Xshield CLI Command Reference - Full Help
Table of Contents
Agents
- agent-north-south-config
- collect-agent-diagnostics
- configure-agent-debug-logs
- decommission-agents
- get-agents
- show-offline-agents
- upgrade-agents
Assets
- asset-malicious-ip-blocking
- configure-breach-response-level
- enforce-asset
- get-asset-policies
- get-assets
- get-risk-score
- get-vulnerabilities
- manage-unmanaged-devices
- quarantine-restore-assets
- rename-asset
Edr_Integration
Named_Networks
- attach-named-network-to-asset
- create-named-network
- delete-named-network
- detach-named-network-from-asset
- get-named-networks
Segments
- attach-named-network-to-segment
- attach-template-to-segment
- configure-policy-automation-segment
- create-segment
- delete-segment
- detach-named-network-from-segment
- detach-template-from-segment
- generate-segment-report
- get-segment-rules
- get-segments
Taglabelrules
Tags
Templates
- attach-template-to-asset
- create-template
- delete-template
- detach-template-from-asset
- get-templates
- update-template
User_Management
agent-north-south-config
usage: xshield_util.py agent-north-south-config [-h] [--filter FILTER]
[--action ACTION]
[--output-file OUTPUT_FILE]
Configure north-south traffic for agents
options:
-h, --help show this help message and exit
--filter FILTER Criteria to filter agents for configuration, e.g.
"application:app1,app2;role:role1"
--action ACTION valid values: enabled, disabled
--output-file OUTPUT_FILE
Output file for north-south traffic configuration
(default: config/util_data/output_csv_files/agent_nort
h_south_config.csv)
collect-agent-diagnostics
usage: xshield_util.py collect-agent-diagnostics [-h] [--filter FILTER]
[--output-file OUTPUT_FILE]
Collect diagnostics from agents
options:
-h, --help show this help message and exit
--filter FILTER Criteria to filter agents for diagnostics collection,
e.g. "application:app1,app2;role:role1"
--output-file OUTPUT_FILE
Output file for diagnostics collection (default: confi
g/util_data/output_csv_files/agent_diagnostics.csv)
configure-agent-debug-logs
usage: xshield_util.py configure-agent-debug-logs [-h] [--filter FILTER]
[--action ACTION]
[--output-file OUTPUT_FILE]
Enable/disable debug logs in agents
options:
-h, --help show this help message and exit
--filter FILTER Criteria to filter agents for upgrade, e.g.
"application:app1,app2;role:role1"
--action ACTION Use True/False to Enable/Disable, default: True
--output-file OUTPUT_FILE
Output file for debug logs configuration (default: con
fig/util_data/output_csv_files/agent_debug_logs_config
.csv)
decommission-agents
usage: xshield_util.py decommission-agents [-h]
(--asset-list-csv ASSET_LIST_CSV |
--serial-number-csv SERIAL_NUMBER_CSV |
--duplicate-serial-numbers |
--filter FILTER |
--agent-status AGENT_STATUS)
[--agent-type AGENT_TYPE]
[--num-of-days NUM_OF_DAYS]
[--dry-run DRY_RUN]
[--output-file OUTPUT_FILE]
Decommission agents from Xshield platform (only server and endpoint type
agents)
options:
-h, --help show this help message and exit
--asset-list-csv ASSET_LIST_CSV
CSV file with asset names to decommission (refer
sample file in config/util_data/input_csv_files/asset_
list_decommission.csv)
--serial-number-csv SERIAL_NUMBER_CSV
CSV file with serial numbers to decommission (refer
sample file in config/util_data/input_csv_files/serial
_number_decommission.csv)
--duplicate-serial-numbers
Decommission agents with duplicate serial numbers
(platform fetch)
--filter FILTER Tag filter string, e.g.
"application:app1,app2;role:role1"
--agent-status AGENT_STATUS
Status of agents to filter, (valid status: active or
absent)
--agent-type AGENT_TYPE
Agent type (valid types: server, endpoint)
--num-of-days NUM_OF_DAYS
Decommissioning timeline for agents in days
--dry-run DRY_RUN Dry run: only output agents to be decommissioned,
default: True
--output-file OUTPUT_FILE
Output file for decommissioned agents (default: config
/util_data/output_csv_files/decommission_agents_output
.csv)
get-agents
usage: xshield_util.py get-agents [-h] [--status STATUS] [--type TYPE]
[--name NAME]
[--traffic-config TRAFFIC_CONFIG]
[--firewall-coexistence FIREWALL_COEXISTENCE]
[--policy-status POLICY_STATUS]
[--policy-tamper-monitoring POLICY_TAMPER_MONITORING]
[--agent-version AGENT_VERSION]
[--filter FILTER]
[--output-file OUTPUT_FILE] [--all]
Export agents based on criteria to an output CSV file
options:
-h, --help show this help message and exit
--status STATUS Filter by agent status (valid values: active, absent)
--type TYPE Filter by asset type (valid values: server, endpoint)
--name NAME Filter by agent name
--traffic-config TRAFFIC_CONFIG
Filter by traffic configuration
--firewall-coexistence FIREWALL_COEXISTENCE
Filter by firewall coexistence configuration (valid
values: enabled, disabled)
--policy-status POLICY_STATUS
Filter by policy status
--policy-tamper-monitoring POLICY_TAMPER_MONITORING
Filter by policy tamper monitoring configuration
(valid value: disabled)
--agent-version AGENT_VERSION
Filter by agent version (e.g., 25.4.1)
--filter FILTER Raw filter string for agent search (overrides other
filter args), e.g. "application:app1,app2;role:role1"
--output-file OUTPUT_FILE
Output file for agent data (default: config/util_data/
output_csv_files/get_agents_output.csv)
--all Fetch all agents (no filters) CAUTION: This is a heavy
request to Xshield platform, may take a long time and
consume a lot of memory.
