Redirecting to /bin/systemctl restart crond.service
auto-backup will execute every Saturday at 10:10 AM
To enable read/write access to configuration file, use the cmxctl config fips ucaplmode logFileAccess command.
cmxctl config fips ucaplmode logFileAccess
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
The cmxctl config fips ucaplmode logFileAccess command prompts you to enable file access logging:
[cmxadmin@cmx]# cmxctl config fips ucaplmode logFileAccess
Enable File Access Logging [yes / no] [no]: yes
Restarting Audit Service
…
To enbale HTTP headers logging, use the cmxctl config fips ucaplmode logHTTPHeaders command.
cmxctl config fips ucaplmode logHTTPHeaders
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
We recommend that you enable this command only if needed. Note that this command can degrade the performance of the system due to the excessive logging. Disable this command when not needed.
The cmxctl config fips ucaplmode logHTTPHeaders command prompts you to enable file access logging:
[cmxadmin@cmx]# cmxctl config fips ucaplmode logHTTPHeaders
Enable HTTP Headers Logging [yes / no] [no]: yes
Restarting haproxy service
True
Done
The nodeagent service is currently running with PID: 4061
Attempting to restart Haproxy
....Service Haproxy has successfully restarted
logHTTPHeaders is enabled.To change the gateway configuration for cloud beacon management, use the cmxctl config gateway command.
cmxctl config gateway { cmx_cloud_url | URL | show }
| cmx_cloud_url |
Configure the cloud URL for Beacon Management. |
| URL |
Enter the cloud URL for Beacon Management. |
| show |
Displays the cloud URL configured for Beacon Management. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
This command was introduced. |
The following example shows how to display the gateway configuration for cloud beacon management:
[cmxadmin@cmx]# cmxctl config gateway show
CMX_CLOUD_SERVER: demo.comTo display configuration information for Cisco CMX services, use the cmxctl config get command.
cmxctl config get [analytics | cache_6378 | cache_6379 | cache_6380 | cache_6381 | cache_6382 | cache_6383 | cache_6385 | cache_6378 | cassandra | configuration | connect | database | haproxy | hyperlocation | location | matlabengine | metrics | nmsplb]
|
analytics |
Performs analytics on calculated location data. |
|
agent |
Manages Cisco CMX system lifecycle. Starts, stops, and monitors all the services running in Cisco CMX. |
|
cache_6378 |
Caches the service used by location service. |
|
cache_6379 |
Caches the service used by location service. |
|
cache_6380 |
Caches the service used by analytics service. |
|
cache_6381 |
Caches the service used by analytics service. |
|
cache_6382 |
Caches the service used by analytics service. |
|
cache_6383 |
Caches the service used by analytics service. |
|
cache_6385 |
Caches the service used by analytics service. |
|
cassandra |
Displays the cassandra database service used by the location service for historical data. |
|
configuration |
Configures nodes and clusters. |
|
connect |
Displays the connect services. |
|
database |
Displays the database service used by analytics and configuration service. |
|
haproxy |
Displays the TCP or HTTP load balancer gateway to all service APIs. |
|
hyperlocation |
Displays hyperlocation configuration. |
|
location |
Displays location service to compute location. |
|
matlabengine |
Provides access point heatmap for location service. |
|
metrics |
Collects system metrics. |
|
nmsplb |
Displays the load balancer service used for distributing Network Mobility Services Protocol (NMSP) messages to location services. |
The default command cmxctl config get displays configuration information for all supported services when executed without options.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional services were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
The following example shows how to display configuration information for the CMX analytics service.
[cmxadmin@cmx]#
cmxctl config get analytics
{
"services": {
"analytics": {
"maxdirectmemory": "1536M",
"maxnewsize": "400M",
"mem": "1536M"
}
}
}
Optionally, you can filter the results by using one of the listed configuration keywords. For example:
[cmxadmin@cmx]# cmxctl config get cassandra
{
"services": {
"cassandra": {
"keycachesize": "100",
"maxnewsize": "800M",
"mem": "4096M"
}
}
}
[root@server]$ cmxctl config get cassandra maxnewsize
{"maxnewsize": "800M"}
To show the details of the heapmap from the location service, use the cmxctl config heatmaps summary command.
cmxctl config heatmaps summary
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command should be run at the cmxadmin level.
To manage mixed mode for hyperlocation for a specified floor, use the cmxctl config hyperlocation mixmode command.
cmxctl config hyperlocation mixmode Floor ID {enable | disable}
| Floor ID |
Provides the specific floor ID. |
| enable |
Enables mixed mode support for hyperlocation for the specified floor. |
| disable |
Disables mixed mode support for hyperlocation for the specified floor. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
We recommened that you use this command in a scenario where on a single floor there are both Hyperlocation enabled AP and non Hyperlocation APs. The improved location accuracy that comes from the use of Hyperlocation AP will occur within the convex hull of the Hyperlocation APs. Outside of this convex, standard location accuracy results will occur. At the edges of the convex hull there may also be lower accuracy, when clients are at least 10M inside of the convex hull.
This command does not support the interspersion of Hyperlocation AP with non Hyperlocation AP. If this is type of deployment is used, then there will be no improvement in location over standard probe RSSI based location.
The following is an example of a supported deployment:
To import a map and Cisco Catalyst 9800 Wireless Controller from Cisco Prime Infrastructure, use the cmxctl config import command.
cmxctl config import {prime | status}
| prime |
Imports maps from Cisco Prime Infrastructure. |
| status |
Shows import status. |
None.
CMX admin user
The following example shows how to import a map and controller from Cisco Prime Infrastructure:
[cmxadmin@cmx]# cmxctl config import prime
Please enter PI ip address: x.x.x.x
Please enter PI username [root]: root
Please enter PI password [Public123]:
Import successfully started from PI x.x.x.x. Check import status using cmxctl config
import status.To manage IP security (IPSec) protocol, use the cmxctl config ipsec command.
cmxctl config ipsec {authtype | disable | enable | restart | start | status | stop}
| authtype |
Changes IPSec authentication type. |
| disable |
Disables IPSec protocol. |
| enable |
Enables IPSec protocol. |
| restart |
Restarts IPSec tunnel. |
| start |
Starts IPSec tunnel. |
| status |
Shows IPSec status. |
| stop |
Stops IPSec status. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.1 |
This command was introduced. |
The default authentication type for IPSec is “PUBKEY”/Public Key. It is set when you run the cmxctl config ipsec enable command.
The following example shows how to enable IPSec:
[cmxadmin@cmx]# cmxctl config ipsec enable
Do you want to enable IPSec? (y/n) [n]: y
IPSec is enabled and Authtype set to PUBKEY
Configuring ipsec ....
In primary
Stopping strongSwan IPsec failed: starter is not running
Starting strongSwan 5.6.2 IPsec [starter]...
IPSEC tunnel establised successfully with 192.0.2.1The following example shows how to display the status of the IPSec service:
[cmxadmin@cmx]# cmxctl config ipsec status
IPSec is enabled
IPSec Authentication Type = Public Key (Certificate)
Security Associations (1 up, 0 connecting):
rsyslog[2]: ESTABLISHED 18 seconds ago, 192.0.2.1[cisco-cmx-ova-30]...192.0.2.3[cisco-cmx-ova-32]
rsyslog{2}: INSTALLED, TUNNEL, reqid 1, ESP SPIs: c549935a_i c02aee35_o
rsyslog{2}: 192.0.2.1/32 === 192.0.2.3/32
The following example shows how to change the authentication type:
[cmxadmin@cmx]# cmxctl config ipsec authtype
Current IPSec Auth Type = PUBKEY
Do you want to change it? (y/n) [n]: y
Select IPSec Auth Type: (PUBKEY/PSK) [PUBKEY]: PSK
IPSec auth type changed to PSK.
IPSec is configured with PSK : nIXRjNrMiNzcKj7yVZ0Nod5IzxUyO9XZ
Configuring ipsec ....
In primary
Stopping strongSwan IPsec...
Starting strongSwan 5.6.2 IPsec [starter]...
Failed to establish IPSEC tunnel with 192.0.2.3 (cisco-cmx-ova-32)
The following example shows how to restart the IPSec service:
[cmxadmin@cmx]# cmxctl config ipsec restart
Starting IPSec tunnel ...
Stopping strongSwan IPsec...
Starting strongSwan 5.6.2 IPsec [starter]...
establishing CHILD_SA rsyslog{2}
generating CREATE_CHILD_SA request 2 [ N(USE_TRANSP) SA No TSi TSr ]
sending packet: from 192.0.2.1[500] to 192.0.2.3[500] (272 bytes)
received packet: from 192.0.2.3[500] to 192.0.2.1[500] (208 bytes)
parsed CREATE_CHILD_SA response 2 [ N(USE_TRANSP) SA No TSi TSr ]
CHILD_SA rsyslog{2} established with SPIs c8553144_i c727bbd3_o and TS 10.30.114.175/32 === 10.30.114.177/32
connection 'rsyslog' established successfully
IPSec tunnel established successfully
To configure login rate limit, use the cmxctl config loginrate command.
cmxctl config loginrate {disable | enable | resetall | resetuser | username | status}
| disable |
Disables login rate limit. |
| enable |
Enables login rate limit. |
| resetall |
Resets login rate details for all the users. |
| resetuser username |
Resets login rate details for a specific user. |
| status |
Displays the login rate status as enabled or disabled. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.1 |
This command was introduced. |
The following example shows how to enable login rate limit:
[cmxadmin@cmx]# cmxctl config loginrate enable
Enter the allowed number of login failure for a user per source ip [3]: 3
Enter the number of source IPs for which login failure is to be maintained [3]: 3
Enter the total allowed number of login failure for a user [10]: 10
Login rate limit enabled
The following example shows how to disable login rate limit:
[cmxadmin@cmx]# cmxctl config loginrate disable
Login rate limit is disabledThe following example shows how to reset login rate limit for a specific user:
[cmxadmin@cmx]# cmxctl config loginrate reset admin
The user details have been reset.To manage CMX access control lists (ACLs), use the cmxctl config manageacl command.
cmxctl config manageacl {add | disable | enable | status}
|
add |
Adds an access control list. |
|
disable |
Disables ACL authentication. |
|
enable |
Enables ACL authentication. |
|
status |
Displays access control list status information. |
By default, access control lists are disabled.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
When ACLs are enabled, only the servers added in the ACL will be allowed to access CMX through SSH or HTTPS.
The following example shows how to enable access control lists, and add servers to the ACL.
[cmxadmin@cmx]# cmxctl config manageacl enable
[cmxadmin@cmx]# cmxctl config manageacl add
inside aclAdd.
Enter the ip address to be added in the ACL: 168.172.12.18
Do you want to add more ip address in the ACL [Y/n]: Y
Enter the ip address to be added in the ACL: 172.19.35.122
Do you want to add more ip address in the ACL [Y/n]: n
The following example shows how to display access control list status information.
[cmxadmin@cmx]# cmxctl config manageacl status
ACL is enabled
The following ip addresses are allowed to access the CMX box.
Use add command to add the ipaddresses if the list is empty.
168.172.10.10
168.172.10.57
168.172.12.18
168.172.35.122
To set a directory path to an optional map address file, use the cmxctl config maps address command.
cmxctl config maps address --path filepath
|
‑‑path filepath |
Sets the directory path to an optional map address file. See Usage Guidelines for more information. |
None.
CMX admin user
Use the cmxctl config maps address command to access an optional map address file that you can associate with a map. This is not a necessary step for maps you create in CMX and PI, but you may have a map from another source that requires a valid address.
Note |
The first entry in each line of the map address file should be the fully-qualified name and address in Campus>Building format. For example: My Campus>My Building, 123 Road St, San Jose CA 95137.
|
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
The following example shows how to set the path to a map address file, which you can then associate with a map.
[cmxadmin@cmx]# cmxctl config maps address --path /home/cmxadmin/campusPath.csvcmxctl config maps address --path /home/cmxadmin/campusPath.csv
Now importing address for: North Campus>Building 9
Done importing addressesTo display a list of access points (APs) and their status for a specified floor, use the cmxctl config maps aplist command.
cmxctl config maps aplist [‑‑active | ‑‑inactive] floorID
|
‑‑active |
Optional. Display only the active access points (APs) on the specified floor. |
|
‑‑inactive |
Optional. Display only the inactive access points (APs) on the specified floor. |
|
floorID |
The identifying number for the floor. Use the cmxctl config maps floors command to see the Floor ID. |
All access points display for the designated floor.
