Steps to collect historical (non debug) App Control Agent logs.

• App Control Console: All Supported Versions
• App Control Agent: All Supported Versions

Method 1: Remotely pull logs via the console

1. Log into the App Control Console and navigate to Assets > Computers > click into relevant Computer.
2. On the Computer Details page > right-hand menu > Other Actions > Upload diagnostic files > Go.
3. Give the endpoint at least 15 minutes to generate and upload the Diagnostics to the application server.
4. Navigate to Tools > Requested Files > Diagnostic Files. 
5. Download the diagnostics with the matching computer name. 

Method 2: Locally Collect Logs

Windows

1. Login to the relevant endpoint.
2. Open an administrative command prompt
3. Issue the commands:

   cd "C:\Program Files (x86)\Bit9\Parity Agent"
   dascli capture "C:\Temp\%computername%-diagnostics.zip"

MacOS

1. Open Terminal and issue the following commands:

   cd /Applications/Bit9/Tools
   ./b9cli --capture ~/Desktop/`Hostname`-AgentLogs.zip
   

2. If experiencing system crashes, or if otherwise instructed, collect the System Logs:

   system_profiler -detailLevel full > ~/Desktop/`hostname`-sysinfo.txt
   tar -cvf ~/Desktop/`hostname`-DiagnosticReports.tar /Library/Logs/DiagnosticReports

Linux

1. Open Terminal
2. Issue the following commands:

   cd /opt/bit9/bin
   sudo ./b9cli --capture /var/tmp/$HOSTNAME-Diagnostics.zip

• Agent Historical Logs (Diagnostics) are best for troubleshooting unexpected blocks, or potentially other issues that are difficult to recreate.
• When agent logs are captured remotely, they are stored in the following locations:
  • Windows - "C:\ProgramData\Bit9\Parity Agent\Logs".
  • Linux - "/srv/bit9/data/Logs".
  • Mac - "/Library/Application Support/com.bit9.Agent/Logs".