...

This page is for EdgeView client side command descriptions. For information on EdgeView design and architecture, please see Design and Architecture, Graphical Workflow and FAQ.

To run EdgeView client script, the docker is required on user's laptop. The EdgeView client program is started in a script with 'docker run'. For an example of the client script, see EdgeView Client Script. The EdgeView commands are checked against EdgeView Policies to be allowed to run on devices.

...

It will display the access list for running ACL and also configured ACL of the EVE device. To see a subset on iptables, use the filter string. The filter string can be 'raw', 'filter', 'nat' or 'mangle'.

...

Addhost

app[addhost/app-string] - to display all the app or one specific app

e.g. app -- display all apps in brief

app/iot -- display a specific app, which app name has substring of iot in more detail

If the command is issued without the '/<app-string>', it will display all the user (or DomU) applications running on the device. For each application, it displays the App number, UUID, network bridge information, status in terms of boot time, CPU and memory, it also displays the VNC and App log settings.

if the '/<app-string>' is supplied in the command, it will display the specific user application with more detail information. The 'app-string>' is a subset of the App name string regardless of cases. For example, if the app name is 'cluster-k3s-2-agent1', one can use 'app/agent' to query. Besides the above information, it gets more networking information from the application. It will try to ping the App IP address to see if it is 'Up', it will get the DHCP info of the application, and iptable rules related to the application.

Connectivity

connectivity - display the port config list with index

This display can be used for troubleshooting network port issues when there is a configuration change. It displays the list of port configurations of the interfaces, and the current index in the list. When the EVE device can not connect to the controller, it will try to connect to the controller with a different port configuration on this list periodically.

Flow

flow[/<some pattern>] - display ip flow information in the kernel search pattern

e.g. flow/sport=53 -- display all the ip flow matches source port of 53

flow/10.1.0.2 -- display all the ip flow matches ip address of 10.1.0.2

The 'flow' command displays the content of the Linux Conntrack table. It contains the detailed network 5-tuple information for EVE device and user applications current network endpoints information. One can use filters to search for specific IP addresses or port numbers for display.

If

if[/intf-name] - display interface related information briefly

e.g. if/eth0 -- display interface eth0 related information

This command prints a brief device interface information. An interface name string can be entered as a filter. It also prints the proxy configuration if it exists.

Mdns

mdns[/intf-name][/service] - display zeroconf related information

e.g. mdns/eth0 -- display mDNS for default service 'workstation' on interface 'eth0'

mdns/bn1/https -- display mDNS for service 'https' on bridge 'bn1'

mdns -- display mDNS for default service 'workstation' on all 'UP' interfaces

The mDNS is a multicast protocol for auto discovery of services. It will send queries over all the 'UP' interfaces on the device to discover the service being advertised. By default it sends out for 'workstation._tcp' service which is a well-known mDNS service supported.

The EVE 'local datastore' implementation for App is based on the mDNS to bind the domain name with '.local'. This 'mdns' command can be used to query on the bridge where the App is located and to see if it replies with the service for datastore image download.

Nslookup

nslookup[/<ip or name>] - display domain name and dns server information
e.g. nslookup/www.amazon.com -- display DNS information on www.amazon.com
nslookup/8.8.8.8 -- display DNS information on address 8.8.8.8

The 'nslookup' command is simply getting the DNS resolution result from the EVE device on site.

Ping

ping[/<ip or name>] - ping to 8.8.8.8 from all the UP interfaces or ping a specific address

e.g. ping -- ping to 8.8.8.8 from each source IP address of the interfaces

ping/192.168.1.1 -- ping the address of 192.168.1.1

The 'ping' command if without any option, it will try to ping '8.8.8.8' and the controller of the EVE device from each of the interfaces. It can take a domain name or IP address option to send out the ICMP packets. It can be used on internal IP addresses such as App interface IP address, or on external servers to see if the device can reach it.

Route

route - display all the ip rule and their ip table entries

The 'route' command displays the IP Rule tables in the Linux kernel and their IP routes. It also walks through all the 'UP' interfaces and displays their associated routes.

