Command-line Interface

Navigation:  »No topics above this level«

Command-line Interface

Previous pageReturn to chapter overviewNext page

For access to Imunify360 agent features from command-line interface, use the following command:

 

imunify360-agent

 

Optional arguments:

 

-h, --help

Returns the help message

--remote-addr [IP_address]

IP address for adding it to the whitelist

--console-log-level [ERROR,WARNING,INFO,DEBUG] 

Level of logging input to the console

 

Basic usage:

 

imunify360-agent [command] [--option1] [--option2]...

 

Available commands:

 

 blacklist               Return/Edit IP blacklist

       check-domains           Send domain list check

       clean                   Clean the incidents

       cpanel              Commands for cPanel plugin manipulation

       disable-3rdparty        Make Imunify360 the primary IDS

       doctor                  Collect info about system and send it to CloudLinux

       features                Manage available features for Imunify360

       get                     Returns list of incidents

       graylist                Return/Edit IP gray list

 import                  Import data

       infected-domains        Returns infected domain list

       list-3rdparty           Check if another IDS is running

       register                Registration the agent

       rstatus                 Query the server to check if the license is valid

       unregister              Unregistration the agent

       version                 Show version

       whitelist               Return/Edit IP white list

 

 

Optional arguments for the commands:

 

-h, --help

Shows this help message.

 

--json     

Returns data in JSON format.

 

--by-country-code [country_code]

Filters output by country code. Requires valid country code as argument. Find valid country codes here in column ISO ALPHA-2 CODE.

 

--by-abuser-ip [ip_address]

Filters output by abuser's IP or by subnet in CIDR notation. Example: --by-abuser-ip 1.2.3.0/24.

 

--by-list

Can be: any, gray (Gray List), white (White List), black (Black List). Filters output based on the list type. Example: --by-list black.

 

--limit 

limits the output with specified number of incidents. Must be a number greater than zero. By default, equals 100.

 

--offset

Offset for pagination. By default, equals 0.

 

--to

Allows to set the end of the period for filter. Format is a timestamp.

 

--verbose, -v

Allows to return data in good-looking view if option --json is used.

 

Blacklist

 

This command allows to view or edit actual IPs in the blacklist.

 

Usage:

 

imunify360-agent blacklist [subject] [command] <value> [--option]

 

subject is a positional argument and can be:

 

country

Allows to manipulate with countries in the Black List.

ip

Allows to manipulate with IPs in the Black List.

 

command is a second positional argument and can be:

 

add

add item(-s) to Black List

delete

remove item(-s) from Black List

move

move item(-s) to Black List

edit

edit comment on item in the Black List

list

list items(-s) in Black List

 

value is an item to manipulate with. It can be IP itself or a country code (find necessary country codes here in CIDR notation in the column ISO ALPHA-2 CODE).

 

option can be one or few of the optional arguments specified above and one more:

 

--comment

allows to add comment to the item

 

Examples:

 

The following commands add IP 1.2.3.4 to the Black List with a comment “one bad IP”:

 

imunify360-agent blacklist ip add 1.2.3.4 --comment “one bad ip”

 

The following command returns a list of IPs in the Black List which are from Bolivia:

 

imunify360-agent blacklist --by-country-code BO

 

Check-domains

 

Allows to send domains list to check on Imunify360 central server. This command requires cPanel. After domains checked, the results is available via command infected-domains. Please note that the server requires some time for checking and the results may not be ready immediately.

 

Usage:

 

imunify360-agent check-domains [--optional arguments]

 

Optional arguments:

 

-h, --help

Show this help message.

--json

return data in JSON format

--verbose, -v

Allows to return data in good-looking view if option --json is used.

 

Clean

 

Clean the incident list.

 

Usage:

 

imunify360-agent clean [--optional arguments]

 

Optional arguments:

 

-h, --help

Show this help message.

--json

Return data in JSON format.

--days

Cleanups incidents from database, if there are more than specified days quantity. Example: --days 5. This option will cause deletion of all incidents that are older than 5 days from today.

