Tech Support commands are provided for use primarily by ArcSight Customer Support. Brief descriptions of these Tech Support commands are provided for informational purposes, but these commands are not intended for use by ArcSight customers except as instructed by Customer Support.
|
Command |
Description |
|---|---|
|
Get Support Info |
Gets logs and other feedback on connectors. |
|
Get 'agent.properties' |
Shows the list of properties for the selected connector. |
|
Get Upgrade Logs |
Gets upgrade logs on connectors. |
|
Get 'agent.wrapper.conf' |
Shows the wrapper configuration for the selected connector. |
| Get Configuration XML File |
Shows the XML configuration file for the selected connector. |
| Get Thread Dump |
Gets one thread dump for the selected connector. |
|
Get Two Thread Dumps |
Gets two thread dumps for the selected connector spaced by the time interval specified. By comparing both thread dumps, Customer Support can troubleshoot connectors with threads that are hanging for unknown reasons. |
|
Get Heap Dump |
This generates a heap dump, if possible, which can be useful to ArcSight in some situations to analyze problems. The destination ID is used as part of the file name, the file is placed in the same directory as the connector's logs, and normally only 10 such files are kept. |
|
Get last N lines of 'agent.log' |
Shows an excerpt from the connector log file based on the number of lines you specify. The default is 500 lines. |
|
Get System Properties |
Shows system properties for the selected connector, including details on variables such as Java runtime name, Java virtual machine (VM) version, operating system name, paths for various Java components, paths for |
|
Enable Event Flow Tracing |
Allows you to specify a component and fields to log for initiating an event flow trace. Component and field names must be provided per appropriate syntax. The component should be chosen from the components listed in the Get Status results. |
|
Disable Event Flow Tracing |
Disables event flow tracing on the selected component. |
|
Get Event Flow Tracing Log |
When tracing is enabled on the selected connector, the connector logs data about events it receives. |
|
DNS Test |
This command takes one parameter, which is either a host name to resolve or an IP address to reverse resolve. This is useful to see what results would normally be expected for the name resolver component of the connector, since it uses the same mechanism to do the lookup as the name resolver uses. |
|
Enable Map File Logging |
Directs the AgentNATProcessor component, which processes map files for each event, to log what it is doing for each event. By default the last 100 events are logged. |
|
Disable Map File Logging |
Directs the AgentNATProcessor to stop logging. |
|
Get Collected Map File Logging |
Gets the collected log messages for the most recent events (100, by default), which may help debug problems with why a map file is not operating as expected. |