show-offline-agents
usage: xshield_util.py show-offline-agents [-h] [--filter FILTER]
[--output-file OUTPUT_FILE]
Fetch and export offline agents to an output CSV file
options:
-h, --help show this help message and exit
--filter FILTER Criteria to filter offline agents, "e.g.
application:app1,app2;role:role1"
--output-file OUTPUT_FILE
Output file for offline agents (default:
config/util_data/output_csv_files/offline_agents.csv)
upgrade-agents
usage: xshield_util.py upgrade-agents [-h] [--filter FILTER]
[--current-agent-version CURRENT_AGENT_VERSION]
--upgrade-agent-version UPGRADE_AGENT_VERSION
[--output-file OUTPUT_FILE]
Upgrade agents to a higher version
options:
-h, --help show this help message and exit
--filter FILTER Criteria to filter agents for upgrade, e.g.
"application:app1,app2;role:role1"
--current-agent-version CURRENT_AGENT_VERSION
Current agent version
--upgrade-agent-version UPGRADE_AGENT_VERSION
Agent version to upgrade to
--output-file OUTPUT_FILE
Output file for upgraded agents (default:
config/util_data/output_csv_files/upgraded_agents.csv)
asset-malicious-ip-blocking
usage: xshield_util.py asset-malicious-ip-blocking [-h]
(--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--segment-name SEGMENT_NAME |
--filter FILTER)
[--action ACTION]
[--output-file OUTPUT_FILE]
Blocking malicious IP addresses for assets
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset names (refer sample file in
asset_malicious_ip_blocking_input.csv file under
config/util_data/input_csv_files folder)
--asset-name ASSET_NAME
Name of the asset(s) to enforce (Provide comma
separated asset names for multiple assets e.g.
--asset-name Asset1,Asset2)
--segment-name SEGMENT_NAME
Name of the segment(s) to apply the malicious IP
blocking (Provide comma separated segment names for
multiple segments e.g. --segment-name
"Segment1,Segment2")
--filter FILTER Filter string for asset search, e.g.
"application:myapp;type:server"
--action ACTION Action to take (valid values: enabled, disabled)
--output-file OUTPUT_FILE
Output file to store results (default: config/util_dat
a/output_csv_files/asset_malicious_ip_blocking_output.
csv)
configure-breach-response-level
usage: xshield_util.py configure-breach-response-level [-h]
[--asset-name ASSET_NAME]
[--level LEVEL]
[--input-file INPUT_FILE]
[--filter FILTER]
[--segment-name SEGMENT_NAME]
[--output-file OUTPUT_FILE]
Configuring breach response level for assets
options:
-h, --help show this help message and exit
--asset-name ASSET_NAME
Name of the asset(s) to configure breach response
level (Provide comma separated asset names for
multiple assets e.g. --asset-name Asset1,Asset2)
--level LEVEL Breach response level (valid values: inbound,
outbound, both)
--input-file INPUT_FILE
CSV file with asset names (refer sample file in
configure_breach_response_level_input.csv file under
config/util_data/input_csv_files folder)
--filter FILTER Filter string for asset search, e.g.
"application:myapp;type:server"
--segment-name SEGMENT_NAME
Name of the segment(s) to apply the breach response
level (Provide comma separated segment names for
multiple segments e.g. --segment-name
"Segment1,Segment2")
--output-file OUTPUT_FILE
Output file to store results (default: config/util_dat
a/output_csv_files/configure_breach_response_level_out
put.csv)
enforce-asset
usage: xshield_util.py enforce-asset [-h] [--asset-name ASSET_NAME]
[--direction DIRECTION] [--state STATE]
[--input-file INPUT_FILE]
[--filter FILTER]
[--segment-name SEGMENT_NAME]
[--output-file OUTPUT_FILE]
Securing assets with ZeroTrust enforcement
options:
-h, --help show this help message and exit
--asset-name ASSET_NAME
Name of the asset(s) to enforce (Provide comma
separated asset names for multiple assets e.g.
--asset-name Asset1,Asset2)
--direction DIRECTION
Direction of enforcement (valid values: inbound,
outbound, both)
--state STATE State of enforcement (valid values: test, enforce,
undeploy, deploy --> Note: undeploy and deploy only
works with direction as both))
--input-file INPUT_FILE
CSV file with asset names (refer sample file in
enforce_asset_input.csv file under
config/util_data/input_csv_files folder)
--filter FILTER Filter string for asset search, e.g.
