Veritas NetBackup™ Commands Reference Guide

Last Published:
Product(s): NetBackup (8.2)
  1. Introduction
    1.  
      About NetBackup commands
    2.  
      Navigating multiple menu levels
    3.  
      NetBackup command conventions
    4.  
      NetBackup Media Manager command notes
    5.  
      IPV6 updates
  2. Appendix A. NetBackup Commands
    1.  
      acsd
    2.  
      add_media_server_on_clients
    3.  
      backupdbtrace
    4.  
      backuptrace
    5.  
      bmrc
    6.  
      bmrconfig
    7.  
      bmrepadm
    8.  
      bmrprep
    9.  
      bmrs
    10.  
      bmrsrtadm
    11.  
      bp
    12.  
      bparchive
    13.  
      bpbackup
    14.  
      bpbackupdb
    15.  
      bpcatarc
    16.  
      bpcatlist
    17.  
      bpcatres
    18.  
      bpcatrm
    19.  
      bpcd
    20.  
      bpchangeprimary
    21.  
      bpclient
    22.  
      bpclimagelist
    23.  
      bpclntcmd
    24.  
      bpclusterutil
    25.  
      bpcompatd
    26.  
      bpconfig
    27.  
      bpdbjobs
    28.  
      bpdbm
    29.  
      bpdgclone
    30.  
      bpdown
    31.  
      bpduplicate
    32.  
      bperror
    33.  
      bpexpdate
    34.  
      bpfis
    35.  
      bpflist
    36.  
      bpgetconfig
    37.  
      bpgetdebuglog
    38.  
      bpimage
    39.  
      bpimagelist
    40.  
      bpimmedia
    41.  
      bpimport
    42.  
      bpinst
    43.  
      bpkeyfile
    44.  
      bpkeyutil
    45.  
      bplabel
    46.  
      bplist
    47.  
      bpmedia
    48.  
      bpmedialist
    49.  
      bpminlicense
    50.  
      bpnbat
    51.  
      bpnbaz
    52.  
      bppficorr
    53.  
      bpplcatdrinfo
    54.  
      bpplclients
    55.  
      bppldelete
    56.  
      bpplinclude
    57.  
      bpplinfo
    58.  
      bppllist
    59.  
      bpplsched
    60.  
      bpplschedrep
    61.  
      bpplschedwin
    62.  
      bppolicynew
    63.  
      bpps
    64.  
      bprd
    65.  
      bprecover
    66.  
      bprestore
    67.  
      bpretlevel
    68.  
      bpschedule
    69.  
      bpschedulerep
    70.  
      bpsetconfig
    71.  
      bpstsinfo
    72.  
      bpstuadd
    73.  
      bpstudel
    74.  
      bpstulist
    75.  
      bpsturep
    76.  
      bptestbpcd
    77.  
      bptestnetconn
    78.  
      bptpcinfo
    79.  
      bpup
    80.  
      bpverify
    81.  
      cat_convert
    82.  
      cat_export
    83.  
      cat_import
    84.  
      configureCertsForPlugins
    85.  
      configureMQ
    86.  
      configurePorts
    87.  
      configureWebServerCerts
    88.  
      create_nbdb
    89.  
      csconfig cldinstance
    90.  
      csconfig cldprovider
    91.  
      csconfig meter
    92.  
      csconfig throttle
    93.  
      csconfig reinitialize
    94.  
      duplicatetrace
    95.  
      importtrace
    96.  
      jbpSA
    97.  
      jnbSA