CMX admin user
To see all the APs on a floor, use the cmxctl config maps aplist command without additional arguments.
To get the Floor ID for a CMX floor map, use the cmxctl config maps floors command.
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
The following example shows how to list all the APs on the Registration Floor of Bld-4.
First, use the cmxctl config maps floors command to get the Location Floor ID for the floor you want to view:
[cmxadmin@cmx]# cmxctl config maps floors+------------------------------------+--------------------+--------------------+
| Floor Name | Location Floor ID | Analytics Floor ID |
+------------------------------------+--------------------+--------------------+
| North Campus>Bld-4>Registration | 727035700041482593 | 35 |
+------------------------------------+--------------------+--------------------+
[cmxadmin@cmx]# cmxctl config maps aplist 72703570082593+---------------+-------------------+-------------------+----------------+----------+
| Name | EthMacAddress | RadioMacAddress | FloorId | Status |
+---------------+-------------------+-------------------+----------------+----------+
| CMX-AP05-7069 | None | 70:69:5a:51:48:40 | 72703570082593 | INACTIVE |
+---------------+-------------------+-------------------+----------------+----------+
| CMX-AP01-7070 | 40:01:7a:b2:c7:a2 | 70:70:8b:06:19:60 | 72703570082593 | ACTIVE |
+---------------+-------------------+-------------------+----------------+----------+
| CMX-AP02-7071 | 40:01:7a:b2:c8:86 | 70:70:8b:06:1d:e0 | 72703570082593 | ACTIVE |
+---------------+-------------------+-------------------+----------------+----------+
| CMX-AP06-7072 | 4c:77:6d:9e:61:9e | 70:69:5a:51:52:80 | 72703570082593 | ACTIVE |
+---------------+-------------------+-------------------+----------------+----------+
| CMX-AP03-7073 | 40:01:7a:b2:c7:92 | 70:70:8b:06:19:20 | 72703570082593 | ACTIVE |
+---------------+-------------------+-------------------+----------------+----------+
| CMX-AP04-7074 | 4c:77:6d:9e:61:04 | 70:69:5a:51:48:e0 | 72703570082593 | ACTIVE |
+---------------+-------------------+-------------------+----------------+----------+
To see a list of buildings for a CMX Campus or for all buildings, use the cmxctl config maps buildings command.
cmxctl config maps buildings [--campus campusname | --csv]
|
--campus |
Optional. Restricts the list of buildings to a particular campus. |
|
campusname |
The name of the campus you would like to include. |
|
--csv |
Optional. Displays the results in comma-separated values (CSV) format, which can be cut and pasted into a spreadsheet. |
Running the command without arguments will display all buildings on all campuses.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
Command options must follow the last command keyword with a space and two dashes. For example: [root@server]# command keyword ‑‑option1 ‑‑option2.
When you select the option --csv , the map information you specify is displayed in comma-separated values (CSV) format, which can be cut and pasted into a spreadsheet.
The following example shows how to display a list of all buildings, in CSV format. The output format is Campus Name > Building Name , Location Building ID , Analytics Building ID .
[cmxadmin@cmx]# cmxctl config maps buildings --csvSystem Campus>TMT,749980497668473090,18
System Campus>LCN,727001546461545854,16
System Campus>PCH,769481534004431937,15
North Campus>Newtech Building,732849996352089441,13
The following example shows how to display a list of building maps for North Campus:
[cmxadmin@cmx]# cmxctl config maps buildings --campus North Campus+------------------------------+----------------------+-----------------------+
| Building Name | Location Building ID | Analytics Building ID |
+------------------------------+----------------------+-----------------------+
| North Campus>Newtech 1 | 727001546461544629 | 48 |
+------------------------------+----------------------+-----------------------+
| North Campus>Newtech 2 | 725930212039482938 | 49 |
+------------------------------+----------------------+-----------------------+
To see a list of your CMX Campuses, use the cmxctl config maps campuses command.
cmxctl config maps campuses [--csv]
| ‑‑csv |
Optional. Displays the results in comma-separated values (CSV) format, which can be cut and pasted into a spreadsheet. |
Running the command without arguments will display all campuses in table format.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
Command options must follow the last command keyword with a space and two dashes. For example: [root@server]# command keyword ‑‑option1 ‑‑option2.
When you select the option --csv , the map information you specify is displayed in comma-separated values (CSV) format, which can be cut and pasted into a spreadsheet.
The following example shows how to display a list of campus maps:
[cmxadmin@cmx]# cmxctl config maps campuses+----------------+--------------------+---------------------+
| Campus Name | Location Campus ID | Analytics Campus ID |
+----------------+--------------------+---------------------+
| North Campus | 727001546461544473 | 14 |
+----------------+--------------------+---------------------+
| South Campus | 384920494820170003 | 15 |
+----------------+--------------------+---------------------+
If you want the campus map to be displayed in CSV format, add the --csv flag:
[cmxadmin@cmx]# cmxctl config maps campuses –-csvNorth Campus,727001546461545275,14
South Campus,384920494820170003,15
To delete a map, or all maps in your CMX network, use the cmxctl config maps delete command.
cmxctl config maps delete [--name mapname | --all]
|
--name |
Optional. Deletes a specific map. |
|
mapname |
The name of the map you want to delete. |
|
--all |
Optional. Deletes all CMX maps. |
The default for all delete options are not to confirm the delete.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
For all cmxctl config maps delete command options, you are asked to confirm the deletion.
If you enter the cmxctl config maps delete command without optional flags, you are asked to provide the map heirarchy in campus-name>building-name>floor-name format.
Please enter the hierarchy to be deleted (campus-name>building-name>floor-name):This example shows how to delete the Newtech 1 Security floor in North Campus:
[cmxadmin@cmx]# cmxctl config maps delete
Please enter the hierarchy to be deleted (campus-name>building-name>floor-name):
North Campus>Newtech 1>Security
map deleted.
This example shows how to delete the map named NorthCampus.
[cmxadmin@cmx]# cmxctl config maps delete --name NorthCampus
Confirm delete hierarchy: NorthCampus ? [y/N]: y
Map deleted.
To list the floor maps in a selected campus, building, or all floors, use the cmxctl config maps floors command.
cmxctl config maps floors [‑‑campus mapname ‑‑building mapname --csv]
|
--campus |
Optional. Restricts the list of floors to a particular campus. |
|
mapname |
The name of the campus you would like to include. |
|
--building |
Optional. Restricts the list of floors to a particular building. |
|
mapname |
The name of the building you would like to include. |
|
--csv |
Optional. Displays the results in comma-separated values (CSV) format, which can be cut and pasted into a spreadsheet. |
None.
CMX admin user
Command options must follow the last command keyword with a space and two dashes. For example: [cmxadmin@server]# command keywords ‑‑option1 ‑‑option2.
When you select the option --csv , the map information you specify is displayed in comma-separated values (CSV) format, which can be cut and pasted into a spreadsheet.
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
The following example shows how to display a list of floor maps for North Campus, building A9:
[cmxadmin@cmx]# cmxctl config maps floors --campus North Campus ‑‑building A9
+----------------------------------+--------------------+--------------------+
| Floor Name | Location Floor ID | Analytics Floor ID |
+----------------------------------+--------------------+--------------------+
| North Campus>A9>Main Floor | 615446507270015464 | 16 |
+----------------------------------+--------------------+--------------------+
| North Campus>A9>Lab Floor | 727001546461544650 | 17 |
+----------------------------------+--------------------+--------------------+
| North Campus>A9>Offices Floor | 615447265700154640 | 18 |
+----------------------------------+--------------------+--------------------+
To import CMX location maps, use the cmxctl config maps import command.
cmxctl config maps import ‑‑type {PI | FILE} ‑‑path importpath ‑‑override {yes | no} ‑‑importzones {yes | no}
|
‑‑type {PI | FILE} |
Identifies the source of the map you want to import.
|
|
‑‑path importpath |
Designates the path to the map you want to import. |
|
‑‑override {yes | no} |
Resolves how the import should handle duplicate map names:
|
|
‑‑importzones {yes | no} |
This option resolves how the import should handle duplicate zone names:
|
None.
CMX admin user
When CMX accepts your request to import a map from Cisco Prime Infrastructure, you are prompted to answer the following questions.
The defaults are in [brackets].
Please enter PI ip address:
Please enter PI username [root]:
Please enter PI password [Public123]:
When the ‑‑override or ‑‑importzones options are set to yes, existing maps or zones with the same names will be overwritten by the import. If you select no, the import will fail if there are conflicting map or zone names. You will need to resolve the conflict by changing the name and importing it again.
Starting from Cisco CMX Release 10.3.1, you must provide the full (absolute) path to the tar file when using the cmxctl config maps import command. For example:
/opt/cmx/srv/floormaps/Importfile.tar.gz .Command options must follow the last command keyword with a space and two dashes. For example: [cmxadmin@server]# command keyword ‑‑option1 ‑‑option2.
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.1 |
The import keyword was modified. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
The following example shows how to import a map, overwriting any existing maps or zones with the same name:
[cmxadmin@cmx]# cmxctl config maps import ‑‑type PI ‑‑path
/opt/Import_fdff5788ad650.tar.gz ‑‑override yes ‑‑importzones yesPlease enter PI ip address: 168.172.206.3
Please enter PI username [root]: root
Please enter PI password [Public123]: ********
Import successfully started from PI 168.172.206.3.
When CMX floor map images occasionally become misaligned, use the cmxctl config maps reprocessimage command to realign them.
cmxctl config maps reprocessimage ‑‑imagename imagename
|
‑‑imagename |
Identify the image needing reprocessing. |
|
imagename |
The name of the image you would like to reprocess. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
Sometimes maps can become misaligned. When this happens, the cmxctl config maps reprocess image command reprocesses the image and realigns the map.
The default folder path for CMX maps is /opt/cmx/srv/floormaps.
The following example shows how to reprocess floor tile images when they become misaligned:
[cmxadmin@cmx]# cmxctl config maps reprocessimage --imagename domain_2_147753.pngFile domain_2_147753.png exists in /opt/cmx/srv/floormaps. Proceeding...
Image processing job submitted for domain_2_147753.png.
To list the floor maps in a selected campus, building, or all floors, use the cmxctl config maps floors command.
cmxctl config maps zones [‑‑campus mapname ‑‑building mapname ‑‑csv]
|
--campus |
Optional. Restricts the list of floors to a particular campus. |
|
mapname |
The name of the campus you would like to include. |
|
--building |
Optional. Restricts the list of floors to a particular building. |
|
mapname |
The name of the building you would like to include. |
|
--csv |
Optional. Displays the results in comma-separated values (CSV) format, which can be cut and pasted into a spreadsheet. |
All zones display when the command is run without options.
CMX admin user
Command options must follow the last command keyword with a space and two dashes. For example: [root@server]# command keywords ‑‑option1 ‑‑option2.
When you select the option --csv , the map information you specify is displayed in comma-separated values (CSV) format, which can be cut and pasted into a spreadsheet.
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional keywords were documented. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
The following example shows how to display a list of zones for North Campus Bld-4:
[cmxadmin@cmx]# cmxctl config maps floors --campus North Campus building Bld-4[cmxadmin@cmx]# cmxctl config maps zones
+------------------------------------+-----------+-------------------+
| Floor Name | Zone Name | Analytics Zone ID |
+------------------------------------+-----------+-------------------+
| North Campus>Bld-4>1st Floor | NOC | 376 |
+------------------------------------+-----------+-------------------+
| North Campus>Bld-4>1st Floor | School | 375 |
+------------------------------------+-----------+-------------------+
To manage qlesspyworker, use the cmxctl config qlesspyworker command.
cmxctl config qlesspyworker cleanRedis
| cleanRedis |
Removes stale and invalid qlesspyworker history data. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
This command was introduced. |
[cmxadmin@cmx]# cmxctl config qlesspyworker cleanRedis
QlessHistoryCleanupTask started
Deleted 0 qless-job-history records that were idle for 1209600 seconds.
Found 0 SMA-job records, deleted all.
QlessHistoryCleanupTask completedTo forcefully generate a configuration file, use the cmxctl config reload command.
cmxctl config reload
None
The following example shows how to forcefully generate a configuration file:
[cmxadmin@cmx]# cmxctl config reload
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: WARNING Skipping confd config file.
