OGCLI Guide
The Operations Manager employs an API-first approach, so all configuration tasks are brokered via its RESTful API. The web UI and ogcli tool are convenient clients of this API. The ogcli allows you to inspect and modify the configuration tree from the command line.
Commands For Exploring ogcli Usage
Note: Double-quotes around strings should be protected from the shell.
For single quotes use the dedicated quotes key, do not use the shared Tilde key, for example: 
The ogcli features tab completion to assist when typing commands. Additionally, extensive help is available by running commands that you can try out, for example:
####### ogcli #######
ogcli --help = show this help message then exit
ogcli --usage
ogcli --notation
ogcli --list-endpoints
ogcli help <endpoint>
-d = increase debugging (up to 2 times)
####### ogcli (continued) #######-j = use JSON instead of simple notation (for coloured, structured print output).
-u USERNAME, --username USERNAME = authenticate as a different user
-p PASSWORD, --password PASSWORD = authenticate with the supplied password
ogcli Sub Commands
####### sub-command operations #######
get (g) fetch a list or item
replace (r) replace a list or item
update (u) update an item
merge (m) merge a provided list with existing config
create (c) create an item
delete (d) delete a list or item
help (h) help for an endpoint
export (e) export the existing configuration
import (i) import the existing configuration
Commonly Used ogcli Commands
####### Replace MOTD displayed at log in #######
ogcli replace banner 'banner="DESIRED MESSAGE HERE"'
####### Retrieve items #######
ogcli get user <username> > record
####### Replace items #######
Modify items:
ogcli update user <username> < partial_record
For fields where the value is a string:
ogcli update user <username> 'field="value"'
For fields where the value is not a string, e.g. to enable/disable a user:
ogcli update user <username> field=value
####### Create items #######
Ogcli create user <username>
####### Delete items #######
ogcli delete user <username>
####### Merge items in a list #######
ogcli merge syslog_servers < list of records
####### Export all config #######
ogcli export [/path/to/file]
####### Import config #######
ogcli import [/path/to/file]
ogcli import < [/path/to/file]
ogcli takes records from stdin so a variety of options are available when passing records.
####### Create user #######
ogcli create user << 'END'
description="superuser"
enabled=true
groups[0]="admin"
no_password=true
username="root"
END
echo 'username="root"
description="superuser"
no_password=false
password="mysecretpass"' | ogcli
create user
ogcli takes records from stdin so a variety of options are available. ogcli also takes records from any additional command line arguments.
Configuration Task Examples in ogcli
These examples contain a variety of notations and usage patterns to help illustrate the flexibility of ogcli. The examples can be copied and pasted into the CLI.
####### Change root password #######
sudo ogcli update user root 'password="oursecret"'
####### Create admin user #######
sudo ogcli create user <<'END'
username="adal"
description="Ada Lovelace"
enabled=true
no_password=false
groups[0]="groups-1"
password="oursecret"
END
####### Manually set date and time #######
sudo ogcli update system/timezone 'timezone="America/New_York"'
sudo ogcli update system/time 'time="15:30 Mar 27, 2020"'
####### Enable NTP #######
sudo ogcli update services/ntp <<'END'
enabled=true
servers[0].value="0.au.pool.ntp.org"
END
####### Set system hostname #######
sudo ogcli update hostname 'hostname="oob01"'
####### Adjust session timeouts #######
sudo ogcli update system/cli_session_timeout 'timeout=180'
sudo ogcli update system/webui_session_timeout 'timeout=180'
####### Setup TACACS remote AAA #######
sudo ogcli update auth <<'END'
mode="tacacs"
tacacsAuthenticationServers[0].host name="192.168.250.21"
tacacsMethod="pap"
tacacsPassword="tackey"
END
####### Setup RADIUS remote AAA #######
sudo ogcli update auth <<'END'
mode="radius"
radiusAuthenticationServers[0].hostname="192.168.250.21"
radiusAccountingServers[0].hostname="192.168.250.21"
radiusPassword="radkey"
END
####### Create user group with limited access to
console ports #######
sudo ogcli create group <<'END'
description="Console Operators"
groupname="operators"
role="ConsoleUser"
mode="scoped"
ports[0]="ports-10"
ports[1]="ports-11"
ports[2]="ports-12"
END
####### View and configure network settings #######
sudo ogcli get conns
sudo ogcli get conn system_net_conns-1
sudo ogcli update conn system_net_conns-1 'ipv4_static_settings.address="192.168.0.3"'