Showcerts

showcerts[/<url>][/proxy-addr:proxy-port] - display TLS connection certificates of server side

e.g. showcerts/zedcloud.local.zededa.net -- display TLS certificates from the controller

showcerts/zedcloud.local.zededa.net/10.10.1.128:3128 -- display controller TLS certificates through a proxy server

The 'showcerts' command displays remote server or peer TLS certificates. It can optionally take the server side URL and also the proxy setting for proxy IP address and port. If no option is given, the showcerts finds the controller URL in '/config/server' file for the URL part. If the management port has proxy configuration, the 'showcerts' uses the proxy IP and port when querying the controller site.

The output of the certificates only gets a few human readable items, such as 'Version', 'Serial Number', 'Signature Algorithem', 'Validity' and 'Subject'.

The bellow example displays the 'showcerts' without option, the server url is 'zedcloud.local.zededa.net', and the proxy is '31.198.61.228:3128'. The certificates from the peer are belong to the server or the controller, not to the proxy server. This may help the toubleshooting to determine if the proxy is a passthrough or a MiTM type.

edgeview.sh showcerts

=== Network: <peercerts> ===

...

host-name/host-IP - to add a host entry in EdgeView container's /etc/hosts file

The 'addhost' command adds one entry of specified hostname to IP address mapping into the EdgeView container's '/etc/hosts' for. This can be useful if there is no DNS entry for the hostname and the user knows the static mapping. An example:

edgeview.sh addhost/zedcontrol.local.zededa.net/32.165.49.119

...
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
32.165.49.119 zedcontrol.local.zededa.net

This '/etc/hosts' is in the EdgeView container, and not in EVE device's host and not in other EVE containers.

App

app[/app-string] - to display all the app or one specific app

e.g. app -- display all apps in brief

app/iot -- display a specific app, which app name has substring of iot in more detail

If the command is issued without the '/<app-string>', it will display all the user (or DomU) applications running on the device. For each application, it displays the App number, UUID, network bridge information, status in terms of boot time, CPU and memory, it also displays the VNC and App log settings.

if the '/<app-string>' is supplied in the command, it will display the specific user application with more detail information. The 'app-string>' is a subset of the App name string regardless of cases. For example, if the app name is 'cluster-k3s-2-agent1', one can use 'app/agent' to query. Besides the above information, it gets more networking information from the application. It will try to ping the App IP address to see if it is 'Up', it will get the DHCP info of the application, and iptable rules related to the application.

Connectivity

connectivity - display the port config list with index

This display can be used for troubleshooting network port issues when there is a configuration change. It displays the list of port configurations of the interfaces, and the current index in the list. When the EVE device can not connect to the controller, it will try to connect to the controller with a different port configuration on this list periodically.

Flow

flow[/<some pattern>] - display ip flow information in the kernel search pattern

e.g. flow/sport=53 -- display all the ip flow matches source port of 53

flow/10.1.0.2 -- display all the ip flow matches ip address of 10.1.0.2

The 'flow' command displays the content of the Linux Conntrack table. It contains the detailed network 5-tuple information for EVE device and user applications current network endpoints information. One can use filters to search for specific IP addresses or port numbers for display.

If

if[/intf-name] - display interface related information briefly

e.g. if/eth0 -- display interface eth0 related information

This command prints a brief device interface information. An interface name string can be entered as a filter. It also prints the proxy configuration if it exists.

Mdns

mdns[/intf-name][/service] - display zeroconf related information

e.g. mdns/eth0 -- display mDNS for default service 'workstation' on interface 'eth0'

mdns/bn1/https -- display mDNS for service 'https' on bridge 'bn1'

mdns -- display mDNS for default service 'workstation' on all 'UP' interfaces

The mDNS is a multicast protocol for auto discovery of services. It will send queries over all the 'UP' interfaces on the device to discover the service being advertised. By default it sends out for 'workstation._tcp' service which is a well-known mDNS service supported.

The EVE 'local datastore' implementation for App is based on the mDNS to bind the domain name with '.local'. This 'mdns' command can be used to query on the bridge where the App is located and to see if it replies with the service for datastore image download.

Nslookup

nslookup[/<ip or name>] - display domain name and dns server information
e.g. nslookup/www.amazon.com -- display DNS information on www.amazon.com
nslookup/8.8.8.8 -- display DNS information on address 8.8.8.8

The 'nslookup' command is simply getting the DNS resolution result from the EVE device on site.

