Environment
- Endpoint Standard (formerly CB Defense sensor): All Supported Versions
- Microsoft Windows: All Supported Versions
- Applications or Services crash with Sensor installed and active
Objective
Gather logs for crashing Applications or Services.
Resolution
- Download ProcDump tool via ProcDump - Windows Sysinternals
- Open a Command Prompt window with Administrator access
- Navigate to the folder you have saved ProcDump in
- Execute the command "procdump -ma -i" to set procdump.exe as the Default Debugger on the Device
- Recreate the issue that caused the application / service to crash previously
- The logs will be generated in the same directory as procdump.exe is executed from
- Upload logs to the CB Vault
Additional Notes
Any additional error messages generated by the application / service during the crash should be captured with screen shots as they may be helpful. Please include the time they occurred as this will be helpful in log review.
Related Content