Develop > Command-Line Interfaces > ConnectedServer Command-Line Interface

ConnectedServer Command-Line Interface

This section describes the options and parameters available in the ConnectedServer command-line interface.

Note The appropriate identity assurance software (for example, ActivIdentity) must be installed to be able to authenticate using a smart card when executing the ConnectedServer command-line interface.

When connecting to OMi servers using Remote Desktop Connections, the client system must also have the appropriate identity assurance software, such as ActivIdentity, installed to be able to authenticate using a smart card attached to the client system when executing the ConnectedServer command-line interface remotely.

In addition, in the Remote Desktop Connections dialog box, select More Show Options > Local Resources > More to open the Local devices and resources dialog box. Ensure that the Smart Cards checkbox is selected.

Location

<OMi_HOME>/opr/bin/ConnectedServer

ConnectedServer <<CONNECTION_INFO>> <<ACTION>>

Where:

<<CONNECTION_INFO>>:    -username <log-in name> -password <password>
                        [[-port <port>][-server <server>]
                        [-ssl] | [-url <url>]]

<<ACTION>>:     -add <<OPTIONS>> | -delete <identifier> | -list |
                        -show <identifier> |
                        -update <identifier> <<OPTIONS>>

The valid arguments for <<OPTIONS>> are:

-label <label> -name <name> -dns <DNS name> -active <yes|no>

-type <server> [-desc <description>]

[-dm <serial | serial_per_source | parallel[count]>] [-fwdtopo <yes|no>]

([-integrationuser <user>] [-integrationpw <pw>] [-integrationport <port>] [-issl <yes|no>] [-certificatefile <file> |-certificate] [-other_server <id>])

([-omiuser <OMi user>] [-omipassword <password>])

([-proxydns <dns name>] [-proxyuser <user>] [-proxypw <password>] [-proxyport <port>])

(((-scriptfile <name> [-scripttype <type>][-scriptcp <classpath>]) | -script_id <id>) |(-wsrooturl <url> [-bt <yes|no>]))

[-maxtimeout <max_time>]

([-drilldns <dnsname> -drillport <port> [-drillssl <yes|no>])

(([-toc no] ([-backsync no] | [-backsync yes -backsyncpw <pw>]) | ([-toc yes -backsyncpw <pw>]))

([-operating_system <irix|hp_ux|linux|solaris|sunos|windows>] [-sv <server version>])

[-defaultroutingdomain <routing domain>]

[-resynctimeinterval <days>]

[-defaultserver]

[-help | -version]

Note  

  • <<CONNECTION_INFO>> is required for all commands except for the options -help and -version.

  • The command-line interface does not offer any options to configure health checking. For more information, see Configure health checks.

Options

Option

Description

-a,-add

Adds a new server. Any unspecified optional options are set to their default values.

-active <yes|no>

Enables or disables the server. Default value is yes, except for Alias servers for which the associated server is not set.

-bs,-backsync <yes|no>

Enables or disables backsync for the External Processing server. The default is no. If enabled, requires the -backsyncpw option.

-bspw,-backsyncpw <pw>

Sets the backsync password.

-certificate

Certificate of the OM system will be saved.

-certificatefile <file>

Loads the certificate from the specified file.

-d,-delete <identifier>

Deletes the server specified by the ID or the name of the server.

-ddns,-drilldns <dns name>

Sets the DNS name of event drilldown system.

-desc <description>

Description of the server.

-dm,-delivery_mode <serial|serial_per_ source|parallel[Count]>

Sets the event forwarding Advanced Delivery Options It is possible to customize the way events and change notifications are delivered to this server. The available options are:

  • Serial — Events and change notifications are delivered serially in the order that they were received.

  • Serial per Source(Default) Each originating server is provided with a dedicated outgoing request delivery path. For each individual outgoing request delivery path, events and change notifications are delivered serially in the order that they were received. This can increase the throughput for delivery of events and change notifications when many events are received from multiple originating servers, while maintaining the incoming order.

  • Parallel — The configured number of outgoing request delivery paths are used when forwarding events and change notifications. This can further increase the throughput for delivery of events and change notifications. However, because the source of the event is not considered, maintenance of the incoming order cannot be guaranteed. If parallel is specified an optional count may be specified, for example parallel 3. If count is not specified, default is 3.

-dns <dns name>

Sets the DNS name of the connected server being specified.

-dport,-drillport <port>

Sets the port of event drilldown system.

-drd,-defaultroutingdomain <routing domain>

SiteScope connected server only. The default routing domain from which the SiteScope topology data is collected.

The routing domain is a continuous region of an IP network within which routing is possible without any intervening Network Address Translation (NAT) devices. The RTSM uses the routing domain to determine the reconciliation rules and workflows that are applied to a network range.

Default value is: DefaultDomain.

-ds,-defaultserver

Sets the SiteScope server as a default server. Mandatory when the first SiteScope server is created. If a SiteScope server already exists and this option is used when creating a new SiteScope server, the default server is changed to the new server.

-dssl,-drillssl <yes|no>

Enables or disables HTTPS for event drilldown. Default value is: no.

-ft,-fwdtopo <yes|no>

Enables or disables forward topology. Default value is: no.

-h,-help

Displays a summary of the command options and exits.

-iport,-integrationport <port>

Sets the integration port. Default values for the supported server types are:

  • External Process: 80

  • OM for Windows: 443

  • OM for UNIX: 8444

  • Operations Connector: 30001 (secure) or 30000 (insecure)

  • SiteScope: 8443 (secure) or 8080 (insecure)

  • BVD: 12225 (secure) or 12224 (insecure)

-ipw,-integrationpw <pw>

Sets the integration user password.

