Stopping and Restarting the Agent via Command Line or Terminal
book
Article ID: 285034
calendar_today
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Steps to stop, start, restart or disable services for an Agent
Environment
- App Control Agent : All Supported Versions
- Microsoft Windows: All Supported Versions
- macOS: All Supported Versions
- Linux: All Supported Versions
Resolution
Windows
To stop the agent services:
- Open an admin CMD prompt
- Issue the commands:
cd "C:\Program Files (x86)\Bit9\Parity Agent"
dascli password <LocalOrGlobalCliPassword>
dascli tamperprotect 0
net stop parity
fltmc unload paritydriver
To start the agent services:
- Using an administrative command prompt on the endpoint, execute the following commands:
fltmc load paritydriver
net start parity
cd "C:\Program Files (x86)\Bit9\Parity Agent"
dascli status
- Verify the Agent shows as Connected with Tamper Protection Enabled.
macOS
To stop the agent services:
- Use Terminal to issue the following commands:
cd /Applications/Bit9/Tools
./b9cli --password 'GlobalCLIPassword'
./b9cli --tamperprotect 0
./b9cli --shutdown
sudo launchctl unload /Library/LaunchDaemons/com.bit9.Daemon.plist
To start the agent services:
- Use Terminal to issue the following commands:
sudo launchctl load /Library/LaunchDaemons/com.bit9.Daemon.plist
./b9cli --status
- Verify the Agent shows as Connected with Tamper Protection Enabled.
Linux
To stop the agent services:
- Open Terminal to
- Issue the commands:
cd /opt/bit9/bin
./b9cli --password 'GlobalCLIPassword'
./b9cli --tamperprotect 0
./b9cli --shutdown
- Confirm the b9daemon process has stopped (it may take a few moments for the services to fully shutdown):
ps -ef | grep -i bit
- Confirm the version associated with the b9k_ module:
lsmod | grep b9k
- Unload the b9k module if listed above:
rmmod b9k_VERSION
lsmod | grep b9k
To start the agent services:
- Issue the following commands in Terminal:
./b9cli --startup
./b9cli --status
- Verify the Agent shows as Connected with Tamper Protection Enabled.
Additional Information
Stopping the agent service will:
- Prevent the Agent from communicating with the App Control Server.
- Prevent the Agent from tracking any file operations.
- Prevent the Agent from taking any actions.
- Allow the Agent to be uninstalled.
Feedback
thumb_up
Yes
thumb_down
No