How to Collect a HAR File and HTTP Error Logs Using Chrome
search cancel

How to Collect a HAR File and HTTP Error Logs Using Chrome

book

Article ID: 286815

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection) Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter) Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Capture diagnostic logs from a web browser for UI troubleshooting using Chrome

Environment

  • Chrome Web Browser: All Supported Versions

Resolution

  1. Set up logging

    1. Open Google Chrome
    2. From the Chrome Click F12 or right-click > Inspect
    3. Select the Console tab in the Chrome Developer Tools Console (Bottom Window)
    4. Click the Clear button to clear out any existing logs from the console.
  2. Generate a HAR file
    1. Select the Network tab
    2. Look for a round Record button in the upper left corner of the Network tab, and make sure it is red. If it is grey, click it once to start recording.
    3. Check the box next to Preserve log
    4. Click the Clear button to clear out any existing logs from the Network tab.
    5. Reproduce the issue
    6. When finished, right click inside the table of network events, select Save as HAR with Content , and save the file to your computer
  3. Check for and save HTTP Error details
    1. For any errors observed above, note the Request URL and HTTP error number (4## or 5##)
    2. Select the Console tab
    3. Locate the error number tied to the Request URL
    4. Right-click matching error and click "Save As..."
    5. Set name of file, including at least HTTP error number, and save file to your computer 
      Example
Original filename: defense-prod05.conferdeploy.net-1646930859819.log

Updated filename: 400_defense-prod05.conferdeploy.net-1646930859819.log
  4. Upload logs
    1. Attach the HAR file and console file to your case or https://community.carbonblack.com/docs/DOC-4211 for analysis

Additional Information

  • All credentials and session cookies within a HAR file should be removed before sharing with Carbon Black
    • The HAR file is a text file, it can be opened in a text editor and searched for the SESSION cookie value and replaced with <REDACTED>
    • This can also be done for passwords and API tokens if they were part of the recording
    • It's also recommended to logout from the Carbon Black session after recording a HAR session. This is a precaution that should invalidate session IDs if any were missed.
  • HAR Files attached directly to a Carbon Black Technical Support case.  
  • For EDR issues, debug logging can be enabled in the console: https://knowledge.broadcom.com/external/article?articleNumber=292094
Powered by Wolken Software