logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: How to Collect Sensor logs locally (Linux)

Carbon Black Cloud: How to Collect Sensor logs locally (Linux)

Environment

  • Carbon Black Cloud Sensor: All Versions
  • Linux: All Supported Versions

Objective

How to collect logs and configuration information from the VMware Carbon Black Cloud Linux endpoint agent

Resolution

  1. Connect to device
  2. From the terminal, run: 
    2.6.x.x Sensor and below
Download and install diagnostics script first, then run the below

2.7.x.x Sensor and above
sudo /opt/carbonblack/psc/bin/collectdiags.sh --verbose --debug
  3. Script will complete and display file name 
    diags_{hostname}_{epoch_time}_{random}.tgz
  4. Retrieve and upload the tarball to CB Vault
  5. Let support know when the file has been uploaded

Additional Notes

  • Output file (diags_{hostname}_{epoch_time}_{random}.tgz) is created in /tmp/ by default
  • To change the output path, use the '--output-dir' parameter; For example, to create the file in the user’s home directory: 
    sudo ./collectdiags.sh --verbose --debug --output-dir $HOME
  • The script also collects various system identity, configuration, and state information
  • The collected information helps VMware Carbon Black understand and repair problems that occur at runtime or during agent installation

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
CB_Support
Creation Date:
‎09-09-2020
Views:
7472
Contributors
logo