Environment
- EDR Linux Sensor: 6.2.x and Higher
- Linux: All Supported Versions
Question
What's the file structure for the EDR Linux sensor?
Answer
| Linux Sensor 6.1.x and OLDER | Linux Sensor 6.2.x and NEWER |
|---|
/opt/cbsensor/cbsensor.ko.<version>
|
/opt/carbonblack/response/module/cbsensor.ko.<version>
|
/opt/cbsensor/sensor_top.sh
|
/opt/carbonblack/response/bin/sensor_top.sh
|
/opt/cbsensor/sensordiag.sh
|
/opt/carbonblack/response/bin/sensordiag.sh
|
/opt/cbsensor/sensoruninstall.sh
|
/opt/carbonblack/response/bin/sensoruninstall.sh
|
/var/log/cbsensor/cbdaemon.*.log.*
|
var/opt/carbonblack/response/log/cbdaemon.#.log
|
/var/log/cbsensor/cbdaemon.<level>
|
/var/opt/carbonblack/response/log/cbdaemon.log
|
/var/lib/cb/carbonblack.db
|
/var/opt/carbonblack/response/carbonblack.db
|
/var/lib/cb/config.ini
|
/var/opt/carbonblack/response/config.ini
|
/var/lib/cb/eventlogs/eventlog_<id>
|
/var/opt/carbonblack/response/eventlogs/eventlog_<id>
|
/var/lib/cb/eventlogs/finalized/eventlog_<id>
|
/var/opt/carbonblack/response/eventlogs/finalized/eventlog_<id>
|
/var/lib/cb/sensorsettings.ini
|
/var/opt/carbonblack/response/sensorsettings.ini
|
/var/lib/cb/store/MD5*
|
/var/opt/carbonblack/response/store/MD5*
|
/var/lib/cb/store/md5catalog.dat
|
/var/opt/carbonblack/response/store/md5catalog.dat
|
Related Content