--limit

Leaves only limited number of the incidents in the database and deletes the others. Example: --limit 5000. This option will leave only 5000 new incidents and delete the others.

 

cPanel

 

Command for manipulating Imunify360 plugin for cPanel.

 

Usage:

 

imunify360-agent cpanel [command]

 

Command is positional arguments and can be :

 

enable-plugin

Enable Imunify360 cPanel plugin (if cPanel is detected on the server).

disable-plugin

Disable Imunify360 cPanel plugin.

install-vendors

Install ModSecurity vendors (if cPanel is detected on the server). This command will install Imunify360 vendor and Comodo WAF if there are no conflicts with other installed vendors.

uninstall-vendors

Uninstall ModSecurity vendors.

 

Disable-3rdparty

 

Command for disabling 3rd party IDS (currently they are cPHulk and fail2ban) and make Imunify360 agent the primary IDS.

 

Usage:

 

imunify360-agent disable-3rdparty [-h]

 

Optional arguments:

 

-h, --help

Show this help message.

 

Doctor

 

Collecting information about Imunify360 state, generating the report and sending it to Imunify360 Support Team. This command can be used in case of any troubles or issues with Imunify360. This command will generate a key to be sent to Imunify360 Support Team. With that key Imunify360 Support Team can help with any problem as fast as possible.

 

Usage:

 

imunify360-agent doctor [-h]

 

Optional arguments:

 

-h, --help

Show this help message.

 

Features

 

Allows to enable or disable additional CloudLinux software included in Imunify360 for free. The following software is available:

 

KernelCare

 

HardenedPHP

 

Usage:

 

imunify360-agent features [-h] [command] <feature name>

 

command is a positional arguments and can be :

 

install

allows to enable software

remove

allows to disable software

status

allows to check the status of the software

list

allows to list all available software

 

Optional arguments:

 

-h, --help

Show this help message.

 

Example:

 

imunify360-agent features status kernelcare

 

Get

 

The command returns the lists of incidents.

 

Usage:

 

imunify360-agent get [--required argument] [--optional argument]...

 

One of these arguments is required:

 

--period [period]

timeframe, allows to specify the amount of time starting from the current day. Should be greater than (or equal to) 1 minute. Can be specified in format:

<int>m - minutes, example --period 30m

<int>h - hours, example --period 4h

<int>d - days, example --period 7d

today - for today, example --period today

yesterday - for yesterday, example --period yesterday

For example, --period 5d will return a list of incidents for 5 days.

 

--since [timestamp]

Allows to set start time to filter the list of incidents by period.

 

Example:

 

The following command shows the incidents (in JSON format) for recent 1 hour, filtered by country code UA and filtered by Black List IPs:

 

imunify360-agent get --period 1h --by-country-code UA --by-list black --json

 

Graylist

 

This command allows to view or edit actual IP blacklist.

 

Usage:

 

imunify360-agent graylist ip [command] [--optional argument]

 

Available commands:

 

delete

Allows to remove IP from Gray List.

list

Allows to list IPs in Gray List.

 

Optional arguments:

 

-h, --help

Show this help message.

 

Optional arguments for list:

 

--json

Returns data in JSON format.

--by-country-code [country_code]

Filters output by country code. Requires valid country code as argument. Find valid country codes  in CIDR notation in column ISO ALPHA-2 CODE.

--by-abuser-ip [ip_address]

Filters output by abuser's IP or by subnet in CIDR notation. Example: --by-abuser-ip 1.2.3.0/24

--limit 

Limits the output with specified number of IPs. Must be a number greater than zero. By default, equals 100.

--offset

Offset for pagination. By default, equals 0.

--verbose, -v

Allows to return data in good-looking view if option --json is used.

 

Example:

 

The following command will remove IP 1.2.3.4 from the Gray List:

 

imunify360-agent graylist ip delete 1.2.3.4

 

Import

 

This command allows to import Black and White lists from the other 3rd party IDS (only CSF supported at the moment) to Imunify360 database.

