security session show
Show active CLI, ONTAPI, and REST sessions
Availability: This command is available to cluster administrators at the admin privilege level.
Description
The security session show
command displays all active management sessions across the cluster.
Parameters
- {
[-fields <fieldname>,…]
-
If you specify the
-fields <fieldname>, …
parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify. - |
[-instance ]
} -
If you specify the
-instance
parameter, the command displays detailed information about all fields. [-node {<nodename>|local}]
- Node-
Selects the sessions that match this parameter value. This identifies the node that is processing the session.
[-interface {cli|ontapi|rest}]
- Interface-
Selects the sessions that match this parameter value. This identifies the interface (CLI, ONTAPI, or REST) that is processing the session.
[-start-time <MM/DD HH:MM:SS>]
- Start Time-
Selects the sessions that match this parameter value. This identifies the start time of the current active session.
[-session-id <integer>]
- Session ID-
Selects the sessions that match this parameter value. This number uniquely identifies a management session within a given node.
[-vserver <vserver>]
- Vserver-
Selects the sessions that match this parameter value. This identifies the Vserver associated with this management session.
[-username <text>]
- Username-
Selects the sessions that match this parameter value. This identifies the authenticated user associated with this management session.
[-application <text>]
- Client Application-
Selects the sessions that match this parameter value. This identifies the calling application by name.
[-location <text>]
- Client Location-
Selects the sessions that match this parameter value. This identifies the location of the calling client application. This is typically the IP address of the calling client, or "console" or "localhost" for console or localhost connections.
[-ipspace <IPspace>]
- IPspace of Location-
Selects the sessions that match this parameter value. This identifies the IPspace of the client location.
[-total <integer>]
- Total Requests-
Selects the sessions that match this parameter value. This identifies the total number of requests that have been made thus far in the active session. The following commands are not counted: top, up, cd, rows, history, exit.
[-failed <integer>]
- Failed Requests-
Selects the sessions that match this parameter value. This identifies the number of requests that have failed for any reason (including if they were blocked by configured limits).
[-max-time <integer>]
- Maximum Time (ms)-
Selects the sessions that match this parameter value. This identifies the maximum amount of time (in milliseconds) that any request took for this session.
[-last-time <integer>]
- Last Time (ms)-
Selects the sessions that match this parameter value. This identifies the amount of time (in milliseconds) that the last request took for this session.
[-total-seconds <integer>]
- Total Seconds-
Selects the sessions that match this parameter value. This identifies the total time (in seconds) that has been taken by all completed requests for the current session; it does not include session idle time.
[-state {pending|active|idle}]
- Session State-
Selects the sessions that match this parameter value. This identifies the state (pending, active, or idle) of the session. The state is "pending" if it hit a session limit and the session is waiting for another session to end. The state is "idle" for CLI sessions that are waiting at the command prompt. The state is "active" if the session is actively working on a request.
[-request <text>]
- Request Input-
Selects the sessions that match this parameter value. This identifies the request (command) that is currently being handled by the session.
[-idle-seconds <integer>]
- Idle Seconds-
Selects the sessions that match this parameter value. When a session is not actively executing a command request (the session is idle), this indicates the time (in seconds) since the last request completed.
[-active-seconds <integer>]
- Active Seconds-
Selects the sessions that match this parameter value. When a session is actively executing a command request, this indicates the time (in seconds) since the current request started.
Examples
The following example illustrates displaying all active sessions across the cluster. In this example, we see one active session on node node2
from the console
application. We also see three active sessions on node node1
. One is from the console
application and two are from the ssh
application. Also one of the ssh
sessions is from user diag
and the other ssh
session is from user admin
.
cluster1::> security session show Node: node1 Interface: cli Idle Start Time Sess ID Application Location Vserver Username Seconds -------------- ------- ----------- ------------ ------------- -------- -------- 03/27 16:58:13 1358 console console cluster1 admin - Active Seconds: 0 Request: security session show 03/27 17:17:04 1514 ssh 10.98.16.164 cluster1 admin 139 03/27 17:17:29 1515 ssh 10.98.16.164 cluster1 diag 115 Node: node2 Interface: cli Idle Start Time Sess ID Application Location Vserver Username Seconds -------------- ------- ----------- ------------ ------------- -------- -------- 03/27 17:18:54 1509 console console cluster1 admin 23 4 entries were displayed. cluster1::>
The following example illustrates displaying all active sessions that have been idle for longer than 500 seconds.
cluster1::> security session show -idle-seconds > 500 Node: node1 Interface: cli Idle Start Time Sess ID Application Location Vserver Username Seconds -------------- ------- ----------- ------------ ------------- -------- -------- 03/27 17:17:04 1514 ssh 10.98.16.164 cluster1 admin 607 03/27 17:17:29 1515 ssh 10.98.16.164 cluster1 diag 583 2 entries were displayed. cluster1::>