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/analytics.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/cassandra/cassandra-env.sh in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/cassandra/cassandra.yaml in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/collectd.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/configuration.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/connect.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/halo.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/haproxy.cfg in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/influxdb.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/location.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/matlabengine.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/nmsplb.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/nmspproxy.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/postgresql.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/redis_6379.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/redis_6380.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: INFO Target config
/opt/cmx/etc/redis_6381.conf in sync
2015-03-10T17:45:50Z cmx-vmdev117 -verbose[17174]: ERROR template:
redis.template.conf:15:20: executing "redis.template.conf" at <getv ($tag | printf ...>:
error calling getv: key does not existTo set the timeout for maintaining RFID tags in Cisco CMX, use the cmxctl config rfid timeout command.
cmxctl config rfid timeout {get | | set value}
| get |
Displays the timeout value. |
| set value |
Sets the timeout value that Cisco CMX maintains RFID tags before expiring them. The time range is 60 to 10800 seconds. The default value is 300 seconds. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3.1 |
This command was introduced. |
We recommend that you set the RFID tag timeout value below 600 seconds. An ideal RFID tag timeout value is 300 seconds. The RFID timeout must be set to a range between 60 - 600 seconds irrespective of your longest RFID tag's chirp interval.
The following example shows how to set the timeout for RFID tags, and then verify the setting:
[cmxadmin@cmx]# cmxctl config rfid timeout set
Need to include a timeout within 60 to 10800 seconds
[cmxadmin@server]# cmxctl config rfid timeout set 300
[cmxadmin@server]# cmxctl config rfid timeout get
300 seconds To set a config key for a Cisco CMX service, use the cmxctl config set command.
cmxctl config set {analytics | cache_6378 | cache_6379 | cache_6380 | cache_6381 | cache_6382 | cache_6383 | cache_6385 | cache_6378 | cassandra | configuration | connect | database | haproxy | hyperlocation | location | matlabengine | metrics | nmsplb}
|
analytics |
Performs analytics on calculated location data. |
|
agent |
Manages Cisco CMX system lifecycle. Starts, stops, and monitors all the services running in Cisco CMX. |
|
cache_6378 |
Caches the service used by location service. |
|
cache_6379 |
Caches the service used by location service. |
|
cache_6380 |
Caches the service used by analytics service. |
|
cache_6381 |
Caches the service used by analytics service. |
|
cache_6382 |
Caches the service used by analytics service. |
|
cache_6383 |
Caches the service used by analytics service. |
|
cache_6385 |
Caches the service used by analytics service. |
|
cassandra |
Enables cassandra database service used by the location service for historical data. |
|
configuration |
Configures nodes and clusters. |
|
connect |
Enables connect services. |
|
database |
Enables the database service used by analytics and configuration service. |
|
haproxy |
Enables the TCP or HTTP load balancer gateway to all service APIs. |
|
hyperlocation |
Enables hyperlocation. |
|
location |
Enables location service to compute location. |
|
matlabengine |
Provides access point heatmap for location service. |
|
metrics |
Collects system metrics. |
|
nmsplb |
Enables the load balancer service used for distributing Network Mobility Services Protocol (NMSP) messages to location services. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
Additional options were documented. |
|
Cisco CMX Release 10.4 |
This command was introduced. |
This example shows how to generate a key for the service location .
[cmxadmin@cmx]# cmxctl config set location key 2512
{"key": "2512"}
Change will take effect on service restart.
Restart the service.
[cmxadmin@cmx]# cmxctl restart location
Done
The nodeagent service is currently running with PID: 3299
Attempting to restart Location
............
Service Location has successfully restarted
To verify the key, use the cmxctl config get location command:
[cmxadmin@cmx]# cmxctl config get location
{
"services": {
"location": {
"key": "2512",
"maxdirectmemory": "1536M",
"maxnewsize": "800M",
"mem": "6144M"
}
}
}
To enable Smart License in Cisco CMX, use the cmxctl config smartlicense enable command.
cmxctl config smartlicense enable
This command has no arguments or keywords.
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
A Cisco Smart account is mandatory to enable smart license. Once enabled, you cannot disable smart license.
The following example shows how to enable smart license:
[cmxadmin@server]# cmxctl config smartlicense enable
Once Smart License is Enabled, It cannot be disabled ! ! !
To use Smart License, you must first setup a Cisco Smart Account
Prerequisite: Please make sure you have smart account enabled before proceeding.
Do you want to Enable Smart License [yes/no] ? [yes] :
To register Cisco CMX product instance with smart acccount, use the cmxctl config smartlicense register command.
cmxctl config smartlicense register
This command has no arguments or keywords.
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Use the product instance registration token ID from CSSM tool to register product instance.
The following example shows how to register product instance:
[cmxadmin@server]# cmxctl config smartlicense register
Copy the product instance registration Token Id from CSSM tool and paste it below
Please Enter Token Id : XYZ
Do you want to use your Hostname as Product instance Name [yes/no] ? [no]: yes
Registration started with Token Id : XYZ
Registration is in progress ...
Product Instance Registered Successfully
To check the smart license status of Cisco CMX, use the cmxctl config smartlicense status command.
cmxctl config smartlicense status
This command has no arguments or keywords.
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Use this command to check the license compliance status and smart account details.
The following example shows how to check smart license status:
[cmxadmin@server]# cmxctl config smartlicense status
Registration Status : Registered
Registration Date : Thu Oct 22 00:15:58 PDT 2020
License Compliance : Out of Compliance
Out of Compliance Start Date : Thu Oct 22 00:16:01 PDT 2020
Smart Account Name : InternalTestDemoAccount.cisco.com
Virtual Account : CMX_Test
Product Instance Name : CMX Virtual Platform
Is Authorization Failed : False
To renew authorization manually, use the cmxctl config smartlicense renewauthorization command.
This command has no arguments or keywords.
cmxctl config smartlicense renewauthorization
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Use this command to manually renew the authorization of Smart License in Cisco CMX by communicating with CSSM.
The following example shows how to renew authorization manually:
[cmxadmin@server]# cmxctl config smartlicense renewauthorization
Do you want to Renew Authorization Manually [yes/no] ? [no]: yes
Authorization Renewal is in progress ..-
Product Authorization Renewed Successfully
To renew Cisco CMX product registartion manually, use the cmxctl config smartlicense renewregistration command.
cmxctl config smartlicense renewregistration
This command has no arguments or keywords.
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Use this command to manually renew the registration ID and certificate with CSSM. This is optional as Cisco CMX automatically does this from backend.
The following example shows how to renew product registration manually:
[cmxadmin@server]# cmxctl config smartlicense renewregistration
Do you want to Renew Registration Manually [yes/no] ? [no] : yes
Registration Renewal is in progress ...
Product Registration Renewed Successfully
To re-register Cisco CMX product instance manually, use the cmxctl config smartlicense reregister command.
cmxctl config smartlicense reregister
This command has no arguments or keywords.
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Use this command to perform a forceful re-registration to override any existing registered instances. This deletes previously reported data in the Smart Account related to that particular instance.
The following example shows how to re-register product instance:
[cmxadmin@server]# cmxctl config smartlicense reregister
Re-register will override existing registered instance if any
Existing data like Reported license,Count etc. if any will be lost from Smart Account
Do you want to Re-register product instance Manually [yes/no] ? [no]: yes
Copy the product instance registration Token Id from CSSM tool and paste it below
Please Enter Token Id : XYZ
Do you want to use your Hostname as Product Instance Name [yes/no] ? [no]: yes
Re-registration started with Token Id : XYZ
Re-registration is in progress ...
Product Instance Re-registered Successfully
To deregister product instance manually, use the cmxctl config smartlicense deregister command.
cmxctl config smartlicense deregister
This command has no arguments or keywords.
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Use this command to deregister Cisco CMX product instance from CSSM.
The following example shows how to deregister product instance:
[cmxadmin@server]# cmxctl config smartlicense deregister
Do you want to de-register this product instance [yes/no] ? [no] : yes
fee-registration is in progress ...
Product Instance De-registered Successfully
To configure secondary UDI on Cisco CMX primary for a High Availability setup, use the cmxctl config smartlicense secondaryudi command.
cmxctl config smartlicense secondaryudi
This command has no arguments or keywords.
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Use the secindary UDI and serial number to configure secondary UDI in Cisco CMX primary setup.
The following example shows how to configure secondary UDI:
[cmxadmin@server]# cmxctl config smartlicense secondaryudi
Please enter secondary’s UDI : VMware Virtual Platform
Please enter secondary’s serial number : 123ABC-XXX-YYY
To configure system uptime threshold, use the cmxctl config uptimethreshold command.
cmxctl config uptimethreshold { getthresholddays | setthresholddays value }
| getthresholddays |
Displays uptime threshold in days to generate an alert. |
| setthresholddays value |
Sets uptime threshold, in days, to generate an alert. The default setting for system uptime threshold is 90 days. The valid range is 1 to 365 days. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Use this command to configure a threshold for system uptime. An alert is generated when the system uptime crosses the configured threshold value.
The following example shows how to set the system uptime threshold:
[cmxadmin@cmx]# cmxctl config uptimethreshold setthresholddays
Days after which alerts gets generated [1-365] [90]: 100
Changed the Threshold Days Setting for System Uptime Successfully.To verify the Cisco Connected Mobile Experiences (Cisco CMX) installation and configuration, use the cmxctl config verify command.
cmxctl config verify
None.
CMX admin user
The following example shows how to verify the Cisco CMX installation and configuration:
[cmxadmin@cmx]# cmxctl config verify
Verifying node configuration...
NetworkManager: unrecognized service
Consul v0.4.1
Consul Protocol: 2 (Understands back to: 1)
confd 0.6.0
+-----------------+--------------------------------+------------+-------------------------+
| module | check | passed | msg
|
+=================+================================+============+========================+
| netman_stopped | NetworkManager service is not | Success |
|
| | running | |
|
+-----------------+--------------------------------+------------+-------------------------
--+
| matlabengine | http://matlabengine.service.co | Failed | check the log files
under |
| | nsul:5577/api/services/matlabe | | /opt/cmx/var/log
|
| | ngine/status | |
|
+-----------------+--------------------------------+------------+-------------------------+
| database | connect to database port:5432 | Success |
|
+-----------------+--------------------------------+------------+-------------------------+
| consul_dns | 127.0.0.1 (consul) is present | Success |
|
| | as dns server in | |
|
| | /etc/resolv.conf | |
|
+-----------------+--------------------------------+------------+-------------------------
--+
| etchost_hacks | consul service hostnames not | Success |
|
| | static in /etc/hosts | |
|
+-----------------+--------------------------------+------------+-------------------------+
| analytics | http://analytics.service.consu | Failed | check the log files
under |
| | l:5556/api/services/analytics/ | | /opt/cmx/var/log
|
| | status | |
|
+-----------------+--------------------------------+------------+-------------------------+
| hostname_ping | ping to hostname:cmx-master-1 | Success |
|
+-----------------+--------------------------------+------------+-------------------------
--+
| location | http://location.service.consul | Failed | check the log files
under |
| | :5555/api/services/location/st | | /opt/cmx/var/log
|
| | atus | |
|
+-----------------+--------------------------------+------------+-------------------------
--+
| confd_installed | Confd is installed | Success |
|
+-----------------+--------------------------------+------------+-------------------------+
| consul_installe | Consul is installed | Success |
|
| d | | |
|
+-----------------+--------------------------------+------------+-------------------------
--+
| nmsplb | http://nmsplb.service.consul:6 | Failed | check the log files
under |
| | 001/api/services/nmsplb/status | | /opt/cmx/var/log
|
+-----------------+--------------------------------+------------+-------------------------+
| configuration | http://configuration.service.c | Failed | check the log files
under |
| | onsul:6000/api/services/config | | /opt/cmx/var/log
|
| | uration/status | |
|
+-----------------+--------------------------------+------------+-------------------------+
| cassandra | connect to cassandra port:9042 | Success |
|
+-----------------+--------------------------------+------------+-------------------------+To create a debug tarball in the current directory, use the cmxctl debug command.
cmxctl debug
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command is depreciated. |
The debug tarball that is created will be approximately 300 MB in size, and takes at 90 seconds to complete. This command should to be run using the cmxadmin (non-root) account. This commnd is depreciated in Cisco CMX release 10.4 and we recommend that you use cmxos techsupport command.
The following example shows how to create a debug tarball in the current directory:
[cmxadmin@cmx]# cmxctl debug
running locally
Dumping debug information...
