EDR: How to Collect Linux Sensor Diagnostic Logs
search cancel

EDR: How to Collect Linux Sensor Diagnostic Logs

book

Article ID: 289896

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Collect a Linux sensor's diagnotics.

Environment

  • EDR Linux Sensor: All versions
  • Linux: All supported versions

Resolution

  1. For sensors < 6.2.1 : from a command line, execute:
sudo /opt/cbsensor/sensordiag.sh
  1. For sensors > 6.2.1 : from a command line, execute:
sudo /opt/carbonblack/response/bin/sensordiag.sh

Additional Information

  • The resulting file will be generated in the current working directory.
  • Resulting filename format:  sensordiag_(hostname)_(date).tgz 
  • Sensor reports under 25 MB can be attached directly to a VMWare Technical Support case. 
  • Files larger than 25 MB should be uploaded to CB Vault.