You are here: Additional Resources > Command Line Operations > Common Command Line Operations

Common Command Line Operations

PVS can be run from the command line to update plugins, perform configuration tasks, and analyze Pcap files to generate a report file for use with SecurityCenter CV or other programs. Running the PVS binary with the –h option displays a list of available options.

Note: You must stop PVS before running command line operations.

PVS Binary Locations

The PVS binary for Linux can be found in the following location:

# /opt/pvs/bin/pvs

The PVS binary for Windows can be found in the following location:

C:\Program Files\Tenable\PVS\pvs.exe

The PVS binary for macOS can be found in the following location:

# /Library/PVS/bin/pvs

PVS Command Line Options

Option Purpose

-a <activation code>

Enter the Activation Code to activate PVS to enable plugin updates and monitoring functions.

If your PVS system is managed by SecurityCenter and running in Standard mode, you can use the following command: -a SecurityCenter

If your PVS system is managed by SecurityCenter and running in High Performance mode, you can use the following command: -a SecurityCenter <activation code>

--config --add "custom_paramater name" "parameter value"

Add a custom configuration parameter for PVS or PVS Proxy. The double quote characters are required, although single quotes may be used when special characters are required.

--config --delete "custom_parameter name"

The delete command may be used to remove custom configuration parameters.

--config --list

Lists the current PVS and PVS Proxy configuration parameters. Parameter values are listed to the left of the colon character and are case sensitive. The value of the parameter displays to the right of the colon character.

--config "parameter name" ["parameter value"]

Displays the defined parameter value. If a value is added at the end of the command, the parameter updates with the new setting. The double quote characters are required, and single quotes may be used when special characters are required.

-d debug mode

Runs PVS in debug mode for troubleshooting purposes. This option causes the system to use more resources and should be enabled only when directed by a Tenable Support Technician.

-f packet_dump_file

Replace packet_dump_file with the path to the Pcap file you want PVS to process.

Note: Windows does not support the pcapng format.

-h

Displays the command line options help file.

-k

Displays the PVS activation status.

-L

Displays a list of the license declarations.

-l

Displays a list of the plugin IDs that are loaded by PVS.

-m

Shows various aspects of memory usage during the processing of the pvs command.

-p packet_dump_file

Replace packet_dump_file with the local file name or path to file name to write the captured packets to a file.

pvs --users --add

Use to add a new user to PVS with the expected values of: ["username" "password" admin]: add new user. Expected values for “admin” flag are either 1 - grant user administrative privileges, or 0 - don’t grant user administrative privileges.

pvs --users --chpasswd

Use to change a PVS user's password.

pvs --users --delete

Use to remove a user from PVS.

--register-offline <license file>

Registers PVS in offline mode when you insert the license file obtained from Tenable.

--update-plugins <plugins tarball>

If PVS is not running in offline mode, the tarball is optional. When no file is provided with this command, PVS contacts a plugin feed server to download plugins directly.

When using PVS in offline mode, updating the plugins requires downloading a tarball from Tenable. When updating the plugins from the command line, this command is used to identify the file to use for updating the plugins.

-v

Shows the version information about the installed instance of PVS.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.