[localhost] Executing task 'dump_config'
cp: cannot stat `/opt/cmx/share/upgrade.answers': No such file or directory
[localhost] Executing task 'dump_state'
running 'ps aux'
running 'ifconfig -a'
running 'cmxctl status'
running 'ulimit -a'
running 'ps -u root,postgres -o %cpu,%mem,cmd'
running 'netstat -o -n -a'
running 'df -h'
running 'ntpdate -d 172.19.28.250'
running 'consul members'
[localhost] Executing task 'dump_apis'
getting /api/config/v1/clusters
getting /api/config/v1/nodes
[localhost] Executing task 'dump_hosts'
pinging configuration.service.consul
pinging location.service.consul
pinging 6379.cache.service.consul
pinging 6380.cache.service.consul
pinging 6381.cache.service.consul
pinging database.service.consul
pinging analytics.service.consul
pinging halo.service.consul
Done.To disable a service, use the cmxctl disable command.
cmxctl disable {consul | qlesspyworker | cassandra | iodocs | cache_6382 | cache_6383 | cache_6380 | cache_6381 | cache_6384 | cache_6385 | influxdb | metrics | confd | cache_6379 | cache_6378 | haproxy | database | analytics | connect | gateway | location | configuration | matlabengine | hyperlocation | nmsplb | agent }
| analytics |
Performs analytics on calculated location data. |
| agent |
Manages Cisco CMX system lifecycle. starts, stops, and monitors all the services running in Cisco CMX. |
| cache_6378 |
Caches the service used by location service. |
| cache_6379 |
Caches the service used by location service. |
| cache_6380 |
Caches the service used by analytics service. |
| cache_6381 |
Caches the service used by analytics service. |
| cache_6382 |
Caches the service used by analytics service. |
| cache_6383 |
Caches the service used by analytics service. |
| cache_6385 |
Caches the service used by analytics service. |
| cassandra |
Enables cassandra database service used by the location service for historical data. |
| confd |
Internal service. |
| configuration |
Configures nodes and clusters. |
| connect |
Enables connect services. |
| consul |
Internal service. |
| database |
Enables the database service used by analytics and configuration service. |
| haproxy |
Enables the TCP or HTTP load balancer gateway to all service APIs. |
| hyperlocation |
Enables hyperlocation. |
| location |
Enables location service to compute location. |
| matlabengine |
Provides access point heatmap for location service. |
| metrics |
Collects system metrics. |
| nmsplb |
Enables the load balancer service used for distributing Network Mobility Services Protocol (NMSP) messages to location services. |
| influxdb |
Enables database services used for storing statistics from various services. |
| iodocs |
Enables online document service for REST API offered by various services. |
| qlesspyworker |
Internal service. |
| gateway |
Enables gateway services that establishes secure bidirectional communication with Cisco CMX Cloud applications. |
None
CMX admin user
The following example shows how to disable the cassandra database service:
[cmxadmin@cmx]# cmxctl disable cassandra
Done
The nodeagent service is currently running with PID: 31776
Stopping cassandra process...
Done
Successfully shutdown cassandra Process.To create a configuration tarball in the current directory, use the cmxctl dump command.
cmxctl dump
None
CMX admin user
The following example shows how to create a configuration tarball in the current directory:
[cmxadmin@cmx]# cmxctl dump
running locally
Dumping configuration information...
[localhost] Executing task 'dump_config'
Done.To enable a service, use the cmxctl enable command.
cmxctl enable {consul | qlesspyworker | cassandra | iodocs | cache_6382 | cache_6383 | cache_6380 | cache_6381 | cache_6384 | cache_6385 | influxdb | metrics | confd | cache_6379 | cache_6378 | haproxy | database | analytics | connect | gateway | location | configuration | matlabengine | hyperlocation | nmsplb | agent }
| analytics |
Performs analytics on calculated location data. |
| agent |
Manages Cisco CMX system lifecycle. starts, stops, and monitors all the services running in Cisco CMX. |
| cache_6378 |
Caches the service used by location service. |
| cache_6379 |
Caches the service used by location service. |
| cache_6380 |
Caches the service used by analytics service. |
| cache_6381 |
Caches the service used by analytics service. |
| cache_6382 |
Caches the service used by analytics service. |
| cache_6383 |
Caches the service used by analytics service. |
|
cache_6384 |
Caches the service used by analytics service. |
| cache_6385 |
Caches the service used by analytics service. |
| cassandra |
Enables cassandra database service used by the location service for historical data. |
| confd |
Internal service. |
| configuration |
Configures nodes and clusters. |
| connect |
Enables connect services. |
| consul |
Internal service. |
| database |
Enables the database service used by analytics and configuration service. |
| haproxy |
Enables the TCP or HTTP load balancer gateway to all service APIs. |
| hyperlocation |
Enables hyperlocation. |
| location |
Enables location service to compute location. |
| matlabengine |
Provides access point heatmap for location service. |
| metrics |
Collects system metrics. |
| nmsplb |
Enables the load balancer service used for distributing Network Mobility Services Protocol (NMSP) messages to location services. |
| influxdb |
Enables database services used for storing statistics from various services. |
| iodocs |
Enables online document service for REST API offered by various services. |
| qlesspyworker |
Internal service. |
| gateway |
Enables gateway services that establishes secure bidirectional communication with Cisco CMX Cloud applications. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced in a release prior to Cisco CMX Release 10.6. |
The following example shows how to enable analytics service:
[cmxadmin@cmx]# cmxctl enable analytics
The nodeagent service is not running.
Agent is not running, starting it now.
Starting nodeagent Process...
Retrying..
Done
Started nodeagent service with PID: 31027To manage the deployment hierarchy, use the cmxctl heterarchy command.
cmxctl heterarchy {backup | rebuild | repair | restore | retire | verify}
| backup |
Backs up the deployment hierarchy. |
| rebuild |
Rebuilds the deployment hierarchy. |
| repair |
Repairs the deployment hierarchy. |
| restore |
Restores the deployment hierarchy. |
| retire |
Retires the deployment hierarchy. |
| verify |
Verifies the deployment hierarchy. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
The following example shows how to verify the heterarchy:
[cmxadmin@cmx]# cmxctl heterarchy verify
Verifying heterarchy...
Checking user levels
Heterarchy is healthy.
To wipe the influx database, use the cmxctl influxdb wipe --silent command.
cmxctl influxdb wipe --silent
| silent | Silently wipe the influx database |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3 |
This command was introduced. |
The following example shows how to wipe the influx database:
[cmxadmin@cmx]# cmxctl influxdb wipe
This command will wipe the Influx database. All system metric data will be erased.
Do you want to continue?: y
Stopping influxdb Process...
executing shutdown
Retrying..
Retrying...
Retrying....
Done
Successfully shutdown influxdb Process.
Cleaning Influx database directories
Configuring InfluxDBTo configure recurring background jobs, use the cmxctl jobs command.
cmxctl jobs { cancel | jobname | list | run | jobname | runnow | jobname}
| cancel jobname |
Cancels a scheduled job. |
| list |
Lists all the scheduled jobs. |
| run jobname |
Runs a job at a specified time. |
| runnow jobname |
Triggers a one-time run of the job. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
The Apache Cassandra database stores location history data. Pruning should be performed to maintain disk usage. Cisco CMX 10.2 introduces the option to prune database size. The default disk-pruning task runs at an interval of 90 days. You can also use the cmxctl jobs runnow cleanupcassandra command to run an on-demand job of cleaning up the Cassandra database, which is a normal scheduled task that runs once every two days.
The following example shows how to run a background job:
[cmxadmin@cmx]# cmxctl jobs run LocationIndexCleanup
submitted the job, verify using cmxctl jobs list.To generate notification metrics for a Cisco Connected Mobile Experiences (Cisco CMX) file, use the cmxctl metrics notification command.
cmxctl metrics notification
None
CMX admin user
The notification keyword provides metrics for notification.
The following example shows how to generate metrics for a Cisco CMX file:
[cmxadmin@cmx]# cmxctl metrics notification
+--------------------------------+------------+------------+-----------------+------------+
| EndPoint | Success | Failure | SuccessRate |
FailureRate |
+================================+============+============+=================+===========+
+--------------------------------+------------+------------+-----------------+------------+To manage node installation, use the cmxctl node command.
cmxctl node { sslmode | {enable | | {--key key-file-location | | --pem pem-file-location} | disable}}
| sslmode |
Enables or disables Secure Sockets Layer (SSL). |
| enable |
Enables Secure Sockets Layer (SSL). |
|
--key key-file-location |
Location of the SSL key file. |
|
--pem pem-file-location |
Location of the SSL pem file. |
| disable |
Disables Secure Sockets Layer (SSL). |
None.
CMX admin user
[cmxadmin@cmx]# cmxctl node sslmode enable --pem /home/cmxadmin/cert.pem --key
/home/cmxadmin/host.key| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3.1 |
This command was modified. The sslmode enable keyword was modified. |
|
Cisco CMX Release 10.3.0 |
This command was introduced. |
The following example shows how to manage node installation:
[cmxadmin@cmx]# cmxctl node sslmode enable --pem <pem-file-location> --key <key-file-location>
enabling ssl
ssl enabledTo restart a Cisco Connected Mobile Experiences (Cisco CMX) service, use the cmxctl restart command.
cmxctl restart {consul | qlesspyworker | cassandra | iodocs | cache_6382 | cache_6383 | cache_6380 | cache_6381 | cache_6384 | cache_6385 | influxdb | metrics | confd | cache_6379 | cache_6378 | haproxy | database | analytics | connect | gateway | location | configuration | matlabengine | hyperlocation | nmsplb | agent }
| analytics |
Performs analytics on calculated location data. |
| agent |
Manages Cisco CMX system lifecycle. Starts, stops, and monitors all the services running in Cisco CMX. |
| cache_6378 |
Caches the service used by location service. |
| cache_6379 |
Caches the service used by location service. |
| cache_6380 |
Caches the service used by analytics service. |
| cache_6381 |
Caches the service used by analytics service. |
| cache_6382 |
Caches the service used by analytics service. |
| cache_6383 |
Caches the service used by analytics service. |
| cache_6385 |
Caches the service used by analytics service. |
| cassandra |
Enables cassandra database service used by the location service for historical data. |
| confd |
Internal service. |
| configuration |
Configures nodes and clusters. |
| connect |
Enables connect services. |
| consul |
Internal service. |
| database |
Enables the database service used by analytics and configuration service. |
| haproxy |
Enables the TCP or HTTP load balancer gateway to all service APIs. |
| hyperlocation |
Enables hyperlocation. |
| location |
Enables location service to compute location. |
| matlabengine |
Provides access point heatmap for location service. |
| metrics |
Collects system metrics. |
| nmsplb |
Enables the load balancer service used for distributing Network Mobility Services Protocol (NMSP) messages to location services. |
| influxdb |
Enables database services used for storing statistics from various services. |
| iodocs |
Enables online document service for REST API offered by various services. |
| qlesspyworker |
Internal service. |
| gateway |
Enables gateway services that establishes secure bidirectional communication with Cisco CMX Cloud applications. |
None
CMX admin user
The following example shows how to restart a Cisco CMX service:
[cmxadmin@cmx]# cmxctl restart database
Done
The nodeagent service is currently running with PID: 16718
Stopping postgres Process...
Successfully shutdown postgres Process.
Starting postgres Process...