Ping

ping[/<ip or name>] - ping to 8.8.8.8 from all the UP interfaces or ping a specific address

e.g. ping -- ping to 8.8.8.8 from each source IP address of the interfaces

ping/192.168.1.1 -- ping the address of 192.168.1.1

The 'ping' command if without any option, it will try to ping '8.8.8.8' and the controller of the EVE device from each of the interfaces. It can take a domain name or IP address option to send out the ICMP packets. It can be used on internal IP addresses such as App interface IP address, or on external servers to see if the device can reach it.

Route

route - display all the ip rule and their ip table entries

The 'route' command displays the IP Rule tables in the Linux kernel and their IP routes. It also walks through all the 'UP' interfaces and displays their associated routes.

Showcerts

showcerts[/<url>][/proxy-addr:proxy-port] - display TLS connection certificates of server side

e.g. showcerts/zedcloud.local.zededa.net -- display TLS certificates from the controller

showcerts/zedcloud.local.zededa.net/10.10.1.128:3128 -- display controller TLS certificates through a proxy server

The 'showcerts' command displays remote server or peer TLS certificates. It can optionally take the server side URL and also the proxy setting for proxy IP address and port. If no option is given, the showcerts finds the controller URL in '/config/server' file for the URL part. If the management port has proxy configuration, the 'showcerts' uses the proxy IP and port when querying the controller site.

The output of the certificates only gets a few human readable items, such as 'Version', 'Serial Number', 'Signature Algorithem', 'Validity' and 'Subject'.

The bellow example displays the 'showcerts' without option, the server url is 'zedcloud.local.zededa.net', and the proxy is '31.198.61.228:3128'. The certificates from the peer are belong to the server or the controller, not to the proxy server. This may help the toubleshooting to determine if the proxy is a passthrough or a MiTM type.

edgeview.sh showcerts

=== Network: <peercerts> ===

url: zedcloud.local.zededa.net/31.198.61.228:3128
(0) Certificate:

Data:

Version: 3

Serial Number:

503025477018159975346019544684339737623192390922

Signature Algorithem: SHA256-RSA

Issuer:CN=Zededa Inc. Intermediat CA1,O=Zededa Inc.,ST=California,C=US
Validity:

Not Before: 2022-04-11 18:19:37 +0000 UTC
Not After: 2023-04-21 18:19:37 +0000 UTC

Subject: CN=zedcloud.local.zededa.net,O=Zededa Inc.,L=San Jose,ST=California,C=US

(1) Certificate:

Data:

Version: 3
Serial Number:

4098

Signature Algorithem: SHA256-RSA

Issuer:CN=Zededa Inc. Root CA,O=Zededa Inc.,L=San Jose,ST=California,C=US,1.2.840.113549.1.9.1=#0c0f63657274407a65646564612e6e6574
Validity:

Not Before: 2017-03-20 19:19:54 +0000 UTC
Not After: 2027-03-18 19:19:54 +0000 UTC

Subject: CN=Zededa Inc. Intermediat CA1,O=Zededa Inc.,ST=California,C=US

Socket

socket - display all the ipv4 listening socket ports and established ports

The 'socket' command displays all the listening TCP and UDP sockets in the Linux kernel and the server information. It also displays the currently established sockets 5-tuple information.

Speed

speed[/intf-name] - run speed test and report the download and upload speed

e.g. speed/wlan0 -- run speed test on interface wlan0

The 'speed' command uses the 'speedtest' utility to measure the download and upload speed of the device. The outbound interface name can be supplied to run the speed test over that port. An example of the output:

Hosted by XenSpec (Fremont, CA) [45.56 km]: 5.258 ms
Testing download speed

Data:

Version: 3

Serial Number:

503025477018159975346019544684339737623192390922

Signature Algorithem: SHA256-RSA

Issuer:CN=Zededa Inc. Intermediat CA1,O=Zededa Inc.,ST=California,C=US
Validity:

Not Before: 2022-04-11 18:19:37 +0000 UTC
Not After: 2023-04-21 18:19:37 +0000 UTC

