Skip to content
Cisco AI Defense logo
CiscoAI Security

defenseclaw setup — DefenseClaw

Overview

defenseclaw setup — Configure DefenseClaw components.

Reference

Synopsis

defenseclaw setup [OPTIONS]

Subcommands

SubcommandDescription
gatewayConfigure gateway connection for the DefenseClaw sidecar.
guardrailConfigure the LLM guardrail (routes LLM traffic through the Go proxy for inspection).
llmConfigure the unified top-level llm: block.
local-observabilityRun the bundled Prom/Loki/Tempo/Grafana stack on loopback.
mcp-scannerConfigure mcp-scanner analyzers and scan options.
migrate-llmRewrite config.yaml to the unified v5 LLM shape.
observabilityConfigure OpenTelemetry + audit log destinations.
providerManage the custom provider overlay (~/.defenseclaw/custom-providers.json).
skill-scannerConfigure skill-scanner analyzers, API keys, and policy.
splunkConfigure Splunk integration for DefenseClaw.
webhookConfigure Slack/PagerDuty/Webex/generic chat + incident webhooks.

Description

Configure DefenseClaw components

defenseclaw setup gateway

Configure gateway connection for the DefenseClaw sidecar

Configure gateway connection for the DefenseClaw sidecar.

By default configures for a local OpenClaw instance (auth token from ~/.defenseclaw/.env when OpenClaw requires it). Use --remote to configure for a remote gateway that requires an auth token, optionally fetched from AWS SSM Parameter Store.

Options

FlagTypeDefaultEnv varRequiredDescription
--remotebooleannoConfigure for a remote OpenClaw gateway (requires auth token)
--hosttextnoGateway host
--portintegernoGateway WebSocket port
--api-portintegernoSidecar REST API port
--tokentextnoGateway auth token
--ssm-paramtextnoAWS SSM parameter name for token
--ssm-regiontextnoAWS region for SSM
--ssm-profiletextnoAWS CLI profile for SSM
--verify, --no-verifybooleantruenoRun connectivity checks after setup (default: on)
--non-interactivebooleannoUse flags instead of prompts

defenseclaw setup guardrail

Configure the LLM guardrail (routes LLM traffic through the Go proxy for inspection)

Configure the LLM guardrail (routes LLM traffic through the Go proxy for inspection).

Routes all LLM traffic through the built-in Go guardrail proxy. Every prompt and response is inspected for prompt injection, secrets, PII, and data exfiltration patterns.

Two modes: observe — log findings, never block (default, recommended to start) action — block prompts/responses that match security policies

Use --disable to turn off the guardrail and restore direct LLM access.

Options

FlagTypeDefaultEnv varRequiredDescription
--disablebooleannoDisable guardrail and revert OpenClaw config
--modechoice (observe, action)noGuardrail mode
--scanner-modechoice (local, remote)noScanner mode (local patterns or remote Cisco API)
--cisco-endpointtextnoCisco AI Defense API endpoint
--cisco-api-key-envtextnoEnv var name holding Cisco AI Defense API key
--cisco-timeout-msintegernoCisco AI Defense timeout (ms)
--portintegernoGuardrail proxy port
--block-messagetextnoCustom message shown when a request is blocked (empty = default)
--detection-strategychoice (regex_only, regex_judge, judge_first)noDetection strategy (regex_only, regex_judge, judge_first)
--judge-modeltextnoLLM judge model (e.g. anthropic/claude-sonnet-4-20250514)
--judge-api-basetextnoLLM judge API base URL (e.g. Bifrost URL)
--judge-api-key-envtextnoEnv var name for judge API key
--restart, --no-restartbooleantruenoRestart gateway and openclaw after setup (default: on)
--verify, --no-verifybooleantruenoRun connectivity checks after setup (default: on)
--non-interactive, --accept-defaultsbooleannoUse flags instead of prompts (alias: --accept-defaults)

defenseclaw setup llm

Configure the unified top-level llm: block

Configure the unified top-level llm: block.

Prompts for provider, model, API key env var, and base URL, writing the values to ~/.defenseclaw/config.yaml (config) and ~/.defenseclaw/.env (secret, chmod 0600). Every LLM-using component (guardrail judge, MCP scanner, skill scanner, plugin scanner) resolves through this block via Config.resolve_llm, so a single edit reroutes them all.

Use --show to inspect the current resolved values without modifying anything. This is the CLI equivalent of scripts/setup-llm.sh and the LLM section of defenseclaw init.

Options

FlagTypeDefaultEnv varRequiredDescription
--showbooleannoPrint the current unified LLM config and exit (no prompts).

defenseclaw setup local-observability

Run the bundled Prom/Loki/Tempo/Grafana stack on loopback

Drive the bundled local observability stack.