    98.  
      ltid
    99.  
      manageClientCerts
    100.  
      mklogdir
    101.  
      nbauditreport
    102.  
      nbcatsync
    103.  
      NBCC
    104.  
      NBCCR
    105.  
      nbcertcmd
    106.  
      nbcertupdater
    107.  
      nbcldutil
    108.  
      nbcloudrestore
    109.  
      nbcomponentupdate
    110.  
      nbcplogs
    111.  
      nbdb_admin
    112.  
      nbdb_backup
    113.  
      nbdb_move
    114.  
      nbdb_ping
    115.  
      nbdb_restore
    116.  
      nbdb_unload
    117.  
      nbdbms_start_server
    118.  
      nbdbms_start_stop
    119.  
      nbdc
    120.  
      nbdecommission
    121.  
      nbdelete
    122.  
      nbdeployutil
    123.  
      nbdevconfig
    124.  
      nbdevquery
    125.  
      nbdiscover
    126.  
      nbdna
    127.  
      nbemm
    128.  
      nbemmcmd
    129.  
      nbfindfile
    130.  
      nbfirescan
    131.  
      nbftadm
    132.  
      nbftconfig
    133.  
      nbgetconfig
    134.  
      nbhba
    135.  
      nbholdutil
    136.  
      nbhostidentity
    137.  
      nbhostmgmt
    138.  
      nbhypervtool
    139.  
      nbimageshare
    140.  
      nbinstallcmd
    141.  
      nbjm
    142.  
      nbkmsutil
    143.  
      nboraadm
    144.  
      nborair
    145.  
      nbpem
    146.  
      nbpemreq
    147.  
      nbperfchk
    148.  
      nbplupgrade
    149.  
      nbrb
    150.  
      nbrbutil
    151.  
      nbregopsc
    152.  
      nbreplicate
    153.  
      nbrepo
    154.  
      nbrestorevm
    155.  
      nbseccmd
    156.  
      nbsetconfig
    157.  
      nbsnapimport
    158.  
      nbsnapreplicate
    159.  
      nbsqladm
    160.  
      nbstl
    161.  
      nbstlutil
    162.  
      nbstop
    163.  
      nbsu
    164.  
      nbsvrgrp
    165.  
      resilient_clients
    166.  
      restoretrace
    167.  
      stopltid
    168.  
      tl4d
    169.  
      tl8d
    170.  
      tl8cd
    171.  
      tldd
    172.  
      tldcd
    173.  
      tlhd
    174.  
      tlhcd
    175.  
      tlmd
    176.  
      tpautoconf
    177.  
      tpclean
    178.  
      tpconfig
    179.  
      tpext
    180.  
      tpreq
    181.  
      tpunmount
    182.  
      verifytrace
    183.  
      vltadm
    184.  
      vltcontainers
    185.  
      vlteject
    186.  
      vltinject
    187.  
      vltoffsitemedia
    188.  
      vltopmenu
    189.  
      vltrun
    190.  
      vmadd
    191.  
      vmchange
    192.  
      vmcheckxxx
    193.  
      vmd
    194.  
      vmdelete
    195.  
      vmoprcmd
    196.  
      vmphyinv
    197.  
      vmpool
    198.  
      vmquery
    199.  
      vmrule
    200.  
      vmupdate
    201.  
      vnetd
    202.  
      vssat
    203.  
      vwcp_manage
    204.  
      vxlogcfg
    205.  
      vxlogmgr
    206.  
      vxlogview
    207.  
      W2KOption

