Environment

• Carbon Black Cloud Console: All Versions
  • Audit & Remediation required for Live Response
• Carbon Black Cloud Sensor: 2.7.x.x and Higher
• Linux: All Supported Versions

Objective

Resolution

1. Connect to device via LR session
2. Launch terminal emulator

   execfg sudo /opt/carbonblack/psc/bin/collectdiags.sh --verbose --debug --output-dir /tmp

3. Script will complete and display file name

   diags_{hostname}_{epoch_time}_{random}.tgz

4. Retrieve the file

   get /tmp/diags_{hostname}_{epoch_time}_{random}.tgz
   

5. Upload the tarball to CB Vault
6. Let support know when the file has been uploaded

Additional Notes

• Output file (diags_{hostname}_{epoch_time}_{random}.tgz) is created in /tmp/ by default
• To change the output path, use the '--output-dir' parameter; For example, to create the file in the user’s home directory:

  sudo ./collectdiags.sh --verbose --debug --output-dir $HOME

• The script also collects various system identity, configuration, and state information
• The collected information helps VMware Carbon Black understand and repair problems that occur at runtime or during agent installation
• 2.6.x.x Sensors and earlier can also use the above after downloading and installing the diagnostics script

Related Content