Usage
Syntax
Commands must be formatted in the correct syntax to function and can be composed of a prefix, context, arguments, options, etc. This is the general syntax used throughout eShell:
[<prefix>] [<command path>] <command> [<arguments>]
Example (this activates document protection): SET COMPUTER SCANS DOCUMENT REGISTER ENABLED |
SET - a prefix
COMPUTER SCANS DOCUMENT - path to a specific command, a context where this command belongs
REGISTER - the command itself
ENABLED - an argument for the command
Using ? as an argument for command will display the syntax for that specific command. For example, STATUS ? will show you the syntax for STATUS command:
SYNTAX:
[get] status
OPERATIONS:
get - Show status of all protection modules
You may notice that [get] is in brackets. It designates that the prefix get is default for the status command. This means that when you execute status without specifying any prefix, it will actually use the default prefix (in this case get status). Using commands without a prefix saves time when typing. Usually get is the default prefix for most commands, but you need to be sure what the default prefix is for a specific command and that it is exactly what you want to execute.
Commands are not case-sensitive. You can use uppercase (capital) or lowercase letters; the command will execute regardless. |
Prefix / Operation
A prefix is an operation. The GET prefix will give you information about how a certain feature of ESET Server Security is configured or show you the status (such as GET COMPUTER REAL-TIME STATUS will show you current protection status of the Real-time module). The SET prefix will configure functionality or change its status (SET COMPUTER REAL-TIME STATUS ENABLED will activate Real-time protection).
These are the prefixes that eShell enables to use. A command may or may not support any of the prefixes:
GET |
returns current setting/status |
---|---|
SET |
sets value/status |
SELECT |
selects an item |
ADD |
adds an item |
REMOVE |
removes an item |
CLEAR |
removes all items/files |
START |
starts an action |
STOP |
stops an action |
PAUSE |
pauses an action |
RESUME |
resumes an action |
RESTORE |
restores default settings/object/file |
SEND |
sends an object/file |
IMPORT |
imports from a file |
EXPORT |
exports to a file |
Prefixes such as GET and SET are used with many commands, but some commands (such as EXIT) do not use a prefix. |
Command path / Context
Commands are placed in contexts which form a tree structure. The top level of the tree is root. When you run eShell, you are at the root level:
eShell>
You can execute a command from here or type the context name to navigate within the tree. For example, when you type the TOOLS context, it will list all commands and sub-contexts available.
Yellow items are commands you can execute and grey items are sub-contexts you can enter. A sub-context contain further commands.
If you need to return back to a higher level, use .. (two dots).
Say you are here: eShell computer real-time> type .. to go up one level, to: eShell computer> |
If you want to get back to root from eShell computer real-time> (which is two levels lower than root), simply type .. .. (two dots and two dots separated by space). By doing so, you will get two levels up, which is root in this case. Use backslash \ to return directly to root from any level no matter how deep within the context tree you are. If you want to get to a specific context in upper levels, simply use the appropriate number of .. commands to get to the desired level, using space as a separator. For example, if you want to get three levels higher, use .. .. ..
The path is relative to the current context. Do not type a path if the command is contained in the current context. For example, to execute GET COMPUTER REAL-TIME STATUS enter:
GET COMPUTER STATUS - If you are in the root context (command line shows eShell>)
GET STATUS - If you are in the context COMPUTER (command line shows eShell computer>)
.. GET STATUS - If you are in the context COMPUTER REAL-TIME (command line shows eShell computer real-time>)
You can use single . (dot) instead of two .. because single dot is an abbreviation of two dots.
. GET STATUS - if you are in the context COMPUTER REAL-TIME (command line shows eShell computer real-time>) |
Argument
An argument is an action that is performed for a specific command. For example, the command CLEAN-LEVEL (located in COMPUTER REAL-TIME ENGINE) can be used with the following arguments:
rigorous - Always remedy detection
safe - Remedy detection if safe, keep otherwise
normal - Remedy detection if safe, ask otherwise
none - Always ask the end user
Another example is the arguments ENABLED or DISABLED, which enable or disable a certain feature or functionality.
