Understand Sensor CLI Log In Procedure for Cyber Vision

Available Languages

Download Options

  • PDF     (394.0 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (438.6 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (409.4 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:April 15, 2024
Document ID:221833

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes the Sensor CLI login procedure for both network and hardware sensors of Cisco Cyber Vision.

    Hardware Sensor - IC3000


    Before Cyber Vision Version 4.3.0

    note-icon

    Note: Before the Cyber Vision version 4.3.0, the IC3000 sensor was deployed as a Virtual Machine (VM) in the Cisco IOx ((Cisco IOs + linuX) is an end-to-end application framework that provides application-hosting capabilities for different application types on Cisco network platforms) local manager.

    Login to the IC3000 local manager interface (https://ip_address:8443) as an admin user, navigate to applications and then click the manage app option.

    IOx Local Manager - Applications Tab

    Choose the App-info menu, and click the Cisco_Cyber_Vision.pem option present in the App Access section as shown:

    Certificate Option in Local Manager

    Copy the Rivest-Shamir-Addleman (RSA) key present in the Cisco_Cyber_Vision.pem file.
    Now, login to the Cyber Vision Center CLI and then create a new file with the RSA key contents in the file.

    Using any Linux editor, for example, vi editor (visual editor) creates a file and pastes the contents of the RSA key file into this file (Cisco_Cyber_Vision.pem is the file name in this example).

    Copying RSA Key in CLI

    Restrict the permissions to the file Cisco_Cyber_Vision.pem, by using the command chmod 400.
    Now the IC3000 sensor console can be accessed using:

    ssh -p {SSH_PORT} -i file_name appconsole@LocalManagerIP


    For example, if the Secure Shell (SSH) port configured in the setup is 22, Cisco_Cyber_Vision.pem is the filename and Local Manager IP address (LMIP) is the IP address of LocalManager, then the result is ssh -p 22 -i Cisco_Cyber_Vision.pem appconsole@LMIP.

    note-icon

    Note: The IC3000 certificate changes every time the switch is rebooted and hence this procedure needs to be repeated.

    Cyber Vision 4.3.0 Version Onwards

    The Cisco Cyber Vision sensor application for IC3000 format changed from VM to Docker in version 4.3.0. For more details regarding the same, refer to Cisco-Cyber-Vision_Release-Notes-4-3-0.pdf.

    Login to the IC3000 local manager interface (https://ip_address:8443) as an admin user, navigate to applications and then click the manage app option.

    IOx Local Manager - Manage Option


    Then navigate to the App-Console tab in order to access the sensor application.

    App Console Tab in IOx Local Manager

    Network Sensors

    Login to the respective switch CLI and copy the sensor application ID using this command:

    show app-hosting list

    App Hosting Command in Switch CLI

    Log in to the sensor application using:

    app-hosting connect appid sensor_app_name session

    For example, in this case, it is app-hosting connect appid ccv_sensor_iox_x86_64 session.

    Connecting to Sensor CLI from Switch CLI

    The prompt shown in the screen capture confirms that the sensor login is successful.

    Revision History

    Revision Publish Date Comments
    1.0
    15-Apr-2024
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Jaswanth D K
      Cisco Engineering
    • Venkat R
      Cisco TAC Engineer

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco