logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: How to Gather Logs for Support Using RepCLI

Carbon Black Cloud: How to Gather Logs for Support Using RepCLI

Environment

  • Carbon Black Cloud Sensor: 3.3.x.x and Higher
  • Microsoft Windows: All Supported Versions

Objective

Gather logs for Support using RepCLI commands

Resolution

Sensors 3.6 and Higher:
  1. Launch a Command Prompt on the affected machine.
  2. Run commands: 
    cd C:\Program Files\Confer
repcli capture c:\temp -- Change to desired location
Sensors Prior to 3.6:
  1. Launch a Command Prompt on the affected machine
  2. Run commands: 
    cd C:\Program Files\Confer
repcli capture
  3. The captured logs will be written to C:\Windows\Temp\confer-temp and named confer-temp.zip

Additional Notes

  • The "repcli capture" command does not require authentication or administrator rights on the machine
  • The "repcli capture"  command gathers the same data as running the "sc control cbdefense 128" command
  • The "repcli capture"  command requires Cb Defense Service to be running

Related Content


Was this article helpful? Yes No
100% helpful (2/2)
Article Information
Author:
CB_Support
Creation Date:
‎11-27-2018
Views:
5177
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.