How to Collect a HAR File and HTTP Error Logs Using Microsoft Edge
search cancel

How to Collect a HAR File and HTTP Error Logs Using Microsoft Edge

book

Article ID: 286827

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection) Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter) Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Capture diagnostic logs from a web browser for UI troubleshooting using Microsoft Edge

Environment

  • Microsoft Edge: All Supported Versions

Resolution

  1. Open the Microsoft Edge browser
  2. Click the three Dots in the top right corner -> More Tools -> Developer Tools to open the debug pane
  3. Go to the Network pane with the Wifi Symbol
  4. Clear the network log before reproducing
    • To clear the session history press the button indicated circle with the / through it
  5. Press the play button at the top left of the debug pane with the red circle and square in it can be pushed to toggle recording on and off, make sure it's on when ready
  6. Reproduce the issue
  7. Press the red square to stop recording
  8. Export the results as a HAR file by pressing the Export HAR button (Down Arrow to _)
  9. Check for and save HTTP Error details
    1. For any errors observed above, note the Request URL and HTTP error number (4## or 5##)
    2. Select the Console tab
    3. Locate the error number tied to the Request URL
    4. Right-click matching error and click "Save As..."
    5. Set name of file, including at least HTTP error number, and save file to your computer
      Example
      Original filename: defense-prod05.conferdeploy.net-1646930859819.log
      
      Updated filename: 400_defense-prod05.conferdeploy.net-1646930859819.log
  10. Attach the HAR file and HTTP Error file to the case

Additional Information

  • All credentials and session cookies within a HAR file should be removed before sharing with Carbon Black
    • The HAR file is a text file, it can be opened in a text editor and searched for the SESSION cookie value and replaced with <REDACTED>
    • This can also be done for passwords and API tokens if they were part of the recording
    • It's also recommended to logout from the Carbon Black session after recording a HAR session. This is a precaution that should invalidate session IDs if any were missed.
  • HAR Files can be attached directly to a Carbon Black Technical Support case.