Done
Started postgres service with PID: 25702
Exception while notifying CETo generate the jstack for a java service, use the cmxctl stack command.
cmxctl stack {cmx_service}
| cmx_service |
Lists all Cisco CMX services. The services include: location, analytics, configuration, matlabengine, and nmsplb. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
To start a Cisco Connected Mobile Experiences (Cisco CMX) service, use the cmxctl start command.
cmxctl start {consul | qlesspyworker | cassandra | iodocs | cache_6382 | cache_6383 | cache_6380 | cache_6381 | cache_6384 | cache_6385 | influxdb | metrics | confd | cache_6379 | cache_6378 | haproxy | database | analytics | connect | gateway | location | configuration | matlabengine | hyperlocation | nmsplb | agent }
| analytics |
Performs analytics on calculated location data. |
| agent |
Manages Cisco CMX system lifecycle. starts, stops, and monitors all the services running in Cisco CMX. |
| cache_6378 |
Caches the service used by location service. |
| cache_6379 |
Caches the service used by location service. |
| cache_6380 |
Caches the service used by analytics service. |
| cache_6381 |
Caches the service used by analytics service. |
| cache_6382 |
Caches the service used by analytics service. |
| cache_6383 |
Caches the service used by analytics service. |
| cache_6385 |
Caches the service used by analytics service. |
| cassandra |
Enables cassandra database service used by the location service for historical data. |
| confd |
Internal service. |
| configuration |
Configures nodes and clusters. |
| connect |
Enables connect services. |
| consul |
Internal service. |
| database |
Enables the database service used by analytics and configuration service. |
| haproxy |
Enables the TCP or HTTP load balancer gateway to all service APIs. |
| hyperlocation |
Enables hyperlocation. |
| location |
Enables location service to compute location. |
| matlabengine |
Provides access point heatmap for location service. |
| metrics |
Collects system metrics. |
| nmsplb |
Enables the load balancer service used for distributing Network Mobility Services Protocol (NMSP) messages to location services. |
| influxdb |
Enables database services used for storing statistics from various services. |
| iodocs |
Enables online document service for REST API offered by various services. |
| qlesspyworker |
Internal service. |
| gateway |
Enables gateway services that establishes secure bidirectional communication with Cisco CMX Cloud applications. |
None
CMX admin user
The following example shows how to display the status for the consul service:
[cmxadmin@cmx]# cmxctl start consul
Done
The nodeagent service is currently running with PID: 16718
Done
The analytics service is already running with pid: 1099
Done
Exception while notifying CE
Done
The location service is already running with pid: 16005
Done
Exception while notifying CE
Done
The configuration service is already running with pid: 16165
Done
Exception while notifying CE
Done
The matlabengine service is already running with pid: 1251
Done
Exception while notifying CE
Done
The nmsplb service is already running with pid: 1377
Done
Exception while notifying CETo view the status of one or all Cisco Connected Mobile Experiences (Cisco CMX) services, use the cmxctl status command.
cmxctl status { analytics | agent | cache_6378 | cache_6379 | cache_6380 | cache_6381 | cache_6382 | cache_6383 | cache_6385 | cassandra | configuration | confd | consul | database | haproxy | location | matlabengine | metrics | nmsplb | influxdb | iodocs | qlesspyworker }
| analytics |
Performs analytics on calculated location data. |
| agent |
Manages Cisco CMX system lifecycle. starts, stops, and monitors all the services running in Cisco CMX. |
| cache_6378 |
Caches the service used by location service. |
| cache_6379 |
Caches the service used by location service. |
| cache_6380 |
Caches the service used by analytics service. |
| cache_6381 |
Caches the service used by analytics service. |
| cache_6382 |
Caches the service used by analytics service. |
| cache_6383 |
Caches the service used by analytics service. |
| cache_6385 |
Caches the service used by analytics service. |
| cassandra |
Enables cassandra database service used by the location service for historical data. |
| confd |
Internal service. |
| configuration |
Configures nodes and clusters. |
| connect |
Enables connect services. |
| consul |
Internal service. |
| database |
Enables the database service used by analytics and configuration service. |
| haproxy |
Enables the TCP or HTTP load balancer gateway to all service APIs. |
| hyperlocation |
Enables hyperlocation. |
| location |
Enables location service to compute location. |
| matlabengine |
Provides access point heatmap for location service. |
| metrics |
Collects system metrics. |
| nmsplb |
Enables the load balancer service used for distributing Network Mobility Services Protocol (NMSP) messages to location services. |
| influxdb |
Enables database services used for storing statistics from various services. |
| iodocs |
Enables online document service for REST API offered by various services. |
| qlesspyworker |
Internal service. |
| gateway |
Enables gateway services that establishes secure bidirectional communication with Cisco CMX Cloud applications. |
None.
CMX admin user
After installing the ISO file on the Cisco MSE 3355 or 3365, use the cmxctl status command to check if the CMX services are running. If they are not running, use the cmxctl start command.
The following example shows how to display the status for the consul service:
[cmxadmin@cmx]# cmxctl status consul
Done
The nodeagent service is currently running with PID: 6190
+----------------+---------------+---------+----------------+
| Host | Service | Status | Uptime (HH:mm) |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Analytics | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Cache_6378 | Running | 5 days, 05:52 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Cache_6379 | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Cache_6380 | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Cache_6381 | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Cache_6382 | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Cache_6383 | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Cache_6385 | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Cassandra | Running | 5 days, 05:51 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Confd | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Configuration | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Connect | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Consul | Running | 5 days, 05:52 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Database | Running | 5 days, 05:52 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Haproxy | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Hyperlocation | Running | 5 days, 05:47 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Influxdb | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Iodocs | Running | 5 days, 05:50 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Location | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Matlabengine | Running | 5 days, 05:48 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Metrics | Running | 5 days, 05:49 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Nmsplb | Running | 5 days, 05:47 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | Qlesspyworker | Running | 5 days, 05:50 |
+----------------+---------------+---------+----------------+
| CMX-LowEnd-200 | gateway | Running | 5 days, 05:50 |
+----------------+---------------+---------+----------------+To shut down a Cisco Connected Mobile Experiences (Cisco CMX) service, use the cmxctl stop command.
cmxctl stop { analytics | agent | cache_6378 | cache_6379 | cache_6380 | cache_6381 | cache_6382 | cache_6383 | cache_6385 | cassandra | configuration | confd | consul | database | haproxy | location | matlabengine | metrics | nmsplb | influxdb | iodocs | qlesspyworker }
| analytics |
Performs analytics on calculated location data. |
| agent |
Manages Cisco CMX system lifecycle. starts, stops, and monitors all the services running in Cisco CMX. |
| cache_6378 |
Caches the service used by location service. |
| cache_6379 |
Caches the service used by location service. |
| cache_6380 |
Caches the service used by analytics service. |
| cache_6381 |
Caches the service used by analytics service. |
| cache_6382 |
Caches the service used by analytics service. |
| cache_6383 |
Caches the service used by analytics service. |
| cache_6385 |
Caches the service used by analytics service. |
| cassandra |
Enables cassandra database service used by the location service for historical data. |
| confd |
Internal service. |
| configuration |
Configures nodes and clusters. |
| connect |
Enables connect services. |
| consul |
Internal service. |
| database |
Enables the database service used by analytics and configuration service. |
| haproxy |
Enables the TCP or HTTP load balancer gateway to all service APIs. |
| hyperlocation |
Enables hyperlocation. |
| location |
Enables location service to compute location. |
| matlabengine |
Provides access point heatmap for location service. |
| metrics |
Collects system metrics. |
| nmsplb |
Enables the load balancer service used for distributing Network Mobility Services Protocol (NMSP) messages to location services. |
| influxdb |
Enables database services used for storing statistics from various services. |
| iodocs |
Enables online document service for REST API offered by various services. |
| qlesspyworker |
Internal service. |
The services are running.
CMX admin user
The following example shows how to stop the analytics service:
[cmxadmin@cmx]# cmxctl stop analytics
Done
The nodeagent service is currently running with PID: 16987
Stopping analytics Process...
Service analytics with pid: 19095
Retrying..
Done
Successfully shutdown analytics Process.To enable MAC address tracing, use the cmxctl trace mac command.
cmxctl trace mac { add | delete | status }
| add |
Add MAC address for tracing |
| delete |
Delete MAC address for tracing |
| status |
Display MAC address tracing settings |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3 |
This command was introduced. |
The following example shows how to enble MAC address tracing:
[cmxadmin@cmx]# cmxctl trace mac status
+-------------------+
| MAC Address |
+-------------------+
| 3c:a9:f4:6c:ee:44 |
+-------------------+
| ac:37:43:4b:cc:2f |
+-------------------+
| 3c:a9:f4:6c:5a:ac |To display current trace levels of each CMX service, use the cmxctl trace status command.
cmxctl trace status
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3 |
This command was introduced. |
The following example shows how to display current tarce levels:
[cmxadmin@cmx]# cmxctl trace mac status
+-------------------+
| MAC Address |
+-------------------+
| 00:01:02:03:04:05 |
+-------------------+
To update the trace level of a Cisco CMX service, use the cmxctl trace update command.
cmxctl trace update {service service-to-update | level tracelevel | [INFO | DEBUG]}
| service service-to-update |
Configure service to update. |
| level tracelevel |
Configure trace level [INFO | DEBUG] |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.x |
This command was introduced. |
To list or to configure Cisco Connected Mobile Experiences (Cisco CMX) users using the CLI, use the cmxctl users command.
cmxctl users { list | passwd | username | logout | userid}
| list |
Lists all the current users. |
| passwd |
Sets the password for a user. |
| username |
Username of a user in Cisco CMX. |
| logout userid |
Account of a user in Cisco CMX. |
None.
CMX admin user
The following example shows how to list Cisco CMX users using the CLI:
[cmxadmin@cmx]# cmxctl users list
+----------+--------------+-----------+
| Username | Full Name | Roles |
+==========+==============+===========+
| monitor | Monitor User | Read Only |
+----------+--------------+-----------+
| admin | Admin User | Admin |
+----------+--------------+-----------+To unlock CMX access for a CLI or GUI user after they have been locked out, use the cmxctl users unlock command.
cmxctl users unlock {cli username | gui username}
|
cli username |
Unlocks the command line interface (CLI) user. |
|
gui username |
Unlocks the graphical user interface (GUI) user. |
By default, active accounts will automatically unlock in 30 minutes. Dormant accounts—accounts inactive for 35 days or more—do not automatically unlock.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
This command was introduced. |
The CMX admin can unlock accounts before the 30-minute expiry time.
The following example shows how to unlock the CMX user interface user someguy:
[cmxadmin@cmx]# cmxctl users unlock gui someguy
Account unlocked successfullyTo know the Cisco Connected Mobile Experiences (Cisco CMX) version, use the cmxctl version command.
cmxctl version
None.
CMX admin user
The following example shows how to display version information for Cisco CMX:
[cmxadmin@cmx]# cmxctl version
Build Version : 10.1.0-27
Build Time : 2015-05-05 03:06:45.437430
----------------------------------------------------------------------
Name : cmx-ng-container
Commit Count : 17
Short Hash : bf20ec1
----------------------------------------------------------------------
Name : cmx-ng-location
Commit Count : 5
Short Hash : efc84fa
----------------------------------------------------------------------
Name : cmx-ng-ui
Commit Count : 5
Short Hash : d793df7
----------------------------------------------------------------------
Name : cmx-ova
Build Time : Fri Feb 20 06:34:38 UTC 2015
----------------------------------------------------------------------To delete a location accuracy test in Cisco CMX, use the cmxloc delete command.
cmxloc delete
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command should be run at the cmxadmin level.
To view the link to download the log files, use the cmxloc download command.
cmxloc download test name
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command will move the log files into a location and can be downloaded using a browser.
To search for the MAC address provided and return all the current attributes for the device, use the cmxloc find command.
cmxloc find MAC address
| MAC Address |
MAC address of the device. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command should be run at the cmxadmin level.
To list the accuracy tests in Cisco CMX, use the cmxloc list command.
cmxloc list
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command should be run at the cmxadmin level.
The following example shows how to list all Cisco CMX accuracy tests:
[cmxadmin@cmx]# cmxloc list
+-------+----------+-------------------+---------------+---------------+---------+---------+-------------+
| Name | Status | MAC Address | Comp Freq (s) | Avg Error (m) | 90% (m) | 50% (m) | Test Points |
+-------+----------+-------------------+---------------+---------------+---------+---------+-------------+
| FB1 | PAUSED | 98:07:2d:2a:11:fa | 0.0 | 0.0 | 0.0 | 0.0 | 0 |
+-------+----------+-------------------+---------------+---------------+---------+---------+-------------+
| Test1 | FINISHED | 98:07:2d:2a:11:fa | 61.0 | 2.45 | 3.23 | 1.93 | 1 |
+-------+----------+-------------------+---------------+---------------+---------+---------+-------------+
| Test2 | FINISHED | 98:07:2d:2a:11:fa | 33.25 | 4.36 | 6.27 | 3.44 | 4 |
+-------+----------+-------------------+---------------+---------------+---------+---------+-------------+To monitor the location accuracy test, use the cmxloc monitor command.
cmxloc monitor MAC Address
| MAC Address |
MAC address of the device. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command searches for a client and returns the attributes. The command monitors for any location changes and will update the screen for the new location attributes. Press the enter key to terminate the command execution.
To start a location accuracy test, use the cmxloc start command.
cmxloc start MAC Address Test Name X, Y Locations Time
| MAC Address |
MAC address of the device to run the location accuracy test. |
|
Test Name |
Name of the new location accuarcy test. |
|
X, Y Locations |
X and Y location information. |
|
Time |
Estimated time to run the test. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command triggers the location accuracy test.