Note When updating a server that already has the integration user password set, you must enter -ipw <your_password> as a parameter.

If you created a server and set the integration user password and want to update the label of the server, enter the command:

ConnectedServer <<CONNECTION_INFO>> -label <label text> -ipw <password>

-issl <yes|no>

Enables or disables HTTPS for integration. Default value is: yes.

-iuser, -integrationuser <user>

Sets the integration user.

-j, -jks <arg>

If OMi is configured for TLS mutual authentication, this option can be used to specify the Java keystore to be used for authentication. The keystore must hold exactly one client certificate, which OMi will use to authenticate the user.

Note It is not necessary that the client certificate contains the flag "Smart Card Logon (1.3.6.1.4.1.311.20.2.2)" in the "Enhanced Key Usage" field.

For details, see Configure Client Certificate or Smart Card Authentication.

-jp, -jksPassword <arg>

Password for accessing the Java keystore.

-l,-list

Lists the key properties of all configured connected servers.

-label <label>

Sets the label of the server.

-mto, -maxtimeout <max timeout>

Sets the maximum timeout. Default value is: 60 seconds.

-name <name>

Sets the name of the server.

-opw, -omipassword <password>

Sets the password for the specified OMi user.

-os, -operating_system <irix|hp_ux|linux|solaris|sunos|windows>

Sets the operating system information for ArcSight and SiteScope server types.

-osrv, -other_server <id>

Sets an alternative server to execute action, tools, and instructions.

-ouser, -omiuser <OMi user>

In the SiteScope integration, the user name of the OMi administrator user that SiteScope should use when contacting OMi.

-p, -port <port>

Sets the port of the OMi server. Default value is: 80 (HTTP) or 443 (HTTPS).

-pdns, -proxydns <dns name>

Sets the proxy DNS name. Required if SiteScope uses a proxy for communication with OMi.

-pport, -proxyport <port>

Sets the port number for the proxy.

-ppw, -proxypw <password>

Sets the password associated with the proxy user.

-puser, -proxyuser <user>

Sets the user name for the proxy.

-pw, -password <pw>

Sets the password of the specified user.

-rti, -resynctimeinterval <days>

Sets the number of days for SiteScope to synchronize topology data with OMi. Default value is: 7.

-s, -show <identifier>

Shows the properties of the server specified by the ID or the name of the server.

-sc, -smartcard

Use certificate stored on smart card or security token for authentication. When OMi is configured to use CAC authentication, the CLI tools under <OMi_HOME>/opr/bin/ do no directly prompt users to enter the password for the smartcard connected to the system. Instead, users must specify that a smartcard authentication is to be run, using the option -sc or -smartcard. Users attempting to run a tool without the -smartcard option automatically receive an error message.

-scp, -scriptcp <classpath>

Sets the script class path. Default is empty.

-server <server>

Sets the hostname or IP address of the OMi server.

-sv, server_version <serverversion>

Sets the operating system version information for ArcSight and SiteScope server types.

-sfile, -scriptfile <file>

Specifies a script file.

-sid, -script_id <id>

Specifies a script identifier.

-ssl

Specifies the networking protocol (HTTP or HTTPS) used to connect to the OMi server. Default value is: HTTP.

-stype, -scripttype <type>

Sets the script type.

-su, -syncupdates <yes|no>

Enables or disables backsync of events updates to the connected server. The default is yes.

-toc <yes/no>

Enables or disables transfer control to external server. Default value is: no. If enabled, requires the -backsyncpw option.

-type <server>

Sets the type of server. The supported types are:

  • OMI

  • OMU (OM for UNIX)

  • OMW (OM for Windows)

  • EXTERNAL_PROCESS

  • OMi_CONNECTOR

  • ARC_SIGHT

  • SITE_SCOPE

  • APM
  • BVD
  • ALIAS

-u, -update <identifier>

Updates the properties of the server specified by the ID or the name of the server.

-url <URL>

Sets the URL of the OMi server.

Do not use in conjunction with the options -ssl, -server, or -port.

-user, -username <log-in name>

Sets the name of the OMi user.

-version

Shows the version of the ConnectedServer CLI.

-wc, -winCrypto

If OMi is configured for TLS mutual authentication, this option specifies to use the Windows certificate store for authentication. The certificate store must hold exactly one client certificate, which OMi will use to authenticate the user. This option is only available on Windows systems.

For details, see Configure Client Certificate or Smart Card Authentication.

-wsrooturl <url>

Sets the root URL of the web service. Default value is empty.

Exit Status

Exit Value

Description

0

Successful completion

1

Failure of requested operation

300-399

HTTP Redirection (300-399)

400-499

HTTP Client Error (400-499)

500-599

HTTP Internal Server Error (500-599)

The exit status numbers (300-599) reflect a standard HTTP-status category (and number), for example: Redirection (300-399). For more information about a specific HTTP error status, for example: 307, which signifies a temporary HTTP re-direct, see the publicly available HTTP documentation.

Restrictions

The user running the ConnectedServer command-line interface must be an OMi user with permission to create connected servers.

Non-admin users also need the following file permissions to operate this command-line tool:

File Windows Permissions Linux Permissions
<OMi_HOME>/conf/TopazInfra.ini read r
<OMi_HOME>/log/opr-clis.log full control rw

<OMi_HOME>/log/opr-pgctl.log

Note: This file is not available on gateway server systems.
full control rw
<OMi_HOME>/conf/encryption.properties read r
<OMi_HOME>/conf/seed.properties read r

Examples

General example command syntax and command option and arguments for adding and updating specific server types are summarized in the following sections: