NEXUS
Documentation menu

Docs · Using Nexus

Command Line (CLI)

The Fleet is fully driveable from the terminal. These are the commands you'll use to run a manager, enroll agents, and operate the SOC console.

nexus — the umbrella command

pip install nexus-fleet installs one entry point, nexus, that dispatches to every sub-command — plus standalone twins for each. Use whichever you prefer:nexus manager run is identical to nexus-manager run.

bash
nexus --version     # nexus 2.2.1   — verify the install in any terminal
nexus --help        # list sub-commands: manager, agent, cli, dashboard, license

nexus manager

The central server. It also serves the web dashboard on the same port.

bash
# start the server + dashboard at http://<host>:8765/
nexus manager run --host 0.0.0.0 --port 8765

# print the enrollment key and admin token
nexus manager info

# enable TLS (HTTPS) for the manager API + dashboard
nexus manager run --host 0.0.0.0 --port 8765 \
  --cert server.pem --key server.key

nexus agent

The endpoint daemon. Enroll it once, then start it as a service.

bash
# enroll against a manager (labels are optional)
nexus agent enroll --host <manager> --port 8765 \
  --key <ENROLL_KEY> --labels prod,web

# run the daemon
nexus agent start
Run as a service. Boot-time service files (systemd unit / Windows Task Scheduler) live in the deploy/ directory of the package.

nexus cli — the SOC console

Run it with no arguments for an interactive, menu-driven console (network & web menus), or pass a token and subcommand for scripted use.

bash
# interactive console
nexus cli

# scripted: list alerts (rule engine + MITRE)
nexus cli --token <ADMIN_TOKEN> alerts

# generate a consistent report (schema nexus.report/v1)
nexus cli --token <ADMIN_TOKEN> report

Common subcommands

  • agents — show enrolled endpoints and their status
  • alerts · ack — list alerts; acknowledge / resolve them
  • events · incidents — raw telemetry and grouped incidents
  • command — queue a command to an agent (e.g. collect now)
  • apply-license — hot-reload a license onto a running manager
  • remove-agent — drop an enrollment and free its seat
  • report — export a structured report

nexus license

The vendor tool for issuing and inspecting Ed25519-signed tokens. Without a license, the manager runs in Free mode (2 agents); a Pro token is seat-based, Enterprise is unlimited.

bash
# verify and print the contents of a token (or token file)
nexus license info --token <LICENSE_TOKEN>

# apply a Pro/Enterprise token to a running manager (hot-reload)
nexus cli --token <ADMIN_TOKEN> apply-license --token <LICENSE_TOKEN>
PreviousDesktop App (GUI)Next Fleet: Agent & Manager