sudo ogcli create conn <<'END'
description="2nd IPv4 Static Address Example"
mode="static"
ipv4_static_settings.address="192.168.33.33"
ipv4_static_settings.netmask="255.255.255.0"
ipv4_static_settings.gateway="192.168.33.254"
physif=”net1”
END
####### Set up serial console ports #######
sudo ogcli get ports
sudo ogcli get ports | grep label
sudo ogcli get port ports-1
sudo ogcli update port "serial/by-opengear-id/port05" <<'END'
mode="consoleServer"
label="Router"
pinout="X2"
baudrate="9600"
databits="8"
parity="none"
stopbits="1"
escape_char="~"
ip_alias[0].ipaddress="192.168.33.35/24"
ip_alias[0].interface="net1"
logging_level="eventsOnly"
END
####### Enable cellular modem #######
sudo ogcli get physifs
sudo ogcli update physif wwan0 <<'END'
enabled=true
physif.cellular_setting.apn="broadband"
physif.cellular_setting.iptype="IPv4v6"
END
######## Disable cellular modem ##############
sudo ogcli update physif physif wwan0 'enabled=false'
####### Enable remote syslog #######
sudo ogcli create services/syslog_server 'address="192.168.34.112"'
sudo ogcli create services/syslog_server <<'END'
address="192.168.34.113"
protocol="UDP"
port=514
END
####### Enable local console boot messages #######
sudo ogcli get managementports
sudo ogcli update managementport mgmtPorts-1 'kerneldebug=true'
Available Endpoints
Here is the full list of available endpoints that can be used with the ogcli sub-commands:
| ENDPOINT | OPERATIONS | ARGS |
|---|---|---|
| alerts/authentication | get/replace | |
| alerts/config_change | get/replace | |
| alerts/networking | get/replace | |
| alerts/system | get/replace | |
| auth | get/replace | |
| auto_response/beacons | get/merge/delete | |
| auto_response/beacon | create/get/replace/delete | id |
| auto_response/reactions | get/merge/delete | |
| auto_response/reaction | create/get/replace/delete | id |
| auto_response/status | get | |
| auto_response/status/beacon-modules | get | |
| auto_response/status/beacons | get | id |
| cellfw/info | get | |
| conns | get/merge | |
| conn | create/get/replace/delete | id |
| export | get | |
| failover/settings | get/replace | |
| failover/status | get | |
| firewall/policies | get/merge | |
| firewall/policy | create/get/replace/delete | id |
| firewall/predefined_services | get | |
| firewall/rules | get/merge/delete | |
| firewall/rule | create/get/replace/delete | id |
| firewall/services | get/merge | |
| firewall/service | create/get/replace/delete | id |
| firewall/zones | get/merge | |
| firewall/zone | create/get/replace/delete | id |
| groups | get/merge/replace | |
| group | create/get/replace/delete | id |
| ip_passthrough | get/replace | |
| ip_passthrough/status | get | |
| ipsec_tunnels | get/merge | |
| ipsec_tunnel | create/get/replace/delete | id |
| lighthouse_enrollments | get | |
| lighthouse_enrollment | create/get/delete | id |
| logs/portlog | get | id |
| managementports | get/merge | |
| managementport | get/replace | id |
| monitor/lldp/chassis | get | |
| monitor/lldp/neighbor | get | |
| pdus | get/merge | |
| pdu | create/get/replace/delete | id |
| physifs | get/merge | |
| physif | create/get/replace/delete | id |
| ports | get/merge | |
| port | get/replace | id |
| port_power | replace | id |
| port_sessions | get/delete | |
| port_session | get/delete | idpid |
| ports/auto_discover/schedule | get/replace | |
| ports/fields | get | |
| search/ports | get | |
| services/https | get/replace | |
| services/lldp | get/replace | |
| services/ntp | get/replace | |
| services/routing | get/replace | |
| services/snmp_manager | get/replace | |
| services/snmpd | get/replace | |
| services/ssh | get/replace | |
| services/syslog_servers | get/merge | |
| services/syslog_server | create/get/replace/delete | syslog_server_id |
| ssh/authorized_keys | get/merge | |
| ssh/authorized_key | create/delete | user-idkey-id |
| static_routes | get/merge/replace/delete | |
| static_route | create/get/replace/delete | id |
| system/admin_info | get/replace | |
| system/banner | get/replace | |
| system/cell_reliability_test | get/replace | |
| system/cli_session_timeout | get/replace | |
| system/firmware_upgrade_status | get | |
| system/hostname | get/replace | |
| system/model_name | get | |
| system/serial_number | get | |
| system/ssh_port | get/replace | |
| system/system_authorized_keys | get/merge | |
| system/system_authorized_key | create/delete | key-id |
| system/time | get/replace | |
| system/timezone | get/replace | |
| system/version | get | |
| system/webui_session_timeout | get/replace | |
| users | get/merge/replace | |
| user | create/get/replace/delete | user-id |