Abbreviated form / Shortened commands
eShell enable you to shorten contexts, commands and arguments (provided the argument is a switch or an alternative option). You cannot shorten a prefix or argument with concrete values such as a number, name or path. You can use numbers 1 and 0 instead of enabled and disabled arguments.
computer set real-time status enabled => com set real stat 1 computer set real-time status disabled => com set real stat 0 |
Examples of the short form:
computer set real-time status enabled => com set real stat en computer exclusions add detection-excludes object C:\path\file.ext => com excl add det obj C:\path\file.ext computer exclusions remove detection-excludes 1 => com excl rem det 1 |
If two commands or contexts start with the same letters (such as ADVANCED and AUTO-EXCLUSIONS, and you type A as shortened context), eShell will not be able to decide which context of these two you want to type. An error message will display and list commands starting with A which you can choose from:
eShell>a
The following command is not unique: a
The following sub-contexts are available in COMPUTER context:
ADVANCED
AUTO-EXCLUSIONS
By adding one or more letter (for example AD instead of just A) eShell will enter ADVANCED sub-context since it is unique now. The same applies to abbreviated commands.
When you want to be sure that a command executes the way you need, we recommend that you do not abbreviate commands, arguments, etc. and use the full form. This way, eShell will execute exactly what you need and prevent unwanted mistakes. This is especially true for batch files/scripts. |
Automatic completion
This new feature was introduced in eShell 2.0 and is similar to automatic completion in Windows Command Prompt. While Windows Command Prompt completes file paths, eShell completes commands, context and operation names. Argument completion is not supported.
Press Tab to complete or cycle through available variations when typing a command.
Press SHIFT + Tab to cycle backward. Mixing abbreviated forms and automatic completion is not supported. Use either one or the other.
For example, when you type computer real-time additional hitting Tab will do nothing. Instead, type com and then Tab to complete computer, continue typing real + Tab, and add + Tab, hit Enter. Type on + Tab and continue hitting Tab to cycle through all available variations: on-execute-ah, on-execute-ah-removable, on-write-ah, on-write-archive-default, etc.
Aliases
An alias is an alternative name that can be used to execute a command (provided that the command has an alias assigned). There are a few default aliases:
(global) close - exit
(global) quit - exit
(global) bye - exit
warnlog - tools log events
virlog - tools log detections
(global) The command can be used anywhere, regardless of the current context. One command can have multiple aliases assigned. For example, the command EXIT has aliases CLOSE, QUIT and BYE. When you want to exit eShell, you can use the EXIT command or any of its aliases.
The alias VIRLOG is an alias for the command DETECTIONS located in the TOOLS LOG context. This way, the detections command is available from the ROOT context, making it easier to access (you do not have to type TOOLS and then LOG sub-context and run it directly from ROOT).
eShell enables you to define your aliases. Command ALIAS can be found in UI ESHELL context.
Password protected settings
ESET Server Security settings can be protected by a password. You can set a password using GUI or eShell using the set ui access lock-password.
You must type this password interactively for certain commands (such as changing settings or modifying data). If you plan to work with eShell for a longer period and do not want to type the password repeatedly, you can get eShell to remember the password using the set password command (execute from root). Your password will then be filled in automatically for each executed command that requires a password. It is remembered until you exit eShell; you must use the set password again when you start a new session and want eShell to remember it.
Guide / Help
When you run the GUIDE or HELP command, it will display a "first run" screen explaining how to use eShell. This command is available only from the ROOT context (eShell>).
Command history
eShell keeps a history of previously executed commands. This applies only to the current eShell interactive session. Once you exit eShell, the command history will be dropped. Use your keyboard's Up and Down arrow keys to navigate the history. When you find the command you were looking for, you can execute it again or modify it without typing in the entire command from the beginning.
CLS / Clear screen
The CLS command can be used to clear the screen. It works the same way with Windows Command Prompt or similar command line interfaces.
EXIT / CLOSE / QUIT / BYE
To close or exit eShell, you can use any of these commands (EXIT, CLOSE, QUIT or BYE).