"application:myapp;type:server"
--segment-name SEGMENT_NAME
Name of the segment(s) to apply the enforcement
(Provide comma separated segment names for multiple
segments e.g. --segment-name "Segment1,Segment2")
--output-file OUTPUT_FILE
Output file to store results (default: config/util_dat
a/output_csv_files/enforce_asset_output.csv)
get-asset-policies
usage: xshield_util.py get-asset-policies [-h] (--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--filter FILTER |
--segment-name SEGMENT_NAME | --all)
[--output-file OUTPUT_FILE]
Export policies (named networks and templates) for assets to an output CSV
file
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset names (column: assetName)
--asset-name ASSET_NAME
Comma-separated asset names
--filter FILTER Filter string for asset search, e.g. "application:app1
,app2;environment:prod,dev;type:server,endpoint"
--segment-name SEGMENT_NAME
Name of the segment(s) to fetch matching assets
policies (Provide comma separated segment names for
multiple segments e.g. --segment-name
"Segment1,Segment2")
--all Fetch policies for all assets (criteria: *) CAUTION:
This is a heavy request to Xshield platform, may take
a long time and consume a lot of memory.
--output-file OUTPUT_FILE
Output file path for the policies (default: config/uti
l_data/output_csv_files/get_asset_policies_output.csv)
get-assets
usage: xshield_util.py get-assets [-h] (--input-file INPUT_FILE |
--asset-name ASSET_NAME | --filter FILTER |
--segment-name SEGMENT_NAME | --all)
[--output-file OUTPUT_FILE] [--detail]
Export asset info to an output CSV file (fetch asset summary or detail,
default: summary)
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset names (column: assetName)
--asset-name ASSET_NAME
Comma-separated asset names
--filter FILTER Filter string for asset search, e.g. "application:app1
,app2;environment:prod,dev;type:server,endpoint"
--segment-name SEGMENT_NAME
Name of the segment(s) to fetch assets (Provide comma
separated segment names for multiple segments e.g.
--segment-name "Segment1,Segment2")
--all Fetch all assets (criteria: *)
--output-file OUTPUT_FILE
Path for output CSV (default: config/util_data/output_
csv_files/get_assets_output.csv)
--detail Fetch and output detailed asset data
get-risk-score
usage: xshield_util.py get-risk-score [-h] (--filter FILTER |
--segment-name SEGMENT_NAME | --all)
[--output-file OUTPUT_FILE]
Fetch risk score info for assets
options:
-h, --help show this help message and exit
--filter FILTER Filter string with tags or asset names for fetching
risk score , e.g.
"application:app1,app2;environment:prod,dev" or
"assetname:Asset-1,Asset-2"
--segment-name SEGMENT_NAME
Filter with comma-separated segment names
--all Fetch risk score for all assets on the
tenant(criteria: *)
--output-file OUTPUT_FILE
Path for output CSV (default: config/util_data/output_
csv_files/get_risk_score_output.csv)
get-vulnerabilities
usage: xshield_util.py get-vulnerabilities [-h] (--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--filter FILTER |
--segment-name SEGMENT_NAME |
--all) [--unique]
[--output-file OUTPUT_FILE]
Export vulnerabilities for tenant's assets to an output CSV file
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset names (column: assetName)
--asset-name ASSET_NAME
Comma-separated asset names
--filter FILTER Filter string for asset search, e.g. "application:app1
,app2;environment:prod,dev;type:server,endpoint"
--segment-name SEGMENT_NAME
Name of the segment(s) to fetch vulnerabilities for
assets (Provide comma separated segment names for
multiple segments e.g. --segment-name
"Segment1,Segment2")
--all Fetch vulnerabilities for all assets (criteria: *)
CAUTION: This is a heavy request to Xshield platform,
may take a long time and consume a lot of memory.
--unique Fetch unique vulnerabilities for all assets or
filtered assets
--output-file OUTPUT_FILE
Output file path for the vulnerabilities (default: con
fig/util_data/output_csv_files/asset_vulnerabilities_o
utput.csv)
manage-unmanaged-devices
usage: xshield_util.py manage-unmanaged-devices [-h]
(--asset-name ASSET_NAME |
--ipaddress IPADDRESS |
--input-file INPUT_FILE)
--gatekeeper-name GATEKEEPER_NAME
[--output-file OUTPUT_FILE]
options:
-h, --help show this help message and exit
--asset-name ASSET_NAME
Comma-separated asset names
--ipaddress IPADDRESS
Comma-separated IP addresses
--input-file INPUT_FILE
CSV with asset names/IPs under column 'HostName'.
Relative paths resolve from
config/util_data/input_csv_files/
--gatekeeper-name GATEKEEPER_NAME
Name of the gatekeeper
--output-file OUTPUT_FILE
Output CSV path. Relative paths resolve to
config/util_data/output_csv_files/ (default:
Move_unmanaged_to_managed_output.csv)
quarantine-restore-assets
usage: xshield_util.py quarantine-restore-assets [-h] [--action ACTION]
[--assetName ASSETNAME]
[--segmentName SEGMENTNAME]
[--tagValue TAGVALUE]
Quarantine/Restore Assets by assigning/removing the Quarantine tag (will be
deprecated in next release)
options:
-h, --help show this help message and exit
--action ACTION quarantine or restore
--assetName ASSETNAME
Name of the asset to be assigned with the tag
--segmentName SEGMENTNAME
Name of the segment to quarantine assets (optional)
--tagValue TAGVALUE Tag value for quarantine (only needed for quarantine
action)
rename-asset
usage: xshield_util.py rename-asset [-h] [--asset-name ASSET_NAME]
[--asset-ip ASSET_IP]
[--asset-id ASSET_ID]
[--new-asset-name NEW_ASSET_NAME]
[--input-file INPUT_FILE]
[--output-file OUTPUT_FILE]
Renaming assets on Xshield platform
options:
-h, --help show this help message and exit
--asset-name ASSET_NAME
Name of the asset(s) to be renamed (Provide comma
separated asset names for multiple assets e.g.