Subject: CN=zedcloud.local.zededa.net,O=Zededa Inc.,L=San Jose,ST=California,C=US

(1) Certificate:

Data:

Version: 3
Serial Number:

4098

Signature Algorithem: SHA256-RSA

Issuer:CN=Zededa Inc. Root CA,O=Zededa Inc.,L=San Jose,ST=California,C=US,1.2.840.113549.1.9.1=#0c0f63657274407a65646564612e6e6574
Validity:

Not Before: 2017-03-20 19:19:54 +0000 UTC
Not After: 2027-03-18 19:19:54 +0000 UTC

Subject: CN=Zededa Inc. Intermediat CA1,O=Zededa Inc.,ST=California,C=US

Socket

socket - display all the ipv4 listening socket ports and established ports

The 'socket' command displays all the listening TCP and UDP sockets in the Linux kernel and the server information. It also displays the currently established sockets 5-tuple information.

Speed

speed[/intf-name] - run speed test and report the download and upload speed

e.g. speed/wlan0 -- run speed test on interface wlan0

The 'speed' command uses the 'speedtest' utility to measure the download and upload speed of the device. The outbound interface name can be supplied to run the speed test over that port. An example of the output:

Hosted by XenSpec (Fremont, CA) [45.56 km]: 5.258 ms
Testing download speed................................................................................
Download: 700.19 Mbit/s
Testing upload speed................................................................................................
Download: 700.19 Mbit/s
Testing upload speed.....
Upload: 773.80 Mbit/s

Tcp

...

.

...

Tcpdump

tcpdump/intf-name/[options] - tcpdump on the interface, can specify duration with -time, default is 60 sec

e.g. tcpdump/eth0/ -- run tcpdump on eth0 with default 60 seconds or maximum of 100 entries

tcpdump/eth0/'port 443' -time 10 -- run tcpdump on eth0 and port 443 with 10 seconds

The 'tcpdump' command is to capture the IP packets using the 'tcpdump' utility of Linux. The outbound interface needs to be specified.

The user can also supply more 'tcpdump' options such as port number or host IP address using e.g. 'port 53' or 'host 10.10.10.10' to capture the IP packets with those filters. The command will return the results either it times out or it has captured the maximum of 100 packets. The default timeout is 60 seconds. The user can specify the timeout in the range of (1, 120) seconds by '-time <value>'.

Trace

trace[/<ip or name>] - traceroute to www.google.com and zedcloud server, or to specified ip or name, 10 hops limit
e.g. trace -- traceroute to www.google.com and to zedcloud server
trace/www.microsoft.com -- run traceroute to www.microsoft.com

The 'trace' command uses the 'traceroute' utility of Linux and returns the hop-by-hop result if available. It uses two-queries per hop (useful in ECMP) and it is limited to a maximum of 10 hops. The option can be an IP address or domain name.

Url

url - display url metrics for zedclient, zedagent, downloader and loguploader

The 'url' command is for the statistics of different services to the controller and data-stores. The services include 'zedagent', 'zedrouter', 'loguploader', etc. This stats is kept from the device reboot time. The command also displays the management interface traffic send and receive stats. An example of a subset of output:

- zedagent stats
interface: eth0
Success: 1853 Last Success: 2022-08-12 18:45:00.027419055 +0000 UTC
https://zedcloud.local.zededa.net/api/v2/edgedevice/id/37df4d43-6d3e-4369-a455-9a189b1426bb/config
Recv (KBytes): 7, Sent 307120, SentMsg: 880, TLS resume: 880, Total Time(sec): 108

https://zedcloud.local.zededa.net/api/v2/edgedevice/id/37df4d43-6d3e-4369-a455-9a189b1426bb/info
Recv (KBytes): 0, Sent 219684, SentMsg: 82, TLS resume: 82, Total Time(sec): 9

This example here is the part for EVE 'zedagent' service send/receive from different URLs for downloading device configure and upload device info messages. The stats contains the send and receive payload bytes, and number of messages (in 'SendMsg'). The 'TLS resume' indicates among all the TLS message exchanges, how many have the 'TLS resumption' (defined in RFC-5247). The stats has also the total round-trip time it spends on all those messages with that URL.

