Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Operations Manager i10.62

Develop > Command-Line Interfaces > opr-agt Command-Line Interface

opr-agt Command-Line Interface

You can use the opr-agt command-line interface (CLI) to manage and configure the HPE Operations Agent on one or more monitored nodes:

Get the current status of the agent processes.
Start or restart the agent processes.
Shut down (stop) the agent processes.
Return the version number of the installed HPE Operations Agent software.
Return the setting of configuration variables.
Set configuration variables to a specified value.
Switch the primary manager.
Deploy configuration.
Sets the primary manager for event reception (primary event receiver).

The opr-agt command-line interface first contacts the RTSM (Run-time Service Model) to retrieve a list of monitored nodes. It then contacts up to 50 nodes in parallel to perform the requested operation. When you run an operation on more than one monitored node, opr-agt displays the status immediately after a remote operation finishes for each node.

You can run opr-agt on a gateway or a data processing server. On the server, the server processes must be running, and the ovcd and ovbbccb processes must be running on the monitored node.

Location

<OMi_HOME>/opr/bin/opr-agt.[bat|sh]

Synopsis

opr-agt <CONNECTION_INFO> <operation> <targets> <toolInfo>

Options

Syntax for <CONNECTION_INFO>

Note If <CONNECTION_INFO> is omitted, the command is executed on the server to which you are logged on.

Option	Description
`{-rc_file \| -rcf }<file>`	Location of your credential store. Values for your username, password, java keystore location, and java keystore password can be defined here, enabling you to run commands without having to specify the values individually each time. Use the options `-list_rc`, `-set_rc`, and -`delete_rc` to work with the file. The default file is `<OMi_HOME>/.opr-cli-rc`. If this option is not specified, then commands automatically check the default file location for credentials. You must specify this option if your credential store file is in a non-default location. If this file does not exist or does not contain the correct settings, you must manually specify the credentials using the other command options.
`{-list_rc\| -lrc} [-rc_file <file>]`	Display the content of the file from which credentials are read. The file contains fields for java keystore, keystore password, username and password, and is encrypted by a hardcoded key.
`{-set_rc \| -src} <key>=<value> [-rc_file <file>]`	Configure one setting in the file from which credentials are read. Specify the setting and the new value by using a key=value pair. For example, `-set_rc password=<password string>`.
`{-delete_rc \| -drc} <setting> [-rc_file <file> }`	Delete setting from file from which credentials are read. Possible settings are username, password, jks, and jksPassword.
`{-username\|-user} <login name>`	Sets the login name of the user required to execute CLI operations on the target gateway server.
`{-password\|-pw} <password>`	Sets the password for the specified user. If using SSH on Cygwin, either enter the password in free text or use other communication methods, for example Java keystore, Windows keystore, or smart card authentication. Default value: empty string
`{-smartcard\|-sc}`	Use certificate stored on smart card or security token for authentication. When OMi is configured to use CAC authentication, the CLI tools under `<OMi_HOME>/opr/bin/` do not directly prompt users to enter the password for the smartcard connected to the system. Instead, users must specify that a smartcard authentication is to be run, using the option `-sc` or `-smartcard`. Users attempting to run a tool without the `-smartcard` option automatically receive an error message. For more information, see Using command-line tools when client certificate enforcement is used.
`{-winCrypto\|-wc}`	If OMi is configured for TLS mutual authentication, this option specifies to use the Windows certificate store for authentication. The certificate store must hold exactly one client certificate, which OMi will use to authenticate the user. This option is only available on Windows systems. For details, see Configure Client Certificate or Smart Card Authentication.
`{-jks\|-j} <keystore path>`	If OMi is configured for TLS mutual authentication, this option can be used to specify the Java keystore to be used for authentication. The keystore must hold exactly one client certificate, which OMi will use to authenticate the user. Note It is not necessary that the client certificate contains the flag "Smart Card Logon (1.3.6.1.4.1.311.20.2.2)" in the "Enhanced Key Usage" field. For details, see Configure Client Certificate or Smart Card Authentication.
`{-jksPassword\|-jp} <keystore password>`	Password for accessing the Java keystore.
`{-port\|-p} <port>`	Uses port `<port>` to connect to the target gateway server. Default: `80` (HTTP) `443` (HTTPS)
`-server <GatewayServer>`	Sets the target gateway server, using `<GatewayServer>` as the hostname or IP address to locate it. Default: FQDN of the OMi gateway server
`-ssl`	When this option is specified, the HTTPS protocol is used to connect to the target gateway server. If omitted, the HTTP protocol is used. Cannot be used in conjunction with the `-url` option.
`{-url\|-u} <url>`	Sets the target gateway server, using `<url>` as the URL to locate it. Default: `https://<OMi gateway FQDN>:80/opr‑config‑server`

