Start ASE
Description
Start ASE
Syntax
./start.sh
Stop ASE
Description
Stop ASE
Syntax
./stop.sh
Help
Description
Displays cli.sh help
Syntax
./cli.sh help
Version
Description
Displays the version number of ASE
Syntax
./cli.sh version
Status
Description
Displays the running status of ASE
Syntax
./cli.sh status
Update Password
Description
Change ASE admin password
Syntax
./cli.sh update_password -u admin - p
Change log level
Description
Change balancer.log and controller.log log level
Syntax
./cli.sh log_level -u admin -p
options - warn, info, error, fatal, debug
Get Authentication Method
Description
Display the current authentication method
Syntax
./cli.sh get_auth_method -u admin -p
Update Authentication Method
Description
Update ASE authentication method
Syntax
./cli.sh update_auth_method {method} -u admin -p
Enable Sideband Authentication
Description
Enable authentication between API gateway and ASE when ASE is deployed in sideband mode
Syntax
./cli.sh enable_sideband_authentication -u admin – p
Disable Sideband Authentication
Description
Disable authentication between API gateway and ASE when ASE is deployed in sideband mode
Syntax
./cli.sh disable_sideband_authentication -u admin – p
Create ASE Authentication Token
Description
Create the ASE token that is used to authenticate between the API gateway and ASE
Syntax
./cli.sh create_sideband_token -u admin – p
List ASE Authentication Token
Description
List the ASE token that is used to authenticate between the API gateway and ASE
Syntax
./cli.sh list_sideband_token -u admin – p
Delete ASE Authentication Token
Description
Delete the ASE token that is used to authenticate between the API gateway and ASE
Syntax
./cli.sh delete_sideband_token {token} -u admin – p
Enable Audit Logging
Description
Enable audit logging
Syntax
./cli.sh enable_audit -u admin -p admin
Disable Audit Logging
Description
Disable audit logging
Syntax
./cli.sh disable_audit -u admin -p admin
Add Syslog Server
Description
Add a new syslog server
Syntax
./cli.sh –u admin -p admin add_syslog_server host:port
Delete Syslog Server
Description
Delete the syslog server
Syntax
./cli.sh –u admin -p admin delete_syslog_server host:port
List Syslog Server
Description
List the current syslog server
Syntax
./cli.sh –u admin -p admin list_syslog_server
Add API
Description
Add a new API file in JSON format. File should have .json extension. Provide the complete path where you have stored the API JSON file. After running the command, API is added to /opt/pingindentity/ase/config/api directory
Syntax
./cli.sh –u admin -p admin add_api {config_file_path}
Update API
Description
Update an API after the API JSON file has been edited and saved
Syntax
./cli.sh –u admin -p admin update_api {api_name}
List APIs
Description
Lists all APIs configured in ASE
Syntax
./cli.sh –u admin -p admin list_api
API Info
Description
Displays the API JSON file
Syntax
./cli.sh –u admin -p admin api_info {api_id}
API Count
Description
Displays the total number of APIs configured
Syntax
./cli.sh –u admin -p admin api_count
Enable Per API Blocking
Description
Enables attack blocking for the API
Syntax
./cli.sh –u admin -p admin enable_blocking {api_id}
Disable Per API Blocking
Description
Disable attack blocking for the API
Syntax
./cli.sh –u admin -p admin disable_blocking {api_id}
Delete API
Description
Delete an API from ASE. Deleting an API removes the corresponding JSON file and deletes all the cookies associated with that API
Syntax
./cli.sh –u admin -p admin delete_api {api_id}
Generate Master Key
Description
Generate the master obfuscation key ase_master.key
Syntax
./cli.sh -u admin -p admin generate_obfkey
Obfuscate Keys and Password
Description
Obfuscate the keys and passwords configured in various configuration files
Syntax
./cli.sh -u admin -p admin obfuscate_keys
Create a Key Pair
Description
Creates private key and public key pair in keystore
Syntax
./cli.sh –u admin -p admin create_key_pair
Create a CSR
Description
Creates a certificate signing request
Syntax
./cli.sh –u admin -p admin create_csr
Create a Self-Signed Certificate
Description
Creates a self-signed certificate
Syntax
./cli.sh –u admin -p admin create_self_sign_cert
Import Certificate
Description
Import CA signed certificate into keystore
Syntax
./cli.sh –u admin -p admin import_cert {cert_path}
Create Management Key Pair
Description
Create a private key for management server
Syntax
/cli.sh –u admin -p admin create_management_key_pair
Create Management CSR
Description
Create a certificate signing request for management server
Syntax
/cli.sh –u admin -p admin create_management_csr
Create Management Self-signed Certificate
Description
Create a self-signed certificate for management server
Syntax
/cli.sh –u admin -p admin create_management_self_sign_cert
Import Management Key Pair
Description
Import a key-pair for management server
Syntax
/cli.sh –u admin -p admin import_management_key_pair {key_path}
Import Management Certificate
Description
Import CA signed certificate for management server
Syntax
/cli.sh –u admin -p admin import_management_cert {cert_path}
Cluster Info
Description
Displays information about an ASE cluster
Syntax
./cli.sh –u admin -p admin cluster_info
Delete Cluster Node
Description
Delete and inactive ASE cluster node
Syntax
./cli.sh –u admin -p admin delete_cluster_node host:port
Enable Firewall
Description
Enable API firewall. Activates pattern enforcement, API name mapping, manual attack type
Syntax
./cli.sh –u admin -p admin enable_firewall
Disable Firewall
Description
Disable API firewall
Syntax
./cli.sh –u admin -p admin disable_firewall
Enable ASE detected attacks
Description
Enable ASE detected attacks
Syntax
./cli.sh –u admin -p admin enable_ase_detected_attack
Disable ASE Detected Attacks
Description
Disable API firewall
Syntax
./cli.sh –u admin -p admin disable_ase_detected_attack
Enable ABS
Description
Enable ABS to send access logs to ABS
Syntax
./cli.sh –u admin -p admin enable_abs
Disable ABS
Description
Disable ABS to stop sending access logs to ABS
Syntax
./cli.sh –u admin -p admin disable_abs
Adding Blacklist
Description
Add an entry to ASE blacklist using CLI. Valid type values are: IP, Cookie, OAuth2 token, API Key, and username

