Managing your Linux client using the command line tool (sav)
search cancel

Managing your Linux client using the command line tool (sav)

book

Article ID: 385089

calendar_today

Updated On:

Products

Endpoint Security Endpoint Protection

Issue/Introduction

The Linux client command line tool lets you control and check on your Linux client.

Note: Root privilege is required to use this tool.

Resolution

To manage your Linux Agent using the command line tool:

1. On a Linux client computer, navigate to the following location:

/opt/Symantec/sdcssagent/AMD/tools

 

2. Run the sav command as follows:

./sav [options] command

 

Options for sav

Option Description Applies to
-h|--help
Displays available options and commands for sav. As of 14.3 RU2
-q|--quiet
Quiet As of 14.3 RU2

 

Commands for sav

Command Description Applies to
autoprotect -d|--disable
Disables Auto-Protect. As of 14.3 RU2
autoprotect -e|--enable

Enables Auto-Protect.

To check the Auto-Protect status, run the following command:

[root@localhost tools]# cat /proc/sisap/status |
grep -i MODE

The reply can be one of the following commands:

• mode=ENA (if enabled)
• mode=DIS (if disabled)
As of 14.3 RU2
info -a|--autoprotect
Displays the status of auto-protect on the computer. As of 14.3 RU4
info -d|--defs
Shows the version and date of the current virus and security risk definitions used on the device. As of 14.3 RU3
info -e|--engine
Shows the version of the scan engine that the device is using. As of 14.3 RU3
info -p|--product
Shows the Symantec Agent version in use on the device. As of 14.3 RU3
liveupdate -u|--update
Runs LiveUpdate immediately. As of 14.3 RU3
manage -i|--import <file>
Imports the sylink.xml file to the specified location. As of 14.3 RU2
manualscan -s|--scan <file list>

Starts a manual scan.

<file list> specifies the file and directory list to scan.

To specify this list, type a list of files and directories that are separated by line feeds and ending with an end of file signal, such as CTRL-D. If a directory is specified, all subdirectories are also scanned. Wildcard characters are supported.

If you specify a hyphen (-) instead of a list of files and directories, then the list of path names is read from the standard input. You can use commands that produce a list of files or path names that are separated by line feeds. Submitting a long list of items to this command can negatively affect performance. Symantec recommends that you limit lists to a maximum of a few thousand items.

As of 14.3 RU3
manualscan -t|--stop

Stops a manual scan that is in progress.

As of 14.3 RU3
quarantine -d|--delete <ID>

Delete the specified item from the Quarantine. To view the ID of an item, list the items that are in the Quarantine.

As of 14.3 RU4
quarantine -i|-- info <ID>

Provides detailed information about the quarantined item. To view the ID of an item, list the items that are in the Quarantine.

As of 14.3 RU4
quarantine -l|--list

List all of the items that are in the local Quarantine.

As of 14.3 RU4
quarantine -r|--restore <ID>

Restores the quarantined item that is specified. To view the ID of an item, list the items that are in the Quarantine.

As of 14.3 RU4
scheduledscan -c|-- create scan_id parameters pathname

Creates a new local scheduled scan that is identified by scan_id, which must be unique. If an existing scan_id is specified, the existing scan_id
scheduled scan is updated.

The pathname specifies the file and directory list to scan. To specify this list, type a list of files and directories separated by spaces. If a directory is specified, all subdirectories are also scanned. Wildcard characters are supported.

  • -f|-- frequency [daily|weekly|monthly]
    Required. Specifies the scan frequency.
  • -i|--interval [HH:MM|DDD|D]
    Specifies the interval between scans. Depends on the frequency.
    If frequency is daily, the interval must be HH:MM, where HH = the hour (00 - 23) and MM = the minute (00-59).
    If frequency is weekly, the interval must be DDD, where DDD = one of Sun, Mon, Tue, Wed, Thu, Fri, Sat.
    If frequency is monthly, the interval must be D, where D = any value from 1 to 31.
  • -t|-- time [HH:MM]
    HH = the hour (00 - 23) and MM = the minute (00 - 59). Not used for daily frequency.

Submitting a long list of items to this command can negatively affect performance. Symantec recommends that you limit lists to a maximum of a few thousand items.

 
scheduledscan -d|--delete scan_id

Deletes the local scheduled scan that is specified by scan_id.

Administrator-defined scheduled scans cannot be deleted manually.