Note. If CSF is enabled, then it is not necessary to run the command because Imunify360 is integrated with CSF.

 

Usage:

 

imunify360-agent import [-h] {wblist} ...

 

Positional arguments:

 

wblist

Import white/black list from other IDS.

  

Optional arguments:

 

-h, --help

Show this help message.

 

Example:

 

The following command will import Black and White lists from the 3rd party IDS:

 

imunify360-agent import

 

Infected-domains

 

Allows to retrieve infected domains list.

 

Usage:

 

imunify360-agent infected-domains [-h] [--optional arguments]

 

Optional arguments for list:

 

--json

Returns data in JSON format.

--limit 

Limits the output with the specified number of domains. Must be a number greater than zero. By default, equals 100.

--offset

Offset for pagination. By default, equals 0.

--verbose, -v

Allows to return data in good-looking view if option --json is used.

 

List-3rdparty

 

Allows to check if another IDS is running on the server.

 

Usage:

 

imunify360-agent list-3rdparty [--optional arguments]

 

Optional arguments:

 

--help, -h

Show this help message.

--json

Returns data in JSON format.

--pretty-print

Allows to return data in pretty view.

 

Register

 

Allows to register and activate Imunify360. You can use it in case if Imunify360 was not activated during installation process or in case if activation key of the Imunify360 was changed for any reason. If you do not know what is an activation key or have any problem with it then, please, read Installation guide or contact our support team.

 

Usage:

 

imunify360-agent register [--optional arguments] [KEY]

 

Activation key is a positional arguments:

 

KEY

Register with activation key.

   

If you will use this command without the KEY argument, then it will try to register and activate current activation key.

 

Optional arguments:

 

-h, --help

Show this help message.

--json

Return data in JSON format.

--verbose, -v

Allows to return data in good-looking view if option --json is used.

 

Example:

 

The following command will register and activate Imunify360 with the provided activation key:

 

imunify360-agent register IM250sdfkKK245kJHIL

 

Rstatus

 

Allows to check if Imunify360 server license is valid.

 

Usage:

 

imunify360-agent rstatus [--optional arguments]

 

Optional arguments:

 

-h, --help

Show this help message.

--json

Return data in JSON format.

--verbose, -v

Allows to return data in good-looking view if option --json is used.

 

Unregister

 

Allows to unregister and disable Imunify360 on the server. Note that to remove Imunify360 from the server it needs to be uninstalled.

 

Usage:

 

imunify360-agent unregister [--optional arguments]

 

Optional arguments:

 

-h, --help

Show this help message.

--json

Return data in JSON format.

--verbose, -v

Allows to return data in good-looking view if option --json is used.

 

Version

 

Allows to view the actual Imunify360 version installed on the server.

 

Usage:

 

imunify360-agent version [-h] [--json]

 

Optional arguments:

 

-h, --help

Show this help message.

--json

Return data in JSON format.

--verbose, -v

Allows to return data in good-looking view if option --json is used.

 

Whitelist

 

This command allows to view or edit actual IPs in the Whitelist.

 

Usage:

 

imunify360-agent whitelist [subject] [command] <value> [--option]

 

subject is a positional argument and can be:

 

country

Allows to manipulate with countries in the White List.

ip

Allows to manipulate with IPs in the White List.

 

command is a second positional argument and can be:

 

add

Add item (-s) to the White List.

delete

Remove item (-s) from the White List.

move

Move item (-s) to the White List.

edit

Edit comment on the item in the White List.

list

List items (-s) in the White List.

 

value is an item to manipulate with. It can be IP itself or a country code (find the necessary country codes in CIDR notation in ISO ALPHA-2 CODE column)

 

option can be one or few of the optional arguments from the table above and one more:

 

--comment

Allows to add a comment to the item.

 

Examples:

 

The following commands adds IP 1.2.3.4 to the White List with a comment “one bad ip”:

 

imunify360-agent whitelist ip add 1.2.3.4 --comment “one good ip”

 

The following command returns a list of IPs in the White List which are from Bolivia:

 

imunify360-agent whitelist --by-country-code BO