How To Determine Latest VDF Version and Date Via Developer Tools in Endpoint Standard Console
search cancel

How To Determine Latest VDF Version and Date Via Developer Tools in Endpoint Standard Console

book

Article ID: 289498

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

Provide steps for determining the latest Virus Definition File (VDF) version and the date and time associated with it for the Local Scanner

Environment

  • Carbon Black Cloud Console: All Versions
  • Endpoint Standard Sensor: All Versions
  • Microsoft Windows: All Supported Versions

Resolution

Chrome

  1. Log into Carbon Black Cloud Console
  2. Open DevTools, select Network tab and Preview sub-tab
  3. Go to Endpoints page
  4. Check DevTools for 'sigPackVersionHistory'
  5. Expand the last array (numbers called out in [XXX ... XXX])
  6. The last item is the most recent VDF version, along with timestamp
      
    [400 ... 405]
405: {aevdf_version: "8.16.16.28", timestamp: "2019-06-05T13:18Z"}

 

Firefox

  1. Log into Carbon Black Cloud Console
  2. Open DevTools, select Network tab and Response sub-tab
  3. Go to Endpoints page
  4. Check DevTools for 'sigPackVersionHistory'
  5. Scroll to the bottom of the list and expand the last number (XXX: {...})
  6. The last item is the most recent VDF version, along with timestamp
      
    405: {...}
    aevdf_version: 8.16.16.28
    timestamp: 2019-06-05T13:18Z

 

Safari

  1. Log into Carbon Black Cloud Console
  2. Open Web Inspector, select Network tab and Response sub-tab
  3. Go to Endpoints page
  4. Check Web Inspector for 'sigPackVersionHistory'
  5. Scroll to the bottom of the list
  6. The last item is the most recent VDF version, along with timestamp
      
    }, {
    "aevdf_version": "8.16.16.28"
    "timestamp": "2019-06-05T13:18Z"
}]

 

sigPackVersionHistory API Call

  1. Log into Carbon Black Cloud Console
  2. Correct the URL to point to sigPackVersionHistory
      
    Prod05 Example:
https://defense-prod05.conferdeploy.net/appservices/v5/sigPackVersionHistory
  3. Scroll to the end of the list to find the most recent VDF Version and Timestamp
      
    Example:
{"aevdf_version": "8.16.21.146", "timestamp": "2019-08-21T16:47Z"}]

Additional Information

  • The information in reflects the most recent versions of the VDF file seen across a given environment, not for a specific organization
  • It is also possible to search for a specific VDF version to get the timestamp associated within DevTools/Web Inspector by searching for the VDF version (x.xx.xx.xxx) within 'sigPackVersionHistory'
  • The data available via this method is a rolling 90-day history, and is not inclusive of all possible previous versions
Powered by Wolken Software