Agents Commands¶
agents¶
View and manage Incydr agents.
Incydr agents run on the endpoints in your environment and monitor for insider risk activity.
Usage:
agents [OPTIONS] COMMAND [ARGS]...
Options:
--log-stderr Enable logging to stderr.
--log-file TEXT Specify file path to write log output to.
--log-level TEXT Set level for Incydr client logging.
--help Show this message and exit.
agents bulk-activate¶
Activate a group of agents from a file (CSV or JSON-LINES formatted).
Use - as filename to read from stdin.
Input files require a header (for CSV input) or JSON key for each object (for JSON-LINES input) to identify which agent ID to activate.
Header and JSON key values that are accepted are: agent_id, agentId, or guid
Usage:
agents bulk-activate [OPTIONS] FILE
Options:
-f, --format [csv|json-lines] Specify format of input file: 'csv' or 'json-
lines'. Defaults to 'csv'.
--log-stderr Enable logging to stderr.
--log-file TEXT Specify file path to write log output to.
--log-level TEXT Set level for Incydr client logging.
--help Show this message and exit.
agents bulk-deactivate¶
Deactivate a group of agents from a file (CSV or JSON-LINES formatted).
Use - as filename to read from stdin.
Input files require a header (for CSV input) or JSON key for each object (for JSON-LINES input) to identify which agent ID to deactivate.
Header and JSON key values that are accepted are: agent_id, agentId, or guid
Usage:
agents bulk-deactivate [OPTIONS] FILE
Options:
-f, --format [csv|json-lines] Specify format of input file: 'csv' or 'json-
lines'. Defaults to 'csv'.
--log-stderr Enable logging to stderr.
--log-file TEXT Specify file path to write log output to.
--log-level TEXT Set level for Incydr client logging.
--help Show this message and exit.
agents list¶
List agents.
Usage:
agents list [OPTIONS]
Options:
--active / --inactive Filter by active or inactive agents. Defaults to
returning both when when neither option is passed.
--healthy Filter by healthy agents. Agents that have no
health issue types are considered healthy.
--unhealthy TEXT Filter by unhealthy agents. Defaults to returning
all unhealthy agents. Pass a comma delimited list
of health issue types to filter by unhealthy
agents that have (at least) any of the given
health issue type(s). Health issue types include
the following: NOT_CONNECTING,
NOT_SENDING_SECURITY_EVENTS.
-f, --format TABLEFORMAT Format to print result. One of 'table', 'json-
pretty', 'json-lines', or 'csv. If environment has
INCYDR_USE_RICH=false set, defaults to 'json-
lines', else defaults to 'table'.
--columns TEXT Comma-delimited string of column names. Nested
values should be specified in dot-notation. Limits
output to contain only the specified columns in
CSV or Table format. Ignored for JSON output
formats.
--log-stderr Enable logging to stderr.
--log-file TEXT Specify file path to write log output to.
--log-level TEXT Set level for Incydr client logging.
--help Show this message and exit.
agents show¶
Show details for a single agent.
Usage:
agents show [OPTIONS] AGENT_ID
Options:
-f, --format SINGLEFORMAT Format to print result. One of 'rich', 'json-
pretty', or 'json-lines'. If environment has
INCYDR_USE_RICH=false set, defaults to 'json-
lines', else defaults to 'rich'.
--log-stderr Enable logging to stderr.
--log-file TEXT Specify file path to write log output to.
--log-level TEXT Set level for Incydr client logging.
--help Show this message and exit.