AlienVault® USM Anywhere™

The Agent Command Script

The Agent script enables you to run a number of commands for the installed Agent. Each OS has its own script, but the commands function the same across all systems. To use the command script, locate and open the file listed in the table below and follow any additional instructions that are noted.

Location and notes for the Agent scripts
System Script Location Notes
Windows alienvault-agent.ps1 C:\Program Files\osquery This is not part of the default Windows path, so you must either use cd commands to point to the path, or input the path directly to run the script.
Linux /usr/bin Opened from the command line.
macOS /usr/local/bin Opened in Terminal.

Complete Agent Command List

The table below contains the complete list of commands for the Agent script. Because the Agent version needs to be manually updated, you need to perform updates using either the update or force-update command. The Agent configuration, which includes information such as OSQuery data point checks and FIM Paths, is checked and updated independently.

Commands available for the Agent script

Command Explaination
start Start the Agent service
stop Stop the Agent service
restart Restart the Agent service
update Update the Agent version

Reinstall the Agent service with the newest version

(This reinstalls the Agent even if you are running the most recent version.)

uninstall Uninstall the Agent
version Print the Agent version number
help Print help
config Connect to the Agent API server to print or download your Agent configuration

Start an interactive osqueryi shell within your Agent's configuration

(Typically used for prototyping and troubleshooting queries against your current configuration.)


Print a report containing pertinent information regarding Agent information

(Contains version, platform information, host identification, and other information, this is most useful for relaying information to AT&T Cybersecurity support.)