Scribd Logo
Upload

Welcome to Scribd!

  • Cyberark Shortcuts For Common Commands

    Uploaded by

    Zoumana Diomande
    15 views3 pages

    Original Title

    cyberark Shortcuts for Common Commands

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    15 views3 pages

    Cyberark Shortcuts For Common Commands

    Uploaded by

    Zoumana Diomande

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Shortcuts for Common Commands

    The shortcuts.sh utility allows easy use of PTA common commands. The format is:

    shortcuts.sh [<type>]

    Following are the types for this utility:

    Ty
    Command Description
    pe

    1 tail -f Output all errors in the last part of the main PTA log file, follow
    /opt/tomcat/logs/diamond.log the file and output any errors as the file grows
    | grep "ERROR"

    2 cat Output all errors in the main PTA log file


    /opt/tomcat/logs/diamond.log
    | grep "ERROR" | less

    3 tail -f Output all listener metrics in the last part of the main PTA log
    /opt/tomcat/logs/diamond.log file, follow the file and output any listener metrics as the file
    | grep "metrics-PTA-listener" grows

    Use this:

    ■ To verify incoming traffic from the sensors (such as Vault, Network Sensor, SIE

    ■To verify the creation of audits per operation (such as Vault retrieve password,
    logon, Windows logon, Unix logon, Kerberos traffic)

    ■To verify that the syslogs from the various SIEMs (such as ArcSight, QRadar, Sp
    and so on) are successfully accepted in PTA

    4 cat Output all listener metrics in the main PTA log file
    /opt/tomcat/logs/diamond.log
    Use this:
    | grep "metrics-PTA-listener" |
    less ■ To verify incoming traffic from the sensors (such as Vault, Network Sensor, SIE

    ■To verify the creation of audits per operation (such as Vault retrieve password,
    logon, Windows logon, Unix logon, Kerberos traffic)

    ■To verify that the syslogs from the various SIEMs (such as ArcSight, QRadar, Sp
    and so on) are successfully accepted in PTA

    5 tail -f Output all sampler metrics in the last part of the main PTA log
    /opt/tomcat/logs/diamond.log file, follow the file and output any sampler metrics as the file
    | grep "metrics-PTA-sampler" grows

    Use this:

    ■ To verify incident creation and that the outbound mail or syslogs were sent

    ■To verify mitigation results, such as rotate password upon suspected credentia

    6 cat Output all sampler metrics in the main PTA log file
    /opt/tomcat/logs/diamond.log
    Ty
    Command Description
    pe

    | grep "metrics-PTA-sampler" | Use this:


    less
    ■ To verify incident creation and that the outbound mail or syslogs were sent

    ■To verify mitigation results, such as rotate password upon suspected credentia

    7 tail -f Output all scheduled task metrics in the last part of the main
    /opt/tomcat/logs/diamond.log PTA log file, follow the file and output any scheduled task
    | grep "metrics-PTA- metrics as the file grows
    Background"
    Use this to verify the results of scheduled tasks, such as
    Active Directory, Vault accounts and users, and so on

    8 cat Output all scheduled task metrics in the main PTA log file
    /opt/tomcat/logs/diamond.log
    Use this to verify the results of scheduled tasks, such as
    | grep "metrics-PTA-
    Active Directory, Vault accounts and users, and so on
    Background" | less

    9 tail -f Output all PTA internal services metrics in the last part of the
    /opt/tomcat/logs/diamond.log main PTA log file, follow the file and output any PTA internal
    | grep "metrics-PTA-services" services metrics as the file grows

    10 cat Output all PTA internal services metrics in the main PTA log
    /opt/tomcat/logs/diamond.log file
    | grep "metrics-PTA-services" |
    less

    11 tail -f Output all metrics in the last part of the main PTA log file,
    /opt/tomcat/logs/diamond.log follow the file and output any metrics as the file grows
    | grep "metrics-PTA"

    12 cat Output all metrics in the main PTA log file


    /opt/tomcat/logs/diamond.log
    | grep "metrics-PTA" | less

    13 tail -f Output all incoming syslogs in the last part of the main PTA
    /opt/tomcat/logs/diamond.log log file, follow the file and output any incoming syslogs as the
    | grep "Incoming syslog" file grows

    This command requires the Listener component to be on the


    Debug log level

    Use this:

    ■ To verify the incoming syslog is from Vault, SIEM, or Network Sensor

    ■ To see the syslog String received by PTA from the different inbound sources

    14 cat Output all incoming syslogs in the main PTA log file
    /opt/tomcat/logs/diamond.log
    This command requires the Listener component to be on the
    Ty
    Command Description
    pe

    | grep "Incoming syslog" | less Debug log level

    Use this:

    ■ To verify the incoming syslog is from Vault, SIEM, or Network Sensor

    ■ To see the syslog String received by PTA from the different inbound sources

    15 tail -f Output all containment calls used in password rotation,


    /opt/tomcat/logs/diamond.log pending accounts, and PSM risky commands in the last part
    | grep of the main PTA log file, follow the file and output any
    "CyberArkAuthenticationServi containment calls as the file grows
    ce.svc/logon" | less
    Use this to troubleshoot issues with mitigation of various
    containment capabilities such as Rotate Password, Pending
    unmanaged accounts, and update Risky commands scores in
    the PVWA

    16 cat Output all containment calls used in password rotation,


    /opt/tomcat/logs/diamond.log pending accounts, and PSM risky commands in the main PTA
    | grep log file
    "CyberArkAuthenticationServi
    Use this to troubleshoot issues with mitigation of various
    ce.svc/logon" | less
    containment capabilities such as Rotate Password, Pending
    unmanaged accounts, and update Risky commands scores in
    the PVWA

    17 tail -f Output all dcaserver metrics in the last part of the main PTA
    /opt/tomcat/logs/diamond.log log file, follow the file and output any dcaserver metrics as the
    | grep "metrics-PTA- file grows.
    dcaserver"
    Use this:

    ■ To troubleshoot configuration issues with the PTA Windows Agent

    ■To troubleshoot connection issues between the PTA Windows Agent and the P
    Server

    18 cat Output all dcaserver metrics in the main PTA log file
    /opt/tomcat/logs/diamond.log
    Use this:
    | grep "metrics-PTA-
    dcaserver" | less ■ To troubleshoot configuration issues with the PTA Windows Agent

    ■To troubleshoot connection issues between the PTA Windows Agent and the P
    Server

    You might also like