--asset-name Asset1,Asset2)
--asset-ip ASSET_IP IP address of the asset(s) to be renamed (Provide
comma separated asset IP addresses for multiple assets
e.g. --asset-ip 192.168.1.1,192.168.1.2)
--asset-id ASSET_ID ID of the asset(s) to be renamed (Provide comma
separated asset IDs for multiple assets e.g. --asset-
id abcd-1234-efgh,1234-abcd-5678)
--new-asset-name NEW_ASSET_NAME
New name of the asset(s) to be renamed (Provide comma
separated asset names for multiple assets e.g. --new-
asset-name New-Asset1,New-Asset2)
--input-file INPUT_FILE
CSV file with asset id/asset ip/assetname to filter
along with new asset name (refer sample file in
rename_asset_input.csv file under
config/util_data/input_csv_files folder)
--output-file OUTPUT_FILE
Output file to store results (default: config/util_dat
a/output_csv_files/rename_asset_output.csv)
crowdstrike-integration
usage: xshield_util.py crowdstrike-integration [-h] [--action ACTION]
[--hostgroup HOSTGROUP]
CrowdStrike Integration
options:
-h, --help show this help message and exit
--action ACTION Use options activate-integration/deactivate-
integration/activate-hostgroup/deactivate-hostgroup
--hostgroup HOSTGROUP
Provide hostgroupname to be activated/deactivated
based on action parameter
msdefender-integration
usage: xshield_util.py msdefender-integration [-h] [--action ACTION]
[--tag TAG]
Microsoft Defender Integration
options:
-h, --help show this help message and exit
--action ACTION Use options activate-integration/deactivate-
integration/activate-tag/deactivate-tag
--tag TAG Provide Tag Name to be activated/deactivated based on
action parameter
attach-named-network-to-asset
usage: xshield_util.py attach-named-network-to-asset [-h]
(--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--filter FILTER)
[--named-network-name NAMED_NETWORK_NAME]
Attach named network(s) to asset(s)
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset and named network names (refer
sample file in attach_named_network_to_asset_input.csv
file under config/util_data/input_csv_files folder)
--asset-name ASSET_NAME
Comma-separated asset names (eg: --asset-name
Asset1,Asset2)
--filter FILTER Filter string for asset search, e.g.
"application:myapp;type:server"
--named-network-name NAMED_NETWORK_NAME
Comma-separated named network names (eg: --named-
network-name "Network1,Network2")
create-named-network
usage: xshield_util.py create-named-network [-h] (--input-file INPUT_FILE |
--name NAME)
[--description DESCRIPTION]
[--ip-ranges IP_RANGES]
Create a named network from input file or CLI arguments
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file path for named networks (refer sample CSV
file in config/util_data/input_csv_files/create_named_
network_input.csv)
--name NAME Name of the Named Network to create
--description DESCRIPTION
Description for the Named Network
--ip-ranges IP_RANGES
IP Ranges for the Named Network (format:
"<range1;range2>")
delete-named-network
usage: xshield_util.py delete-named-network [-h] (--input-file INPUT_FILE |
--name NAME)
[--output-file OUTPUT_FILE]
Delete named networks from input file or by name
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file path with namedNetworkName for batch deletion
(refer sample CSV file in config/util_data/input_csv_f
iles/delete_named_network_input.csv)
--name NAME Name of the Named Network to delete
--output-file OUTPUT_FILE
Output file to log deletion status (default: config/ut
il_data/output_csv_files/delete_named_network_output.c
sv)
detach-named-network-from-asset
usage: xshield_util.py detach-named-network-from-asset [-h]
(--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--filter FILTER)
[--named-network-name NAMED_NETWORK_NAME]
[--output-file OUTPUT_FILE]
Detach named network(s) from asset(s)
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset and named network names (refer
sample file in
detach_named_network_from_asset_input.csv file under
config/util_data/input_csv_files folder)
--asset-name ASSET_NAME
Comma-separated asset names (eg: --asset-name
Asset1,Asset2)
--filter FILTER Filter string for asset search, e.g.