To add a 10 GB space to the operating system, use the cmxos addswap command.
cmxos addswap
This command has no arguments or keywords.
None
CMX admin user
This command should be run at the root user level.
The following example shows how to increase disk space in the operating system:
[cmxadmin@cmx]# cmxos addswap
10485760+0 records in
10485760+0 records out
10737418240 bytes (11 GB) copied, 29.6845 s, 362 MB/s
Setting up swapspace version 1, size = 10485756 KiB
no label, UUID=2734f069-e687-4635-b2d6-9381241bc7ee
swap added, run system info to verify
[root@cmx-vmdev146 ~]#To start, stop, and restart the administrator UI, use the cmxos adminui command.
cmxos adminui {start | stop | restart}
| start |
Starts the administrator UI. |
| stop |
Stops the administrator UI. |
| restart |
Restarts the administrator UI. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
The following example shows how to stop the administrator UI:
[cmxadmin@cmx]# cmxos adminui stop
Stopping adminui...To disable Cisco CMX API server, use the cmxos apiserver disable command.
cmxos apiserver disable
| disable |
Disables the Cisco CMX API server. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
The following example shows how to disable the Cisco CMX API server:
[cmxadmin@cmx]# cmxos apiserver disable
Disabling CMX API Server...
Stopping CMX API Server...
To enable Cisco CMX API server, use the cmxos apiserver enable command.
cmxos apiserver enable
| enable |
Enables the Cisco CMX API server. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
The following example shows how to enable the Cisco CMX API server:
[cmxadmin@cmx]# cmxos apiserver enable
Enabling CMX API Server...
Starting CMX API Server...To reset the configuration of the Cisco CMX API server, use the cmxos apiserver reset command.
cmxos apiserver reset
| reset |
Resets CMX API Server configuration. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
The following example shows how to reset the Cisco CMX API server:
[cmxadmin@cmx]# cmxos apiserver reset
Resetting CMX API Server...To restart Cisco CMX API server, use the cmxos apiserver restart command.
cmxos apiserver restart
| restart |
Restarts the Cisco CMX API server. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
The following example shows how to start the Cisco CMX API server:
[cmxadmin@cmx]# cmxos apiserver restart
Restarting CMX API Server...To start Cisco CMX API server, use the cmxos apiserver command.
cmxos apiserver { start | stop | restart | enable | disable | status | user}
| start |
Starts the Cisco CMX API server. |
| stop |
Stops the Cisco CMX API server. |
| restart |
Restarts the Cisco CMX API server. |
| enable |
Enables the Cisco CMX API server. |
| disable |
Disables the Cisco CMX API server. |
| status |
Displays the current status of the Cisco CMX API server. |
| user |
Sets the userid and password for the CMX API Server. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
The following example shows how to start the Cisco CMX API server:
[cmxadmin@cmx]# cmxos apiserver start
Starting CMX API Server...To view the status of Cisco CMX API server, use the cmxos apiserver status command.
cmxos apiserver status
| status |
Displays the current status of the Cisco CMX API server. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
The following example shows how to view the status of Cisco CMX API server:
[cmxadmin@cmx]# cmxos apiserver status
+----------------------------------+
| CMX API Server Status |
+---------------+------------------+
| Configuration | Enabled |
+---------------+------------------+
| Status | Running |
+---------------+------------------+
| Uptime | 0 days 00:01:17 |
+---------------+------------------+To stop the CMX API Server, use the cmxos apiserver stop command.
cmxos apiserver stop
| stop |
Stops the Cisco CMX API server. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
The following example shows how to start the Cisco CMX API server:
[cmxadmin@cmx]# cmxos apiserver stop
Stopping CMX API Server...To manage user IDs and passwords for the Cisco CMX API server, use the cmxos apiserver user command.
cmxosapiserveruser {add userid password | delete userid | list}
|
add |
Adds a new CMX API server user. |
|
userid |
Enter a user ID (username) for the new CMX API server user. |
|
password |
Enter a temporary password for the new user. |
|
delete userid |
Deletes the specified user ID. |
|
list |
Displays CMX API server user IDs. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
This command was modified. |
|
Cisco CMX Release 10.4 |
This command was introduced. |
The following example shows how to add a new user for the Cisco CMX API server:
[cmxadmin@cmx]# cmxos apiserver user add
Please enter the userid for the CMX API Server: user1
Please enter the password for the CMX API Server: password
Please re-enter the password for the CMX API Server: password
Restarting CMX API Server...
Stopping CMX API Server...
Starting CMX API Server...
Successfully updated userid/password and restarted the CMX API ServerThe following example shows how to list Cisco CMX API server users:
[cmxadmin@cmx]# cmxos apiserver user list
+---------+
| User ID |
+=========+
| admin |
+---------+
| user1 |
+---------+
To back up a node, use the cmxos backup command.
cmxos backup {path | i | all | help}
| --path DIRECTORY |
Path where the backup file will be created. |
| -i, --include_only TEXT |
Backups selected parts only. Options are database, cache, cassandra, influxdb, consul, floormaps, licenses, setup, and connect images. |
| --all |
Includes InfluxDB data in backup bundle. If specific options are not selected, only the following services are included in the backup bundle: confd, database, cache, cassandra, floormaps, licenses, setup, and connect images. |
| --HELP |
Shows the help content. |
None.
CMX admin user
This command should to be run using the cmxadmin (non-root) account. The destination directory for backup file requires rwx permission. When you specify a backup directory other than /tmp, ensure that the directory has "r/w/x" permission by user:cmx.
The following example shows how to back up a node:
[cmxadmin@cmx]# cmxos backup
Please enter the path for backup file [/tmp]:
[17:43:50] Preparing for backup...
[17:43:50] Backup Database...
[17:43:51] Backup Cache...
[17:43:51] Backup Cassandra...
[17:43:53] Backup InfluxDb...
[17:43:53] Backup Consul...
[17:43:53] Backup Floormaps...
[17:43:53] Backup node configuration...
[17:43:59] Creating tar file..
[17:43:59] Done Backup. Created backup file
/tmp/cmx_backup_cmx-vmdev117_2015_03_10_17_43.tar.gz
To schedule a Cisco CMX backup capability, use the cmxos backupsched command.
cmxos backupsched {schedule | unschedule | show}
| schedule |
Schedules a backup. |
| unschedule |
Unschedules a backup. |
| show |
Displays the current backup schedule. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.2 |
This command was introduced. |
You can use this command to schedule a daily or weekly backup. For the daily backup schedule, you must select an hour based on the UTC time of the system. For the weekly backup schedule, enter a day of the week to schedule the backup. After the scheduled backup is completed, the CMX backup is available at /home/cmxadmin/cmxbackups.
You can create custom scripts to run specific commands during the scheduled backup. The pre-script /home/cmxadmin/bin/preScheduleBackup.sh helps you to run commands before the scheduled backup. The post-script /home/cmxadmin/bin/postScheduleBackup.sh helps to run the commands after the backup is completed.
To benchmark disk performance, use the cmxos benchmark disk command.
cmxos benchmark disk [ --verbose ]
| --verbose |
Prints full output. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
You must manually stop all Cisco CMX services before executing this command.
The following example shows how to verify the disk performance:
[cmxadmin@cmx]# cmxos benchmark disk
This process will check disk performance on /opt/cmx/srv/
You must stop all CMX services manually before running this command
Do you want to continue?: yes
Running disk performance...this may take a while...please wait...
READ IOPS: 6085, WRITE IOPS: 2024To update system date and time, use the cmxos changedate command.
cmxos changedate
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
Enter the new date and time in YYYY-mm-dd hh:mm:ss format.
The following example shows how to update system date and time:
[cmxadmin@cmx]# cmxos changedate
Enter Date and Time(YYYY-mm-dd hh:mm:ss) : 2018-11-26 03:51:00
2018-11-26 03:51:00
System date and time changed successfullyTo display postgres data size, use the cmxos checkpostgresdatasize command.
cmxos checkpostgresdatasize
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3 |
This command was introduced. |
The following example shows how to display postgres data size:
[cmxadmin@cmx]# cmxos checkpostgresdatasize
651488 /opt/cmx/srv/postgresTo clean up files on CMX, use the cmxos clean command.
cmxos clean {find | normal | {delete}}
| find |
Find files over 1 Gigabyte in size. |
| normal |
List files which can be cleaned. |
| delete |
Remove the files listed. |
None.
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3 |
This command was introduced. |
The following example shows how to search for large files:
[cmxadmin@cmx]# cmxos clean find
Starting search for large files
Size: 1.96G File: /tmp/cmx_backup_CMX-LowEnd-200_2017_01_18_17_56.tar.gz
Size: 2.36G File: /tmp/cmx_backup_CMX-LowEnd-200_2017_03_14_11_16.tar.gz
Size: 2.43G File: /tmp/cmx_backup_CMX-LowEnd-200_2017_03_20_14_36.tar.gz
Size: 2.32G File: /tmp/cmx_backup_CMX-LowEnd-200_2017_01_18_18_00.tar.gz
Size: 1.45G File: /var/log/maillog-20170212.gz
Size: 2.63G File: /var/log/maillog-20170205.gz
Size: 6.84G File: /home/cmxadmin/cmx_backup_CMX-LAC-210_2017_03_23_22_09.tar.gz
Size: 1.17G File: /home/cmxadmin/CISCO_CMX-10.3.0-58.cmx
Completed search for large files[cmxadmin@cmx]# cmxos clean normal
Files which can be removed in: /opt/cmx/var/log
/opt/cmx/var/log/adminui/adminui.pid
/opt/cmx/var/log/adminui/webui.ans
/opt/cmx/var/log/agent/server.log.3
/opt/cmx/var/log/agent/server.log.1
/opt/cmx/var/log/agent/server.log.5
/opt/cmx/var/log/agent/server.log.2
/opt/cmx/var/log/agent/server.log.4
/opt/cmx/var/log/backup.log.2
/opt/cmx/var/log/backup.log.3
/opt/cmx/var/log/setup.log.8
/opt/cmx/var/log/setup.log.7
/opt/cmx/var/log/cmxjobs.log.1
/opt/cmx/var/log/cmxjobs.log.5[cmxadmin@cmx]# cmxos clean normal --delete
Are you sure you wish to remove files? [y/N]: y
Removing files in: /opt/cmx/var/log
Remove: /opt/cmx/var/log/agent/server.log.2
Remove: /opt/cmx/var/log/agent/server.log.1
Remove: /opt/cmx/var/log/cmxjobs.log.5
Remove: /opt/cmx/var/log/cmxjobs.log.2
Remove: /opt/cmx/var/log/cmxjobs.log.4
Remove: /opt/cmx/var/log/cmxjobs.log.1
Remove: /opt/cmx/var/log/cmxjobs.log.3
To configure the network and operating system parameter, use the cmxos configure command.
cmxos configure
None
CMX admin user
This command should to be run at the root user level. You can use the --force option to force a fresh configuration if the device is already configured.
The following example shows how to configure the network and operating system parameters:
[cmxadmin@cmx]# cmxos configure --force
*** The system is already configured
********************************************************************************
Checking if the machine meets required specification...
********************************************************************************
+----------+------------------------+--------------+--------+
| Check | expected | actual | Result |
+==========+========================+==============+========+
| memory | 8GB | 25GB | ? |
+----------+------------------------+--------------+--------+
| cpu | 4 | 8 | ? |
+----------+------------------------+--------------+--------+
| disk | 50GB | 51GB | ? |
+----------+------------------------+--------------+--------+
| hostname | rfc compliant hostname | cmx-vmdev146 | ? |
+----------+------------------------+--------------+--------+To show current date information for the system, use the cmxos date command.
cmxos date
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.1 |
This command was introduced. |
Run this command to see the current time and status of the system.
The following example shows how to display current date information for the system:
[cmxadmin@cmx]# cmxos date
Current Date = Mon Mar 25 12:15:48 PDT 2019
Current UTC Date = Mon Mar 25 19:15:48 UTC 2019
NTP Server = *10.22.243.5
Offset: Time difference between server and client = -0.969
Delay: Round trip between server and client = 0.924
Jitter: Difference between two samples = 1.070To encrypt CMX data on the /opt partition, use the cmxos encryptdisk command.
cmxos encryptdisk
Encryption is not enabled.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
This command was introduced. |
Use this command when your security protocol requires encryption of CMX data. For more information about this task, refer to Cisco CMX Configuration Guide, release 10.6.