Provides a one-command path to the same compose stack that historically lived under deploy/observability/. Subcommands:

 up Start the stack, wait for readiness, wire config.yaml down Stop containers, keep volumes reset Stop + wipe all metric / log / trace data volumes status Show compose ps + per-service readiness probes logs Tail logs for one or all services url Print the Grafana / Prometheus / Tempo / Loki URLs

Bare invocation is an alias for up so defenseclaw setup local-observability matches the ergonomics of setup splunk --logs.

Subcommands

SubcommandDescription
downStop the stack (volumes preserved).
logsTail logs from the running stack.
resetStop the stack and drop all persisted metric / log / trace volumes.
statusShow compose ps and per-service readiness probes.
upStart the stack, wait for readiness, and wire the gateway config.
urlPrint the Grafana / Prometheus / Tempo / Loki URLs.

defenseclaw setup local-observability down

Stop the stack (volumes preserved)

Options

FlagTypeDefaultEnv varRequiredDescription
--disable-configbooleannoAlso flip otel.enabled=false in config.yaml.

defenseclaw setup local-observability logs

Tail logs from the running stack

Options

FlagTypeDefaultEnv varRequiredDescription
--servicetextnoCompose service to target (default: all).
--follow, --no-followbooleannoStream logs until Ctrl+C.

defenseclaw setup local-observability reset

Stop the stack and drop all persisted metric / log / trace volumes

Options

FlagTypeDefaultEnv varRequiredDescription
--yesbooleannoSkip the destructive-action confirmation prompt.

defenseclaw setup local-observability status

Show compose ps and per-service readiness probes

defenseclaw setup local-observability up

Start the stack, wait for readiness, and wire the gateway config

Options

FlagTypeDefaultEnv varRequiredDescription
--timeoutinteger180noReadiness wait budget (seconds) for the stack's OTLP + Grafana ports.
--no-waitbooleannoSkip the readiness wait (container ps only).
--no-configbooleannoDo not write config.yaml. Useful for 'just start the containers' flows where a different preset already owns the otel: block.
--endpointtextnoOverride the OTLP endpoint stamped into config.yaml (default: from bridge).
--signalstexttraces,metrics,logsnoComma-separated OTel signals to enable (traces,metrics,logs).
--service-nametextdefenseclawnoValue to stamp into otel.resource.attributes.service.name.

defenseclaw setup local-observability url

Print the Grafana / Prometheus / Tempo / Loki URLs

Options

FlagTypeDefaultEnv varRequiredDescription
--jsonbooleannoEmit machine-readable JSON.

defenseclaw setup mcp-scanner

Configure mcp-scanner analyzers and scan options

Configure mcp-scanner analyzers and scan options.

Interactively configure how mcp-scanner runs. MCP servers are managed via defenseclaw mcp set/unset rather than directory watching.

LLM settings land in the unified top-level llm: block (shared with skill/plugin scanners and guardrail). Cisco AI Defense settings continue to live in cisco_ai_defense.

Use --non-interactive with flags for CI/scripted configuration.

Options

FlagTypeDefaultEnv varRequiredDescription
--analyzerstextnoComma-separated analyzer list (yara,api,llm,behavioral,readiness)
--llm-providerchoice (anthropic, openai)noLLM provider (anthropic or openai)
--llm-modeltextnoLLM model for semantic analysis
--scan-promptsbooleannoScan MCP prompts
--scan-resourcesbooleannoScan MCP resources
--scan-instructionsbooleannoScan server instructions
--verify, --no-verifybooleantruenoRun connectivity checks after setup (default: on)
--non-interactivebooleannoUse flags instead of prompts

defenseclaw setup migrate-llm

Rewrite config.yaml to the unified v5 LLM shape

Rewrite config.yaml to the unified v5 LLM shape.

Copies inspect_llm, default_llm_*, and legacy guardrail fields into llm: (if not already merged), then clears the v4 slots so a round-trip through config.load()/save() produces a minimal YAML. Writes a config.yaml.bak alongside the live file unless --no-backup is passed.

Options

FlagTypeDefaultEnv varRequiredDescription
--dry-runbooleannoShow what would change without modifying config.yaml.
--no-backupbooleannoSkip writing config.yaml.bak (advanced; use only when orchestrated by a VCS).

defenseclaw setup observability

Configure OpenTelemetry + audit log destinations

Configure OpenTelemetry + audit log destinations.

