000012939 - lsmaint -help options

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000012939
Applies ToenVision
IssueReviewing lsmaint -help, -h or -? syntax
Resolution

Lsmaint archiving tool


The lsmaint archiving tool is very useful for grooming data from the IPDB. It is possible to move copy or delete by date, relative time ranges and for some or all devices by type orr IP address. The syntax is reproduced here for convenience, it is possible to create a copy of the syntax by redirecting to a file, for example "lsmaint -? > morereadable.txt"


Lsmaint -?


enVision LS Maintenance Tool
Copyright (c) 2000-2007 RSA Corp.



  Usage:  lsmaint <action> -time <start> <end>


          lsmaint <action> [-gmt] -time <start> <end> [-storagelocation <sl>] [-localNode <true|false>] [-loggingLevel <n>] [-verbose] [-logIt <true|false>] [-maxThreads <n>]
                           [-deviceGroup <dg>] [-deviceset <ds>] [-devicetype <dt>] [-device <d>] 
                           [-retention <n>[Y|M|D]] [-backUpKeys <true|false>] [-restoreLast <true|false>] [-key <key>] [-dest <destination>]



    Actions:                      Description
    ========                      ======================================
      -help, -h or -?             Displays this help information.
      -examples                   Displays a list of examples.
      -directory or -l            Displays the list of local site devices.


      -rebuild [all|hour|day]     Rebuilds index and summary data.
                                  If the day argument is passed only the day index and summary data are rebuilt.
                                  If the hour argument is passed the hour and day index and summary data are rebuilt.
                                  If the all argument is passed the minute, hour and day index and summary data are rebuilt.
      -fix     [all|hour|day]     Repairs index and summary information.
                                  If the day argument is passed only the day index and summary data are repaired.
                                  If the hour argument is passed the hour and day index and summary data are repaired.
                                  If the all argument is passed the minute, hour and day index and summary data are repaired.
      -verify  [all|hour|day|crc] Scans data, index, and summary information for errors.
                                  If the day argument is passed only the day index and summary data are scanned.
                                  If the hour argument is passed the hour and day index and summary data are scanned.
                                  If the all argument is passed the minute, hour and day index and summary data and the minute data are scanned.


      -show                       Shows the data/index/summary files that will be affected with the specified arguments but takes no action.
      -delete                     Deletes the selected data/index/summary files.
      -copy    <destdir>          Copies the selected data/index/summary files to the directory destdir with the same hierarchy structure as source location.
      -move    <destdir>          Moves the selected data/index/summary files to the directory destdir with the same hierarchy structure as source location.


      -offLineBackup              Backs up the data/index/summary files to Offline Data Storage.
      -offLineRestore             Restores the data/index/summary files from Offline Data Storage.
      -offLineExpired             Deletes the data/index/summary files from Offline Data Storage that have had their retention expire.
      -offLineDelete              Deletes a single file from Offline Data Storage.
      -offLineQuery               Queries for Key Files and the data/index/summary files that were backed up to Offline Data Storage.
      -offLineWrite               Writes a single file to Offline Data Storage.
      -offLineRead                Reads a single file from Offline Data Storage.


      -nextDSD <host> [force]     Activates the specified host's next active Data Storage Directory (DSD).
                                  The optional "force" switch causes the switch to take effect immediately for the
                                  current day.  Using the "force" switch may render the event data un-readable and
                                  therefore should only be used in extreme cases with guidance from customer support.


      -scanUnknown <n>            Scans for unknown or undefined messages. Output goes to logs\unknownMessages directory.
                                  <n> is the sample size for each device; the default is 100 events.


    Arguments:
    ==========


      -gmt                        Specifies that input times are to be interpreted in GMT.
                                  If this argument is not specified the input times are interpreted as local time.
                                  This argument must be specified before the -time argument.


      -time <start> <end> [test]


          <start>                 starting time


            format
            ------
            <YYYYMMDD>            Starting time is the beginning of the specified day.
            start                 Starting time is the beginning time of the oldest existing data.
            now                   Starting time is the current time.
            day                   Starting time is the beginning of the current day.
            month                 Starting time is the beginning of the current month.
            -<n>d                 Starting time is the beginning of the current day minus <n> days.
            -<n>m                 Starting time is the beginning of the current month minus <n> months.


          <end>                   ending time.


            format
            ------
            <YYYYMMDD>            Ending time is the beginning of the specified day.
            day                   Ending time is the end of the day specified in the starting time.
            month                 Ending time is the end of month specified in the starting time.
            -<n>D                 Ending time is the beginning of the current day minus <n> days.
            -<n>M                 Ending time is the beginning of the current month minus <n> months.
            +<n>D                 Ending time is the end of the day specified in the starting time plus <n> days.
            +<n>M                 Ending time is the end of month specified in the starting time plus <n> months.
            end                   Ending time is the end of existing data.


          [test]                  Time selection test mode.  Displays the associated start and end times
                                  based on the <start> and <end> arguments and takes no action.  Useful for confirming
                                  relative time frames.



      -device <d>                 Specifies a Device name, or filter; the default is all local site devices.
                                  Note!! <d> is a regular expression, for example 10.1.1.25 will match 10.1.1.25,10.1.1.250 - 10.1.1.255.
      -devicetype <dt>            Specifies a Device type name or filter; the default is all local site device types.
                                  Note!! <dt> is a regular expression, for example cisco will match ciscopix and ciscorouter.
      -deviceset <ds>             Specifies a Device set name or filter; the default is all local site device sets.
                                  Note!! <ds> is a regular expression.
      -deviceGroup <dg>           Specifies a Device Group.


      -retention    <n>[Y|M|D]    Set the retention of the offline back up to n [Years|Months|Days]; the default is 0 seconds.
      -backUpKeys   <true|false>  Back up the key files to Offline Data Storage;  the default is true.
      -restoreLast  <true|false>  If data has been backed up multiple times, only restore the last backup from Offline Data Storage; the default is true.
      -key  <key>                 Offline data or enVision key used by -offLineDelete, -offLineQuery, -offLineRead, and -offLineWrite .
      -dest <destination>         Offline data destination used by -offLineQuery, -offLineRead, and -offLineWrite to write its output.


      -storagelocation <sl>       Specifies a Storage directory name; the default is the current local site storage location.
      -localNode <true|false>     Specifies to use data stored on the local node; the default is false.
      -verbose, -v                Optional argument to enables verbose output to command window instead of to logger service.
      -loggingLevel <n>           Sets NIC message logging to include levels less than or equal to <n>, where <n> ranges from 0 (most critical) to 7 (least critical) and the default is 5.
      -maxThreads <n>             Sets the number of threads to use; the default is 25 for -offLineBackup, -offLineRestore and -offLineExpired and 4 for all other operations.
      -logIt <true|false>         Enables writing to a log in the enVision logs directory; the default is false except for -offLineBackup, -offLineRestore and -offLineExpired. This option can be used to track when an action was performed using the lsmaint command.
                                                                         


      Note!                       The physical files shown and/or manipulated by the tool are representations of internal data and may change from release to release.

Legacy Article IDa43572

Attachments

    Outcomes