Name

nbauditreport — Generate and view an audit report

SYNOPSIS

nbauditreport -sdate "MM/DD/YY [HH:[MM[:SS]]]" [-edate "MM/DD/YY [HH:[MM[:SS]]]" -ctgy [ALERT | ASSET | ASSETGROUP | AUDITCFG | AUDITSVC | AZFAILURE | BPCONF | CATALOG | CERT | CONFIG | CONNECTION | DATAACCESS | HOLD | HOST | JOB | LICENSING | LOGIN | POLICY | POOL | PROTECTION_PLAN_SVC | RETENTION_LEVEL | SEC_CONFIG | SLP | STORAGESRV | STU | TOKEN | USER] -user username[:domainname] -fmt [SUMMARY | DETAIL | PARSABLE] [-notruncate] [-pagewidth NNN] [-order [DTU | DUT | TDU | TUD | UDT | UTD]]

On UNIX systems, the directory path to this command is /usr/openv/netbackup/bin/admincmd/

On Windows systems, the directory path to this command is install_path\NetBackup\bin\admincmd\

DESCRIPTION

The nbauditreport command lets you create and view a NetBackup audit report.

When auditing is configured in a NetBackup environment, the following user-initiated actions in NetBackup are recorded and available to view in an audit report:

  • Actions that change the NetBackup configuration. Examples are policy creation, deletion, and modification, and changing the audit settings.

  • Actions that change NetBackup run-time objects. These actions include initiating a restore job and starting or stopping the audit service.

This command only creates and displays the audit report. You must use the nbemmcmd -changesetting -AUDIT ENABLED and nbemmcmd -changesetting -AUDIT DISABLED commands to enable and disable auditing itself.

For more about auditing and audit reports, see the NetBackup Administrator's Guide, Volume I and NetBackup Security and Encryption Guide.

OPTIONS

-ctgy [ALERT | ASSET | ASSETGROUP | AUDITCFG | AUDITSVC | AZFAILURE | BPCONF | CATALOG | CERT | CONFIG | CONNECTION | DATAACCESS | HOLD | HOST | JOB | LICENSING | LOGIN | POLICY | POOL | PROTECTION_PLAN_SVC | RETENTION_LEVEL | SEC_CONFIG | SLP | STORAGESRV | STU | TOKEN | USER]

Specifies the type of information to be displayed in the audit report. The audit function records and displays information on the use-initiated actions for the pertinent area (job, pool, etc.). The following are the possible values for this option and the items that are audited for each value:

  • ALERT - failure in alert generation or failure in sending email notifications.

  • ASSET - deleting an asset, such as a vCenter server or a virtual machine, as part of the POST /asset-cleanup process in the Asset Database API.

  • ASSETGROUP - creating, modifying, or deleting an asset group as well any action on an asset group for which a user is not authorized.

  • AUDITCFG - auditing configuration changes

  • AUDITSVC - starting and stopping the NetBackup Audit service (nbaudit)

  • AZFAILURE - authorization failures

  • BPCONF - changes to the bp.conf file (UNIX only).

  • CATALOG - verifying and expiring images; and reading front-end usage data

  • CERT - certificate deployment

  • CONFIG - changes made to the configuration settings (for example SMTP server configuration) or to the excluded status codes list for alerts

  • CONNECTION - dropped host connections

  • DATAACCESS - the audit messages that are related to success and failure of access to different NetBackup operations. For NetBackup 8.2, audit messages are displayed for restore and browse images operations only.

  • HOLD - create, modify, and delete hold operations.

  • HOST - NetBackup host database-related operations

  • JOB - job changes

  • LICENSING - track any access to information that is related to licensing

  • LOGIN - logon attempts

  • POLICY - Adding, deleting, or updating policy attributes, clients, schedules, and backup selections lists.

  • POOL - disk storage pool changes

  • PROTECTION_PLAN_SVC - modifications to the protection plan

  • RETENTION_LEVEL - changes to the retention level

  • SEC_CONFIG - changes made to the security configuration settings

  • SLP - Creating, modifying, or deleting a storage lifecycle policy (SLP) when initiated through a NetBackup graphical user interface, API, or the nbstl command. Successful attempts to activate or suspend an SLP from a NetBackup graphical user interface or API are also audited and logged. Activating and suspending an SLP using the nbstlutil command are not audited.

  • STORAGESRV - storage server information

  • STU - storage unit changes

  • TOKEN - authorization tokens

  • USER - adding or deleting users

The default condition, when none of the options are specified, is to display the audit report of all categories.

-fmt [SUMMARY | DETAIL | PARSABLE]

Specifies the output format of the audit report.

  • SUMMARY is the default condition (no option used). The audit report is a summary only. It displays the audit report in columnar format using the description, user, and timestamp headings.

