Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: Collecting Historical Logs for Server Troubleshooting (Remotely)

App Control: Collecting Historical Logs for Server Troubleshooting (Remotely)

Environment

  • App Control (Formerly CB Protection) Server: All Versions

Objective

To remotely collect historical logs for troubleshooting the App Control Server.

Resolution

  1. Gather the following information:
    • What version of the App Control Server are you running?
    • What version of SQL are you using?
    • Is the SQL database located on the same server as the App Control Server?
    • How much of that total RAM is dedicated to the SQL instance hosting the DAS database?
    • What error message or Bit9 events are you receiving regarding this issue?
    • When did it start?
    • Were there any new changes on the server(s) or the network recently?
  2. Collect App Control Server logs:
    1. Log in to the App Control Console.
    2. Browse to: https://<server name>/support.php 
    3. Go to the Diagnostics tab > Click on "Snapshot Server Logs"
    4. Click on “Available log files" from the right hand side "Related Views" menu
    5. Save copies of the following files having today's date:
      • PHPErrors-date-time.log
      • ReporterLog-date-time.log
      • ServerLog-date-time.bt9
    6. Collect Windows Application and System Event logs. 
    7. Upload all collected data to: https://community.carbonblack.com/t5/CB-Vault/gp-p/g-4922
    8. Once the upload completes, please comment in your case that the data is available for review.

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
100% helpful (2/2)
Article Information
Author:
Creation Date:
‎11-20-2018
Views:
4194
Contributors