Deep Security Manager 10 has reached end of support. Use the version selector (above) to see more recent versions of the Help Center.
Command-line basics for agent tasks
You can use to instruct agents to perform a number of actions using these command-line utilities.
In this topic:
- Activate an agent
- Configure a proxy for anti-malware and rule updates
- Configure a proxy for connections to the manager
- Remove a proxy setting
- Initiate a manual anti-malware scan
- Force the agent to contact the manager
- Reset the agent
- Create a diagnostic package
- Check that ds_agent processes or services are running
- Check CPU usage and RAM usage
- Restart an agent on Linux
Activate an agent
To activate an agent from the command line you will need to know the tenant ID and password. You can get them from the Deployment script.
- In the top right-hand corner of Deep Security Manager, click Support > Deployment Scripts to display the Deployment Scripts Generator.
- Select your platform.
- Select Activate Agent automatically after installation.
- In the deployment script, locate the strings for tenantID and token.
Windows
In PowerShell:
& $Env:ProgramFiles"\Trend Micro\Deep Security Agent\dsa_control" -a <manager URL> <tenant ID> <token>
In cmd.exe:
C:\Windows\system32>"\Program Files\Trend Micro\Deep Security Agent\dsa_control" -a <manager URL> <tenant ID> <token>
Linux
/opt/ds_agent/dsa_control –a <manager URL> <tenant ID> <token>
Configure a proxy for anti-malware and rule updates
If the agent must connect to its relay through a proxy, you must configure the proxy connection.
Windows
- Open a command prompt (cmd.exe) as Administrator.
-
Enter these commands:
cd C:\Program Files\Trend Micro\Deep Security Agent\
dsa_control -w myUserName:MTPassw0rd
dsa_control -y relay_proxy://squid.example.com:443
Linux
/opt/ds_agent/dsa_control -w myUserName:MTPassw0rd
/opt/ds_agent/dsa_control -y relay_proxy://squid.example.com:443
Configure a proxy for connections to the manager
If the agent must connect to its manager through a proxy, you must configure the proxy connection.
Windows
- Open a command prompt (cmd.exe) as Administrator.
-
Enter these commands:
cd C:\Program Files\Trend Micro\Deep Security Agent\
dsa_control -u myUserName:MTPassw0rd
dsa_control -x dsm_proxy://squid.example.com:443
Linux
/opt/ds_agent/dsa_control -u myUserName:MTPassw0rd
/opt/ds_agent/dsa_control -x dsm_proxy://squid.example.com:443
Remove a proxy setting
If you installed an agent with a deployment script that adds a proxy setting that you no longer need, you can remove the setting.
Windows
C:\Program Files\Trend Micro\Deep Security\dsa_control -x ""
C:\Program Files\Trend Micro\Deep Security\dsa_control -y ""
Linux
/opt/ds_agent/dsa_control -x ""
/opt/ds_agent/dsa_control -y ""
Initiate a manual anti-malware scan
Windows
- Open a command prompt (cmd.exe) as Administrator.
-
Enter these commands:
cd C:\Program Files\Trend Micro\Deep Security Agent\
dsa_control -m "AntiMalwareManualScan:true"
Linux
/opt/ds_agent/dsa_control -m "AntiMalwareManualScan:true"
Force the agent to contact the manager
Windows
In PowerShell:
& "\Program Files\Trend Micro\Deep Security Agent\dsa_control" -m
In cmd.exe:
C:\Windows\system32>"\Program Files\Trend Micro\Deep Security Agent\dsa_control" -m
Linux
/opt/ds_agent/dsa_control –m
Reset the agent
This command will remove target agent's activation information and deactivate it.
Windows
In PowerShell:
& "\Program Files\Trend Micro\Deep Security Agent\dsa_control" –r
In cmd.exe:
C:\Windows\system32>"\Program Files\Trend Micro\Deep Security Agent\dsa_control" -r
Linux
/opt/ds_agent/dsa_control –r
Create a diagnostic package
Deep Security Technical Support might ask you to create a diagnostic package to help them troubleshoot and diagnose your issue. The diagnostic package is created in a zip file which is downloaded locally. From there you can send it to Technical Support. For more detailed instructions, see Create a diagnostic package.
You can produce a diagnostic package for a managed computer through the Deep Security Manager but if the computer is in agent-initiated activation (AIA) mode it cannot collect all of the required logs. So when Technical Support asks for a diagnostic package you need to run the command directly on the managed computer.
Windows
In PowerShell:
& "\Program Files\Trend Micro\Deep Security Agent\dsa_control" –d
In cmd.exe:
C:\Windows\system32>"\Program Files\Trend Micro\Deep Security Agent\dsa_control" -d
Linux
/opt/ds_agent/dsa_control –d
Check that ds_agent processes or services are running
Windows
Use the Task Manager or procmon.
Linux
ps –ef|grep ds_agent
Check CPU usage and RAM usage
Windows
Use the Task Manager or procmon.
Linux
top
Restart an agent on Linux
service ds_agent restart
or
/etc/init.d/ds_agent restart