  • DETAIL displays a comprehensive list of auditing information. For example, when a policy is changed, this view lists the name of the attribute, the old value, and the new value.

  • PARSABLE displays the same set of information as the DETAIL report but in a parsable format. The report uses the pipe character (|) as a separator of the audit data. Use keywords available with the report (DESCRIPTION, ACTION, OLDV, NEWV, etc.) to parse the audit record.

    The parsable report contains the following fields:

    • DESCRIPTION. The details of the action that was performed. The details include the new values that are given to a modified object and the new values of all attributes for a newly created object. The details also show any deleted objects.

    • TIMESTAMP. The time that the action occurred. The time is displayed in Coordinated Universal Time (UTC) and is indicated in seconds.

    • CATEGORY. The category of user action that was performed. Categories such as POLICY may contain several sub-categories such as schedules or backup selections. Any modifications to a sub-category are listed as a modification to the primary category. The categories are as follows:

      ALERT - failure in alert generation or failure in sending email notifications.

      AUDITCFG - Auditing configuration changes

      AUDITSVC - Starting and stopping the NetBackup Audit service (nbaudit)

      AZFAILURE - Requests that fail authorization checks

      BPCONF - Changes to the bp.conf file (UNIX only)

      CATALOG - Verifying and expiring images; and reading front-end usage data

      CERT - Creating, revoking, renewing, and deploying of certificates and specific certificate failures

      CONFIG - changes made to the configuration settings (for example SMTP server configuration) or to the excluded status codes list for alerts

      DATAACCESS - The audit messages that are related to success and failure of access to different NetBackup operations. For NetBackup 8.2, audit messages are displayed for restore and browse images operations only.

      HOLD - Create, modify, and delete hold operations.

      HOST - Information that is related to NetBackup host database operations.

      JOB - Job changes such as cancelations or deletions

      LICENSING - track any access to information that is related to licensing

      LOGIN - The success and failure that is related to NetBackup Administration Console and NetBackup API logon attempts.

      POLICY - Modification to policy attributes, clients, schedules, or backup selections

      POOL - Disk storage pool changes

      PROTECTION_PLAN_SVC - modifications to the protection plan

      RETENTION_LEVEL - changes to the retention level

      SEC_CONFIG - Information that is related to changes that are made to the security configuration settings

      SLP - Creation, modification, or deletion SLP attributes or windows when they are initiated through a NetBackup graphical user interface, API, or the nbstl command.

      STORAGESRV - Storage server creation, modification, or deletion

      STU - Storage unit creation, modification, or deletion

      TOKEN - Creating, deleting, and cleanup of tokens and specific token issuing failures

      USER - Adding or deleting users

    • CONNECTION - Information about the dropped host connections.

    • ACTION. The activity that was performed. The following actions are possible for all categories: Detailed descriptions of the specific activities that are performed for each action are found in the DESCRIPTIONS and the DETAILS fields of the command output.

    • REASON. Reason that is given for the performed action if any. If the audit reason for host and host ID-to-host name mapping operations contains more than 512 characters, the reason text is truncated to 512 characters.

    • DETAILS. Detailed information on the activity that is separated into attributes (ATTR_num), each with a descriptive name followed by OLDV/NEWV (old value/new value) pair.

      Example for a policy deletion: ATTR_1: Policy Type OLDV: Standard NEWV:

-notruncate

Displays the old and new values of a changed attribute on separate lines in the details section of the report. This option is used with the -fmt DETAIL option.

-order [DTU | DUT | TDU | TUD | UDT | UTD]

Specifies the order in which the information is displayed in the parsable format of the audit report. This option can be used only with the -fmt PARSABLE option. The D, T, and U designators represent the following:

  • D - description

  • T - timestamp

  • U - user

-pagewidth NNN

Specifies the page width for the details section of the audit report. This option is used with the -fmt DETAIL option.