Syntax for <operation>

Option	Description
`{-agent_version\|-av}`	Lists the HPE Operations Agent packages that are installed on the monitored node. The output includes the package name, description, version, and platform.
`{-list_agent_nodenames\|-lan}`	Returns a list of monitored nodes that match the target selection.
`{-list_policies\|-lp}`	Lists the policy templates that are deployed to the monitored node.
`{-num_parallel\|-np} <number>`	Sets the maximum number of monitored nodes that opr-agt can contact in parallel. Default value is: `50`.
`{-clear_config_var\|-ccv <namespace>:[<variable>]}`	Deletes the specified HPE Operations Agent configuration setting in the specified namespace. When you omit the variable, the tool deletes all settings in the specified namespace.
`{-get_config_var\|-gcv <namespace>:[<variable>]}`	Retrieves the specified HPE Operations Agent configuration setting in the specified namespace. When you omit the variable, the tool retrieves all settings in the specified namespace.
`{-set_config_var\|-scv} <namespace>:<variable>=<value>`	Sets the HPE Operations Agent configuration variable to the specified value. The `<value>` to set may not contain colons (:) or parentheses (()).
`{-set_primary_manager\|-primmgr} [-manager <NewManagerFQDN>]`	Sets the primary manager for event reception (primary event receiver) of an agent to the current OMi server. Used with the `[-manager <NewManagerFQDN>]` option, this option sets the primary event receiver to the value of `<NewManagerFQDN>`, which is the fully qualified domain name (FQDN) of the new primary event receiver. In distributed environments, it is the FQDN of the gateway server or a load balancer. This option must be used in conjunction with one of the available `<targets>` options. Be aware that the `[-manager <NewManagerFQDN>]` option should be used with care. Specifying incorrect values can result in serious communication problems, as the events will not reach the server and will therefore be buffered on the agent.
`{-switch_manager\|-swm} [-manager <NewManagerFQDN> -manager_id <NewManagerCoreID>`]	Changes the primary manager of the target hosts to the current OMi server. Note that using this option unsets the primary event receiver (if `OPC_PRIMARY_MGR` is set). Subsequent events will be received by the server from which the command was run. Used with the `[-manager <NewManagerFQDN>]` and `[-manager_id <NewManagerCoreID>]` options, it changes the primary manager to the values specified in `<NewManagerFQDN>` and `<NewManagerCoreID>`. Specify the long hostname of the new primary manager as `<NewManagerFQDN>` and its core ID value as `<NewManagerCoreID>` (you can get the server ID by running the `ovcoreid –ovrg server` command). This option must be used in conjunction with one of the following `<targets>`: `-query_name`, `-view_name`, `-node_list`, `-node_group`. Note that it cannot be used with the `-all` option. Be aware that the `[-manager]` and `[-manager_id]` options should be used with care. Specifying incorrect values can result in serious communication problems between the server and the agents.
`{-status_agent\|-status} \| {-start_agent\|-start} \| {-restart_agent\|-restart} \| {-stop_agent\|-stop} [-comp <component>]`	Displays the status of, starts, restarts, or stops all HPE Operations Agent processes. The processes `ovcd` and `ovbbccb` are not started or stopped. The optional `-comp` option enables you to specify individual agent processes or a group of processes (for example the action agent process `opcacta` or the process group `AGENT`). To specify multiple processes, separate each process with a comma (for example, `opcacta, opcmsga, opcle`).
`{-deploy\|-d} [-force \| -clean]`	Deploys the configuration to target hosts. Used with the `-force` option, it redeploys the full configuration (policy templates and instrumentation). If this option is not set, only the configuration that was not yet delivered to the HPE Operations Agent is deployed. Used with the `-clean` option, it removes all template policies and instrumentation from the target hosts before redeploying the configuration. Note that this option must be used in conjunction with one of the available `<targets>` options.
`{-execute_command\|-cmd} <command string>[-cmd_type \| -command_type<type>] [-xml \| -output_as_xml]`	Execute a command on target hosts. <`type`> can be `om_agent_command` (default), `perl`, `vb_script`, `java_script` or `wsh` OMi username and password must be provided.

