Access official resources from Carbon Black experts
cd C:\Program Files\Confer C:\Users\admin_user> cd C:\Program Files\Confer C:\Program Files\Confer>
C:\Program Files\Confer> repcli RepCLI is a command line debugging tool that interacts with the CbDefense service --------------------------------------------------------------------------------- addpolicy <json filename>| Add specified policy to repmgr addnav2policy <json filename>| Add specified Nav2 policy to repmgr bypass 1|0| Enables or disables bypass mode capture | Create diagnostic capture certfind <publisher>| Searches for files with specified publisher pattern cloud <request>| Tells sensor to send a cloud request counters | Print diagnostic counters debug 1|0| Enabled or disables debug mode deletepolicies | Delete all policies deletepolicy <guid>| Delete policy matching guid deletepolicyindexed <index>| Delete policy with guid matching index in the order displayed by "querypolicyguids" (index starts at 0) deviceid | Query sensor device id displayevents -count [limit events displayed to number] -stream [CbEvent{Bin|Json|PrettyJson|PscProtobuf|PscJson|PscPrettyJson}] -norule [GUID of rule to exclude from output] -initiator [filename of process to watch] -target [file|process|registry|modload|network]| Display PSC-R events reported from repmgr. All arguments are non positional and optional, no arguments will display canonical JSON events until keyboard interrupt fileaccess <access_level> [full_path]| Sets file-access to specified access level for file(s) being tracked by RepMgr. find <filename|hash>| Searches for <filename> or <hash> in the file cache forcebatch | Forces an event batch to be sent even if event quota has not been met getbatchconfig | Get current configuration for PSCR event batch archiver getruleslog | Display the contents of Nav2Rules.GetLogs() kerneltrace <level> [flags]| Enables kernel logging at specified level lastLiveQueryTime [{relativeTimeBeforeNow}{s|m|h|d}|{TimestampInSeconds}]| Get (if no arg) or set last LiveQuery time LqIoFiles 1|0| 1- Keep around the LiveQuery InOut Files. 0- (regular functionality) delete the InOut Files NotifySvcStable | Notify driver the service is stable OnDemandScan [directory]| Starts a background scan process <pid>| Query process information queryrules | Display all rules queryruleguids | Display GUIDs for all rules querypolicyguids | Display GUIDs for all policies resetcounters | Reset diagnostic counters setbatchconfig -ti [time interval max (s)] -as [archive size max (kB)] -tas [total archives size max (kB)] -hu [archiver heap usage max (kB)]| All arguments are non positional and optional, no arguments will reset archiver config to defaults. status | Display Sensor Status suppressrules 1|0 [noreload]| Enable/disable rule based event suppression. Will reload rules from datafile4 unless noreload is set UpdateAvSignature | Trigger an AV signature update UpdateConfig | Causes RepMgr to read updated values from cfg.ini version | Display product version ---------------------------------------------------------------------------------
Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.