"application:myapp;type:server"
--named-network-name NAMED_NETWORK_NAME
Comma-separated named network names (eg: --named-
network-name "Network1,Network2")
--output-file OUTPUT_FILE
Output file for detached named networks per asset
(default: config/util_data/output_csv_files/detach_nam
ed_network_from_asset_output.csv)
get-named-networks
usage: xshield_util.py get-named-networks [-h] [--name NAME]
[--network-provider NETWORK_PROVIDER]
[--program-intranet PROGRAM_INTRANET]
[--system-network SYSTEM_NETWORK]
[--all] [--detail]
[--wildcard-search WILDCARD_SEARCH]
[--input-file INPUT_FILE]
[--output-file OUTPUT_FILE]
Fetch details of named networks and export to CSV
options:
-h, --help show this help message and exit
--name NAME Comma-separated names of Named Networks to fetch
--network-provider NETWORK_PROVIDER
Comma-separated network providers to filter Named
Networks
--program-intranet PROGRAM_INTRANET
Filter by program intranet status (valid: true, false)
--system-network SYSTEM_NETWORK
Filter by system network status (valid: true, false)
--all Fetch all Named Networks (CAUTION: This will be very
expensive query for platform)
--detail Fetch detailed Named Networks
--wildcard-search WILDCARD_SEARCH
Wildcard search for Named Networks (eg: 10.10.10.0/24
or SampleNN)
--input-file INPUT_FILE
CSV file to read the named network names (refer to
sample file in config/util_data/input_csv_files/get_na
med_networks_input.csv)
--output-file OUTPUT_FILE
Output file for named networks (default: config/util_d
ata/output_csv_files/get_named_networks_output.csv)
attach-named-network-to-segment
usage: xshield_util.py attach-named-network-to-segment [-h]
[--input-file INPUT_FILE]
[--segment-name SEGMENT_NAME]
[--named-network NAMED_NETWORK]
[--output-file OUTPUT_FILE]
Attach Named Networks to a Segment
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV input file containing segment details,
refer to sample file in config/util_data/input_csv_fil
es/attach_named_network_to_segment_input.csv
--segment-name SEGMENT_NAME
Name of the segment to which named networks are to be
assigned (supports single segment name)
--named-network NAMED_NETWORK
Name of the named networks to be assigned to segment
(e.g: "Network-1,Network-2")
--output-file OUTPUT_FILE
Output file to log assignment status (default: config/
util_data/output_csv_files/attach_named_network_to_seg
ment_output.csv)
attach-template-to-segment
usage: xshield_util.py attach-template-to-segment [-h]
[--input-file INPUT_FILE]
[--segment-name SEGMENT_NAME]
[--template-name TEMPLATE_NAME]
[--output-file OUTPUT_FILE]
Attach Templates to a Segment
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV input file containing segment details,
refer to sample file in config/util_data/input_csv_fil
es/attach_template_to_segment_input.csv
--segment-name SEGMENT_NAME
Name of the segment to which templates are to be
assigned (supports single segment name)
--template-name TEMPLATE_NAME
Name of the templates to be assigned to segment (e.g:
"Template-1,Template-2")
--output-file OUTPUT_FILE
Output file to log assignment status (default: config/
util_data/output_csv_files/attach_template_to_segment_
output.csv)
configure-policy-automation-segment
usage: xshield_util.py configure-policy-automation-segment [-h]
[--input-file INPUT_FILE]
[--segment-name SEGMENT_NAME]
[--inbound-assetpolicy INBOUND_ASSETPOLICY]
[--outbound-assetpolicy OUTBOUND_ASSETPOLICY]
[--inbound-auto-synchronize INBOUND_AUTO_SYNCHRONIZE]
[--outbound-auto-synchronize OUTBOUND_AUTO_SYNCHRONIZE]
[--inbound-min-test-duration-autosync-enforce INBOUND_MIN_TEST_DURATION_AUTOSYNC_ENFORCE]
[--inbound-include-violations-autosync-enforce INBOUND_INCLUDE_VIOLATIONS_AUTOSYNC_ENFORCE]
[--outbound-min-test-duration-autosync-enforce OUTBOUND_MIN_TEST_DURATION_AUTOSYNC_ENFORCE]
[--outbound-include-violations-autosync-enforce OUTBOUND_INCLUDE_VIOLATIONS_AUTOSYNC_ENFORCE]
[--output-file OUTPUT_FILE]
Configure Policy Automation for a Segment
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV input file containing segment details,
refer to sample file in config/util_data/input_csv_fil
es/configure_policy_automation_segment_input.csv
--segment-name SEGMENT_NAME
Name of the segment to configure policy automation
(supports single segment name)
--inbound-assetpolicy INBOUND_ASSETPOLICY
Inbound progressive state to be assigned (e.g:
"default-allow or allow-open-ports or allow-active-
ports or zerotrust")
--outbound-assetpolicy OUTBOUND_ASSETPOLICY
Outbound progressive state to be assigned (e.g:
"default-allow or zerotrust")
--inbound-auto-synchronize INBOUND_AUTO_SYNCHRONIZE
Auto push to firewall state for inbound to be
test/enforce/disable
--outbound-auto-synchronize OUTBOUND_AUTO_SYNCHRONIZE
Auto push to firewall state for outbound to be
test/enforce/disable
--inbound-min-test-duration-autosync-enforce INBOUND_MIN_TEST_DURATION_AUTOSYNC_ENFORCE
Minimum test duration for autosync enforce (valid
values: 0 to 10080 minutes)
--inbound-include-violations-autosync-enforce INBOUND_INCLUDE_VIOLATIONS_AUTOSYNC_ENFORCE
Include violations for autosync enforce (valid values:
true, false)
--outbound-min-test-duration-autosync-enforce OUTBOUND_MIN_TEST_DURATION_AUTOSYNC_ENFORCE
Minimum test duration for autosync enforce (valid
values: 0 to 10080 minutes)
--outbound-include-violations-autosync-enforce OUTBOUND_INCLUDE_VIOLATIONS_AUTOSYNC_ENFORCE
Include violations for autosync enforce (valid values:
true, false)
--output-file OUTPUT_FILE
Output file to log configuration status (default: conf
ig/util_data/output_csv_files/configure_policy_automat
ion_segment_output.csv)
create-segment
usage: xshield_util.py create-segment [-h] [--input-file INPUT_FILE]
