Carbon Black Cloud: How to Enable UMDH Logging (Windows)
search cancel

Carbon Black Cloud: How to Enable UMDH Logging (Windows)

book

Article ID: 285008

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

How to Enable UMDH Logging (Windows)

Environment

  • Carbon Black Cloud Console: All Versions
  • Microsoft Windows: All Supported Versions

Resolution

  1. Open Regedit application.
  2. Navigate to following Key path. 
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
  3. Create Key under “Image File Execution Options” by right clicking and name the key “repmgr.exe” 
  4. Click “repmgr.exe” to select the newly created Key.
  5. Navigate the cursor to right pane. While in that pane, right click, and create new DWORD (32-Bit) Value key and rename the key to “GlobalFlag”. 
  6. Double click on “GlobalFlag” to display following dialog change Base to Decimal and enter 4096 in text box of Value Data.