logo

Knowledge Base

Access official resources from Carbon Black experts

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

App Control: How to Rebuild the Yara Rules File

App Control: How to Rebuild the Yara Rules File

Environment

  • App Control Server: All Supported Versions
  • Windows Server: All Supported Versions

Objective

Rebuild the Yara.bt9 rules file downloaded by Agents from the App Control Server.

Resolution

  1. Login to the application server as the Carbon Black Service Account.
  2. Browse to: "C:\Program Files (x86)\Bit9\Parity Server\configxml"
  3. Move all Yara*.bt9 files to a backup location outside of the Bit9 directory, such as the desktop.
  4. Browse to: "C:\Program Files (x86)\Bit9\Parity Server\hostpkg"
  5. Move the Yara.bt9 file to the backup location.
  6. Restart the service: App Control Server.
  7. Verify the Yara files were recreated in the "configxml" and "hostpkg" directories.

Additional Notes

  • The new Yara.bt9 file will have a new hash, and all Agents will be instructed to download the updated Yara file.
  • If the Resource Download Location has been altered the new Yara.bt9 file will need to be copied to this location.

Related Content


Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎08-16-2022
Views:
780
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.