EDR: Is it Possible to Configure cb.conf to Redirect the /var/log/cb Directory?
search cancel

EDR: Is it Possible to Configure cb.conf to Redirect the /var/log/cb Directory?

book

Article ID: 289086

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Is it possible to redirect the /var/log/cb directory to another location in the /etc/cb/cb.conf file?

Environment

  • EDR Server: All Versions
  • RHEL Linux: All Supported Versions

Resolution

No, the /etc/cb/cb.conf file does not have a configuration value to redirect /var/log/cb the same way it can redirect the data storage location.

Additional Information

  • Redirecting log files to another location is not mentioned in the EDR User Guide and is not a supported configuration.
  • It is possible to use a symlink to redirect a log folder to another location, but the log rotation values would need to be adjusted in the /etc/cb/cb-logrotate.conf file, otherwise the logs would continue to build up and never get deleted.
Powered by Wolken Software