Wireless

wireless - display the iwconfig wlan0 info and wpa_supplicant.conf content

The 'wireless' command displays the 'wlan' and 'wwan' interfaces (if they exist on the EVE device) relation information, such as 'wpa_supplicant.conf' file content, the port configuration for the wireless interfaces and status.

System Commands

The EdgeView system related commands (similar to network commands, but less related to TCP/IP) are the items printed from the '-h' output:

[configitem cat cp datastore download du hw lastreboot ls model newlog pci ps cipher usb techsupport top volume]

Configitem

configitem - display the device configitem settings, highlight the non-default values

The 'configitem' is user supplied configuration for the EVE device, for example to change the default logging on device from 'info' into 'debug'. This 'configitem' command will display all the available items and also highlight the changed values in color (if the terminal supports that). It has the global items and EVE agent specific items if changed. An example of changed 'debug.enable.usb' item in part of the output:

debug.default.loglevel: info

debug.enable.usb: false; default true

Cat

cat/<path to filename> - to display the content of a file

e.g. cat//config/device.cert.pem -- display the /config/device.cert.pem file content

cat/<path> -line <num> -- display only <num> of lines, like 'head' if <num> is positive, like 'tail' if the <num> is negative

This is similar to the Linux 'cat' utility to display a file's content. the file starts from the full path from the EVE Linux root directory.

The option can take a '-line <num>', and this is similar to Linux 'head' and 'tail' utility to only display the number of lines from the file depending on whether the <num> is a positive or negative value. For example to tail the last 5 lines of the current device log:

eddgeview.sh cat/persist/newlog/collect/current.device.log -line -5

content type: text/plain; charset=utf-8

{"severity":"info","source":"edgeview","iid":"22761","content":"{\"level\":\"info\",\"msg\":\"recv[ep-inst-1:147.92.91.124] cmd: cat/persist/newlog/collect/current.device.log\",\"obj_name\":\"edgeview-cmd\",\"obj_type\":\"newlog-gen-event\",\"pid\":22761,\"source\":\"edgeview\",\"time\":\"2022-08-12T19:51:47.844877276Z\"}\n","msgid":2944,"timestamp":{"seconds":1660333907,"nanos":844877276}}

{"severity":"info","source":"edgeview","iid":"22761","content":"{\"level\":\"info\",\"msg\":\"Sent 3 messages, total 2245 bytes to websocket\",\"pid\":22761,\"source\":\"edgeview\",\"time\":\"2022-08-12T19:51:47.852530881Z\"}\n","msgid":2945,"timestamp":{"seconds":1660333907,"nanos":852530881}}

{"severity":"info","source":"edgeview","iid":"22761","content":"{\"level\":\"info\",\"msg\":\"read: no device, continue\",\"pid\":22761,\"source\":\"edgeview\",\"time\":\"2022-08-12T19:51:47.942746969Z\"}\n","msgid":2946,"timestamp":{"seconds":1660333907,"nanos":942746969}}

..............................................................................................
Upload: 773.80 Mbit/s

Tcp

See detail of the command in the section TCP Channel Commands.

Tcpdump

tcpdump/intf-name/[options] - tcpdump on the interface, can specify duration with -time, default is 60 sec

e.g. tcpdump/eth0/ -- run tcpdump on eth0 with default 60 seconds or maximum of 100 entries

tcpdump/eth0/'port 443' -time 10 -- run tcpdump on eth0 and port 443 with 10 seconds

The 'tcpdump' command is to capture the IP packets using the 'tcpdump' utility of Linux. The outbound interface needs to be specified.

The user can also supply more 'tcpdump' options such as port number or host IP address using e.g. 'port 53' or 'host 10.10.10.10' to capture the IP packets with those filters. The command will return the results either it times out or it has captured the maximum of 100 packets. The default timeout is 60 seconds. The user can specify the timeout in the range of (1, 120) seconds by '-time <value>'.

Trace

trace[/<ip or name>] - traceroute to www.google.com and zedcloud server, or to specified ip or name, 10 hops limit
e.g. trace -- traceroute to www.google.com and to zedcloud server
trace/www.microsoft.com -- run traceroute to www.microsoft.com

The 'trace' command uses the 'traceroute' utility of Linux and returns the hop-by-hop result if available. It uses two-queries per hop (useful in ECMP) and it is limited to a maximum of 10 hops. The option can be an IP address or domain name.

