CLI Commands

Gemini Appliance supports a series of shell commands that can be executed locally from console (tty0) or remotely logged in using the sbox account over SSH. Type sbox for more details. The first time a command is executed, authentication using the sbox OS user and its password is required.

To display all available commands, options and usage details for reference, use sbox help.

Commands for Initial Setup

Network Settings The sbox network command allows you to complete the basic network settings, including DHCP and static network settings. With this command you’re able to build the basic network connection capabilities on your Gemini appliance. If you wish to configure the network with DHCP, use the following command:

sbox network -nic <Network interface name> --dhcp

If you wish to configure the static network settings:

sbox network -nic <network_interface_name> -ip <IPaddress> -netmask <netmask> -gateway <gatewayIP>

For example: sbox network -nic nic0 -ip -netmask -gateway

This configures the static network settings for network interface nic0. The network interface name can be found by using the ip addr command.


Beyond basic network connectivity, additional settings such as accepting the EULA, setting the appliance hostname, and selecting a timezone can be configured using sbox config as an alternative to the web-based setup wizard. Note that the license file has to be uploaded to the appliance first, before it can be applied.

Gemini Cluster Membership

To join an existing Gemini Cluster or to reset the membership, run sbox cluster with the required parameters. For example, sbox cluster --token displays the token string of this cluster node which is used by children who want to setup a membership to this node.

Manage Web Administration

The command group sbox admin supports the manipulation of the Manage web interface for example to reset a custom installed SSL certificate or to disable the web-based setup wizard when all settings have been applied using the CLI.

Note: Use these commands with caution as some of them restart the web interface.

Commands for Information Gathering

Manage Version: To display the currently installed version of Gemini Manage, run sbox --version.

Model: To acquire which model this appliance runs on, use sbox --model to display the string. On virtualized environments or on public clouds, the returned string represents the Hypervisor type. For example on Amazon EC2, HVM domU will be returned.

Service Tag: When reaching out to Gemini customer support, it’s useful to submit the unique service tag of this appliance which can be retrieved with the command sbox --service-tag.

Please make sure to include these details, such as Manage version, Service Tag and as well as the model number when opening a customer support request. Note that this information is automatically included in the Diagnostic Report created using the Manage web interface.

Installed Packages: For support and audit purpose, a list of installed packages and their versions can be printed. The command sbox admin --installed-packages lists installed Gemini packages.

Service Status: The status of Gemini components are displayed with sbox service --status.

Exposed Network Ports: Some of the administrative components such as the web interface use a TCP port exposed to the connected network. To get a list of open ports and their exposure, run sbox service --listen-port.

Note that the wildcard character means that the related network port is open on all active network interfaces. If* is shown in the Host column, it means that the port is not exposed to any external connected network and allows only Host-only communication.

System Information: The sbox system --infocommand displays hardware and software information. This can be helpful for collecting system information for further use.

Commands for Troubleshooting

Password Reset: To reset the Manage web interface admin user password, use sbox admin --reset-password. This unlocks the account and sets a random generated password.

Password Change: If you want to set a new password instead of using a random generated string, there’s the option to use sbox admin -set-password <new_password> where is replaced with the desired token. It’s recommended to change the admin password using the web interface in general, and to change it again after resetting it using the CLI.

Generate SSL Key: When the web interface is unavailable to any certificate issues (e.g. expired or invalid certificate), reset the SSL certificate by running sbox admin --gen-ssl. Note: This will overwrite any custom private key and certificate installed using the Manage web interface. It is recommended to backup private keys and certificates using Manage’s backup capabilities in the web interface before performing this operation.

Cloudera Installation Reset: To completely remove an existing Cloudera installation on a Gemini appliance, run sbox cloudera --undo.

Note: This will erase the Cloudera installation on this node completely. It's recommended to backup the Cloudera configuration and manually remove and redistributed any assigned Hadoop services in Cloudera Clusters from this node using Cloudera Manage.

Gemini Cluster Reset: Resetting cluster settings will disconnect and remove related membership settings from this particular appliance. Additionally, the token used to connect children as well as any whitelist settings will be set to default. To perform this action, run sbox cluster --reset.

Network Reset: The sbox network --reset command allows you to reset network settings and remove IP bondings. After running this command, basic network settings are set to default and have to be configured again (see above for reference).

Service Restart: In some cases, Gemini Customer Support might ask to restart the system administration services. Additionally, this action can be performed if the web interface is unresponsive. Run sbox service --restart which will immediately restart necessary services.

Remove Splunk Instance: The sbox splunk --kill command allows you to remove the installed Splunk instance entirely, including binary, configurations, and ingested data. All the configurations and data will be deleted. This is not a recovable action. Run it with caution.

Reset Splunk Cluster Manage: In the case that there are unforeseen issues with the Splunk Cluster Management in Manage, the sbox splunk --undo_manager command allows you to reset the Splunk Cluster Manage database. All the data and settings in the database will be removed, including node information and Splunk cluster configurations. All the existing Splunk configurations will be kept.

Apply Patch: If the Manage web interface is unaccessible and a patch needs to be applied, the sbox system -patch <patch_file> command allows you to apply a patch without relying on the web interface. Upload the patch file to the target instance, log in with SSH, and run this command to apply the patch.

Independent Stream Forwarder Operations: When this instance has been deployed as an Independent Stream Forwarder (ISF) in Splunk Environments, you may control the ISF services by leveraging the following commands. Run sbox isf --restart to restart the ISF service, run sbox isf --stop to stop the ISF service, and run sbox isf --log to read the application log.

Commands for System Operations

There are additional commands available, which are limited to interactive shells using the console (tty0).

Note: The commands listed below related to System Operations are restricted from being used through SSH sessions.

System Reboot: To reboot the Gemini Appliance, use reboot.

System power off: To shut down the Gemini Appliance, use poweroff.

Default Passwords for CLI Operations

Only three accounts are provisioned for command line login to the appliance. They are listed here along with their default passwords:

OS account default password Description
sbox facing jet function drive Used for Manage administration
splunk think adventure kitchen chest Used for Splunk administration
hadoop popular fully apple hello Used for Cloudera administration

These users will be required to change their password upon logging in for the first time.