Environment
- App Control Agent: All Supported Versions
- macOS: All Supported Versions
Objective
This document describes the collection of diagnostics that will help Carbon Black Support with investigating a resolution for:
- Unexpected Blocks
- Unexpected Approvals
- Unexpected Rule Results
- Connectivity Issues
- Agent or macOS Crash
Resolution
- Open Terminal and issue the following commands:
cd /Applications/Bit9/Tools
./b9cli --capture ~/Desktop/`Hostname`-AgentLogs.zip
- If experiencing system crashes, or if otherwise instructed, collect the System Logs:
system_profiler -detailLevel full > ~/Desktop/`hostname`-sysinfo.txt
tar -cvf ~/Desktop/`hostname`-DiagnosticReports.tar /Library/Logs/DiagnosticReports
- Upload all captured logs to the Vault and update the existing Case in Support.
Related Content