Supports Splunk Observability Cloud, Splunk HEC, Datadog, Honeycomb, New Relic, Grafana Cloud, plus generic OTLP and generic HTTP JSONL fallbacks. For chat/incident notifier webhooks (Slack, PagerDuty, Webex, HMAC-signed), see defenseclaw setup webhook — that's a separate webhooks[] list and not an audit-sink. Splunk configuration authored with defenseclaw setup splunk remains fully back-compatible (those flags are aliases for observability add splunk-o11y / splunk-hec).

Subcommands

SubcommandDescription
addConfigure a telemetry destination.
disableDisable a destination.
enableEnable a destination (name=otel targets the gateway exporter).
listList configured observability destinations.
migrate-splunkMigrate the legacy splunk: block into audit_sinks[].
removeDelete a destination (name=otel disables but preserves the block).
testProbe a destination for reachability + auth.

defenseclaw setup observability add

Configure a telemetry destination

Configure a telemetry destination.

Examples:



Non-interactive (CI / TUI shell-out)

defenseclaw setup observability add datadog
--non-interactive --site us5 --token "$DD_API_KEY" 

Interactive (default)

defenseclaw setup observability add splunk-hec

defenseclaw setup observability add <PRESET_ID>

Arguments

NameTypeArityRequired
preset_idchoice (splunk-o11y, splunk-hec, datadog, honeycomb, newrelic, grafana-cloud, local-otlp, otlp, webhook)1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--nametextnoDestination name (default: derived from preset+inputs)
--targetchoice (otel, audit_sinks)noTarget for generic OTLP presets (otel exporter vs. otlp_logs sink)
--signalstextnoComma-separated OTel signals to enable (traces,metrics,logs)
--tokentextnoSecret value to persist under the preset's token_env in ~/.defenseclaw/.env
--enabled, --disabledbooleantruenoMark destination enabled (default) or disabled
--dry-runbooleannoPreview YAML/dotenv changes without writing
--non-interactivebooleannoSkip prompts; use flags only
--realmtextno
--sitetextno
--regiontextno
--datasettextno
--endpointtextno
--protocolchoice (grpc, http)no
--hosttextno
--porttextno
--indextextno
--sourcetextno
--sourcetypetextno
--urltextno
--methodtextno
--url-pathtextno
--verify-tls, --no-verify-tlsbooleanno

defenseclaw setup observability disable

Disable a destination

defenseclaw setup observability disable <NAME>

Arguments

NameTypeArityRequired
nametext1yes

defenseclaw setup observability enable

Enable a destination (name=otel targets the gateway exporter)

defenseclaw setup observability enable <NAME>

Arguments

NameTypeArityRequired
nametext1yes

defenseclaw setup observability list

List configured observability destinations

Options

FlagTypeDefaultEnv varRequiredDescription
--jsonbooleannoEmit machine-readable JSON

defenseclaw setup observability migrate-splunk

Migrate the legacy splunk: block into audit_sinks[]

Migrate the legacy splunk: block into audit_sinks[].

Idempotent: safe to re-run. Always preserves non-Splunk sinks. The Go gateway rejects any top-level splunk: block on start, so this command exists to help operators upgrade to the v4 schema.

Options

FlagTypeDefaultEnv varRequiredDescription
--applybooleannoWrite the migration (default: preview)

defenseclaw setup observability remove

Delete a destination (name=otel disables but preserves the block)

defenseclaw setup observability remove <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--yesbooleannoSkip confirmation prompt

defenseclaw setup observability test

Probe a destination for reachability + auth

Probe a destination for reachability + auth.

Safe to run — we POST a marker event for webhook/HEC sinks and TCP dial OTLP endpoints. Failures are reported with actionable hints.

defenseclaw setup observability test <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--timeoutfloat5.0noPer-probe timeout in seconds

defenseclaw setup provider

Manage the custom provider overlay (~/.defenseclaw/custom-providers.json)

Manage the custom provider overlay (~/.defenseclaw/custom-providers.json).

The overlay additively extends the domains / env-vars / Ollama ports the guardrail treats as "known LLM endpoints". Use this when you deploy an internal or self-hosted LLM and do not want to wait for its domain to land in a DefenseClaw release.

Subcommands

SubcommandDescription
addAdd a provider entry to the operator overlay.
listPrint the overlay contents. Read-only; never touches the
removeRemove an entry from the operator overlay.
showPrint the merged registry as reported by the live sidecar

defenseclaw setup provider add

Add a provider entry to the operator overlay

Add a provider entry to the operator overlay.

Additive: if NAME already exists in the overlay, its Domains and EnvKeys are unioned; duplicates are collapsed so repeated add calls are idempotent.