[--segment-name SEGMENT_NAME]
[--criteria CRITERIA] [--score SCORE]
[--timeline TIMELINE]
[--segment-description SEGMENT_DESCRIPTION]
[--template-name TEMPLATE_NAME]
[--named-network NAMED_NETWORK]
[--output-file OUTPUT_FILE]
Create Segment (Read from input csv file or provide arguments)
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV input file containing segment details,
refer to sample file in config/util_data/input_csv_fil
es/create_segment_input.csv
--segment-name SEGMENT_NAME
Name of the segment to be created (only creates one
segment via --segment-name argument)
--criteria CRITERIA Criteria string for segment creation, (e.g:
"application:app1,app2;environment:prod,dev;custom1")
--score SCORE Target Breach Impact Score to reach (0-100)
--timeline TIMELINE Timeline for the segment to reach the score (e.g: 30,
60, 90)
--segment-description SEGMENT_DESCRIPTION
Description for the segment
--template-name TEMPLATE_NAME
Name of the templates to be attached to segment (e.g:
"Base Template;Template-1;Template-2")
--named-network NAMED_NETWORK
Name of the named networks to be attached to segment
(e.g: "Network-1;Network-2")
--output-file OUTPUT_FILE
Output file for segment creation (default: config/util
_data/output_csv_files/create_segment_output.csv)
delete-segment
usage: xshield_util.py delete-segment [-h] (--input-file INPUT_FILE |
--segment-name SEGMENT_NAME)
[--output-file OUTPUT_FILE]
Delete a segment
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV file containing segment names (refer
sample CSV file in config/util_data/input_csv_files/de
lete_segment_input.csv)
--segment-name SEGMENT_NAME
Name of the segment to delete (Comma separated segment
names (e.g: "Segment-1,Segment-2"))
--output-file OUTPUT_FILE
Output file to log deletion status (default: config/ut
il_data/output_csv_files/delete_segment_output.csv)
detach-named-network-from-segment
usage: xshield_util.py detach-named-network-from-segment [-h]
[--input-file INPUT_FILE]
[--segment-name SEGMENT_NAME]
[--named-network NAMED_NETWORK]
[--output-file OUTPUT_FILE]
Detach Named Networks from a Segment
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV input file containing segment details,
refer to sample file in config/util_data/input_csv_fil
es/detach_named_network_from_segment_input.csv
--segment-name SEGMENT_NAME
Name of the segment from which named networks are to
be detached (supports single segment name)
--named-network NAMED_NETWORK
Name of the named networks to be detached from segment
(e.g: "Network-1,Network-2")
--output-file OUTPUT_FILE
Output file to log detachment status (default: config/
util_data/output_csv_files/detach_named_network_from_s
egment_output.csv)
detach-template-from-segment
usage: xshield_util.py detach-template-from-segment [-h]
[--input-file INPUT_FILE]
[--segment-name SEGMENT_NAME]
[--template-name TEMPLATE_NAME]
[--output-file OUTPUT_FILE]
Detach Templates from a Segment
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV input file containing segment details,
refer to sample file in config/util_data/input_csv_fil
es/detach_template_from_segment_input.csv
--segment-name SEGMENT_NAME
Name of the segment from which templates are to be
detached (supports single segment name)
--template-name TEMPLATE_NAME
Name of the templates to be detached from segment
(e.g: "Template-1,Template-2")
--output-file OUTPUT_FILE
Output file to log detachment status (default: config/
util_data/output_csv_files/detach_template_from_segmen
t_output.csv)
generate-segment-report
usage: xshield_util.py generate-segment-report [-h] (--input-file INPUT_FILE |
--segment-name SEGMENT_NAME |
--filter FILTER)
[--output-file OUTPUT_FILE]
Generate report for segments
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV file containing segment names (refer
sample CSV file in
config/util_data/input_csv_files/generate-report-
input.csv)
--segment-name SEGMENT_NAME
Name of the segment to export rules (Comma separated
segment names (e.g: "Segment-1,Segment-2"))
--filter FILTER Filter string with criteria for generating report,
e.g. "application:app1,app2;environment:prod,dev"
--output-file OUTPUT_FILE
Output file to log report status (default:
config/util_data/output_csv_files/generate-report-
output.csv)
get-segment-rules
usage: xshield_util.py get-segment-rules [-h] [--input-file INPUT_FILE]
[--segment-name SEGMENT_NAME] [--all]
[--output-file OUTPUT_FILE]
Fetch and export all port and path rules associated with segments to an output
CSV file
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV file containing segment names (refer
sample CSV file in config/util_data/input_csv_files/ge
t_segment_rules_input.csv)
--segment-name SEGMENT_NAME
Name of the segment to export rules (Comma separated
segment names (e.g: "Segment-1,Segment-2"))
--all Export rules for all segments
--output-file OUTPUT_FILE
Output file to log export status (default: config/util
_data/output_csv_files/get_segment_rules_output.csv)
get-segments
usage: xshield_util.py get-segments [-h] [--input-file INPUT_FILE]
[--output-file OUTPUT_FILE]
[--segment-name SEGMENT_NAME]
[--filter FILTER] [--all]
[--wildcard-search WILDCARD_SEARCH]
Fetch segment and it's details and export to CSV
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Input file with Segment name to fetch details (refer
sample csv file in config/util_data/input_csv_files/ge
t_segments_input.csv)
--output-file OUTPUT_FILE
Output file for segment details (default: config/util_
data/output_csv_files/get_segments_output.csv)
--segment-name SEGMENT_NAME
Comma-separated names of segments to fetch
--filter FILTER Filter by criteria, e.g.
