App Control: How to Collect Agent Logs Locally - Windows

App Control: How to Collect Agent Logs Locally - Windows

Environment

  • App Control Agent: 7.x and Higher
  • Microsoft Windows: All Supported Versions

Objective

To collect agent logs locally on windows machines

Resolution

  1. Access the target device.
  2. Open an elevated command prompt.
  3. Run the following commands in order
    • cd C:\Program Files (x86)\Bit9\Parity Agent
      dascli password <Enter the agent CLI or global password without the brackets>
      dascli resetcounters
      dascli debuglevel 6
      dascli kerneltrace 4
      dascli nettrace 1
  4. If able to recreate the issue, do so now. If not, let the agent sit for 5 - 10 minutes unless otherwise specified by support.
  5. To collect the diagnostics that were generated and return the agent to normal logging levels, run the following commands in order:
    • dascli password <Either the CLI or global password can be entered here without the brackets>
      dascli debuglevel 0
      dascli kerneltrace 2
      dascli nettrace 0
      dascli capture <Path>\<COMPUTERNAME>.zip
  6. Upload the resulting zip file to the CB Vault.
  7. Once upload is complete, please comment in the case that the files should be available for review.


 

Additional Notes

If the system is 32 bit, use C:\Program Files\Bit9\Parity Agent for the path instead of Program Files (x86).

Related Content


Labels (1)
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-28-2018
Views:
5240
Contributors