Current ThreatQ Version Filter
 

About the Command Line Interface (CLI)

You can use the CLI to perform tasks and initiate specific platform processes.

Important Notes

  • You should SSH into your ThreatQ installation as root or have sudo permission.
  • Some CLI commands require you to be in a specific directory to execute. Review the Help Center topic for each command before running.
  • Most CLI commands require that the ThreatQ application be placed into maintenance mode before proceeding. Placing the application in maintenance mode allows you to perform operations which would be delayed or otherwise impeded by regular API operation. Review the Maintenance Mode section below before executing CLI commands.
  • Artisan commands are run in the api-schedule-run pod.

Important Notes

  • Most CLI commands require that the ThreatQ application be placed into maintenance mode before proceeding. Placing the application in maintenance mode allows you to perform operations which would be delayed or otherwise impeded by regular API operation. Review the Maintenance Mode section below before executing CLI commands.
  • Artisan commands are run in the api-schedule-run pod.

Maintenance Mode

Command Line Interface (CLI) commands and other processes, such as backup and restore, require that you place the ThreatQ application into maintenance mode. Placing the application in maintenance mode allows you to perform operations which would be delayed or otherwise impeded by regular API operation.

Some CLI commands automatically place the ThreatQ application into maintenance mode when executed. The Help Center topics for these commands indicates if the command will automatically place the ThreatQ application into maintenance mode.

Placing the ThreatQ Application into Maintenance Mode
  1. SSH to your ThreatQ installation.
  2. Navigate to the api directory using the following command:
    cd /var/www/api
  3. Run the following command:
    sudo php artisan down

    The platform is now in maintenance mode.
    Enter Maintenance Mode

Placing the ThreatQ Application into Maintenance Mode
  1. SSH to your ThreatQ installation.
  2. Run the following command:
    kubectl exec --namespace threatq --stdin --tty deployment/api-schedule-run -- ./artisan down

    The platform is now in maintenance mode. When you log into a ThreatQ instance that is in maintenance mode, ThreatQ displays a maintenance notification that includes the following message: ThreatQ is down for maintenance.

Taking the ThreatQ Application out of Maintenance Mode

The following steps assume you are already in the CLI. If not, complete steps 1-2 from above before proceeding.

  1. While under the /var/www/api directory, run the following command:
    sudo php artisan up

    The platform is now out of maintenance mode.

    Exit Maintenance Mode

Taking the ThreatQ Application Out of Maintenance Mode
  1. SSH to your ThreatQ installation.
  2. Run the following command:
    kubectl exec --namespace threatq --stdin --tty deployment/api-schedule-run -- ./artisan up

    The platform is now out of maintenance mode.

Passwords for Artisan Commands

Some commands, such as the backup command require the MariaDB password. You can use the get secrets command listed below to retrieve all Kubernetes secrets, including your MariaDB password, in a human-readable format.

Retrieving Passwords
  1. SSH to your ThreatQ installation.
  2. Run the following command:
    kubectl get secrets --namespace threatq --output go-template='{{range $i,$d := .items}}{{print $d.metadata.name "\n"}}{{range $k,$v := $d.data}}{{printf " %s: " $k}}{{if not $v}}{{$v}} {{else}}{{$v | base64decode}}{{end}}{{"\n"}}{{end}}{{"\n"}}{{end}}'