7.3. List of potential actions of the setup account

From the setup account, it will be possible:

• Accessing the GCap and GCenter

  To perform the following task	Choose the following procedure
  Connect to the GCap by a direct connection	1 - Procedure to connect directly to the GCap via keyboard and screen
  Remote connection to iDRAC via HTTP	1 - Procedure to connect the iDRAC in HTTP (DELL server)
  Remote SSH connection in serial port forwarding mode	1 - Procedure to remote connection to the CLI using SSH via the iDRAC interface in serial port forwarding mode
  Connect to the GCenter via a web browser	1 - Procedure to connect to the GCenter via a web browser
  Remote connection to GCap via an SSH tunnel	1 - Procedure to remote connection to GCap via an SSH tunnel

• Configure the GCap

  To perform the following task	Carry out the following procedures in succession
  Install a GCAP	1 - Procedure to configure the GCap for the first connection 2 - Procedure to put a GCap into operation
  Display the current keyboard language	1 - Display: use the show keymap command
  Modify the keyboard language.	1 - Display: use the show keymap command 2 - Modify: use the set keymap command
  Configuring the Gcap interface: (GUI or CLI)	1 - Display: use the show network-config command 2 - Modify: use the set network-config command
  Display the date and time	1 - Display: use the show datetime command
  Modify the date and time	1 - Display: use the show datetime command 2 - Modify: refer to the set datetime or Procedure to change the date and time of the GCap command
  Enable or disable colors for the current CLI session	1 - Use the color command
  Display the current compatibility mode with the GCenter	1- Show: use the show compatibility-mode command
  Modify the compatibility mode with the GCenter	1- Show: use the show compatibility-mode command 2 - Modify: use the set compatibility-mode command
  Pairing the GCap with GCenter	1 - Refer to the pairing or Procedure to pair a GCap with the GCenter command
  Unpair the GCap	1 - Refer to the exit command

• Manage the accounts

  To perform the following task	Carry out the following procedures in succession
  Display the list of users	1 - Display the list: use the show passwords command
  Modify the passwords	1 - Display the list: use the show passwords command 2 - Change passwords: use the set passwords command
  Change the SSH keys	1 - Use the set ssh-keys command
  Display the password policy	2 - Use the show password-policy command
  Unlock blocked accounts	1 - Use the system unlock command
  Modify the password management policy	1 - Use the set password-policy command
  Display the protection policy against brute force attacks	1 - Use the show bruteforce-protection command
  Modify the protection policy against brute force attacks	1 - Use the set bruteforce-protection command
  Display the duration of inactivity before disconnection	1 - Use the show session-timeout command
  Modify the duration of inactivity before disconnection	1 - Use the set session-timeout command

• manage the detection engine

  To perform the following task	Carry out the following procedures in succession
  Display advanced options of the Sigflow configuration	1 - Use the show monitoring-engine command
  Apply a Sigflow advanced configuration	1 - Use the set monitoring-engine command
  Start the Sigflow detection engine	1 - Use the monitoring-engine start command
  Stop the Sigflow monitor engine	1 - Use the monitoring-engine stop command
  Display the detection engine status	1 - Use the monitoring-engine status command
  Replay a pcap file of traffic generation	1 - Use the replay command

• Manage the network

  To perform the following task	Carry out the following procedures in succession
  Display the information of the network interfaces (capture, `tunnel`>, ```management>)	1 - Use the show interfaces command
  Modify the `management` or `tunnel` interface configuration :	1 - Use the set network-config command
  Managing Tunnel and Management interfaces	1 - refer to Procedure to manage the network parameters of `Tunnel` and `Management` interfaces
  Switch to the single-interface configuration	1 - Refer to Procedure to switch the single-interface configuration
  Switching to the dual-interface configuration	1 - Refer to Procedure to switch to the configuration dual-interface
  Modify the GCap domain name	1 - Use the set network-config command
  Display the IP address of the GCenter with which the GCap is paired	1 - Use the show gcenter-ip command
  Modify the IP address of the GCenter to which the GCap will be paired	1 - Use the set gcenter-ip command
  Display the MTU value of the network interfaces (capture, `tunnel`, `management`)	1 - Use the show interfaces command
  Modify the MTU value of the network interfaces (capture, `tunnel`, `management`)	1 - Enter the set advanced-configuration mtu command
  Manage the capture interfaces `monx`	1 - Use the set interfaces command
  Manage the capture interfaces `monx`	1 - refer to Procedure to manage the `monx` capture interface settings
  Configure the aggregation of capture interfaces `monx`	1 - refer to set interfaces ou Procedure to manage capture interface aggregation

• Manage the server

  To perform the following task	Carry out the following procedures in succession
  Display help on the commands	1 - Use the help command
  Exit the current context	1 - Use the exit command
  Leave the SSH session	1 - Use the exit command
  System: shut down the GCap	1 - Use the system shutdown command
  Système : restart the GCap	1 - Use the system restart command

• Monitoring the GCAP

  To perform the following task	Carry out the following procedures in succession
  Display the current status of the GCap	1 - Use the show status command
  Display the statistics of the Sigflow detection engine	1 - Use the show eve-stats command
  Display statistics and health information	1 - Use the show health command
  Extract the information from the GCap as requested by technical support	1 - Use the show tech-support command

---