To use the NSX virtual appliance CLI, you must have SSH access to an NSX virtual appliance. Each NSX virtual appliance contains a command-line interface (CLI).
The viewable modes in the CLI can differ based on the assigned role and rights of a user. If you are unable to access an interface mode or issue a particular command, consult your NSX administrator.
Procedure
- Open an SSH session to a compute host running the work loads that were previously deployed. Log in as root.
- Enter the nsxcli command to open the NSX-T Data Center CLI.
- To confirm that IDS is enabled on this host, run the command:
get ids status
.
Sample Output:
localhost> get ids status
NSX IDS Status
--------------------------------------------------
status: enabled
uptime: 793756 (9 days 04:29:16)
- To confirm both of the IDS profiles have been applied to this host, run the command
get ids profile
.
localhost> get ids profiles
NSX IDS Profiles
--------------------------------------------------
Profile count: 2
1. 31c1f26d-1f26-46db-b5ff-e6d3451efd71
2. 65776dba-9906-4207-9eb1-8e7d7fdf3de
- To review IDS profile (engine) statistics, including the number of rules loaded, and the number of packets and sessions evaluated, run the command
get ids engine stats
.
The output is on a per profile basis, and shows the number of signatures loaded for each profile, and the number of packets that were evaluated.
localhost> get ids engine stats
NSX IDS Engine Statistics
--------------------------------------------------
uptime: 18 (0 days 00:00:18)
app_layer:
---------
flow:
http: 10713
tx:
http: 25911
detect:
------
engines:
alerts: 11129
id: 3
last_reload: 2020-03-17T21:29:39.387087+0000
packets_incoming: 572083
packets_outgoing: 571066
prof-uuid: 53ef4dba-0291-4ea3-96ef-d01259dca2fe
rules_failed: 0
rules_loaded: 11906
tcp:
---
memuse: 20872880
overlap: 50006
reassembly_memuse: 155439408
rst: 23797
sessions: 58811
syn: 89615
synack: 41635