Syntax for <targets>

Option	Description
`{‑query_name\|‑qn} <query_name>`	Performs the operation on monitored nodes selected by the specified TQL query.
`{‑view_name\|‑vn} <view_name>`	Performs the operation on monitored nodes selected by the specified view.
`{‑filter_name\|‑fn} <filter_name>`	Performs the operation on a list of monitored nodes with the HPE Operations Agent installed that was obtained by applying the node filter.
`{‑node_list\|‑nl} <node_list> [-dont_check_database\|-nodb]`	Performs the operation on a list of one or more monitored nodes. The nodes must exist in the RTSM and must be associated with a CI of the type om_operations_agent. Separate multiple nodes with commas (for example, `node1.example.com,node2.example.com`). If used with the `-dont_check_database` option, the operation on the nodes is performed without checking if the nodes exist in the RTSM. This option does not require user credentials.
`{‑node_group\|‑ng} <node_group>`	Performs the operation on a group of monitored nodes. A node group is a CI collection containing hosts. Node groups can be maintained in the Monitoring Automation Node Editor or they can be imported through topology synchronization from OM to OMi. The nodes must exist in the RTSM and be associated with a CI of the type `om_operations_agent`. Specify node groups by their names or their paths (the latter applies to hierarchical node groups imported from OM for Windows).
`-all`	Performs the operation on all monitored nodes that have the HPE Operations Agent installed (that is, nodes that are associated with a CI of the type om_operations_agent).

Syntax for <toolInfo>

{‑examples | ‑help | ‑version}

Option	Description
`{‑examples\|-ex}`	Displays a number of examples of how to use the tool.
`{‑help\|‑h}`	Displays a summary of the command options.
`‑version`	Displays version information for the tool.

Exit Status

Exit Status	Description	Output
`0`	Successful completion of the requested operation	No output.
`1`	Failure of the requested operation	An error message stating why the operation failed, followed by the tool's help text.
`300‑399`	HTTP Redirection (300-399)	An error message stating the HTTP error number and description. For more information about HTTP error status values, see publicly available HTTP documentation.
`400‑499`	HTTP Client Error (400-499)
`500‑599`	HTTP Internal Server Error (500-599)

Restrictions

Authentication. Some operations require authentication. If <authentication> is required, <authentication> must be specified and valid.

If <authentication> is omitted when requesting an operation requiring authentication, opr-agt does not execute the requested operation, and exits with the following error:

Username may not be null. Operation requires authentication. Please enter the login name and password.

The error can be fixed by inserting an <authentication>.
Prerequisites. To run opr-agt successfully, the following processes must be running:
- OMi must be running on the server.
- ovcd and ovbbccb must be running on the monitored node.
Agent restart. The opr-agt command updates configuration variables in the configuration settings files and in the configuration database (similar to the ovconfchg command). Most changes take effect immediately but some require an agent restart. The value to set may not contain colons (:) or parentheses (()). For more information about the variables, see the Operations Agent Help.

