Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: How to Collect Sensor logs locally (Linux)

Carbon Black Cloud: How to Collect Sensor logs locally (Linux)


  • Carbon Black Cloud Sensor: All Versions
  • Linux: All Supported Versions


How to collect logs and configuration information from the VMware Carbon Black Cloud Linux endpoint agent


  1. Connect to device
  2. From the terminal, run:
    2.6.x.x Sensor and below
    Download and install diagnostics script first, then run the below
    2.7.x.x Sensor and above
    sudo /opt/carbonblack/psc/bin/ --verbose --debug
  3. Script will complete and display file name
  4. Retrieve and upload the tarball to CB Vault
  5. Let support know when the file has been uploaded

Additional Notes

  • Output file (diags_{hostname}_{epoch_time}_{random}.tgz) is created in /tmp/ by default
  • To change the output path, use the '--output-dir' parameter; For example, to create the file in the user’s home directory:
    sudo ./ --verbose --debug --output-dir $HOME
  • The script also collects various system identity, configuration, and state information
  • The collected information helps VMware Carbon Black understand and repair problems that occur at runtime or during agent installation

Related Content

Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Creation Date: