Collecting Data for Troubleshooting a MacOS Kernel Panic
search cancel

Collecting Data for Troubleshooting a MacOS Kernel Panic

book

Article ID: 291085

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR

Issue/Introduction

Provides steps on collecting the information needed for Support to diagnose a MacOS kernel panic/crash.

Environment

  • Carbon Black Cloud Sensor: All Versions
  • Apple MacOS: All Versions

Resolution

1. Provide answers:

  • What actions are being performed?
  • How many devices is this occurring with?
  • Provide the device name, operating system, and installed sensor version.
  • Timestamp of the kernel crash
  • Are there blocks in the console at the time of the crash?
    • If so, is a system file being blocked?
  • Is it reproducible?
  • If sensor is in bypass does the machine still crash?
  • Are there any third-party security applications installed?
    • If so, are the AV exclusions in place?

2. Collect the files:

3. Upload the collected files to the case

Powered by Wolken Software