Who is this article for?
CrashPlan for Small Business, no.
Code42 for Enterprise, yes.
Link: Product plans and features.
This article applies to Code42 cloud environments.
The Code42 command-line interface (CLI) tool offers a way to interact with your Code42 environment without using the Code42 console or making API calls directly. For example, you can use it to extract Code42 data for use in a security information and event management (SIEM) tool or manage users on the High Risk Employees list or Departing Employees list. This article provides instructions for installing, uninstalling, and upgrading the Code42 CLI.
To use the Code42 CLI, you must have:
- A Code42 Diamond or Platinum product plan
- Endpoint monitoring enabled in the Code42 console
- Python version 2.7.x, or 3.5 and later installed
To upgrade to the Code42 Platinum product plan for a free trial, contact your Customer Success Manager (CSM). Code42 Platinum offers our most advanced risk detection, investigation, and response features.
If you're new to Code42, visit https://www.code42.com/trial to get started.
Create a user in Code42
Prepare a user account in your Code42 environment to use with the Code42 CLI. This user account is used to authenticate and access data in your Code42 environment.
The Code42 CLI returns data based on the roles assigned to this user. To ensure that the user's rights are not too permissive, create a user with the lowest level of privilege necessary. The Customer Cloud Admin or Security Center User role has the permissions necessary to execute the commands in this tool. We recommend you test to confirm that the user can access the right data.
As a best practice, we recommend creating a user in your Code42 environment that is exclusively used to run Code42 CLI commands. Users without a Code42 app archive will not consume a license.
Your Code42 credentials must rely on local authentication. SSO or authentication through any third-party provider will not work.
The way your Code42 CLI credentials are stored depends on the operating system on which you're running the Code42 CLI. Click the expander icons below for your system's details.
Windows and Mac
Windows and Mac systems use Keyring to store the credentials you enter in the Code42 CLI.
Red Hat Enterprise Linux
To use Keyring to store the credentials you enter in the Code42 CLI, enter the following commands before installing.
yum -y install python-pip python3 dbus-python gnome-keyring libsecret dbus-x11 pip3 install code42cli eval "$(dbus-run-session --sh-syntax)"
If the following directories do not already exist, create them:
mkdir -p ~/.cache mkdir -p ~/.local/share/keyring
In the following commands, replace the example value
\n with the Keyring password (if the default Keyring already exists).
eval "$(printf '\n' | gnome-keyring-daemon --unlock)" eval "$(printf '\n' | /usr/bin/gnome-keyring-daemon --start)"
If you do not use Keyring to store your credentials, the Code42 CLI will ask permission to store your credentials in a local flat file with read/write permissions for only the operating system user who set the password. Alternatively, you can enter your password with each command you enter.
If Keyring doesn't support your Ubuntu system, the Code42 CLI will ask permission to store your credentials in a local flat file with read/write permissions for only the operating system user who set the password. Alternatively, you can enter your password with each command you enter.
The Code42 CLI is available on the Python Package Index (PyPI). To install it:
- Open your terminal program.
- Run the following command at the system level:
pip install code42cli
To verify that the Code42 CLI installed successfully, run the following command:
pip show code42cli
code42 profile set of commands to establish the Code42 environment you're working within and your user information.
Create a named profile with the URL and user credentials you'll use to connect to your Code42 environment.
<server address> Authority URL: Enter the URL you use to sign in to the Code42 console
<username> Enter your Code42 username. See Create a user in Code42 above for detailed user requirements.
The Code42 CLI offers the prompt "Would you like to set a password? (y/n)" If you select no, you'll be prompted to enter the password along with each command you enter. If you select yes, the password is retained until you use the
Update an existing profile, for example, to correct an error in the username or authority server URL. Optional arguments:
Displays the default profile.
Lists all the profiles currently set up.
Having multiple profiles can help facilitate running incremental queries. The previous date and time an incremental query was run is specific to the profile used
Deletes the profile and its stored password (if any). You must include the name of the profile to delete. Example:
||Deletes all profiles and stored passwords (if any).|
Sets the default profile. The default profile is used unless
||Resets the password set with the current profile.|
Using the Code42 CLI, you can manage users on the High Risk Employees list or Departing Employees list, and query security event data for use in a SIEM tool. For more information, see the articles linked below:
To see the latest version of the Code42 CLI, visit the Python Package Index (PyPI). You can check what version you currently have installed by running the command described under Verify installation above.
To upgrade the Code42 CLI, run the following command in a terminal window:
pip install --upgrade code42cli
To uninstall the Code42 CLI, run the following command in a terminal window:
pip uninstall code42cli