Options

FlagTypeDefaultEnv varRequiredDescription
--nametextSentinel.UNSETyesCanonical provider name (case-insensitive match against built-ins).
--domaintextSentinel.UNSETyesDomain to recognise as LLM traffic (repeatable). Accepts full URLs; scheme and path are stripped.
--env-keytextSentinel.UNSETnoEnvironment variable holding the API key for this provider (repeatable). Optional.
--profile-idtextnoOpenClaw auth-profiles.json profile ID. Optional; leave unset for providers without a profile (e.g. bedrock).
--ollama-portintegerSentinel.UNSETnoAdditional Ollama-style loopback port. Repeatable. Optional.
--no-reloadbooleannoDo not call the sidecar reload endpoint after writing.

defenseclaw setup provider list

Print the overlay contents. Read-only; never touches the sidecar. For the merged view (built-ins + overlay) use :command:defenseclaw setup provider show

defenseclaw setup provider remove

Remove an entry from the operator overlay

Remove an entry from the operator overlay.

Only overlay entries are removable — the embedded baseline is always in effect. If the name isn't present, exit 1 so scripts can tell removal from no-op.

Options

FlagTypeDefaultEnv varRequiredDescription
--nametextSentinel.UNSETyesOverlay provider name to remove.
--no-reloadbooleannoDo not call the sidecar reload endpoint after writing.

defenseclaw setup provider show

Print the merged registry as reported by the live sidecar (GET /v1/config/providers). Falls back to parsing the overlay when the sidecar isn't running

defenseclaw setup skill-scanner

Configure skill-scanner analyzers, API keys, and policy

Configure skill-scanner analyzers, API keys, and policy.

Interactively configure how skill-scanner runs. Enables LLM analysis, behavioral dataflow analysis, meta-analyzer filtering, and more.

LLM settings land in the unified top-level llm: block (see Config.resolve_llm for the merge semantics) so skill, MCP, plugin, and guardrail scanners all share the same defaults. Cisco AI Defense settings continue to live in cisco_ai_defense.

Use --non-interactive with flags for CI/scripted configuration.

Options

FlagTypeDefaultEnv varRequiredDescription
--use-llmbooleannoEnable LLM analyzer
--use-behavioralbooleannoEnable behavioral analyzer
--enable-metabooleannoEnable meta-analyzer
--use-triggerbooleannoEnable trigger analyzer
--use-virustotalbooleannoEnable VirusTotal scanner
--use-aidefensebooleannoEnable AI Defense analyzer
--llm-providerchoice (anthropic, openai)noLLM provider (anthropic or openai)
--llm-modeltextnoLLM model name
--llm-consensus-runsintegernoLLM consensus runs (0=disabled)
--policytextnoScan policy preset (strict, balanced, permissive)
--lenientbooleannoTolerate malformed skills
--verify, --no-verifybooleantruenoRun connectivity checks after setup (default: on)
--non-interactivebooleannoUse flags instead of prompts

defenseclaw setup splunk

Configure Splunk integration for DefenseClaw

Configure Splunk integration for DefenseClaw.

Two independent pipelines are available:

 --o11y Splunk Observability Cloud (traces + metrics via OTLP HTTP) No local infrastructure needed. Requires a Splunk access token.  --logs Local Splunk (Docker, HEC logs + dashboards) Starts the bundled profile in Splunk Free mode from day 1. Requires Docker.

Both can run simultaneously. Without flags, runs an interactive wizard.

Options

FlagTypeDefaultEnv varRequiredDescription
--o11ybooleannoEnable Splunk Observability Cloud (OTLP traces + metrics)
--logsbooleannoEnable local Splunk via Docker (HEC logs + dashboards, Free mode)
--realmtextnoSplunk O11y realm (e.g. us1, us0, eu0)
--access-tokentextnoSplunk O11y access token
--app-nametextnoOTEL service name (default: defenseclaw)
--indextextnoHEC index for --logs (default: defenseclaw_local)
--sourcetextnoHEC source for --logs (default: defenseclaw)
--sourcetypetextnoHEC sourcetype for --logs (default: defenseclaw:json)
--traces, --no-tracesbooleannoEnable/disable trace export (O11y)
--metrics, --no-metricsbooleannoEnable/disable metrics export (O11y)
--logs-export, --no-logs-exportbooleannoEnable/disable logs export (O11y)
--disablebooleannoDisable Splunk integration(s)
--accept-splunk-licensebooleannoAcknowledge the Splunk General Terms for local Splunk enablement
--show-credentialsbooleannoShow Splunk Web login credentials
--non-interactivebooleannoUse flags instead of prompts

defenseclaw setup webhook

Configure Slack/PagerDuty/Webex/generic chat + incident webhooks

Configure Slack/PagerDuty/Webex/generic chat + incident webhooks.