If type is ip, then Name is the IP address.

If type is cookie, then name is the cookie name, and value is the cookie value

Syntax
./cli.sh –u admin -p admin add_blacklist {type}{name}{value}
Example
/cli.sh -u admin -p admin add_blacklist ip 1.1.1.1
Delete Blacklist Entry
Description
Delete entry from the blacklist.
Syntax
./cli.sh –u admin -p admin delete_blacklist {type}{name}{value}
Example
cli.sh -u admin -p delete_blacklist token 58fcb0cb97c54afbb88c07a4f2d73c35
Clear Blacklist
Description
Clear all the entries from the blacklist
Syntax
./cli.sh –u admin -p admin clear_blacklist
View Blacklist
Description
View the entire blacklist or view a blacklist for the specified attack type (for example, invalid_method)
Syntax
./cli.sh –u admin -p admin view_blacklist {all|manual|abs_generated|invalid_content_type|invalid_method|invalid_protocol|decoy}
Adding Whitelist
Description
Add an entry to ASE whitelist using CLI. Valid type values are: IP, cookie, OAuth2 token, API key, and username

If type is IP, then name is the IP address.

If type is cookie, then name is the cookie name, and value is the cookie value

Syntax
./cli.sh –u admin -p admin add_whitelist {type}{name}{value}
Example
/cli.sh -u admin -p admin add_whitelist api_key AccessKey 065f73cdf39e486f9d7cda97d2dd1597
Delete Whitelist Entry
Description
Delete entry from the whitelist
Syntax
./cli.sh –u admin -p admin delete_whitelist {type}{name}{value}
Example
/cli.sh -u admin -p delete_whitelist token 58fcb0cb97c54afbb88c07a4f2d73c35
Clear Whitelist
Description
Clear all the entries from the whitelist
Syntax
./cli.sh –u admin -p admin clear_whitelist
View Whitelist
Description
View the entire whitelist
Syntax
./cli.sh –u admin -p admin view_whitelist
ABS Info
Description
Displays ABS status information.

ABS enabled or disabled, ASE fetching ABS attack types, and ABS cluster information

Syntax
./cli.sh –u admin -p admin abs_info