Endpoint Standard: How to deploy CbDefenseSig-YYYYMMDD.exe install and verify success (3.3.0.x and higher)
search cancel

Endpoint Standard: How to deploy CbDefenseSig-YYYYMMDD.exe install and verify success (3.3.0.x and higher)

book

Article ID: 292575

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

Provide steps to deploy a standalone Signature Pack installer via command line interface (cli) and verify installation was successful on 3.3.0.x Sensors and above

Environment

  • Carbon Black Cloud (CB Cloud) Console: All Versions
    • Endpoint Standard (formerly CB Defense)
  • Carbon Black Cloud Sensor: 3.3.0.x and Higher
  • Microsoft Windows: All Supported Versions

Resolution

  1. Connect to endpoint with Carbon Black Cloud Sensor 3.3.0.x or higher installed
  2. Download standalone Signature Pack installer and copy to endpoint
  3. Launch elevated command prompt and check current time, pressing 'Enter' twice (admin privileges needed for step 5) 
    time > "C:\Windows\Temp\CbDefenseSig-<YYYYMMDD>.log"
  4. Check Sensor Version, Local Scanner Version, and Next Check-In (check ave and vdf info; can be run w/o output to findstr first, then run as below to write to log file) 
    "C:\Program Files\Confer\RepCLI.exe" status | findstr "Version Next" >> "C:\Windows\Temp\CbDefenseSig-<YYYYMMDD>.log"
  5. Deploy standalone installer
  6. Write install command to log file (up-arrow, enclose in double-quotes, output to log file) 
    "CbDefenseSig-<YYYYMMDD>.exe /silent" >> "C:\Windows\Temp\CbDefenseSig-<YYYYMMDD>.log"
  7. Check Sensor Version, Local Scanner Version, and Next Check-In (check ave and vdf info; can be run w/o output to findstr first, then run as below to write to log file) 
    "C:\Program Files\Confer\RepCLI.exe" status | findstr "Version Next" >> "C:\Windows\Temp\CbDefenseSig-<YYYYMMDD>.log"
  8. Output current time to log file, hitting 'Enter' twice 
    time >> "C:\Windows\Temp\CbDefenseSig-<YYYYMMDD>.log"
  9. Compare the output from steps 4 and 7 to verify update has succeeded

Additional Information

  • Replace <YYYYMMDD> (including <>) with the actual value of the downloaded standalone installer
  • If the update did not succeed (there was no change to ave or vdf between steps 4 and 7), please open a case and provide
    • Device name/DeviceID
    • Log file from Resolution
  • Where installation succeeds the above can be run without sending the output of each step to a file, or the log file can be deleted upon successful verification
  • Downloading the AV Signature Pack does not enable the AV Scanner and is not a required part of the installation process
    • Installed Windows Sensors will normally begin polling for and installing updates based on Policy settings on the Local Scan tab
  • The signature pack is a pre-bundled version of what the sensor initially downloads
    • Newer updates will then be downloaded sensor-side
  • The downloadable AV Signature Pack is not regularly updated, and has historically not been updated unless our 3rd party vendor has required it
Powered by Wolken Software