-sdate mm/dd/yyyy-hh:mm:ss | mm/dd-hh:mm -edate mm/dd/yyyy-hh:mm:ss | mm/dd-hh:mm

Sets the start date-time (-sdate) or the end date-time (-edate) of the audit report data that you want to view. No time indication is necessary.

If the start date is specified and the end date is not, the displayed audit data is from the specified start time to the present. If the end date is specified and the start date is not, the displayed audit data is up to the end date.

-user username[:domainname]

Indicates the name of the user for whom you want to display audit information.

EXAMPLES

Example 1 - Display all audit events that are reported from April 1, 2013 to the present.

# nbauditreport -sdate 04/01/13

USER         DESCRIPTION                                                TIMESTAMP   
Admin@entry  Schedule 'test1' was added to Policy 'test1'               04/06/13 
Admin@entry  Audit setting(s) of master server 'server1' were modified  04/06/13
Admin@entry  Audit setting(s) of master server 'server1' were modified  04/06/13 
sys@server1  The nbaudit service on master server 'server1' was started 04/06/13 
sys@server1  The nbaudit service on master server 'server1' was stopped 04/06/13 
sys@server1  The nbaudit service on master server 'server1' was started 04/06/13 

Audit records fetched: 7

Example 2 - Display a detailed audit report for when Joe modified a set of policy attributes. Because the policy was changed only one time since 6/8/13, one audit record is retrieved.

# nbauditreport -fmt DETAIL -ctgy POLICY -sdate 6/8/13

DESCRIPTION: Attributes of Policy 'pol_stugrp' were modified
USER: joe
TIMESTAMP: 06/08/2013 19:14:25
CATEGORY: POLICY
ACTION: MODIFY
DETAILS:
    ATTRIBUTE                OLD VALUE                 NEW VALUE
  1 Proxy Client
  2 Residence                                          stu_grp
  3 Collect TIR info         2                         0
  4 Checkpoint Restart       0                         1
  5 Checkpoint Interval      0                         15
  6 Data Mover Type          2                         -1
  7 Collect BMR Info         1                         0
  8 Policy Generation        1                         2

Audit records fetched: 1

The DETAILS entry shows the old value and new value of all the attributes that Joe changed.

Example 3 - Display an audit report for all hold operations that were performed since August 30, 2013.

# nbauditreport -ctgy HOLD -sdate "08/30/13 22:46:50" -fmt DETAIL 
DESCRIPTION: Hold with hold name test hold for report1 is created
USER: root@aellora.mydomain.com
TIMESTAMP: 08/30/13 22:47:56
CATEGORY: HOLD
ACTION: CREATE
REASON:
DETAILS:
    ATTRIBUTE             OLD VALUE             NEW VALUE
  1 On-hold image list                          nakul2.mydomain.co 

DESCRIPTION: Hold with hold name test hold for report1 is created
USER: root@aellora.mydomain.com
TIMESTAMP: 08/30/13 22:47:54
CATEGORY: HOLD
ACTION: CREATE
REASON: 

Audit records fetched: 2

Example 4 - Display a detailed audit report for all security operations.

# nbauditreport -ctgy SEC_CONFIG -fmt DETAIL
DESCRIPTION: Added 'AccessRule' with ID 'jsmith:Backup administrator:
All objects'.
USER: secadmin@domain
TIMESTAMP: 05/02/2018 10:38:24
CATEGORY: SEC_CONFIG
ACTION: CREATE
REASON:
DETAILS:
   ATTRIBUTE                OLD VALUE    NEW VALUE
 1 Object Group ID                       1
 2 Object Group Name                     All objects
 3 Object Group Description              Represents all objects
 4 Role ID                               3
 5 Role Name                             Backup administrator
 6 Role Description                      Manage protection plans
 7 Rule ID                               10
 8 Rule Description                      Protect and manage all assets 
 9 Principal Type                        User
10 Principal Subject ID                  domain:user:vx

Audit records fetched: 1