Url

url - display url metrics for zedclient, zedagent, downloader and loguploader

The 'url' command is for the statistics of different services to the controller and data-stores. The services include 'zedagent', 'zedrouter', 'loguploader', etc. This stats is kept from the device reboot time. The command also displays the management interface traffic send and receive stats. An example of a subset of output:

- zedagent stats
interface: eth0
Success: 1853 Last Success: 2022-08-12 18:45:00.027419055 +0000 UTC
https://zedcloud.local.zededa.net/api/v2/edgedevice/id/37df4d43-6d3e-4369-a455-9a189b1426bb/config
Recv (KBytes): 7, Sent 307120, SentMsg: 880, TLS resume: 880, Total Time(sec): 108

https://zedcloud.local.zededa.net/api/v2/edgedevice/id/37df4d43-6d3e-4369-a455-9a189b1426bb/info
Recv (KBytes): 0, Sent 219684, SentMsg: 82, TLS resume: 82, Total Time(sec): 9

This example here is the part for EVE 'zedagent' service send/receive from different URLs for downloading device configure and upload device info messages. The stats contains the send and receive payload bytes, and number of messages (in 'SendMsg'). The 'TLS resume' indicates among all the TLS message exchanges, how many have the 'TLS resumption' (defined in RFC-5247). The stats has also the total round-trip time it spends on all those messages with that URL.

Wireless

wireless - display the iwconfig wlan0 info and wpa_supplicant.conf content

The 'wireless' command displays the 'wlan' and 'wwan' interfaces (if they exist on the EVE device) relation information, such as 'wpa_supplicant.conf' file content, the port configuration for the wireless interfaces and status.

System Commands

The EdgeView system related commands (similar to network commands, but less related to TCP/IP) are the items printed from the '-h' output:

[configitem cat cp datastore dmesg download du hw lastreboot ls model newlog pci ps cipher usb techsupport top volume]

Configitem

configitem - display the device configitem settings, highlight the non-default values

The 'configitem' is user supplied configuration for the EVE device, for example to change the default logging on device from 'info' into 'debug'. This 'configitem' command will display all the available items and also highlight the changed values in color (if the terminal supports that). It has the global items and EVE agent specific items if changed. An example of changed 'debug.enable.usb' item in part of the output:

debug.default.loglevel: info

debug.enable.usb: false; default true

Cat

cat/<path to filename> - to display the content of a file

e.g. cat//config/device.cert.pem -- display the /config/device.cert.pem file content

cat/<path> -line <num> -- display only <num> of lines, like 'head' if <num> is positive, like 'tail' if the <num> is negative

This is similar to the Linux 'cat' utility to display a file's content. the file starts from the full path from the EVE Linux root directory.

The option can take a '-line <num>', and this is similar to Linux 'head' and 'tail' utility to only display the number of lines from the file depending on whether the <num> is a positive or negative value. For example to tail the last 5 lines of the current device log:

eddgeview.sh {"severity":"info","source":"edgeview","iid":"22761","content":"{\"level\":\"info\",\"msg\":\"recv[ep-inst-1:147.92.91.124] cmd: cat/persist/newlog/collect/current.device.log -line -5

content type: text/plain; charset=utf-8

{"severity":"info","source":"edgeview","iid":"22761","content":"{\"level\":\"info\",\"msg\":\"recv[ep-inst-1:147.92.91.124] cmd: cat/persist/newlog/collect/current.device.log\",\"obj\",\"obj_name\":\"edgeview-cmd\",\"obj_type\":\"newlog-gen-event\",\"pid\":22761,\"source\":\"edgeview\",\"time\":\"2022-08-12T19:51:5347.702389706Z844877276Z\"}\n","msgid":29472944,"timestamp":{"seconds":16603339131660333907,"nanos":702389706844877276}}

Cp

For the details of 'cp' command, see section Copy File Command.

Datastore

datastore - display the device current datastore: EQDN, type, cipher information

On EVE devices, it needs to be configured with datastore(s) for image downloading. The EVE image datastore is by default configured. The application image datastore is dynamically configured on the EVE device depending on the applications.