When FIPS or UCAPL authentication mode is enabled, access to the command line through PuTTY or other standard SSH clients is restricted. In these cases, we recommend that you connect directly from a console, or use the VMWare vSphere console.
Note |
We recommend that you enable encryption at installation, or as soon as possible afterward. The encryption process requires time proportional to the amount of data present on the /opt partition. |
Important |
Encryption cannot be disabled or undone. It requires someone with root access credentials to manually enter the encrypted disk passphrase from the command line each time the device is rebooted or powered up. |
The following example show how to enable encryption after CMX installation:
[cmxadmin@cmx]# cmxos encryptdisk
Have you closed all SSH sessions to this CMX? [y/N]:y
Are you sure you want to encrypt the /opt partition of the disk ? [y/N]:y
Checking disk space requirements for backing up /opt folder...
Looks Good.
Proceed with stopping all CMX services? [y/N]:yBacking up /opt folder into /var ...
tar backup done.
Press Enter key to enter rescue mode and begin the encryption.Press Enter.
Shredding /opt ...
Shread: List of deleted folders
Shread: List of deleted folders
Shread: List of deleted folders
...
Formatting /opt ...You will be prompted to set a passphrase for encrypted disk /opt.
Choose a passphrase, Enter and Verify it.
Note:
On every boot / power up, you will be prompted for this passphrase.
System will continue only if this passphrase is correct.WARNING!
========
This will overwrite data on /opt irrevocably.
Are you sure? (Type uppercase yes): YESEnter a passphrase.
Enter passphrase:
Verify passphrase:
Command successful.
Opening /opt ...
Enter passphrase for /opt:Encryption of /opt is complete.
System will reboot now.
Upon (every) restart, when prompted to enter passphrase for /opt partition,
enter the passphrase you just set.
Press Enter to continue with rebootPress Enter.
Please enter passphrase for disk opt on /opt!:To configure etc hosts, use the cmxos etchosts command.
cmxos etchosts
This command has no arguments or keywords.
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
This command will run and returns no status.
[cmxadmin@cmx]# cmxos etchosts
[cmxadmin@server]# cmxos etchosts --help
Usage: __main__.py etchosts [OPTIONS]
Configure /etc/hosts properly
Options:
--help Show this message and exit.To set up the Cisco Connected Mobile Experiences (Cisco CMX) again, use the cmxos firstboot command.
cmxos firstboot
None.
CMX admin user
This command should be run at the root user level. You can use the --force option to force a fresh configuration if the device is already configured.
The following example shows how to set up Cisco CMX again:
[cmxadmin@cmx]# cmxos firstboot
Not first boot....Exiting...To verify the HA proxy permissions on Cisco Connected Mobile Experiences (Cisco CMX), use the cmxos fixhaproxy command.
cmxos fixhaproxy
None.
CMX admin user
This command should be run at the root user level.
The following example shows how to verify HA proxy permissions:
[cmxadmin@cmx]# cmxos fixhaproxy
Raising haproxy setcap...To check the health of a Cisco CMX system, use the cmxos health command.
cmxos health {filedescriptors | ntp}
| filedescriptors |
Checks the CMX file descriptors for issues. |
| ntp |
Checks the CMX NTP systems for issues. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.5 |
This command was modified. |
|
Cisco CMX Release 10.2 |
This command was introduced. |
The cmxos health filedescriptors command returns the total number of open file descriptors. The cmxos health ntp command returns the status of the CMX Network Time Protocol (NTP) systems.
The following example shows how to check the health of a Cisco CMX system:
[cmxadmin@cmx]# cmxos health filedescriptors
2195 total file descriptors open
[cmxadmin@server]# cmxos health ntp
NTP Synchronization error:
unsynchronised
time server re-starting
polling server every 8 s
To show full inventory of a node, use the cmxos inventory command.
cmxos inventory
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
The following example shows how to view the inventory details:
[cmxadmin@cmx]# cmxos inventory
UDI: AIR-MSE-3365-K9 Serial Number - FCH1904V055
State of the RAID array: Healthy and working normally
Capacity of the RAID array: 1.088 TB
Type of disks in RAID array: Spinning Disk Drive
All chassis fans operating normally
One of the power supplies in the chassis has failed or it has not been installed/connected
Disk Capacity: 1.0T
Disk space used: 33.2G
Memory installed: 63.00G
CPUs installed: 20
CPU Type: Intel(R) Xeon(R) CPU E5-2650 v3 @ 2.30GHz
Server uptime: 6 Hours, 59 Minutes, 44 Seconds
Server boot time: Mon, 27 Mar 2017 16-44-36
Number of server reboots: 1To kill services, use the cmxos kill command.
cmxos kill silent
| --silent |
Slinetly kills services without confirmation. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
The following example shows how to kill CMX services:
[cmxadmin@cmx]# cmxos kill
This command will force kill all CMX processes, for dev use only
Do you want to continue?:To manage the monitoring of Cisco CMX services, use the cmxos monit command.
cmxos monit {configure | start | stop | wipe}
| configure |
Configures the default monitor settings. |
||
| start |
Enables monitored services. |
||
| stop |
Enables monitored services. |
||
| wipe |
Deletes the default monitoring settings.
|
Disabled.
CMX admin user
| Release | Modification |
|---|---|
|
Release 10.2.0 |
This command was introduced. |
The following example shows how to display the monitoring settings:
[cmxadmin@cmx]# cmxos monit configure
Deleting all monit configurations....
Configuring monit mail settings...
Configuring monit OS settings...
Configuring monit CMX services settings...The following example shows how to enable monitoring of Cisco CMX services:
[cmxadmin@cmx]# cmxos monit start
Starting monit:To configure authenticated and un-authenticated Network Time Protocol (NTP) servers on CMX, use the cmxos ntp command.
|
auth password |
Configures local authentication password. |
|
auth servers |
Configures Authenticate NTP Servers. |
|
clear |
Clears the NTP server configuration. |
|
restart |
Restarts the NTP services. |
|
status |
Displays the NTP server status. |
|
type |
Configure NTP authentication type. |
By default, no NTP servers are configured.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
The following example shows how to set authenticate NTP server(s) using cmxos ntp type command.
[cmxadmin@cmx]# cmxos ntp type
Current NTP Type = <Not Set>
Select NTP Type [1] Unauthenticated, [2] Authenticated or [3] Skip [3]: 2
Changing the NTP Type = Authenticated
Enter local password:
Repeat for confirmation:
Password changed and host key/cert file generated successfully.
Enter hostname / IP for NTP Server #1 (blank to skip) []: 1.2.3.4
Please enter complete path of exported IFF (encrypted) key file: /tmp/iffkey
Checking if server 1.2.3.4 is reachable ...
OK
Key file successfully saved as ntpkey_iffkey_ntpserver.3747444855
NTP Server added successfully
Enter hostname / IP for NTP Server #2 (blank to skip) []:
NTP Service restarted successfully
To open ports, based on a node rule, use the cmxos openports command.
cmxos openports { analytics | location | database }
| analytics |
Adds a 10-GB swap space to a node. |
| location |
Configures the network and operating system parameters. |
| database |
Sets up the Cisco Connected Mobile Experiences (Cisco CMX) database again. |
None.
CMX admin user
This command should be run at the root user level.
The following example shows how to open ports based on a node:
[cmxadmin@cmx]# cmxos openports analytics
Opened port 6541
Opened port 6542
Successfully opened all ports. Saving iptables info...To install, remove or view patch for CMX system, use the cmxos patch command.
cmxos patch install filenamelistremove filename removeall
| install filename |
Installs a new patch for CMX system. |
| list |
Displays the list of currently installed patches |
| remove filename |
Removes the specified patch. |
| removeall |
Removes all installed patches from the CMX system. |
None
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release10.6 |
This command was introduced. |
Cisco CMX has a restricted shell to prevent a user from updating the Cisco CMX image. A patch upgrade is now required to modify and update Cisco CMX. Patch files are RPM files specifically signed for installation on Cisco CMX. The patch file name has a .cmxp extension.
The following example shows how to install a patch:
[cmxadmin@cmx]# cmxos patch install
Please enter the patch file name: patch-10.0.x.cmxp
** Checking patch file integrity
Patch file integrity passed.
** Extract patch file contents.
Verifying patch signature.
Verification signature ouput: Verified OK
Patch file verification successful for /home/cmxadmin/cmx-test-patch-10.6.0.cmxp.
** Installing patch RPM: /opt/image/patches/cmx-test-patch-10.6.0-1.x86_64.rpm extracted from patch file: /home/cmxadmin/cmx-test-patch-10.6.0.cmxp
** Patch installed successfully
** Patch completed successfully.To reboot the system, use the cmxos reboot command.
cmxos reboot {force | silent | failover}
| force |
Option to force an immediate reboot. |
| silent |
Option to silently reboot without prompting. |
| failover |
Failover to the secondary before reboot and only if high availability enabled. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.1 |
This command was introduced. |
Run this command if you need to reboot the system. The limited shell prevents the reboot otherwise.
The following example shows how to reboot the system:
[cmxadmin@cmx]# cmxos reboot
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!! CONFIRM REBOOT !!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Are you sure you want to reboot?:yTo change network configuration information after deployment, use the cmxos reconfigure command.
cmxos reconfigure
None
CMX admin user
This command, which should be run at the root user level, also allows you to change the IP address, netmask, default gateway, and DNS server information. Changing the hostname through command line is not supported. Use the cmxos reconfigure command to change a hostname, IP address, or any of the network parameters.
NTP server and timezone/date configurations are also executed by running this command.
Note |
|
The following example shows how to reconfigure the network after Cisco CMX installation:
[cmxadmin@cmx]# cmxos reconfigure
This command will wipe all system metrics data when the configuration is changed
Do you want to continue?: yes
Please enter hostname [cisco-cmx-centos7-test0]:
Please enter IP address [192.0.2.1]:
Please enter netmask [255.255.255.0]:
Please enter gateway [192.0.2.2]:
Please enter DNS server [192.0.2.3]:
Please enter search domain name [example.com]:
Are the network settings correct?: yes
Stopping keepalived service
Verify keepalived service has been stopped
Successfully stopped the keepalived service.
Starting keepalived service
ERROR: Failed to start keepalived service.
********************************************************************************
Configuring NTP Server...
********************************************************************************
Please enter the NTP server name (blank for no NTP server) [ntp.esl.cisco.com]:
Setting ntp server ntp.esl.cisco.com
********************************************************************************
Configuring Timezone and date...
********************************************************************************
Please identify a location so that time zone rules can be set correctly.
Please select a continent or ocean.
1) Africa
2) Americas
3) Antarctica
4) Arctic Ocean
5) Asia
6) Atlantic Ocean
7) Australia
8) Europe
9) Indian Ocean
10) Pacific Ocean
11) none - I want to specify the time zone using the Posix TZ format.
#? 10
Please select a country.
1) Chile 15) Northern Mariana Islands
2) Cook Islands 16) Palau
3) Ecuador 17) Papua New Guinea
4) Fiji 18) Pitcairn
5) French Polynesia 19) Samoa (American)
6) Guam 20) Samoa (western)
7) Kiribati 21) Solomon Islands
8) Marshall Islands 22) Tokelau
9) Micronesia 23) Tonga
10) Nauru 24) Tuvalu
11) New Caledonia 25) United States
12) New Zealand 26) US minor outlying islands
13) Niue 27) Vanuatu
14) Norfolk Island 28) Wallis & Futuna
#? 25
Please select one of the following time zone regions.
1) Eastern (most areas) 16) Central - ND (Morton rural)
2) Eastern - MI (most areas) 17) Central - ND (Mercer)
3) Eastern - KY (Louisville area) 18) Mountain (most areas)
4) Eastern - KY (Wayne) 19) Mountain - ID (south); OR (east)
5) Eastern - IN (most areas) 20) MST - Arizona (except Navajo)
6) Eastern - IN (Da, Du, K, Mn) 21) Pacific
7) Eastern - IN (Pulaski) 22) Alaska (most areas)
8) Eastern - IN (Crawford) 23) Alaska - Juneau area
9) Eastern - IN (Pike) 24) Alaska - Sitka area
10) Eastern - IN (Switzerland) 25) Alaska - Annette Island
11) Central (most areas) 26) Alaska - Yakutat
12) Central - IN (Perry) 27) Alaska (west)
13) Central - IN (Starke) 28) Aleutian Islands
14) Central - MI (Wisconsin border) 29) Hawaii
15) Central - ND (Oliver)
#? 21
The following information has been given:
United States
Pacific
Therefore TZ='America/Los_Angeles' will be used.
