Knowledge Base

Access official resources from Carbon Black experts

Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Environment

App Control (Formerly CB Protection) Agent: All Supported Versions
Microsoft Windows: All Supported Versions

Objective

To collect historical logs for technical support cases, ideal for unexpected blocks or other issues that cannot be recreated.

Resolution

On the effected machine open a command prompt and run:

cd "C:\Program Files (x86)\Bit9\Parity Agent"
dascli capture <PATH>\<ComputerName>.zip

Once the zip is completed and send it to Support for review.
Please comment in your case that the file is ready for review.

Additional Notes

Per-agent CLI passwords were disabled in the 8.1.4 release of App Control, further information here

Related Content

App Control: How to Enable or Disable Per-Agent CLI Password
CB Protection: How to Find the Local CLI Password of an Agent in the Console
App Control: How to Collect Historical Agent Logs for Troubleshooting (Remotely)
App Control: How To Collect Agent Performance Logs (Windows)
Cb Protection: Collecting agent logs locally for troubleshooting - Windows
Cb Protection: How to Gather a CSV Export of Events from the UI

Article Information

Author:

Creation Date:

‎09-09-2020

Views:

1993