"application:app1,app2;environment:prod,dev"
--all Fetch all segments (Caution: This will be very
expensive query for platform)
--wildcard-search WILDCARD_SEARCH
Wildcard search for segments (eg: SampleSegment)
create-tag-label-rule
usage: xshield_util.py create-tag-label-rule [-h] [--input-file INPUT_FILE]
[--tag-rule-name TAG_RULE_NAME]
[--type TYPE]
[--conditions CONDITIONS]
[--description DESCRIPTION]
[--tags TAGS] [--labels LABELS]
[--priority PRIORITY]
[--enabled ENABLED]
Create tag label rule (basic or advanced)
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV file containing tag label rule definitions
(see sample file for reference: config/util_data/input
_csv_files/create_tag_label_rules_input.csv)
--tag-rule-name TAG_RULE_NAME
Name of the tag label rule
--type TYPE Type of the tag label rule
--conditions CONDITIONS
Conditions for the tag label rule
--description DESCRIPTION
Description of the tag label rule
--tags TAGS Comma-separated list of tags (basic mode)
--labels LABELS Semicolon-separated label actions (advanced mode)
--priority PRIORITY Rule priority
--enabled ENABLED Rule enabled status
delete-tag-label-rule
usage: xshield_util.py delete-tag-label-rule [-h] [--input-file INPUT_FILE]
[--tag-rule-name TAG_RULE_NAME]
Delete a tag label rule
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Path to CSV file containing rule names (refer sample
file in config/util_data/input_csv_files/delete_tag_la
bel_rules_input.csv)
--tag-rule-name TAG_RULE_NAME
Name of the tag label rule to delete
get-tag-label-rule
usage: xshield_util.py get-tag-label-rule [-h] (--input-file INPUT_FILE |
--tag-rule-name TAG_RULE_NAME |
--all |
--wildcard-search WILDCARD_SEARCH)
[--output-file OUTPUT_FILE]
Export tag label rules info to an output CSV file
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with tag label rule names (column:
TagRuleName) (reference file: config/util_data/input_c
sv_files/get_tag_label_rules_input.csv)
--tag-rule-name TAG_RULE_NAME
Comma-separated tag label rule names
--all Fetch all tag label rules (criteria: *)
--wildcard-search WILDCARD_SEARCH
Wildcard search for tag rules (eg: SampleRule-)
--output-file OUTPUT_FILE
Path for output CSV (default: config/util_data/output_
csv_files/get_tag_label_rules_output.csv)
assign-asset-tags
usage: xshield_util.py assign-asset-tags [-h] (--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--filter FILTER) [--tags TAGS]
Assign tags to assets via input file, asset names, or filter criteria.
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset tags to assign (refer to sample
file assign_asset_tags_input.csv under
config/util_data/input_csv_files)
--asset-name ASSET_NAME
Comma-separated asset names (tags taken from arguments
or defaults)
--filter FILTER Filter string for asset search, (e.g.
"application:app1,app2;environment:prod,dev")
--tags TAGS Tags to assign in format (e.g.
"application:app1;environment:prod;role:web" required
with --asset-name or --filter)
create-custom-tag
usage: xshield_util.py create-custom-tag [-h] (--input-file INPUT_FILE |
--tag-name TAG_NAME)
Create custom tags (max 5 per tenant).
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with custom tag names (refer to sample file
create_custom_tags_input.csv under
config/util_data/input_csv_files)
--tag-name TAG_NAME Comma-separated custom tag names (eg: tag1,tag2)
get-asset-tags
usage: xshield_util.py get-asset-tags [-h] (--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--filter FILTER |
--segment-name SEGMENT_NAME)
[--output-file OUTPUT_FILE]
Fetch tags for assets provided via input file, asset names, or filter
criteria.
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset names, refer to sample file in
get_asset_tags_input.csv file under
config/util_data/input_csv_files
--asset-name ASSET_NAME
Comma-separated asset names
--filter FILTER Filter string for asset search, e.g. "application:app1
,app2;environment:prod,dev;type:server,endpoint"
--segment-name SEGMENT_NAME
Name of the segment(s) to fetch the tags for matching
assets (Provide comma separated segment names for
multiple segments e.g. --segment-name
"Segment1,Segment2")
--output-file OUTPUT_FILE
Path for output CSV (default:
get_asset_tags_output.csv under
config/util_data/output_csv_files)
attach-template-to-asset
usage: xshield_util.py attach-template-to-asset [-h]
(--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--filter FILTER)
[--template-name TEMPLATE_NAME]
Attach template(s) to asset(s)
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset and template names (refer sample
file in attach_template_to_asset_input.csv file under
config/util_data/input_csv_files)
--asset-name ASSET_NAME
Comma-separated asset names (eg: --asset-name
Asset1,Asset2)
--filter FILTER Filter string for asset search, e.g.
