Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Cb Defense: How do I manually retrieve the PSC Linux logs?

Cb Defense: How do I manually retrieve the PSC Linux logs?

Environment

  • Carbon Black Defense PSC Linux Sensor 2.1.0.149
  • CentOS, RHEL 6 & 7

Question

How do I manually retrieve the PSC Linux logs?

Answer

  1. Bring up a bash terminal
  2. Archive the /var/opt/carbonblack/psc/ directory:
sudo tar cvf $(hostname --long)_$(date +"%Y-%b-%d_%H-%M-%S")_logs.tgz /var/opt/carbonblack/psc/log
  1. Retrieve the file Hostname_YYYY-MMM-DD_HH-MM-SS_logs.tgz
  2. Upload the file via Cb Vault (https://community.carbonblack.com/groups/cb-vault) or Smartfile link

Additional Notes

For newer sensors, please refer to this KB

Related Content


Was this article helpful? Yes No
100% helpful (1/1)
Article Information
Author:
Creation Date:
‎11-19-2018
Views:
1476
Contributors