`Download`

download - display the download config and status during downloading operation and url stats since reboot

The 'download' command displays (only if the device is currently downloading image(s)) the configuration for download, and the status of downloading or progress. It also displays the download statistics since the last reboot.

`Du`

du - display linux 'du' in disk usage of a directory

e.g. du//persist/vault -- get the total disk usage of files under that directory

For example, the above 'du//persist/vault' has the output:

- Disk Usage: /persist/vault

203.24 (MBytes)

Hw

hw - display the hardware from lshw information in json format

The 'hw' command uses the utility 'lshw' and it does not take options. It displays the device hardware information in JSON format.

Lastreboot

lastreboot - display the last reboot reasons and stack if the information is saved

The 'lastreboot' command will display the content of '/persist/log/reboot-reason.log' if it exist, and '/persist/newlog/panicStacks' if saved.

Ls

ls/<path to filenames> - to display the file/directory information

e.g. ls//config/device.cert.pem -- display the /config/device.cert.pem file info

ls//config/"device*" -- display all the files with prefix 'device' in /config

The 'ls' command displays the files information in the directory. It can take a wildcard in the file's name string to match a subset of files in the directory. For example:

edgeview.sh ls//run/"zedagent*touch"

- ls cmd: /run/zedagent*touch

-rw-r--r--, 2022-08-12 20:58:43.587358564 +0000 UTC, 0, zedagent-localappinfo.touch

-rw-r--r--, 2022-08-12 20:58:58.231320286 +0000 UTC, 0, zedagent-localdevinfo.touch

-rw-r--r--, 2022-08-12 20:58:58.228712666 +0000 UTC, 0, zedagent-location.touch

-rw-r--r--, 2022-08-12 20:58:53.320588547 +0000 UTC, 0, zedagent.touch

-rw-r--r--, 2022-08-12 20:58:58.228707899 +0000 UTC, 0, zedagentattest.touch

-rw-r--r--, 2022-08-12 20:58:58.232764804 +0000 UTC, 0, zedagentccerts.touch

-rw-r--r--, 2022-08-12 20:58:58.219222416 +0000 UTC, 0, zedagentconfig.touch

-rw-r--r--, 2022-08-12 20:58:58.204337241 +0000 UTC, 0, zedagentdevinfo.touch

-rw-r--r--, 2022-08-12 20:58:58.231334827 +0000 UTC, 0, zedagentecerts.touch

-rw-r--r--, 2022-08-12 20:58:58.205523822 +0000 UTC, 0, zedagentflowlog.touch

-rw-r--r--, 2022-08-12 20:58:58.205553158 +0000 UTC, 0, zedagenthwinfo.touch

-rw-r--r--, 2022-08-12 20:58:58.199945666 +0000 UTC, 0, zedagentmetrics.touch

-rw-r--r--, 2022-08-12 20:58:58.205532665 +0000 UTC, 0, zedagentobjectinfo.touch

Model

model - display the hardware model information in json format

Not yet supported

Newlog

newlog - display the newlog statistics and file information in each of the newlog directory and disk usage

The 'newlog' command displays the device logging statistics since the last reboot, and also it displays the logging zip file directory for 'devUpload', 'appUpload' and 'keepSentQueue' for the number of files in directory and time range of the files.

Pci

pci - display the lspci information on device

The 'pci' command runs the 'lspci' utility and displays all the PCI devices information.

Ps

ps/<string> - display the process status information on matching string

e.g. ps/containerd -- display the processes with name of containerd

The 'ps' command displays the 'pid', system times, 'vms', 'rss', CPU, memory and 'cmdline' information. It takes a string as a filter for the 'cmdline' of the process. E.g.:

edgeview.sh ps/"edge-view-init"

- ps: PID Times VMS RSS CPU% MEM% Name Cmdline

001160: {"cpu":"cpu","user":0.0,"system":0.2,"idle":0.0,"nice":0.0,"iowait":0.0,"irq":0.0,"softirq":0.0,"steal":0.0,"guest":0.0,"guestNice":0.0,"stolen":0.0}, 1646592, 1191936, 0.048, 0.015, /bin/sh /usr/bin/edge-view-init.sh

Cipher

cipher - display cipher information on datastore, device and controller certificates, etc.