"application:myapp;type:server"
--template-name TEMPLATE_NAME
Comma-separated template names (eg: --template-name
"Template1,Template2")
create-template
usage: xshield_util.py create-template [-h] [--input-file INPUT_FILE]
Create a template from input file or CLI arguments
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file path for template creation (refer sample file
in config/util_data/input_csv_files/create_template_in
put.csv)
delete-template
usage: xshield_util.py delete-template [-h] [--template-name TEMPLATE_NAME]
[--input-file INPUT_FILE]
Delete templates by name or input-file
options:
-h, --help show this help message and exit
--template-name TEMPLATE_NAME
Name of the template to delete, comma separated names
for multiple templates
--input-file INPUT_FILE
CSV file path for template deletion with template
names (refer sample file in config/util_data/input_csv
_files/delete_template_input.csv)
detach-template-from-asset
usage: xshield_util.py detach-template-from-asset [-h]
(--input-file INPUT_FILE |
--asset-name ASSET_NAME |
--filter FILTER)
[--template-name TEMPLATE_NAME]
[--output-file OUTPUT_FILE]
Detach template(s) from asset(s)
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file with asset and template names(refer sample
file in detach_template_from_asset_input.csv file
under config/util_data/input_csv_files folder)
--asset-name ASSET_NAME
Comma-separated asset names (eg: --asset-name
Asset1,Asset2)
--filter FILTER Filter string for asset search, e.g.
"application:myapp;type:server"
--template-name TEMPLATE_NAME
Comma-separated template names (eg: --template-name
"Template1,Template2")
--output-file OUTPUT_FILE
Output file for detached templates per asset (default:
config/util_data/output_csv_files/detach_template_from
_asset_output.csv)
get-templates
usage: xshield_util.py get-templates [-h] [--input-file INPUT_FILE]
[--output-file OUTPUT_FILE] [--name NAME]
[--category CATEGORY] [--type TYPE]
[--system-template SYSTEM_TEMPLATE]
[--template-breach-levels TEMPLATE_BREACH_LEVELS]
[--all]
[--wildcard-search WILDCARD_SEARCH]
Fetch template and it's details and export to CSV
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
Input file for template details (refer sample csv file
in config/util_data/input_csv_files/get_templates_inpu
t.csv)
--output-file OUTPUT_FILE
Output file for template details (default: config/util
_data/output_csv_files/get_templates_output.csv)
--name NAME Comma-separated names of templates to fetch
--category CATEGORY Comma-separated categories to filter templates
--type TYPE Filter by template type (valid: allow, block)
--system-template SYSTEM_TEMPLATE
Filter by system template status (valid: true, false)
--template-breach-levels TEMPLATE_BREACH_LEVELS
Filter by template breach levels (example:
"Incident,Inactive,Quarantine")
--all Fetch all templates (Caution: This will be very
expensive query for platform)
--wildcard-search WILDCARD_SEARCH
Wildcard search for templates (eg: SampleTemplate)
update-template
usage: xshield_util.py update-template [-h] [--input-file INPUT_FILE]
[--action {append,deduct,edit}]
Update a template configuration from input file or CLI arguments
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file path for template edit (refer sample file in
config/util_data/input_csv_files/update_template_input
.csv)
--action {append,deduct,edit}
Action to perform on the template (valid values:
append, deduct or edit), append/deduct for port and
path data , edit for template field modifications
delete-user
usage: xshield_util.py delete-user [-h] [--input-file INPUT_FILE]
[--username USERNAME] [--email EMAIL]
[--auth-token-path AUTH_TOKEN_PATH]
[--output-file OUTPUT_FILE]
Removes an user's entry from authentication to Xshield Platform
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file path with User name and email address (refer
sample file in config/util_data/input_csv_files/delete
_users_input.csv)
--username USERNAME Name of the user, comma separated for multiple users
--email EMAIL Email address of the user, comma separated for
multiple emails
--auth-token-path AUTH_TOKEN_PATH
Path for the auth token to be used for API
authentication
--output-file OUTPUT_FILE
Output file for user invitation (default: config/util_
data/output_csv_files/delete_users_output.csv)
delete-user-invite
usage: xshield_util.py delete-user-invite [-h] [--input-file INPUT_FILE]
[--username USERNAME]
[--email EMAIL]
[--auth-token-path AUTH_TOKEN_PATH]
[--output-file OUTPUT_FILE]
Removes an user's Invitation entry from Xshield Platform
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file path with User name and email address (refer
sample file in config/util_data/input_csv_files/delete
_invite_input.csv)
--username USERNAME Name of the user, comma separated for multiple users
--email EMAIL Email address of the user, comma separated for
multiple emails
--auth-token-path AUTH_TOKEN_PATH
Path for the auth token to be used for API
authentication
--output-file OUTPUT_FILE
Output file for user invitation (default: config/util_
data/output_csv_files/delete_invite_output.csv)
invite-user
usage: xshield_util.py invite-user [-h] [--input-file INPUT_FILE]
[--username USERNAME] [--email EMAIL]
[--role ROLE]
[--auth-token-path AUTH_TOKEN_PATH]
[--output-file OUTPUT_FILE]
Generates an Invitation to user's email for authentication to Xshield Platform
options:
-h, --help show this help message and exit
--input-file INPUT_FILE
CSV file path with User name and email address (refer
sample file in config/util_data/input_csv_files/invite
_users_input.csv)
--username USERNAME Name of the user, comma separated for multiple users
--email EMAIL Email address of the user, comma separated for
multiple emails
--role ROLE Role of the user, comma separated for multiple roles
--auth-token-path AUTH_TOKEN_PATH
Path for the auth token to be used for API
authentication
--output-file OUTPUT_FILE
Output file for user invitation (default: config/util_
data/output_csv_files/invite_users_output.csv)