Sometimes the './b9cli --status' command on Mac agents returns no results appearing as if the agent is malfunctioning, but it is successfully sending event and enforcing policy.
The b9cli connects to daemon over socket, and in order to verify whether it is a Carbon Black binary, the daemon asks system extension to send a list of all running processes. Sometimes when there are large number of processes running, the created list exceeds the xpc communication buffer limit & all data was not transmitted properly & b9cli process id used to get dropped, which in turn gives cmd blank results.
Logic behind this mechanism will totally change and the daemon itself will get process lists from the system & verify the b9cli process_id and signature. This solution will be implemented in EPCB-16402 and will be fixed in version 8.10.0 of the MacOS agent.