The 'cipher' command displays the certificates in '/persist/certs' directory, the datastore configured cipher information, the TPM edge-node certs information, and controller certificate information.

For example, in the TPM cert info:

- TPMmgr Edgenode Certs:

40d54a918e2057350b38ba916a93f3a1:

hash Algo: 1, Cert ID: QNVKkY4gVzULOLqRapPzoQ==, Cert Type: EdchXchange, Is TPM: true

subject: CN=Device ECDH certificate,O=The Linux Foundation,L=San Francisco,ST=CA,C=US, serial: 39488373966328550420555701136874670376, valid until: 2042-08-10 18:24:10 +0000 UTC

issuer: CN=EVE,O=The Linux Foundation

9746991e739889b4bd4fd204ae12d372:

hash Algo: 1, Cert ID: l0aZHnOYibS9T9IErhLTcg==, Cert Type: Ek, Is TPM: true

subject: CN=Device Endorsement Key certificate,O=The Linux Foundation,L=San Francisco,ST=CA,C=US, serial: 115402283948174120081462478940544354213, valid until: 2042-08-10 18:24:10 +0000 UTC

issuer: CN=EVE,O=The Linux Foundation

b788be811856e0077cdaf5825763cddf:

hash Algo: 1, Cert ID: t4i+gRhW4Ad82vWCV2PN3w==, Cert Type: signing, Is TPM: true

subject: CN=Device Attestation certificate,O=The Linux Foundation,L=San Francisco,ST=CA,C=US, serial: 135279607474940962312277550145450798740, valid until: 2042-08-10 18:24:10 +0000 UTC

issuer: CN=EVE,O=The Linux Foundation

Usb

usb - display the lsusb information on device

{"severity":"info","source":"edgeview","iid":"22761","content":"{\"level\":\"info\",\"msg\":\"Sent 3 messages, total 2245 bytes to websocket\",\"pid\":22761,\"source\":\"edgeview\",\"time\":\"2022-08-12T19:51:47.852530881Z\"}\n","msgid":2945,"timestamp":{"seconds":1660333907,"nanos":852530881}}

{"severity":"info","source":"edgeview","iid":"22761","content":"{\"level\":\"info\",\"msg\":\"read: no device, continue\",\"pid\":22761,\"source\":\"edgeview\",\"time\":\"2022-08-12T19:51:47.942746969Z\"}\n","msgid":2946,"timestamp":{"seconds":1660333907,"nanos":942746969}}

{"severity":"info","source":"edgeview","iid":"22761","content":"{\"level\":\"info\",\"msg\":\"recv[ep-inst-1:147.92.91.124] cmd: cat/persist/newlog/collect/current.device.log\",\"obj_name\":\"edgeview-cmd\",\"obj_type\":\"newlog-gen-event\",\"pid\":22761,\"source\":\"edgeview\",\"time\":\"2022-08-12T19:51:53.702389706Z\"}\n","msgid":2947,"timestamp":{"seconds":1660333913,"nanos":702389706}}

Cp

For the details of 'cp' command, see section Copy File Command.

Datastore

datastore - display the device current datastore: EQDN, type, cipher information

On EVE devices, it needs to be configured with datastore(s) for image downloading. The EVE image datastore is by default configured. The application image datastore is dynamically configured on the EVE device depending on the applications.

Dmesg

dmesg - display the device current dmesg information

The 'dmesg' command is to display the system log in kernel memory. The log severity Error and above is printed in Red, and Warn is printed in Pink, and rest of them in normal text color.

E.g.:

edgeview.sh dmesg

[ 1.063566] sd 0:0:1:0: [sda] Attached SCSI disk

[ 1.064425] sd 0:0:1:0: Attached scsi generic sg0 type 0

[ 1.065545] Rounding down aligned max_sectors from 4294967295 to 4294967288

[ 1.066723] db_root: cannot open: /etc/target

[ 1.067668] tun: Universal TUN/TAP device driver, 1.6

[ 1.159820] VMware vmxnet3 virtual NIC driver - version 1.5.0.0-k-NAPI

[ 1.174923] i8042: Warning: Keylock active