How to Collect Carbon Black Cloud Sensor logs locally (Linux)
Article ID: 291912
Updated On:
Products
Carbon Black Cloud Audit and Remediation (formerly Cb Live Ops)
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Issue/Introduction
How to locally collect logs and configuration information from the Carbon Black Cloud Linux endpoint sensor.
Environment
- Carbon Black Cloud Sensor: All Versions
- Linux: All Supported Versions
Resolution
- Connect to Linux endpoint.
- From the terminal, run:
2.6.x.x Sensor and below Download and install the diagnostics script that is attached to this article record.
Then run the command below. 2.7.x.x Sensor and above sudo /opt/carbonblack/psc/bin/collectdiags.sh --verbose --debug - Script will complete and display file name
diags_{hostname}_{epoch_time}_{random}.tgz - Retrieve and upload the log files (.tgz file) to the case record.
- Let the Support team know when the file has been uploaded.
Additional Information
- Output file (diags_{hostname}_{epoch_time}_{random}.tgz) is created in /tmp/ by default
- To change the output path, use the '--output-dir' parameter; For example, to create the file in the user’s home directory:
sudo ./collectdiags.sh --verbose --debug --output-dir $HOME
- The script also collects various system identity, configuration, and state information
- The collected information helps VMware Carbon Black understand and repair problems that occur at runtime or during agent installation
Attachments
Feedback
Yes
No
Powered by
