Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: How To Collect Agent Performance Logs on Windows (Locally)

App Control: How To Collect Agent Performance Logs on Windows (Locally)


  • App Control Agent (Formerly CB Protection): All Versions
  • Microsoft Windows: All Supported Versions


To collect diagnostics for cases involving performance impacts.


  1. Login to the system having performance issues
  2. Open an admin CMD prompt
  3. Run commands
    cd "C:\Program Files (x86)\Bit9\Parity Agent"
    dascli password <EnterCLIPasswordHere>
    dascli setconfigprop max_rolling_trace_size_mb=0
    dascli resetcounters
    dascli flushlogs
    dascli tamperprotect 0
    dascli debuglevel 6
    dascli kerneltrace 4 -1
    dascli nettrace 1
    dascli diagnostics +performance
  4. Start a Procmon capture
  5. Collect up to 15 mins of data during the ongoing performance issues
  6. Stop the Procmon capture and save all events as a PML file
  7. Run commands:
    dascli capture C:\temp\agentlogs.zip -- Change to desired name and location
    dascli password <EnterCLIPasswordHere>
    dascli setconfigprop max_rolling_trace_size_mb=50
    dascli debuglevel 0
    dascli kerneltrace 2
    dascli nettrace 0
    dascli diagnostics -performance
    dascli tamperprotect 1
  8. Please zip all files and upload them to the CB Vault here - https://community.carbonblack.com/groups/cb-vault
  9. Once the upload completes, please comment on the support case that the data is available for review

Related Content

Labels (1)
Tags (2)
Was this article helpful? Yes No
50% helpful (2/4)
Article Information
Creation Date: