CB Protection: ETL File Grows Too Large
search cancel

CB Protection: ETL File Grows Too Large


Article ID: 288301


Updated On:


Carbon Black App Control (formerly Cb Protection)


The agent ETL file (%programdata%\Bit9\Parity Agent\Logs\parity_<version>.etl)) keeps growing and reaches several gb in size.


  • CB Protection Agent: 7.x - 8.0 P6
  • Microsoft Windows: All Supported Versions


Possible causes:
  • Agent debug level is set high
  • McAfee AV writing to Cb Protection ETL file
  • Being below agent version 8.1.4


  1. Confirm agent debug level is set to default:
    1. Login to effected computer
    2. Open an admin CMD prompt
    3. Run commands:
      cd "c:\program files (x86)\bit9\parity agent"
      dascli status
    4. Results of dascli status will show "Debug Level" and "Kernel Level"
      • Default Debug Level is 0
      • Default Kernel Level is 2
  2. Upgrade to 8.1.4 or Higher
  3. Clear out the log file:
    1. Login to the CB Protection console
    2. Navigate to assets>computer
    3. Click onto machine having the issue
    4. Navigate to Advanced>Other Actions> Delete Diagnostic Files on Computer

Additional Information

The log rolling mechanism is activated every 5 minutes. Therefore, on busy agents, the ETL file may grow larger than the default 50mb cap.