Gather logs for macOS Sensor version 6.2.0+

Gather logs for macOS Sensor version 6.2.0+

search cancel

Gather logs for macOS Sensor version 6.2.0+

book

Article ID: 285743

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

How to collect logs and other diagnostics for the EDR macOS Sensor 6.2.0 and higher.

Environment

EDR Sensor: 6.2.0 and Higher
macOS: All Supported Versions

Resolution

6.x OSX Sensor:

Open the Terminal app
Run:

sudo /Applications/CarbonBlack/sensordiag -type CDE

Optionally, gather logs from a specified date and later:

sudo /Applications/CarbonBlack/sensordiag -type CDE -startdate 2018-06-29

7.0.1+ OSX Sensor:

Open the Terminal app
Run:

sudo /Applications/VMware\ Carbon\ Black\ EDR.app/Contents/Helpers/sensordiag -type CDE

Optionally, gather logs from a specified date and later:

sudo /Applications/VMware\ Carbon\ Black\ EDR.app/Contents/Helpers/sensordiag -type CDE -startdate 2018-06-29

Additional Information

Optional -startdate parameter format is YYYY-MM-DD.
The resulting file will be generated in the current working directory.

Feedback

thumb_up Yes

thumb_down No