Permissions. To run opr-agt successfully, the following permissions are required:

The user running the opr-agt command-line interface must be assigned a role with the Monitored Nodes permission, unless the option -no_db is specified. To grant the Monitored Nodes permission, select the Setup and Maintenance category of the Permissions section of a role, and enable full control.
To operate the -deploy option, the user must be assigned a role with the Redeploy All Configuration permission in addition to the Monitored Nodes permission. To grant the Redeploy All Configuration permission, select the Monitoring category of the Permissions section of a role. Then click Special Operations and check the Redeploy all configuration box.
To operate the -cmd option, the user must be assigned a role with the Action Web Service permission, in addition to the Monitored Nodes permission. To grant the Action Web Service permission, select the Operations Console category of the Permissions section of a role. Then click Action Web Service and click the Execute check box. Also make sure that the Action Web Service is enabled (the web service is enabled by default). To edit the Action Web Service infrastructure setting, go to:

Administration > Setup and Maintenance > Infrastructure Settings

Alternatively, click Infrastructure Settings.

Select Applications and use the list to set the context to Operations Management. Scroll down to Operations Management - Action Web Service Settings. Set Allow command execution through Action Web Service to true.

Non-admin users also need the following file permissions to operate this command-line tool:

File	Windows Permissions	Linux Permissions
`<OMi_HOME>/conf/TopazInfra.ini`	read	r
`<OMi_HOME>/log/opr-clis.log`	full control	rw
`<OMi_HOME>/log/opr-pgctl.log` Note: This file is not available on gateway server systems.	full control	rw
`<OMi_HOME>/conf/encryption.properties`	read	r
`<OMi_HOME>/conf/seed.properties`	read	r

Examples

This section shows a number of examples you can use as a starting point for developing your own opr-agt commands.

Stop and start the HPE Operations Agent processes on node1.example.com and node2.example.com

opr-agt -username myU -password myPwd -node_list "node1.example.com,node2.example.com" -stop

opr-agt -username myU -password myPwd -node_list "node1.example.com,node2.example.com" -start
Stop, start, or restart the action and message agent processes on node1.example.com

opr-agt -username myU -password myPwd -node_list node1.example.com -stop -comp opcacta,opcmsga

opr-agt -username myU -password myPwd -node_list node1.example.com -start -comp opcacta,opcmsga

opr-agt -username myU -password myPwd -node_list node1.example.com -restart -comp opcacta,opcmsga
Stop or start the action on the node group myNodeGrp, which is a member of the top-level group myTopNodeGrp

opr-agt -username myU -password myPwd -node_group /myTopNodeGrp/myNodeGrp -stop

opr-agt -username myU -password myPwd -node_group /myTopNodeGrp/myNodeGrp -start

Note that you can specify the path for hierarchical node groups only (the node groups imported from OM for Windows). The node groups imported from OM for UNIX using topology synchronization packages are always flat and are therefore specified by providing their names, for example:

opr-agt -username myU -password myPwd -node_group myNodeGrp -stop
Check the status of all or of the event and action group of agent processes on node1.example.com

opr-agt -username myU -password myPwd -node_list node1.example.com -status

opr-agt -username myU -password myPwd -node_list node1.example.com -status -comp EA
Check the status of all monitored nodes

opr-agt -username myU -password myPwd -status -all
Print an alphabetical list of nodes selected by the TQL query All_CIs_with_OM_Agents_Unix

opr-agt -username myU -password myPwd -query_name All_CIs_with_OM_Agents_Unix -list_agent_nodenames
Restart the HPE Operations Agent processes on all nodes selected by the TQL query All_CIs_with_OM_Agents_Unix

opr-agt -username myU -password myPwd -query_name All_CIs_with_OM_Agents_Unix -restart
Retrieve the PROXY configuration setting on node1.example.com

opr-agt -username myU -password myPwd -node_list node1.example.com -get_config_var bbc.http:PROXY
Retrieve all configuration settings in the namespace eaagt on node1.example.com and node2.example.com

