Command-line basics for agent tasks

You can use these command-line utilities to instruct agents to perform the following actions:

• Activate an agent
• Configure a proxy for anti-malware and rule updates
• Configure a proxy for connections to the manager
• Remove a proxy setting
• Initiate a manual anti-malware scan
• Force the agent to contact the manager
• Reset the agent
• Create a diagnostic package
• Check that ds_agent processes or services are running
• Check CPU usage and RAM usage
• Restart an agent on Linux

Activate an agent

To activate an agent from the command line you will need to know the tenant ID and password. You can get them from the Deployment script.

1. In the top right-hand corner of Deep Security Manager, click Support > Deployment Scripts to display the Deployment Scripts Generator.
2. Select your platform.
3. Select Activate Agent automatically after installation.
4. In the deployment script, locate the strings for tenantID and token.
   
   

Windows

In PowerShell:

& $Env:ProgramFiles"\Trend Micro\Deep Security Agent\dsa_control" -a <manager URL> <tenant ID> <token>

In cmd.exe:

C:\Windows\system32>"\Program Files\Trend Micro\Deep Security Agent\dsa_control" -a <manager URL> <tenant ID> <token>

Linux

/opt/ds_agent/dsa_control –a <manager URL> <tenant ID> <token>

Configure a proxy for anti-malware and rule updates

If the agent must connect to its relay through a proxy, you must configure the proxy connection.

Windows

1. Open a command prompt (cmd.exe) as Administrator.

2. Enter these commands:

   cd C:\Program Files\Trend Micro\Deep Security Agent\

   dsa_control -w myUserName:MTPassw0rd

   dsa_control -y relay_proxy://squid.example.com:443

Linux

/opt/ds_agent/dsa_control -w myUserName:MTPassw0rd

/opt/ds_agent/dsa_control -y relay_proxy://squid.example.com:443

Configure a proxy for connections to the manager

If the agent must connect to its manager through a proxy, you must configure the proxy connection.

Windows

1. Open a command prompt (cmd.exe) as Administrator.

2. Enter these commands:

   cd C:\Program Files\Trend Micro\Deep Security Agent\

   dsa_control -u myUserName:MTPassw0rd

   dsa_control -x dsm_proxy://squid.example.com:443

Linux

/opt/ds_agent/dsa_control -u myUserName:MTPassw0rd

/opt/ds_agent/dsa_control -x dsm_proxy://squid.example.com:443

Remove a proxy setting

If you installed an agent with a deployment script that adds a proxy setting that you no longer need, you can remove the setting.

Windows

C:\Program Files\Trend Micro\Deep Security\dsa_control -x ""

C:\Program Files\Trend Micro\Deep Security\dsa_control -y ""

Linux

/opt/ds_agent/dsa_control -x ""

/opt/ds_agent/dsa_control -y ""

Initiate a manual anti-malware scan

Windows

1. Open a command prompt (cmd.exe) as Administrator.

2. Enter these commands:

   cd C:\Program Files\Trend Micro\Deep Security Agent\

   dsa_control -m "AntiMalwareManualScan:true"

Linux

/opt/ds_agent/dsa_control -m "AntiMalwareManualScan:true"

Force the agent to contact the manager

Windows

In PowerShell:

& "\Program Files\Trend Micro\Deep Security Agent\dsa_control" -m

In cmd.exe:

C:\Windows\system32>"\Program Files\Trend Micro\Deep Security Agent\dsa_control" -m

Linux

/opt/ds_agent/dsa_control –m

Reset the agent

This command will remove target agent's activation information and deactivate it.

Windows

In PowerShell:

& "\Program Files\Trend Micro\Deep Security Agent\dsa_control" –r

In cmd.exe:

C:\Windows\system32>"\Program Files\Trend Micro\Deep Security Agent\dsa_control" -r

Linux

/opt/ds_agent/dsa_control –r

Create a diagnostic package

Deep Security Technical Support might ask you to create a diagnostic package to help them troubleshoot and diagnose your issue. The diagnostic package is created in a zip file which is downloaded locally on the endpoint in operation. From there you can send it to Technical Support. For more detailed instructions, see Create a diagnostic package.

You can produce a diagnostic package for a managed computer through the Deep Security Manager but if the computer is in agent-initiated activation (AIA) mode it cannot collect all of the required logs. So when Technical Support asks for a diagnostic package you need to run the command directly on the managed computer.

Windows

In PowerShell:

& "\Program Files\Trend Micro\Deep Security Agent\dsa_control" –d

In cmd.exe:

C:\Windows\system32>"\Program Files\Trend Micro\Deep Security Agent\dsa_control" -d

Linux

/opt/ds_agent/dsa_control –d

Check that ds_agent processes or services are running

Windows

Use the Task Manager or procmon.

Linux

ps –ef|grep ds_agent

Check CPU usage and RAM usage

Windows

Use the Task Manager or procmon.

Linux

top

Restart an agent on Linux

service ds_agent restart

or

/etc/init.d/ds_agent restart