Skip Navigation

Command-line syntax

The following table contains the command-line syntax for the
executable. Executing
command-line without any command-line arguments will result in a similar list to help you.
-h, -?, --help
This command will displays help similar to this table.
-k, --key=VALUE
This command will allow you to input the authentication key. This command is required.
-p, --path=VALUE
This command specifies the path to the folder to scan. This command is required.
-T, --type=VALUE
This command specifies the types of files to analyze. This command is required. Types are specified as a bit field, which may be combined. For example, using -type=7 would be a valid combined type of 1, 2, and 4
Valid types are:
  • 1 - Check if signed files have valid signatures; this is the same as the -S command
  • 2 - Portable executable files (PE)
  • 4 - Portable document format files (PDF)
  • 8 -
    Microsoft Office
    Document files (OLE)
  • 16 - Office Open XML Document files (OOXML)
  • 32 - Mach Object files (Mach-O)
  • 64 - ELF files (Linux)
-f, --file=VALUE
This command specifies the name of the input file.
-A, --avindustry
This command will get AV industry results.
-t, --threatindicators=VALUE
This command will create a .xml report with threat indicators for all files with
scores less than the given value.
-e, --export=VALUE
This command will create an archive of all files with a
score less than the given value. archived file password = infected
-a, --autoupload
This command will auto-upload the requested samples to the
-S, --signature
This command will check if signed files have valid signatures. This is the same as the -T 1 command.
This parameter is deprecated and included for backward compatibility only; the -T option is preferred.
-x, --examine=VALUE
This command specifies the maximum size of files to be analyzed (in MB). Refer to the list below for the Default, Min, and Max values.
  • Default = 50
  • Min = 1
  • Max = 1500
-1, --sha1
This command will enable generation of SHA1 hashes for files.
-5, --md5
This command will enable generation of MD5 hashes for files.
-o, --output=VALUE
This command specifies the output directory path. By default, this value is  '.'.
-l, --log=VALUE
This command specifies the logging level. The range of the level is from 0 to 3 (default = 1). Refer to the list below for more the values:
  • 0 - None
  • 1 - Standard
  • 2 - Debug
  • 3 - All
-m, --model=VALUE
This command will use the specified local model files instead of auto-selecting the most up-to-date model.
Specify model types with a comma-separated list (no spaces).
The following command-line example will scan all executables on a system, calculate the MD5 hash of each file, and export threat indicators for each file:
CylanceVCL.exe -k <key> -T2 -t -5 -p c:\
  • -t - This command will export threat indicators for files convicted as malware.
  • -5 - This command will Generate MD5 hashes for all files.
  • -p - This command can the path specified after this switch; in the above example, this is c:\.