Local time is now: Mon May 21 08:25:39 PDT 2018.
Universal Time is now: Mon May 21 15:25:39 UTC 2018.
Is the above information OK?
1) Yes
2) No
#? 1
The Timezone selected is America/Los_Angeles
The current time is Mon May 21 08:25:40 PDT 2018
Enter Date (YYYY-mm-dd hh:mm:ss) (blank to sync with ntp): []:
*** No changes were detected
Note |
This command opens the Device Configuration window, where you can take the appropriate action, that is reconfigure the device or the DNS. |
To remove data from all the redis ports, use the cmxos rediscleanup command.
cmxos rediscleanup
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.1 |
This command was introduced. |
When you run this command, data entires from all redis cache ports will be removed. This may result in permanent loss of data for CMX services such as Connect.
We recommend that you use this command when the memory usage of redis instances are high. For example, qlesspy service uses redis instance 6378 and when the 6378 instance reaches memory full, qlesspy service will not start. To recover from this situation, run the cmxos rediscleanup command. You need not restart any services after running this command.
The following example shows how to remove data from all redis ports:
[cmxadmin@cmx]# cmxos rediscleanup
Output of redis cleanup for port 6378 - OK
Output of redis cleanup for port 6379 - OK
Output of redis cleanup for port 6380 - OK
Output of redis cleanup for port 6381 - OK
Output of redis cleanup for port 6382 - OK
Output of redis cleanup for port 6383 - OK
Output of redis cleanup for port 6384 - OK
Output of redis cleanup for port 6385 - OKTo restore a node, use the cmxos restore command.
cmxos restore {file | path | i | ignore_version | ignore_licenses | help}
| --file PATH |
Path where the restore file is located. |
| --path DIRECTORY |
Path where the restore file will be created. |
| -i, --include_only TEXT |
Restore selected parts only. Options are database, cache, cassandra, influxdb, consul, floormaps, licenses, setup, connectimages. |
|
--ignore_version |
Skip version check during restore. |
|
--ignore_licenses |
Skip restoring Cisco CMX licenses contained in the backup bundle and retain local licenses. |
| --HELP |
Shows the help content. |
None.
CMX admin user
By default, this command performs restoration of all services excluding the InfluxDB data service. If you want to restore InfluxDB data, explicitly enter the InfluxDB service name along with other services by using --include_only while running the command.
The following example shows how to restore a node:
[cmxadmin@cmx]# cmxos restore
Please enter the backup file path: /tmp/cmx_backup_cmx-vmdev117_2015_03_10_17_43.tar.gz
[17:44:12] Preparing for restore...
[17:44:12] Untarring backup file...
[17:44:13] Stopping all services...
[17:44:16] Restoring Database...
Restarting database...
[17:44:26] Restoring Cache...
Stopping cache_6379...
Restarting cache_6379...
Stopping cache_6381...
Restarting cache_6381...
Stopping cache_6380...
Restarting cache_6380...
[17:44:55] Restoring Cassandra...
Stopping Cassandra...
Restarting Cassandra...
...............
[17:45:19] Restoring Influxdb...
[17:45:19] Restoring consul...
[17:45:19] Restoring floormaps...
[17:45:19] Running Post Restore Tasks...
[17:45:19] Migrating Schemas...
[17:45:19] Migrating Cassandra schemas...
[17:45:20] Restarting all services...
[17:45:23] DoneTo halt the system, use the cmxos shutdown command.
cmxos shutdown {force | silent | failover}
| force |
Option to force an immediate halt. |
| silent |
Option to silently halt without prompting. |
| failover |
Failover to the secondary before halt and only if high availability enabled. |
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.1 |
This command was introduced. |
Run this command for a graceful shutdown of the system. Because of the limited shell command restriction you cannot run this command otherwise.
The following example shows how to shutdown the system:
[cmxadmin@cmx]# cmxos shutdown
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!! CONFIRM HALT !!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Are you sure you want to shutdown?:To get secondary UDI from Cisco CMX secondary server, use the cmxos smartlicenseudi command.
cmxos smartlicenseudi
This command has no arguments or keywords.
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6.3 |
This command was introduced. |
Run this command on secondary CMX server to print UDI and Serial Number of the secondary CMX on the terminal. Copy the values of UDI and Serial Number and manually enter them as inputs to run the command cmxctl config smartlicense secondaryudi .
The following example shows how to get secondary CMX UDI and serial number:
[cmxadmin@server]# cmxos smartlicenseudi
UDI: VMware Virtual Platform
Serial Number: 123456-EABCDEA71
To replace default haproxy certificate, use the cmxos sslcert command.
cmxos sslcert
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.2 |
This command was introduced. |
To enable an outbound proxy on your Cisco CMX server, use the cmxos sysproxy command.
cmxos sysproxy {clear | disable | enable | no_proxy | proxy | show | ftp_proxy | http_proxy | https_proxy}
| clear |
Removes the proxy settings. |
| disable |
Disables the use of the proxy settings. |
| enable |
Enables the use of the proxy settings. |
| no_proxy |
Sets the no_proxy environment variable. |
| proxy |
Sets the proxy environment variables for http_proxy, https_proxy, ftp_or proxy. |
| show |
Displays the proxy settings. |
| ftp_proxy |
Sets the ftp proxy. |
| http_proxy |
Sets the http proxy. |
| https_proxy |
Sets the https proxy. |
Proxy is disabled.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3.1 |
This command was introduced. |
This command supersedes the information from this post: https://communities.cisco.com/docs/DOC-70904.
Use this command for environments where an outbound proxy is required on the Cisco CMX server. For example, if you happen to be in a secure internal network where even outbound traffic via HTTPS requires that it move through a proxy server.
If you set the proxy setting on the Cisco CMX server, make sure to use the no_proxy setting on the attached controllers to avoid interference with the NMSP Network Mobility Services Protocol (NMSP).
If you change the Cisco CMX proxy settings, you must restart Cisco CMX for the change to take effect. Use the cmxctl restart command to restart Cisco CMX.
The following example shows how to set a proxy on the Cisco CMX server, and then verify the change and restart Cisco CMX:
[cmxadmin@cmx]# cmxos sysproxy proxy https://proxy-wsa.esl.cisco.com:80
[cmxadmin@cmx]# cmxos sysproxy show
USE_PROXY=1
PROXY_URL=http://proxy-wsa.esl.cisco.com:80
NO_PROXY_LIST=""
[cmxadmin@cmx]# cmxctl restartThe following example shows how to enable a proxy on the Cisco CMX server, and then verify the change and restart Cisco CMX:
[cmxadmin@cmx]# cmxos sysproxy enable
[cmxadmin@cmx]# cmxos sysproxy show
USE_PROXY=1
PROXY_URL=http://proxy-wsa.esl.cisco.com:80
NO_PROXY_LIST=""
[cmxadmin@cmx]# cmxctl restartThe following example shows how to disable a proxy on the Cisco CMX server, and then verify the change and restart Cisco CMX:
[cmxadmin@cmx]# cmxos sysproxy disable
[cmxadmin@cmx]# cmxos sysproxy show
USE_PROXY=0
PROXY_URL=http://proxy-wsa.esl.cisco.com:80
NO_PROXY_LIST=""
[cmxadmin@cmx]# cmxctl restartThe following example shows how to clear proxy settings, and then verify the change and restart Cisco CMX:
[cmxadmin@cmx]# cmxos sysproxy clear
[cmxadmin@cmx]# cmxos sysproxy show
USE_PROXY=0
PROXY_URL=""
NO_PROXY_LIST=""
[cmxadmin@cmx]# cmxctl restartTo collect technical support information, use the cmxos techsupport command.
cmxos techsupport { all | cmx | location | map | network | services | system }
| all |
Collect all technical support information |
| cmx |
Collect CMX information |
| location |
Collect location support information |
| map |
Collect map support information |
| network |
Collect network information |
| services |
Collect CMX services information. |
| system |
Collect system information |
|
silent |
Silently run with prompting |
None.
CMX admin user
This command will return all CLI command outputs helpful for debugging.
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3 |
This command was introduced. |
To dump all technical support information, use the cmxos techsupport dump command.
cmxos techsupport dump
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.3 |
This command was introduced. |
To upgrade Cisco Connected Mobile Experiences (Cisco CMX) with a new Red Hat Package Manager (RPM) or package, use the cmxos upgrade command.
cmxos upgrade
None.
CMX admin user
This command should be run at the root user level. The CLI accepts either a local file or an HTTP URL. This command works only when you have a later version than the existing one to upgrade.
The following example shows how to upgrade the Cisco CMX using RPM or package:
[cmxadmin@cmx]# cmxos upgrade
The nodeagent service is not running.
Agent is not running, starting it now.
Starting nodeagent Process...
Stopping nodeagent Process...
Done
Successfully shutdown nodeagent Process.
Stopping consul Process...
Successfully shutdown consul Process.
Stopping qlesspyworker Process...
Successfully shutdown qlesspyworker Process.
Stopping cassandra Process...
Successfully shutdown cassandra Process.
Stopping iodocs Process...
The iodocs service is not running.
Stopping redis6383 Process...
Successfully shutdown redis6383 Process.
Stopping redis6380 Process...
Successfully shutdown redis6380 Process.
Stopping redis6381 Process...
Successfully shutdown redis6381 Process.
Stopping influxdb Process...
The influxdb service is not running.
Stopping collectd Process...
The collectd service is not running.
Stopping confd Process...
The confd service is not running.
Stopping redis6379 Process...
Successfully shutdown redis6379 Process.
Stopping redis6378 Process...
Successfully shutdown redis6378 Process.
Stopping haproxy Process...
Stopping postgres Process...
Successfully shutdown postgres Process.
Stopping analytics Process...
The analytics service is not running.
Stopping location Process...
The location service is not running.
Stopping configuration Process...
The configuration service is not running.
Stopping halo Process...
The halo service is not running.
Stopping matlabengine Process...
The matlabengine service is not running.
Stopping nmsplb Process...
The nmsplb service is not running.
Shutting downTo run the full vacuum command on the postgres database running within Cisco CMX, use the cmxos vacuumdb command.
cmxos vacuumdb
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.4 |
This command was introduced. |
This command internally runs the ‘vacuumdb –vfa’ on the postgres DB. This command is an advanced command and should not be regularly used by the customer. In case of the postgres DB taking up too much disk space, this command may be run to compact the DB.
To verify the virtual machine configuration, use the cmxos verify command.
cmxos verify
None.
CMX admin user
The following example shows how to verify the virtual machine configuration:
[cmxadmin@cmx]# cmxos verify
+----------+------------------------+--------------+--------+
| Check | expected | actual | Result |
+==========+========================+==============+========+
| memory | 8GB | 25GB | ? |
+----------+------------------------+--------------+--------+
| cpu | 4 | 8 | ? |
+----------+------------------------+--------------+--------+
| disk | 50GB | 51GB | ? |
+----------+------------------------+--------------+--------+
| hostname | rfc compliant hostname | cmx-vmdev146 | ? |
+----------+------------------------+--------------+--------+To wipeout CMX data, use the cmxos wipeoutdisk command.
cmxos wipeoutdisk
None.
CMX admin user
| Release | Modification |
|---|---|
|
Cisco CMX Release 10.6 |
This command was introduced. |
This command is available only when the FIPS/UCAPL mode is enabled. After the command execution is complete, it will delete everything on the disk and make system unusable and it will not even boot normally.
When FIPS or UCAPL authentication mode is enabled, access to the command line through PuTTY or other standard SSH clients is restricted. In these cases, we recommend that you connect directly from a console, or use the VMWare vSphere console.
The following example shows how to wipeout CMX data:
[cmxadmin@cmx]# cmxos wipeoutdisk
WARNING: This command will wipe out the entire disk.
It will remove entire CMX installation along with all the existing data.
Once completed, this box will not be useable.
Do you want to continue? [y/N]: y
lave you closed all SSH sessions to this CMX? [y/Nl: y
WARNING: This is your last chance.
If you want to take backup, please exit now.
Vou can take backup and transfer it to some other machine.
I*hen execute this command again.
Do you want to continue with disk wipeout? [y/N]: y_
Stopping the CMX services
nonit.service is not a native service, redirecting to /sbin/chkconfig.
cuting /sbin/chkconfig min it off
Stopping nodeagent Process...
cuting shutdown
Feedback