To use the NSX virtual appliance CLI, you must have SSH access to an NSX virtual appliance. Each NSX virtual appliance contains a command-line interface (CLI).
The viewable modes in the CLI can differ based on the assigned role and rights of a user. If you are unable to access an interface mode or issue a particular command, consult your NSX administrator.
Procedure
- Open an SSH session to a compute host running the work loads that were previously deployed. Log in as root.
- Enter the nsxcli command to open the NSX-T Data Center CLI.
- To confirm that IDS is enabled on this host, run the command:
get ids status.
Sample Output:
localhost> get ids status
NSX IDS Status
--------------------------------------------------
status: enabled
uptime: 793756 (9 days 04:29:16)
- To confirm both of the IDS profiles have been applied to this host, run the command
get ids profile.
localhost> get ids profiles
NSX IDS Profiles
--------------------------------------------------
Profile count: 2
1. 31c1f26d-1f26-46db-b5ff-e6d3451efd71
2. 65776dba-9906-4207-9eb1-8e7d7fdf3de
- To review IDS profile (engine) statistics including the number of packets processed and alerts generated, run the command
get ids engine profilestats <tab_to_select_profile_ID>.
The output is on a per profile basis, and shows the number of alerts, and the number of packets that were evaluated.
localhost> get ids engine profilestats eec3ea3f-0b06-4b9d-a3fe-7950d5726c7c
Fri Oct 23 2020 UTC 21:22:36.257
NSX IDS Engine Profile Stats
------------------------------------------------------------
Profile ID: eec3ea3f-0b06-4b9d-a3fe-7950d5726c7c
Total Alerts: 14
Total Packets: 27407
