Netskope Client Command Reference
Netskope Client Command Reference
This section lists the various nsdiag commands used in the installation of the Netskope Client.
Diagnostics Commands (Windows, macOS, and Linux)
The diagnostics command is available using the nsdiag command in Microsoft Windows, macOS, and Linux devices. The command is located in the Client installation directory:
-
In Windows: C:\Program Files (x86)\Netskope\stagent
Example: C:\Program Files (x86)\netskope\stagent\nsdiag -n
-
In macOS: /Library/Application Support/Netskope/STAgent/
Example: $ /Library/Application\ Support/Netskope/STAgent/nsdiag -n
-
In Linux: /opt/netskope/stagent/
Example: /opt/netskope/stagent/nsdiag -n
Command example: nsdiag [options]
nsdiag -o <file>.zip
nsdiag -c start [-o <filename>.pcap] [-s <snap length>]
nsdiag -c stop
nsdiag -p start [-o <filename>.etl] [-s <file size>]
nsdiag -p stop
nsdiag -d start [-o <filename>.etl]
nsdiag -d stop
nsdiag -u
nsdiag -g upload -s [1mb | 10mb | 100mb]
nsdiag -r <URL>
nsdiag -g download -s [1mb | 10mb | 100mb]
nsdiag -l [dump | debug | info | warning | error | critical]
nsdiag -m
nsdiag -n
nsdiag -x <regular expression> <string to match>
nsdiag [-h | -v]
If Secure Enrollment tokens are enabled, use the following command. For IDP enrollments, the token need not be present on the end-user machine as the user is authenticated using IdP.
nsdiag -e enrollauthtoken=<token> enrollencryptiontoken=<token>
- There are minor differences in the commands displayed for Mac and Linux. For example,
- The command to capture the outer packet: nsdiag
-p start [-o <filename>.pcap] [-s <file size>]
- The command to start capturing driver logs:
nsdiag -d start [-o <filename>.log]
Command Option | Description |
---|---|
-o <file>.zip | Save logs and diagnostics to output <file>.zip. |
-c start [-o <filename>.pcap] [-s | Start capturing inner packet dump to <filename>.pcap. |
-p start [-o <filename>.etl] [-s <file size>] | Start capturing outer packet dump to <filename>.etl. |
-d start [-o <filename>.etl] | Start capturing driver logs in <filename>.etl. |
-o <filename>.<extension> | In Windows Output will be created in default directory "C:/ProgramData/Netskope/stagent/Logs"
In macOS Output will be created in default directory "/Library/Logs/Netskope"
In Linux Output will be created in default directory "/opt/netskope/stagent/logs"
|
-s <snap length> | If snap length is not specified, entire packet will be captured. |
-m <file size> | File size(in MB's) must be less than 1024 and non zero. For example, nsdiag -m 2 The default size is 10 MB, using this command you can specify the log file size upto 1 GB. Usage: nsdiag -m Example: nsdiag -m 10 This will change the nsdebug.log file to 10 MB. |
-c stop | Stop capturing inner packet dump. |
-p stop | Stop capturing outer packet dump. |
-d stop | Stop capturing driver logs. |
-u | Update configuration |
-h | Show this help. |
-v | Show Netskope Client version. |
-r | Show time values of website access. For example, ./nsdiag -r www.google.com |
-g download -s [1mb | 10mb | 100mb] | Perform Speed Test operation, supports [upload | download] operation. Supported file sizes are 1mb, 10mb, 100mb and should be provided by -s. File size is mandatory. |
-g upload | Performs upload Speed Test for specified size. Supported payload size are 1mb, 10mb, 100mb and to be used with the -s option. File size is mandatory. Upload test example: nsdiag -g upload -s 10mb. |
-g download | Performs download Speed Test for specified size. Download test example: nsdiag -g download -s 10mb |
-l [dump | debug | info | warning | error | critical] | Set the Netskope client log level. |
-n | Get NPA status. Example: $/Library/Application\ Support/Netskope/STAgent/nsdiag -n NPA status is Connected. |
-x | Test if string will match regular expression. |
-f | Use this command to display the client details such as client status, tunnel status, Gateway, On-PremStatus, Gateway IP, Tunnel Protocol, Explicit Proxy.
|
--check-dc | Check device classification and send current status immediately to the backend. |