Separate from setup observability add webhook (which configures a generic HTTP JSONL audit-log forwarder). This group edits the top-level webhooks: list consumed by the runtime dispatcher.

Subcommands

SubcommandDescription
addCreate or update a webhook notifier.
disableDisable a webhook (preserves the entry).
enableEnable a webhook.
listList configured webhooks (secrets are referenced, never printed).
removeDelete a webhook entry.
showPretty-print a single webhook entry (secret values never printed).
testDispatch a synthetic event through a configured webhook.

defenseclaw setup webhook add

Create or update a webhook notifier

Create or update a webhook notifier.

Examples:



Slack (no auth header, URL carries the secret)

defenseclaw setup webhook add slack --url https://hooks.slack.com/... 

PagerDuty (routing key in an env var)

defenseclaw setup webhook add pagerduty
--url https://events.pagerduty.com/v2/enqueue
--secret-env DEFENSECLAW_PD_KEY 

Webex (bot token + room ID)

defenseclaw setup webhook add webex
--url https://webexapis.com/v1/messages
--secret-env DEFENSECLAW_WEBEX_TOKEN --room-id Y2lzY29z... 

Generic HMAC (payload signed with SHA-256)

defenseclaw setup webhook add generic
--url https://siem.example.com/hook
--secret-env DEFENSECLAW_SIEM_SECRET

defenseclaw setup webhook add <WEBHOOK_TYPE>

Arguments

NameTypeArityRequired
webhook_typechoice (slack, pagerduty, webex, generic)1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--nametextnoDestination name (default: derived from type+host)
--urltextnoWebhook URL (Slack/PagerDuty/Webex/generic endpoint)
--secret-envtextnoEnvironment variable NAME holding the secret/routing key/bot token
--room-idtextnoWebex room ID (Webex only)
--min-severitychoice (CRITICAL, HIGH, MEDIUM, LOW, INFO)noMinimum severity to forward (default: HIGH)
--eventstextnoComma-separated event categories to forward (allowed: block, scan, guardrail, drift, health)
--timeout-secondsintegernoPer-delivery timeout (default: 10)
--cooldown-secondsintegernoOverride dedup cooldown (omit=runtime default 300s; 0=disabled)
--enabled, --disabledbooleantruenoMark webhook enabled (default) or disabled
--dry-runbooleannoPreview YAML changes without writing
--non-interactivebooleannoSkip prompts; use flags only

defenseclaw setup webhook disable

Disable a webhook (preserves the entry)

defenseclaw setup webhook disable <NAME>

Arguments

NameTypeArityRequired
nametext1yes

defenseclaw setup webhook enable

Enable a webhook

defenseclaw setup webhook enable <NAME>

Arguments

NameTypeArityRequired
nametext1yes

defenseclaw setup webhook list

List configured webhooks (secrets are referenced, never printed)

Options

FlagTypeDefaultEnv varRequiredDescription
--jsonbooleannoEmit machine-readable JSON

defenseclaw setup webhook remove

Delete a webhook entry

defenseclaw setup webhook remove <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--yesbooleannoSkip confirmation prompt

defenseclaw setup webhook show

Pretty-print a single webhook entry (secret values never printed)

defenseclaw setup webhook show <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--jsonbooleannoEmit JSON

defenseclaw setup webhook test

Dispatch a synthetic event through a configured webhook

Dispatch a synthetic event through a configured webhook.

Safe to run repeatedly — every invocation stamps a unique event ID so receivers don't dedup. Use --dry-run to inspect the payload without delivering.

defenseclaw setup webhook test <NAME>

Arguments

NameTypeArityRequired
nametext1yes

Options

FlagTypeDefaultEnv varRequiredDescription
--dry-runbooleannoFormat the payload but do NOT deliver
--timeoutfloat5.0noPer-delivery timeout in seconds

Usage

Configure core services

defenseclaw setup gateway --api-port 18970 --port 4000 --non-interactive
defenseclaw setup guardrail --mode monitor --detection-strategy regex_judge --non-interactive
defenseclaw setup splunk --o11y --realm us0 --access-token "$SPLUNK_ACCESS_TOKEN" --non-interactive

Use the nested setup commands for repeatable provisioning.

Manage providers and webhooks

defenseclaw setup provider add --name openai --domain api.openai.com --env-key OPENAI_API_KEY
defenseclaw setup webhook add --name alerts --url https://example.com/hook --secret-env WEBHOOK_SECRET --events guardrail,scan
defenseclaw setup webhook list --json

Provider and webhook entries are stored in DefenseClaw configuration.

Related