opr-agt -username myU -password myPwd -node_list "node1.example.com,node2.example.com" -get_config_var eaagt:
List all policies that are deployed to node1.example.com and node2.example.com

opr-agt -username myU -password myPwd -node_list "node1.example.com,node2.example.com" -list_policies
List all HPE Operations Agent packages that are installed on node1.example.com

opr-agt -username myU -password myPwd -node_list node1.example.com -agent_version
Find out when the HPE Operations Agent was installed on all monitored nodes

opr-agt -username myU -password myPwd -get_config_var eaagt:OPC_INSTALLATION_TIME -all
Change the primary manager for event reception of all monitored nodes (200 in parallel) to the current OMi server

opr-agt -username myU -password myPwd -num_parallel 200 -all -set_primary_manager
Change the primary manager of the node group myNodeGrp to the current OMi server and remove all policies that were deployed from another server from all HPE Operations Agents

opr-agt -username myU -password myPwd -switch_manager -node_group myNodeGrp
opr-agt -username myU -password myPwd -deploy -clean -all

Troubleshooting

Node Connection Problems

Problem: The opr-agt command returns INFO: The query showed no systems with an OM agent

The following queries may cause this message:
- You have tried to contact a monitored node that is not in the RTSM.
- You may have addressed a node using its short hostname although the short name is not known in the RTSM.
- The TQL query did not find any nodes.
Problem: The opr-agt command returns <nodename>:<port>: ERROR Possible reasons: OM agent is not running or doesn't exist or cannot be reached over the network.

The following problems may cause this error message:
- The HPE Operations Agent processes on the monitored node are not running or have been stopped.
- The connection to the monitored nodes is blocked by a firewall.
- The agent does not listen on the port to which the server sends the data.
Solution: Complete the following instructions to solve the communication problems:
- Start the HPE Operations Agent processes.
- If a firewall blocks communication between the agent and the server, open the firewall to allow such communication.
- Check the ports that are currently being used by the server and agent:
  1. On the server, type the following command:
    
    opr-agt -username myU -password myPwd -node_list node1.example.com -status
    
    The output node1.example.com:383: OK indicates that the server is sending data to port 383 on the agent.
  2. On the monitored node, type the following command:
    
    bbcutil -status
    
    The output includes the port on which the agent listens for incoming data from the server.
  3. If the server and agent ports are different, set the bbc.cb.ports:PORTS parameter using the ovconfchg command-line tool.
    
    For details, see Configure communication broker ports.
Problem: The opr-agt command returns <nodename>:<port>: ERROR com.hp.opr.confdepl.exceptions.UnexpectedErrorException: com.hp.ov.bbc.rpc.RpcInvalidCertificateException

The server and agent cannot communicate through HTTPS because they do not trust each other's certificates.

Solution:

The agent may not trust the OMi server's certificate or the server may not trust the agent's certificate, or both. To solve this problem, compare the server and agent certificates using ovcert -list and ovcert -certinfo <alias>. If the expected certificates are missing, deploy them manually. For details, see Deploy certificates manually.
Problem: The opr-agt command returns <nodename>:<port>: ERROR Request denied by server. Sender with id '<senderCoreId>' is not authorized to execute the configuration parameter operation.

OMi trusts the certificate of the monitored node but the OMi server is not authorized to configure the node.

Solution: On the node's primary server, configure a flexible management policy and set up the OMi server on which the opr-agt command fails as a secondary server. Deploy the flexible management policy to the node and retry the opr-agt command. For details on setting up flexible management policies, see Configure Flexible Management Policies.
Problem: The opr-agt command executed with the -deploy -clean option returns the following warning:

This operation is only allowed from the manager mentioned in setting sec.core.auth:MANAGER_ID on the agent. If it's really required to clean the agent, perform first an opr-agt -switch_manager call. Note that the -clean option will remove all policies from the agent which were deployed from another server than this one.

Solution:

The clean operation can only be started from the primary manager. Re-run the command from the system set in sec.core.auth:MANAGER_ID on the HPE Operations Agent.

Send Help Center feedback