App Control: How to Enable Kernel Driver Logging on Startup (macOS)
search cancel

App Control: How to Enable Kernel Driver Logging on Startup (macOS)

book

Article ID: 286744

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Steps to enable the Agent's Kernel Driver logging on startup.

Environment

  • App Control Agent: All Supported Versions
  • macOS: All Supported Versions

Resolution

  1. Open a command prompt and change directory to  /Applications/Bit9/Tools. 
  2. Run the following commands in order: 
    ./b9cli password <type the CLI or global password here>
./b9cli kerneltrace 4
  3. Run './b9cli status' to verify that the Kernel Level shows "4/0FFFFFFF"
  4. Reproduce the issue for logging
  5. Run the following commands to turn logging back down: 
    ./b9cli password <type the CLI or global password here>
./b9cli kerneltrace 2
  6. Run 'dascli status' to verify that the Kernel Level shows "2/007FFFFFF"
  7. Zip the folder /Library/Application Support/com.bit9.Agent/Data and get a copy of the system.log from /var/log.

Additional Information

Ensure that step 5 is followed every time, high debugging logs can quickly fill up a harddrive.
Powered by Wolken Software